aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/wechat.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/wechat.pcap.out')
-rw-r--r--test/results/flow-info/wechat.pcap.out68
1 files changed, 34 insertions, 34 deletions
diff --git a/test/results/flow-info/wechat.pcap.out b/test/results/flow-info/wechat.pcap.out
index a6c77316f..428b72691 100644
--- a/test/results/flow-info/wechat.pcap.out
+++ b/test/results/flow-info/wechat.pcap.out
@@ -41,13 +41,13 @@
detection-update: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
detected: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
analyse: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.411| 0.155| 0.181|32640.860| 0.000]
[PKTLEN......: 66.000| 5892.000| 729.500| 1101.200|1212669.500| 3.900]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,1,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,1,1,0,1,1,0,1,0]
- [IATS........: 361610,361650,376,378130,3564,381307,56857,56856,287,287,2657,376606,375028,3327,373835,38287,2818,410564,21157,3298,393374,30885,401110,383706,785,383140,2859,2894,5754,1113,1113,0]
+ [IATS(ms)....: 361.6,361.6,0.4,378.1,3.6,381.3,56.9,56.9,0.3,0.3,2.7,376.6,375.0,3.3,373.8,38.3,2.8,410.6,21.2,3.3,393.4,30.9,401.1,383.7,0.8,383.1,2.9,2.9,5.8,1.1,1.1,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1306,541,66,1494,233,66,1239,443,66,264,1154,1494,1494,66,1494,1494,66,5892,66]
detection-update: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
@@ -73,31 +73,31 @@
detection-update: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
new: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [MIDSTREAM]
analyse: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 4.544| 0.482| 1.044|1090167.570| 0.000]
[PKTLEN......: 66.000| 1754.000| 537.200| 556.000|309130.700| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0]
- [IATS........: 359228,359315,435,360585,1948,362066,491,468,3580,359717,357128,3318,369214,32832,2766,400529,15038,3260,381959,38044,403106,2395,369120,36996,438834,4139732,3287,4544256,34139,398836,1152600,0]
+ [IATS(ms)....: 359.2,359.3,0.4,360.6,1.9,362.1,0.5,0.5,3.6,359.7,357.1,3.3,369.2,32.8,2.8,400.5,15.0,3.3,382.0,38.0,403.1,2.4,369.1,37.0,438.8,4139.7,3.3,4544.3,34.1,398.8,1152.6,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1754,66,192,117,1306,541,66,1494,235,66,1239,443,66,264,1306,541,66,1002,66,1306,541,66,1003,66,1234]
analyse: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 3.384| 0.466| 0.827|684250.497| 0.000]
[PKTLEN......: 66.000| 8291.000| 760.100| 1463.300|2141136.500| 3.600]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,4,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,0,0,1,1,0,0,1,1,0,0,0]
- [IATS........: 353750,353837,953113,1178147,225005,127739,4445,132165,453,438,626,638,1531,362180,361114,370977,4561,375090,3297,3310,3017858,3341,3383945,31235,408978,7414,382158,34643,434308,1925965,3353,0]
+ [IATS(ms)....: 353.8,353.8,953.1,1178.1,225.0,127.7,4.4,132.2,0.5,0.4,0.6,0.6,1.5,362.2,361.1,371.0,4.6,375.1,3.3,3.3,3017.9,3.3,3383.9,31.2,409.0,7.4,382.2,34.6,434.3,1926.0,3.4,0.0]
[PKTLENS.....: 74,74,66,304,74,66,66,1494,66,1494,66,326,66,192,117,1153,1494,1494,66,8291,66,1306,541,66,1377,1239,443,66,264,66,1306,541]
analyse: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Web][Safe]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 11.774| 2.195| 3.338|11139408.724| 0.000]
[PKTLEN......: 66.000| 1254.000| 412.500| 492.500|242574.800| 4.100]
[BINS(c->s)..: 8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0]
- [IATS........: 67,1713342,2033838,5903,326356,805535,1165376,11414547,11774429,393649,716591,9325022,9647966,1906296,2225757,6412,325847,425651,784494,2983400,3342263,487827,806732,9168,328050,421461,782117,1181667,1542348,420552,739953,0]
+ [IATS(ms)....: 0.1,1713.3,2033.8,5.9,326.4,805.5,1165.4,11414.5,11774.4,393.6,716.6,9325.0,9648.0,1906.3,2225.8,6.4,325.8,425.7,784.5,2983.4,3342.3,487.8,806.7,9.2,328.1,421.5,782.1,1181.7,1542.3,420.6,740.0,0.0]
[PKTLENS.....: 264,66,1254,66,264,66,1254,66,264,66,1254,66,264,66,1254,66,264,66,1254,66,264,66,1254,66,264,66,1254,66,264,66,1254,66]
update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable]
update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
@@ -116,31 +116,31 @@
detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
analyse: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.001| 6.862| 1.014| 1.948|3793749.017| 0.000]
[PKTLEN......: 66.000| 1754.000| 510.000| 523.800|274414.800| 4.300]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0]
- [IATS........: 362688,362730,698,359771,652,359747,1773,1754,3156,359980,358071,7205,373852,64622,431388,4503,369570,39986,442333,4042219,3253,4448907,74384,439211,6493521,3286,6862195,32133,397513,4719084,3239,0]
+ [IATS(ms)....: 362.7,362.7,0.7,359.8,0.7,359.7,1.8,1.8,3.2,360.0,358.1,7.2,373.9,64.6,431.4,4.5,369.6,40.0,442.3,4042.2,3.3,4448.9,74.4,439.2,6493.5,3.3,6862.2,32.1,397.5,4719.1,3.2,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1754,66,192,117,1234,535,66,297,1306,541,66,1002,66,1234,525,66,297,66,1306,541,66,1003,66,1234,530]
analyse: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.001| 6.095| 1.335| 2.042|4168801.845| 0.000]
[PKTLEN......: 66.000| 1754.000| 451.700| 521.000|271486.500| 4.100]
[BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1]
- [IATS........: 346826,346918,899535,1092804,193235,160456,1799,162254,554,539,2941,351941,387151,4178860,3305,4577735,29191,386626,5733723,3651,6095000,83021,440653,5485473,3274,5845918,30151,387318,1889056,2742,2249980,0]
+ [IATS(ms)....: 346.8,346.9,899.5,1092.8,193.2,160.5,1.8,162.3,0.6,0.5,2.9,351.9,387.2,4178.9,3.3,4577.7,29.2,386.6,5733.7,3.7,6095.0,83.0,440.7,5485.5,3.3,5845.9,30.2,387.3,1889.1,2.7,2250.0,0.0]
[PKTLENS.....: 74,74,66,304,74,66,66,1494,66,1754,66,192,117,66,1306,541,66,1003,66,1234,522,66,297,66,1306,541,66,1003,66,1234,527,66]
analyse: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Web][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 45.056| 5.827| 15.097|227916113.773| 0.000]
[PKTLEN......: 66.000| 1484.000| 267.200| 422.200|178253.900| 3.900]
[BINS(c->s)..: 10,3,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,3,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,0,0,1,1,1,0,0,1,1,1,0,1,0,0,1,1,0,1,0,1]
- [IATS........: 48172,48219,208,52487,725,52995,2368,2380,502,490,4525,7884,13634,51249,2766,53,28029,293,26129,2791,10149,38903,378,801,249,45379,2766,45043937,45047542,45056034,45052882,0]
+ [IATS(ms)....: 48.2,48.2,0.2,52.5,0.7,53.0,2.4,2.4,0.5,0.5,4.5,7.9,13.6,51.2,2.8,0.1,28.0,0.3,26.1,2.8,10.1,38.9,0.4,0.8,0.2,45.4,2.8,45043.9,45047.5,45056.0,45052.9,0.0]
[PKTLENS.....: 74,74,66,288,66,1484,66,1484,66,1442,66,151,111,895,336,114,100,66,96,66,96,572,66,104,104,100,66,66,66,66,66,66]
new: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1]
detected: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Network][Acceptable]
@@ -176,35 +176,35 @@
detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
new: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443]
analyse: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.469| 0.183| 0.190|36094.243| 0.000]
[PKTLEN......: 66.000| 1754.000| 605.500| 612.000|374517.100| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,1,1,0,1,1,0]
- [IATS........: 366115,366204,470,368626,765,368875,8160,8175,3097,367881,365600,3239,378746,92724,1992,469392,27762,1703,407097,30016,408635,3752,397818,10943,404654,396022,789,396156,518,1239,1756,0]
+ [IATS(ms)....: 366.1,366.2,0.5,368.6,0.8,368.9,8.2,8.2,3.1,367.9,365.6,3.2,378.7,92.7,2.0,469.4,27.8,1.7,407.1,30.0,408.6,3.8,397.8,10.9,404.7,396.0,0.8,396.2,0.5,1.2,1.8,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1754,66,192,117,1306,541,66,1494,344,66,1239,443,66,264,1239,443,66,264,1154,1494,1494,66,1494,1494,66]
detected: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
analyse: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.647| 0.130| 0.182|33080.510| 0.000]
[PKTLEN......: 66.000| 3134.000| 831.600| 861.600|742326.200| 4.200]
[BINS(c->s)..: 11,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,2]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,1]
- [IATS........: 360844,360859,1106,320164,2049,321124,836,835,489,485,2516,331784,329811,339551,757,339771,547,4542,5088,2482,2487,1143,1132,271360,646724,757,376133,549,914,1456,539,0]
+ [IATS(ms)....: 360.8,360.9,1.1,320.2,2.0,321.1,0.8,0.8,0.5,0.5,2.5,331.8,329.8,339.6,0.8,339.8,0.5,4.5,5.1,2.5,2.5,1.1,1.1,271.4,646.7,0.8,376.1,0.5,0.9,1.5,0.5,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1154,1494,1494,66,1494,1494,66,2922,66,3134,66,1154,1494,1494,66,1494,1494,66,1494]
detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
analyse: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.952| 0.213| 0.233|54375.543| 0.000]
[PKTLEN......: 66.000| 1754.000| 557.300| 599.100|358890.200| 4.200]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,1,0,0,0,1,1,0,0,1,0,1,0,1]
- [IATS........: 378875,378978,383,354036,2419,355982,2806,2818,1046,367448,367322,4404,365806,31144,394889,3196,367851,55930,2766,420112,17934,846,381296,34840,434328,543113,951677,371599,549,523,1340,0]
+ [IATS(ms)....: 378.9,379.0,0.4,354.0,2.4,356.0,2.8,2.8,1.0,367.4,367.3,4.4,365.8,31.1,394.9,3.2,367.9,55.9,2.8,420.1,17.9,0.8,381.3,34.8,434.3,543.1,951.7,371.6,0.5,0.5,1.3,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1754,66,192,117,1239,443,66,264,1306,541,66,1494,230,66,1239,443,66,264,66,1154,1494,66,1494,66,1494]
guessed: [.....1] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54084] [TLS][Web][Safe]
end: [.....1] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54084]
@@ -262,13 +262,13 @@
new: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443]
detected: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Chat][Fun]
analyse: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 6.615| 0.560| 1.552|2408711.979| 0.000]
[PKTLEN......: 66.000| 1494.000| 492.200| 547.100|299293.400| 4.200]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,1,1,0,0,1,1]
- [IATS........: 315233,315308,441,318358,1918,319817,471,453,1116,1109,2559,316619,315146,4640,327259,29671,2699,353912,21653,4624,349989,32226,392645,18020,3295,380639,36894,359501,6259002,6615415,265584,0]
+ [IATS(ms)....: 315.2,315.3,0.4,318.4,1.9,319.8,0.5,0.5,1.1,1.1,2.6,316.6,315.1,4.6,327.3,29.7,2.7,353.9,21.7,4.6,350.0,32.2,392.6,18.0,3.3,380.6,36.9,359.5,6259.0,6615.4,265.6,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1306,541,66,1494,126,66,1239,443,66,264,66,1306,541,66,1003,66,1127,66,1494]
detection-update: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Chat][Fun]
RISK: Weak TLS Cipher
@@ -296,31 +296,31 @@
update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Web][Acceptable]
update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Web][Acceptable]
analyse: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 7.807| 0.648| 1.839|3381034.746| 0.000]
[PKTLEN......: 66.000| 1494.000| 459.300| 494.600|244586.200| 4.200]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0]
- [IATS........: 325248,325323,463,328002,697,328217,391,370,3942,3944,2661,325903,324620,3183,337595,77061,411866,3780,340251,28032,402656,7430680,3764,7806976,79928,412549,2872,372,340125,30342,405762,0]
+ [IATS(ms)....: 325.2,325.3,0.5,328.0,0.7,328.2,0.4,0.4,3.9,3.9,2.7,325.9,324.6,3.2,337.6,77.1,411.9,3.8,340.3,28.0,402.7,7430.7,3.8,7807.0,79.9,412.5,2.9,0.4,340.1,30.3,405.8,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1234,538,66,297,1306,541,66,1002,66,1234,533,66,297,66,1306,541,66,1003,66]
analyse: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 183.801| 12.094| 33.303|1109122757.951| 0.000]
[PKTLEN......: 82.000| 82.000| 82.000| 0.000| 0.000| 5.000]
[BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- [IATS........: 304,1000351,2000370,14687423,324,1000207,2000433,21831590,431,1000458,2000811,26318928,434,1000298,2000470,41917186,377,1000169,2000682,183800554,363,1000944,2000954,33299722,386,1000653,2000531,29036990,312,1000238,2000730,0]
+ [IATS(ms)....: 0.3,1000.4,2000.4,14687.4,0.3,1000.2,2000.4,21831.6,0.4,1000.5,2000.8,26318.9,0.4,1000.3,2000.5,41917.2,0.4,1000.2,2000.7,183800.6,0.4,1000.9,2001.0,33299.7,0.4,1000.7,2000.5,29037.0,0.3,1000.2,2000.7,0.0]
[PKTLENS.....: 82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82,82]
analyse: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 183.800| 12.094| 33.303|1109120811.794| 0.000]
[PKTLEN......: 102.000| 102.000| 102.000| 0.000| 0.000| 5.000]
[BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- [IATS........: 285,1000432,2000369,14687365,298,1000306,2000399,21831547,409,1000568,2000773,26318883,413,1000363,2000495,41917120,347,1000193,2000827,183800433,319,1000975,2001003,33299664,360,1000743,2000515,29036936,291,1000323,2000677,0]
+ [IATS(ms)....: 0.3,1000.4,2000.4,14687.4,0.3,1000.3,2000.4,21831.5,0.4,1000.6,2000.8,26318.9,0.4,1000.4,2000.5,41917.1,0.3,1000.2,2000.8,183800.4,0.3,1001.0,2001.0,33299.7,0.4,1000.7,2000.5,29036.9,0.3,1000.3,2000.7,0.0]
[PKTLENS.....: 102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102]
new: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443]
new: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443]
@@ -335,13 +335,13 @@
RISK: Unsafe Protocol
update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable]
analyse: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 7.133| 0.619| 1.664|2769657.004| 0.000]
[PKTLEN......: 66.000| 1494.000| 492.200| 547.100|299307.700| 4.200]
[BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0]
- [IATS........: 356187,356245,409,353317,672,353556,677,668,333,334,2390,365567,364474,5597,381303,26713,2760,403898,13549,5018,378842,57192,418881,4165,370546,28172,433154,6695589,7132743,143519,540660,0]
+ [IATS(ms)....: 356.2,356.2,0.4,353.3,0.7,353.6,0.7,0.7,0.3,0.3,2.4,365.6,364.5,5.6,381.3,26.7,2.8,403.9,13.5,5.0,378.8,57.2,418.9,4.2,370.5,28.2,433.2,6695.6,7132.7,143.5,540.7,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1306,541,66,1494,126,66,1239,443,66,263,1306,541,66,1003,66,1127,66,1494,66]
guessed: [....37] [ip4][..tcp] [..192.168.1.103][54109] -> [203.205.151.162][..443] [TLS][Web][Safe]
end: [....37] [ip4][..tcp] [..192.168.1.103][54109] -> [203.205.151.162][..443]
@@ -367,13 +367,13 @@
detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
analyse: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.509| 0.286| 0.565|319614.583| 0.000]
[PKTLEN......: 66.000| 1754.000| 551.900| 561.400|315202.600| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,1,0,0,1]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0]
- [IATS........: 266637,266706,433,272250,1305,273110,594,572,2940,271769,269630,3217,281421,29714,327642,3217,299639,37418,350851,50937,3180,368575,30208,307140,2227616,3191,2508511,50935,328714,16106,3139,0]
+ [IATS(ms)....: 266.6,266.7,0.4,272.2,1.3,273.1,0.6,0.6,2.9,271.8,269.6,3.2,281.4,29.7,327.6,3.2,299.6,37.4,350.9,50.9,3.2,368.6,30.2,307.1,2227.6,3.2,2508.5,50.9,328.7,16.1,3.1,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1754,66,192,117,1306,541,66,1371,1239,443,66,264,66,1306,541,66,1004,66,1306,541,66,1381,66,1239,443]
guessed: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443] [TLS][Web][Safe]
end: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443]
@@ -444,13 +444,13 @@
detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
analyse: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443]
- [min|max|avg|stddev|variance|entropy]
+ min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.577| 0.182| 0.352|123851.137| 0.000]
[PKTLEN......: 66.000| 1494.000| 559.600| 599.000|358844.300| 4.200]
[BINS(c->s)..: 7,0,0,1,0,0,0,1,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,1,0,0,0,0,0,5,0,0,0]
[BINS(s->c)..: 6,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,0,0]
- [IATS........: 268280,268366,474,270444,798,270739,392,385,993,969,2788,273097,271415,164,26,13,12,11,1155,289376,22800,22424,9724,380702,1255603,4960,1577028,73342,350958,5989,3258,0]
+ [IATS(ms)....: 268.3,268.4,0.5,270.4,0.8,270.7,0.4,0.4,1.0,1.0,2.8,273.1,271.4,0.2,0.0,0.0,0.0,0.0,1.2,289.4,22.8,22.4,9.7,380.7,1255.6,5.0,1577.0,73.3,351.0,6.0,3.3,0.0]
[PKTLENS.....: 74,74,66,304,66,1494,66,1494,66,326,66,192,117,1246,1494,1494,1494,1494,1494,329,66,66,66,157,66,1234,527,66,297,66,1306,541]
detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
detected: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Chat][Fun]
Powered by cgit, Themed by Ted Yin.