py-flow-info: Improved analyse result printing.1.6rc4

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2023-11-09 23:18:55 +0100
committer: Toni Uhlig <matzeton@googlemail.com> 2023-11-09 23:44:35 +0100
commit: 8ebaccc27d779e981b500e80b69f62396dcaa0ca (patch)
tree: 62993474d9ea00d23c579a649ab048fd2a8e76e6 /test/results/flow-info/default/anydesk.pcapng.out
parent: dcb595e16153caa1600b64adea6af20009ea8419 (diff)
1 files changed, 9 insertions, 9 deletions
diff --git a/test/results/flow-info/default/anydesk.pcapng.out b/test/results/flow-info/default/anydesk.pcapng.out
index e7604637b..26d6ef703 100644
--- a/test/results/flow-info/default/anydesk.pcapng.out
+++ b/test/results/flow-info/default/anydesk.pcapng.out
@@ -12,9 +12,9 @@
  detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable][]
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
           analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable]
-                                        min|      max|      avg|   stddev|       variance| entropy
-                   [IAT.........:     0.000|    1.603|    0.177|    0.394|     155451.113|   2.800]
-                   [PKTLEN......:    40.000| 1500.000|  392.700|  555.200|     308238.000|   3.800]
+                                         min|       max|       avg|    stddev|         variance|  entropy
+                   [IAT.........: <    0.001|     1.603|     0.177|     0.394|       155451.113|    2.800]
+                   [PKTLEN......:     40.000|  1500.000|   392.700|   555.200|       308238.000|    3.800]
                    [BINS(c->s)..: 8,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,2,0,0]
                    [BINS(s->c)..: 9,2,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,2,0,0,0,0,1,0,0]
                    [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,1,1,1]
@@ -46,9 +46,9 @@
  detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable][]
                    RISK: Known Proto on Non Std Port, Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
           analyse: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable]
-                                        min|      max|      avg|   stddev|       variance| entropy
-                   [IAT.........:     0.000|    3.022|    0.410|    0.826|     682181.919|   2.900]
-                   [PKTLEN......:    40.000| 3966.000|  306.300|  747.400|     558552.100|   3.100]
+                                         min|       max|       avg|    stddev|         variance|  entropy
+                   [IAT.........:      0.000|     3.022|     0.410|     0.826|       682181.919|    2.900]
+                   [PKTLEN......:     40.000|  3966.000|   306.300|   747.400|       558552.100|    3.100]
                    [BINS(c->s)..: 6,4,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1]
                    [BINS(s->c)..: 11,3,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
                    [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,1,0,0,1,1,0,1,1,0,0,1,1,1,0,1,1,0,0,1,0]
@@ -65,9 +65,9 @@
  detection-update: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable][]
                    RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN
           analyse: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable]
-                                        min|      max|      avg|   stddev|       variance| entropy
-                   [IAT.........:     0.000|    8.445|    0.583|    2.064|    4258557.067|   1.500]
-                   [PKTLEN......:    52.000| 1500.000|  328.900|  495.500|     245485.500|   3.800]
+                                         min|       max|       avg|    stddev|         variance|  entropy
+                   [IAT.........: <    0.001|     8.445|     0.583|     2.064|      4258557.067|    1.500]
+                   [PKTLEN......:     52.000|  1500.000|   328.900|   495.500|       245485.500|    3.800]
                    [BINS(c->s)..: 8,0,2,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,2,0,0]
                    [BINS(s->c)..: 7,4,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
                    [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,1,1,0,0,1,1]
author	Toni Uhlig <matzeton@googlemail.com>	2023-11-09 23:18:55 +0100
committer	Toni Uhlig <matzeton@googlemail.com>	2023-11-09 23:44:35 +0100
commit	8ebaccc27d779e981b500e80b69f62396dcaa0ca (patch)
tree	62993474d9ea00d23c579a649ab048fd2a8e76e6 /test/results/flow-info/default/anydesk.pcapng.out
parent	dcb595e16153caa1600b64adea6af20009ea8419 (diff)