diff options
Diffstat (limited to 'test/results/flow-info/default/pop3.pcap.out')
| -rw-r--r-- | test/results/flow-info/default/pop3.pcap.out | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/test/results/flow-info/default/pop3.pcap.out b/test/results/flow-info/default/pop3.pcap.out new file mode 100644 index 000000000..4e34b48ca --- /dev/null +++ b/test/results/flow-info/default/pop3.pcap.out @@ -0,0 +1,46 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [143.225.229.181][35287] -> [....74.208.5.28][..110] + detected: [.....1] [ip4][..tcp] [143.225.229.181][35287] -> [....74.208.5.28][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol, Clear-Text Credentials + DAEMON-EVENT: [Processed: 31 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....2] [ip4][..tcp] [....192.168.0.4][26272] -> [.212.227.15.166][..110] + detected: [.....2] [ip4][..tcp] [....192.168.0.4][26272] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + end: [.....1] [ip4][..tcp] [143.225.229.181][35287] -> [....74.208.5.28][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol, Clear-Text Credentials + new: [.....3] [ip4][..tcp] [....192.168.0.4][26284] -> [.212.227.15.166][..110] + detected: [.....3] [ip4][..tcp] [....192.168.0.4][26284] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + new: [.....4] [ip4][..tcp] [....192.168.0.4][26304] -> [.212.227.15.166][..110] + detected: [.....4] [ip4][..tcp] [....192.168.0.4][26304] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + new: [.....5] [ip4][..tcp] [....192.168.0.4][26308] -> [.212.227.15.166][..110] + detected: [.....5] [ip4][..tcp] [....192.168.0.4][26308] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + new: [.....6] [ip4][..tcp] [....192.168.0.4][26383] -> [.212.227.15.166][..110] + detected: [.....6] [ip4][..tcp] [....192.168.0.4][26383] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + analyse: [.....6] [ip4][..tcp] [....192.168.0.4][26383] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.112| 0.063| 0.038| 1429.214| 4.600] + [PKTLEN......: 40.000| 1500.000| 324.900| 545.200| 297234.100| 3.500] + [BINS(c->s)..: 13,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 7,2,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,5,0,0] + [DIRECTIONS..: 0,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,1,1,0,1,0,1,1,0,1] + [IATS(ms)....: 48.7,48.8,52.1,85.3,79.8,1.2,96.8,99.7,95.0,92.4,96.8,111.5,96.8,82.4,96.0,95.0,97.0,96.0,95.2,98.0,2.0,51.0,3.2,0.1,3.2,44.7,56.5,59.7,2.4,50.3,0.1] + [PKTLENS.....: 52,52,40,97,46,58,66,46,131,52,58,106,131,46,58,46,72,46,132,48,58,1500,40,1500,1500,40,1229,48,58,1500,40,1500] + [ENTROPIES...: 4.4,4.9,4.8,5.7,5.0,5.4,5.2,4.9,5.5,5.0,5.2,5.8,5.4,4.9,5.1,4.8,5.1,4.9,5.7,5.0,5.3,6.0,4.8,5.3,5.3,4.8,5.4,5.0,5.3,5.6,4.7,5.8] + end: [.....2] [ip4][..tcp] [....192.168.0.4][26272] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + end: [.....3] [ip4][..tcp] [....192.168.0.4][26284] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + end: [.....4] [ip4][..tcp] [....192.168.0.4][26304] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + end: [.....5] [ip4][..tcp] [....192.168.0.4][26308] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + end: [.....6] [ip4][..tcp] [....192.168.0.4][26383] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol + DAEMON-EVENT: shutdown |