diff options
Diffstat (limited to 'test/results/flow-info/teamviewer.pcap.out')
| -rw-r--r-- | test/results/flow-info/teamviewer.pcap.out | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/test/results/flow-info/teamviewer.pcap.out b/test/results/flow-info/teamviewer.pcap.out index 3a6d24931..fa7eac76b 100644 --- a/test/results/flow-info/teamviewer.pcap.out +++ b/test/results/flow-info/teamviewer.pcap.out @@ -2,22 +2,26 @@ new: [.....1] [ip4][..tcp] [......10.0.2.15][35732] -> [..162.250.2.170][.5938] detected: [.....1] [ip4][..tcp] [......10.0.2.15][35732] -> [..162.250.2.170][.5938] [TeamViewer][RemoteAccess][Acceptable] analyse: [.....1] [ip4][..tcp] [......10.0.2.15][35732] -> [..162.250.2.170][.5938] [TeamViewer][RemoteAccess][Acceptable] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 0.274| 0.067| 0.088] - [IAT(c->s)...: 0.000| 0.274| 0.074| 0.092][IAT(s->c)...: 0.000| 0.256| 0.061| 0.085] - [PKTLEN(c->s): 60.000|1514.000| 460.900| 544.600][PKTLEN(s->c): 54.000|1514.000| 314.200| 479.700] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 0.274| 0.067| 0.088| 7794.386| 0.000] + [PKTLEN......: 54.000| 1514.000| 383.000| 516.400|266637.300| 3.900] [BINS(c->s)..: 5,3,1,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,2,0,0] [BINS(s->c)..: 11,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,0] + [DIRECTIONS..: 0,1,0,0,1,0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,1,0,1,1,0,1,0,1,0,0,1,1] + [IATS........: 136273,137235,573,1795,12093,11937,35737,56,35774,25,88318,88631,11617,11587,151937,89,151972,35682,35919,255841,274397,18558,256484,257570,1057,306,258,28908,45,29127,29,0] + [PKTLENS.....: 74,58,60,91,54,120,54,1514,432,54,54,102,60,201,60,1514,1290,60,1132,54,1143,1155,54,494,110,54,102,54,1514,429,54,54] new: [.....2] [ip4][..udp] [......10.0.2.15][34417] -> [..93.47.224.241][36037] detected: [.....2] [ip4][..udp] [......10.0.2.15][34417] -> [..93.47.224.241][36037] [TeamViewer][RemoteAccess][Acceptable] RISK: Known Proto on Non Std Port, Desktop/File Sharing analyse: [.....2] [ip4][..udp] [......10.0.2.15][34417] -> [..93.47.224.241][36037] [TeamViewer][RemoteAccess][Acceptable] - [min|max|avg|stddev] - [IAT(flow)...: 0.000| 0.443| 0.037| 0.097] - [IAT(c->s)...: 0.000| 0.000| 0.000| 0.000][IAT(s->c)...: 0.000| 0.443| 0.037| 0.097] - [PKTLEN(c->s): 138.000| 138.000| 138.000| 0.000][PKTLEN(s->c): 58.000|1066.000| 463.000| 454.000] + [min|max|avg|stddev|variance|entropy] + [IAT.........: 0.000| 0.443| 0.037| 0.097| 9363.771| 0.000] + [PKTLEN......: 58.000| 1066.000| 452.800| 450.400|202865.500| 4.300] [BINS(c->s)..: 0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,7,4,1,2,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1] + [IATS........: 12327,12251,57,40726,3898,3159,6600,81845,9028,72,7415,9247,442863,41858,345075,64,9,8,11,9,7,2034,57,13,9567,57,8,51028,58831,63,12,0] + [PKTLENS.....: 138,138,506,1066,62,98,90,90,90,191,118,66,66,90,90,1066,1066,1066,1066,1066,1066,1066,1066,1066,1066,182,118,118,58,239,131,85] update: [.....2] [ip4][..udp] [......10.0.2.15][34417] -> [..93.47.224.241][36037] [TeamViewer][RemoteAccess][Acceptable] RISK: Known Proto on Non Std Port, Desktop/File Sharing DAEMON-EVENT: [Processed: 1282 pkts][ZLib][compressions: 0|diff: 0 / 0] |