aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/dnp3.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/dnp3.pcap.out')
-rw-r--r--test/results/flow-info/dnp3.pcap.out28
1 files changed, 14 insertions, 14 deletions
diff --git a/test/results/flow-info/dnp3.pcap.out b/test/results/flow-info/dnp3.pcap.out
index 5846bb6cf..3080954d2 100644
--- a/test/results/flow-info/dnp3.pcap.out
+++ b/test/results/flow-info/dnp3.pcap.out
@@ -4,26 +4,26 @@
new: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000]
detected: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 120.146| 12.647| 35.851|1285324797.903| 0.000]
[PKTLEN......: 60.000| 79.000| 66.200| 6.800| 46.800| 5.000]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0]
- [IATS........: 201,411,1564,151649,2891882,795,3043080,21210,212002,120145678,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,1.6,151.6,2891.9,0.8,3043.1,21.2,212.0,120145.7,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,69,69,69,79,79,79,60,60,60,71,71,71,60,60,60,78,78]
DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000]
detected: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 17.487| 5.095| 6.400|40966232.736| 0.000]
[PKTLEN......: 60.000| 78.000| 64.800| 7.100| 50.000| 5.000]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,1,1]
- [IATS........: 174,378,1487,181225,17203302,17487311,4814054,4907006,3276812,3079947,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,1.5,181.2,17203.3,17487.3,4814.1,4907.0,3276.8,3079.9,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,78,78,78,60,60,60,78,78,78,60,60,60,60,60,60,60,60]
DAEMON-EVENT: [Processed: 78 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
@@ -31,13 +31,13 @@
detected: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
end: [.....2] [ip4][..tcp] [.......10.0.0.8][.2803] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 82.989| 8.549| 24.817|615875493.233| 0.000]
[PKTLEN......: 60.000| 79.000| 66.200| 6.800| 46.800| 5.000]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0]
- [IATS........: 167,372,1487,144969,996855,774,1141407,10263,204144,82989444,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,1.5,145.0,996.9,0.8,1141.4,10.3,204.1,82989.4,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,69,69,69,79,79,79,60,60,60,71,71,71,60,60,60,78,78]
DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
@@ -45,26 +45,26 @@
idle: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
detected: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 75.076| 22.122| 29.810|888614640.681| 0.000]
[PKTLEN......: 60.000| 77.000| 66.700| 5.900| 34.500| 5.000]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,1,1]
- [IATS........: 172,422,75028631,75076356,533,48219,553,153041,35338826,35569788,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,75028.6,75076.4,0.5,48.2,0.6,153.0,35338.8,35569.8,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,69,69,69,71,71,71,71,71,71,60,60,60,77,77,77,60,60,60,72,72,72,71,71]
DAEMON-EVENT: [Processed: 351 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000]
detected: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.639| 0.563| 1.000|999705.674| 0.000]
[PKTLEN......: 60.000| 79.000| 66.200| 6.800| 46.100| 5.000]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0]
- [IATS........: 139,330,1310,168563,2471106,796,2639445,99801,232167,15277,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.1,0.3,1.3,168.6,2471.1,0.8,2639.4,99.8,232.2,15.3,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,69,69,69,78,78,78,60,60,60,71,71,71,60,60,60,79,79]
idle: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
DAEMON-EVENT: [Processed: 444 pkts][ZLib][compressions: 0|diff: 0 / 0]
@@ -79,26 +79,26 @@
detected: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
idle: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 9.488| 2.471| 3.592|12904304.738| 0.000]
[PKTLEN......: 60.000| 78.000| 66.800| 7.000| 48.700| 5.000]
[BINS(c->s)..: 20,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0]
- [IATS........: 157,360,1427,192830,9226978,9487840,187102,2636386,2814075,167839,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,1.4,192.8,9227.0,9487.8,187.1,2636.4,2814.1,167.8,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,78,78,78,71,71,71,60,60,60,78,78,78,71,71,71,60,60]
DAEMON-EVENT: [Processed: 504 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
new: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000]
detected: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
analyse: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.963| 1.541| 1.422|2023320.715| 0.000]
[PKTLEN......: 60.000| 78.000| 64.800| 7.100| 50.000| 5.000]
[BINS(c->s)..: 18,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,0,1,1,1,0,0,0,1,1]
- [IATS........: 199,410,1542,125290,3672101,3963212,1744251,1702440,2163787,2038609,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [IATS(ms)....: 0.2,0.4,1.5,125.3,3672.1,3963.2,1744.3,1702.4,2163.8,2038.6,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0]
[PKTLENS.....: 62,62,62,62,62,62,60,60,60,71,71,71,60,60,60,78,78,78,60,60,60,78,78,78,60,60,60,60,60,60,60,60]
end: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
idle: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] [DNP3][IoT-Scada][Acceptable]
Powered by cgit, Themed by Ted Yin.