diff options
Diffstat (limited to 'test/results/flow-info/default/tor.pcap.out')
| -rw-r--r-- | test/results/flow-info/default/tor.pcap.out | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/test/results/flow-info/default/tor.pcap.out b/test/results/flow-info/default/tor.pcap.out index 38f3672cd..3b4833a1d 100644 --- a/test/results/flow-info/default/tor.pcap.out +++ b/test/results/flow-info/default/tor.pcap.out @@ -38,9 +38,9 @@ detected: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][endian-pc] RISK: Unsafe Protocol analyse: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] [TLS.Tor][Unknown][VPN][Potentially Dangerous] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 31.166| 2.329| 7.550| 56997495.964| 1.900] - [PKTLEN......: 40.000| 1500.000| 355.800| 354.900| 125974.500| 4.300] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 31.166| 2.329| 7.550| 56997495.964| 1.900] + [PKTLEN......: 40.000| 1500.000| 355.800| 354.900| 125974.500| 4.300] [BINS(c->s)..: 4,0,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,1,0,1,1,0,0,1,1,0,1,1,0,1] @@ -48,9 +48,9 @@ [PKTLENS.....: 52,52,46,264,40,969,238,99,114,1500,126,46,626,40,626,40,626,626,40,626,626,40,626,46,626,40,626,626,40,626,626,40] [ENTROPIES...: 4.5,4.8,4.4,5.4,4.8,7.6,6.9,5.9,6.1,7.9,6.5,4.3,7.7,4.8,7.7,4.8,7.6,7.7,4.7,7.7,7.6,4.8,7.7,4.3,7.6,4.6,7.6,7.7,4.8,7.6,7.6,4.7] analyse: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] [TLS][Unknown][Web][Safe] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 37.996| 2.549| 9.274| 86002509.021| 1.400] - [PKTLEN......: 40.000| 1500.000| 448.800| 476.200| 226793.400| 4.200] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 37.996| 2.549| 9.274| 86002509.021| 1.400] + [PKTLEN......: 40.000| 1500.000| 448.800| 476.200| 226793.400| 4.200] [BINS(c->s)..: 5,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,1,0,0,1,0,1,1,1,0,1,1] @@ -62,9 +62,9 @@ update: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol analyse: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] [TLS.Tor][Unknown][VPN][Potentially Dangerous] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 71.328| 4.658| 14.789| 218716025.389| 1.800] - [PKTLEN......: 40.000| 1500.000| 330.600| 347.100| 120444.200| 4.200] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 71.328| 4.658| 14.789| 218716025.389| 1.800] + [PKTLEN......: 40.000| 1500.000| 330.600| 347.100| 120444.200| 4.200] [BINS(c->s)..: 6,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,1,0,0] @@ -91,9 +91,9 @@ detection-update: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] [TLS][Unknown][Web][Safe][www.jmts2id.com] RISK: Obsolete TLS (v1.1 or older) analyse: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] [TLS.Tor][Unknown][VPN][Potentially Dangerous] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.991| 0.147| 0.220| 48576.569| 3.900] - [PKTLEN......: 40.000| 1500.000| 348.200| 347.100| 120448.800| 4.300] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.991| 0.147| 0.220| 48576.569| 3.900] + [PKTLEN......: 40.000| 1500.000| 348.200| 347.100| 120448.800| 4.300] [BINS(c->s)..: 4,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,1,0,1,1,0,0,1,1,0,1,1,0,1] @@ -134,9 +134,9 @@ DAEMON-EVENT: [Processed: 337 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 7 / 11|skipped: 0|!detected: 0|guessed: 1|detection-updates: 7|updates: 5] analyse: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] [TLS][Unknown][Web][Safe] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 72.890| 8.727| 22.569| 509351076.823| 2.100] - [PKTLEN......: 40.000| 1500.000| 312.000| 345.900| 119666.800| 4.200] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 72.890| 8.727| 22.569| 509351076.823| 2.100] + [PKTLEN......: 40.000| 1500.000| 312.000| 345.900| 119666.800| 4.200] [BINS(c->s)..: 9,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,0,1,1,0] |