tests/cfgs/default/result/fins.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

DPI Packets (TCP):	4	(4.00 pkts/flow)
DPI Packets (UDP):	2	(1.00 pkts/flow)
Confidence DPI              : 3 (flows)
Num dissector calls: 3 (1.00 diss/flow)
LRU cache ookla:      0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun:       0/0/0 (insert/search/found)
LRU cache tls_cert:   0/0/0 (insert/search/found)
LRU cache mining:     0/0/0 (insert/search/found)
LRU cache msteams:    0/0/0 (insert/search/found)
Automa host:          0/0 (search/found)
Automa domain:        0/0 (search/found)
Automa tls cert:      0/0 (search/found)
Automa risk mask:     0/0 (search/found)
Automa common alpns:  0/0 (search/found)
Patricia risk mask:   4/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk:        0/0 (search/found)
Patricia risk IPv6:   0/0 (search/found)
Patricia protocols:   6/0 (search/found)
Patricia protocols IPv6: 0/0 (search/found)

FINS	257	17841	3

Acceptable                     257 17841         3            

	1	UDP 10.4.14.102:58722 -> 10.130.130.130:9600 [proto: 362/FINS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: IoT-Scada/31][245 pkts/16887 bytes -> 0 pkts/0 bytes][Goodput ratio: 39/0][0.00 sec][bytes ratio: 1.000 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/0 0/0 0/0][Pkt Len c2s/s2c min/avg/max/stddev: 54/0 69/0 582/0 46/0][Risk: ** Unidirectional Traffic **][Risk Score: 10][Risk Info: No server to client traffic][PLAIN TEXT (filename.exeaaaaaaaaaaaaaaaaaaa)][Plen Bins: 89,6,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	2	TCP 10.1.1.173:17134 <-> 10.1.1.164:9600 [proto: 362/FINS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 4][cat: IoT-Scada/31][6 pkts/385 bytes <-> 4 pkts/366 bytes][Goodput ratio: 13/40][0.59 sec][bytes ratio: 0.025 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 2/145 117/151 158/157 58/6][Pkt Len c2s/s2c min/avg/max/stddev: 54/54 64/92 83/176 11/50][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (EL20DR)][Plen Bins: 75,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
	3	UDP 10.1.1.173:54855 <-> 10.1.1.164:9600 [proto: 362/FINS][IP: 0/Unknown][ClearText][Confidence: DPI][FPC: 0/Unknown, Confidence: Unknown][DPI packets: 1][cat: IoT-Scada/31][1 pkts/55 bytes <-> 1 pkts/148 bytes][Goodput ratio: 23/71][0.16 sec][PLAIN TEXT (EL20DR)][Plen Bins: 50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]