vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 15:09:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
nDPI/tests/cfgs/default/result/sip.pcap.out
Toni Uhlig 285496d0b9 Add (generic) MsgPack protocol dissector. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-12-08 17:50:20 +01:00

48 lines
4.1 KiB
Text
Raw Blame History

DPI Packets (UDP): 12 (3.00 pkts/flow)
Confidence Unknown : 1 (flows)
Confidence DPI : 3 (flows)
Num dissector calls: 324 (81.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/3/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/1/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/2/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 8/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 0/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 0/0 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 0/0 (search/found)
Hash fp custom protos: 0/0 (search/found)
Hash url custom protos: 0/0 (search/found)
Unknown 1 146 1
RTP 9 1926 1
SIP 102 47087 2
Unrated 1 146 1
Acceptable 111 49013 3
Unspecified 1 146 1
Media 9 1926 1
VoIP 102 47087 2
1 UDP 192.168.1.2:5060 <-> 212.242.33.35:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 100/SIP, Confidence: DPI][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][53 pkts/21940 bytes <-> 31 pkts/15635 bytes][Goodput ratio: 90/92][1521.57 sec][SIP From: <sip:voi18063@sip.cybercity.dk>;tag=903df0a][SIP To: <sip:voi18063@sip.cybercity.dk>][bytes ratio: 0.168 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 158/13 25541/22026 150200/89874 25265/23489][Pkt Len c2s/s2c min/avg/max/stddev: 47/342 414/504 1118/711 343/85][PLAIN TEXT (REGISTER sip)][Plen Bins: 26,0,0,0,0,0,0,0,0,4,8,0,2,4,13,17,0,0,3,0,1,10,0,0,0,5,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 192.168.1.2:5060 <-> 200.68.120.81:5060 [proto: 100/SIP][Stack: SIP][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 100/SIP, Confidence: DPI][DPI packets: 1][cat: VoIP/10][Breed: Acceptable][15 pkts/7568 bytes <-> 3 pkts/1944 bytes][Goodput ratio: 92/93][67.09 sec][SIP From: "arik" <sip:816666@voip.brurjula.net>;tag=6433ef9][SIP To: <sip:97239287044@voip.brujula.net>][bytes ratio: 0.591 (Upload)][IAT c2s/s2c min/avg/max/stddev: 507/34556 4746/34556 32608/34556 8188/0][Pkt Len c2s/s2c min/avg/max/stddev: 389/637 505/648 864/656 180/8][PLAIN TEXT (INVITE sip)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,5,62,0,0,0,0,0,0,5,11,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 192.168.1.2:30000 -> 212.242.33.36:40392 [proto: 87/RTP][Stack: RTP][IP: 0/Unknown][Stream Content: Audio][Payload Type: ITU-T G.711 PCMA (8.0)][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 9][cat: Media/1][Breed: Acceptable][9 pkts/1926 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][0.16 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 1/0 20/0 69/0 23/0][Pkt Len c2s/s2c min/avg/max/stddev: 214/0 214/0 214/0 0/0][PLAIN TEXT (VRUDKBuYs)][Plen Bins: 0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Undetected flows:
1 UDP 192.168.1.2:30001 -> 212.242.33.36:40393 [proto: 0/Unknown][Stack: Unknown][IP: 0/Unknown][ClearText][Confidence: Unknown][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][Breed: Unrated][1 pkts/146 bytes -> 0 pkts/0 bytes][Goodput ratio: 71/0][< 1 sec][Risk: ** Susp Entropy **** Unidirectional Traffic **][Risk Score: 20][Risk Info: No server to client traffic / Entropy: 5.220 (Executable?)][PLAIN TEXT (11894297)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink