diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2022-09-22 19:07:08 +0200 |
| commit | 9a28475bba88b711b7075b58473b7e5b5df1f393 (patch) | |
| tree | 73cdf56320f14b5fe0fbfb2e930cf7ea025f9117 /test/results/flow-info/zcash.pcap.out | |
| parent | 28971cd7647a79253000fb33e52b5d2129e5ba62 (diff) | |
Improved flown analyse event:
* store packet directions
* merged direction based IATs
* merged direction based PKTLENs
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/zcash.pcap.out')
| -rw-r--r-- | test/results/flow-info/zcash.pcap.out | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/test/results/flow-info/zcash.pcap.out b/test/results/flow-info/zcash.pcap.out index 763b4052e..2df9651ad 100644 --- a/test/results/flow-info/zcash.pcap.out +++ b/test/results/flow-info/zcash.pcap.out @@ -5,12 +5,14 @@ detected: [.....1] [ip4][..tcp] [...192.168.2.92][55190] -> [.178.32.196.217][.9050] [Mining][Mining][Unsafe] RISK: Known Proto on Non Std Port, Unsafe Protocol analyse: [.....1] [ip4][..tcp] [...192.168.2.92][55190] -> [.178.32.196.217][.9050] [Mining][Mining][Unsafe] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 50.191| 6.014| 12.034] - [IAT(c->s)...: 0.000| 48.786| 5.480| 11.434][IAT(s->c)...: 0.000| 50.191| 6.663| 12.694] - [PKTLEN(c->s): 66.000| 326.000| 162.200| 96.900][PKTLEN(s->c): 66.000| 369.000| 149.400| 101.000] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 50.191| 6.014| 12.034|144808530.149| 0.000] + [PKTLEN......: 66.000| 369.000| 156.600| 98.900| 9779.100| 4.700] [BINS(c->s)..: 9,0,0,0,0,8,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,5,0,0,0,0,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,1,0,1,0,0,0,0,0,1,1,1,1,0,1,0,0,1,1] + [IATS........: 82662,82715,169,82626,1477,83954,12149836,12261597,111733,2618837,2732392,113543,6931182,7043979,112799,7848884,7848880,48786215,308388,319989,608003,50191373,143,24,41664,210617,4833234,4833228,8034710,8116947,41430,0] + [PKTLENS.....: 74,74,66,326,66,369,66,249,129,66,249,129,66,249,129,66,319,66,249,249,249,249,78,78,78,129,66,319,66,249,66,129] DAEMON-EVENT: [Processed: 87 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] idle: [.....1] [ip4][..tcp] [...192.168.2.92][55190] -> [.178.32.196.217][.9050] [Mining][Mining][Unsafe] |