diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2023-11-09 23:18:55 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2023-11-09 23:44:35 +0100 |
| commit | 8ebaccc27d779e981b500e80b69f62396dcaa0ca (patch) | |
| tree | 62993474d9ea00d23c579a649ab048fd2a8e76e6 /test/results/flow-info/default/skype_no_unknown.pcap.out | |
| parent | dcb595e16153caa1600b64adea6af20009ea8419 (diff) | |
py-flow-info: Improved analyse result printing.1.6rc4
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/default/skype_no_unknown.pcap.out')
| -rw-r--r-- | test/results/flow-info/default/skype_no_unknown.pcap.out | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/test/results/flow-info/default/skype_no_unknown.pcap.out b/test/results/flow-info/default/skype_no_unknown.pcap.out index 3e75b6649..07b6342b5 100644 --- a/test/results/flow-info/default/skype_no_unknown.pcap.out +++ b/test/results/flow-info/default/skype_no_unknown.pcap.out @@ -66,9 +66,9 @@ detected: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port analyse: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.302| 0.085| 0.091| 8331.101| 4.100] - [PKTLEN......: 52.000| 1492.000| 357.800| 468.900| 219872.600| 4.000] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.302| 0.085| 0.091| 8331.101| 4.100] + [PKTLEN......: 52.000| 1492.000| 357.800| 468.900| 219872.600| 4.000] [BINS(c->s)..: 9,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,1,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,1] @@ -92,9 +92,9 @@ detection-update: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] RISK: Unidirectional Traffic analyse: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 1.077| 0.148| 0.323| 104108.532| 2.700] - [PKTLEN......: 40.000| 666.000| 224.900| 252.700| 63877.700| 4.200] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.000| 1.077| 0.148| 0.323| 104108.532| 2.700] + [PKTLEN......: 40.000| 666.000| 224.900| 252.700| 63877.700| 4.200] [BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,3,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,1,1,1,1,0,0,1,1,0,0,0,0,1,1,1,1,0,0,1,1,0,0,0,0,1,1,1,0,1,0] @@ -522,9 +522,9 @@ RISK: Unidirectional Traffic new: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] analyse: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 1.297| 0.245| 0.278| 77244.252| 4.100] - [PKTLEN......: 52.000| 1492.000| 166.600| 288.600| 83264.900| 3.900] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 1.297| 0.245| 0.278| 77244.252| 4.100] + [PKTLEN......: 52.000| 1492.000| 166.600| 288.600| 83264.900| 3.900] [BINS(c->s)..: 11,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 11,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0] @@ -589,9 +589,9 @@ new: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] new: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] analyse: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 2.004| 0.281| 0.501| 251090.993| 3.500] - [PKTLEN......: 52.000| 1176.000| 143.200| 243.000| 59065.600| 3.900] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 2.004| 0.281| 0.501| 251090.993| 3.500] + [PKTLEN......: 52.000| 1176.000| 143.200| 243.000| 59065.600| 3.900] [BINS(c->s)..: 13,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1] @@ -677,9 +677,9 @@ new: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] detected: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] analyse: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 19.857| 1.935| 5.865| 34398418.239| 1.700] - [PKTLEN......: 313.000| 391.000| 356.700| 29.100| 844.300| 5.000] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 19.857| 1.935| 5.865| 34398418.239| 1.700] + [PKTLEN......: 313.000| 391.000| 356.700| 29.100| 844.300| 5.000] [BINS(c->s)..: 0,0,0,0,0,0,0,0,4,9,7,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |