vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-02 00:40:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
nDPI/tests/cfgs/classification_only/result/tls_1.2_unidirectional_client.pcapng.out
Luca Deri 11d74ea286 Implemented nDPI fingerprint that is computed using 
- TCP fingerprint
- JA4 fingepriint
- TLS SHA1 certificate (if present), or JA3S fingerprint (is SHA1 is missing)

By default the fingerprint uses the client and server fingerprints (format 0)
and combines them. However you can chnge it format (eg. use only the client info,
format 1) with

--cfg NULL,metadata.ndpi_fingerprint_format,X

where X is the fingerprint format.

By default nDPI fingerprint is enabled but you can enable/disble it as follows

--cfg NULL,metadata.ndpi_fingerprint,0
2025-08-21 10:34:49 +02:00

29 lines
1.8 KiB
Text
Raw Blame History

DPI Packets (TCP): 3 (3.00 pkts/flow)
Confidence DPI : 1 (flows)
Num dissector calls: 1 (1.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
LRU cache fpc_dns: 0/1/0 (insert/search/found)
Automa host: 1/1 (search/found)
Automa domain: 1/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 2/2 (search/found)
Patricia risk mask: 0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 1/1 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
GoogleServices 17 3004 1
Acceptable 17 3004 1
Web 17 3004 1
1 TCP 192.168.12.156:43854 -> 216.58.209.42:443 [proto: 91.239/TLS.GoogleServices][Stack: TLS.GoogleServices][IP: 126/Google][Encrypted][Confidence: DPI][FPC: 126/Google, Confidence: IP address][DPI packets: 3][cat: Web/5][Breed: Acceptable][17 pkts/3004 bytes -> 0 pkts/0 bytes][Goodput ratio: 62/0][11.30 sec][Hostname/SNI: notifications-pa.googleapis.com][(Advertised) ALPNs: h2;http/1.1][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 753/0 10866/0 2704/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/0 177/0 1090/0 251/0][nDPI Fingerprint: d9b1e7338e475c535e75d9f1f452155e][TLSv1.2][Plen Bins: 0,42,14,0,0,14,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Reference in a new issue View git blame Copy permalink