tests/cfgs/default/result/dnp3.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

DPI Packets (TCP):	80	(10.00 pkts/flow)
Confidence DPI              : 8 (flows)
Num dissector calls: 8 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          0/0 (search/found)
Automa domain:        0/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   0/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   16/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

DNP3	543	38754	8

Acceptable                     543 38754         8            

	1	TCP 10.0.0.8:2828 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][60 pkts/4041 bytes <-> 78 pkts/7164 bytes][Goodput ratio: 17/38][121.83 sec][bytes ratio: -0.279 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 421/302 13044/8439 1926/1115][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 67/92 79/145 5/37][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 64,3,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	TCP 10.0.0.9:1080 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][72 pkts/4659 bytes <-> 63 pkts/4692 bytes][Goodput ratio: 10/27][384.60 sec][bytes ratio: -0.004 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 4732/3049 75028/40127 13787/9968][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/74 81/147 7/16][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 96,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	TCP 10.0.0.8:1086 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][57 pkts/3891 bytes <-> 36 pkts/2760 bytes][Goodput ratio: 17/28][70.37 sec][bytes ratio: 0.170 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1467/2686 45001/45233 7093/9611][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/77 81/147 8/22][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 95,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	4	TCP 10.0.0.8:2789 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][24 pkts/1584 bytes <-> 15 pkts/1005 bytes][Goodput ratio: 12/15][123.54 sec][bytes ratio: 0.224 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 162/2 2891/21 628/7][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 66/67 79/71 8/5][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	5	TCP 10.0.0.8:2803 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][25.63 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 1205/2488 17203/17487 4073/5519][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	6	TCP 10.0.0.9:1084 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][21 pkts/1374 bytes <-> 18 pkts/1119 bytes][Goodput ratio: 10/5][7.81 sec][bytes ratio: 0.102 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 343/630 3672/3963 975/1293][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 65/62 78/71 8/4][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	7	TCP 10.0.0.8:1184 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][21 pkts/1374 bytes <-> 12 pkts/825 bytes][Goodput ratio: 10/19][12.41 sec][bytes ratio: 0.250 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 698/1757 9226/9487 2220/3302][Pkt Len c2s/s2c min/avg/max/stddev: 60/62 65/69 78/71 8/4][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	8	TCP 10.0.0.8:1159 <-> 10.0.0.3:20000 [proto: 244/DNP3][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 10][cat: IoT-Scada/31][15 pkts/1014 bytes <-> 12 pkts/759 bytes][Goodput ratio: 14/7][12.40 sec][bytes ratio: 0.144 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 246/1770 2946/9113 814/3204][Pkt Len c2s/s2c min/avg/max/stddev: 60/60 68/63 78/71 9/5][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]