vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 15:09:47 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/cfgs/default/result/tls_with_huge_ch.pcapng.out
Toni Uhlig 285496d0b9 Add (generic) MsgPack protocol dissector. 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-12-08 17:50:20 +01:00

41 lines
2.4 KiB
Text
Raw Blame History

DPI Packets (TCP): 32 (32.00 pkts/flow)
Confidence DPI : 1 (flows)
Num dissector calls: 270 (270.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/3/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/1/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/1/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 2/2 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 2/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
Hash malicious ja4: 1/0 (search/found)
Hash malicious sha1: 0/0 (search/found)
Hash TCP fingerprints: 1/1 (search/found)
Hash public domain suffix: 0/0 (search/found)
Hash ja4 custom protos: 1/0 (search/found)
Hash fp custom protos: 1/0 (search/found)
Hash url custom protos: 0/0 (search/found)
TLS 428 119100 1
Safe 428 119100 1
Web 428 119100 1
JA Host Stats:
IP Address # JA4C
1 172.30.84.193 1
1 TCP 172.30.84.193:40640 <-> 208.253.217.142:443 [proto: 91/TLS][Stack: TLS][IP: 0/Unknown][Encrypted][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 32][cat: Web/5][Breed: Safe][194 pkts/51762 bytes <-> 234 pkts/67338 bytes][Goodput ratio: 75/77][31.67 sec][(Advertised) ALPNs: h2;http/1.1][TLS Supported Versions: TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.131 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 135/123 2012/2189 352/307][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 267/288 1090/1514 287/409][Risk: ** Missing SNI TLS Extn **** ALPN/SNI Mismatch **** Obfuscated Traffic **][Risk Score: 200][Risk Info: Abnormal Client Hello/Padding length / h2 / SNI should always be present][nDPI Fingerprint: ba68c98b0b2b83747821bd3cfc3fffb4][TCP Fingerprint: 2_64_65535_685ad951a756/Android][TLSv1.2][JA4: t13i1811h2_f71e3e15ae0d_5c3a8cf9b2bc][Firefox][Plen Bins: 0,0,7,52,4,3,7,1,2,0,2,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,10,0,0,1,0,0,0,0,0,0,1,0,0,1,0,0]
Reference in a new issue View git blame Copy permalink