From 8ebaccc27d779e981b500e80b69f62396dcaa0ca Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Thu, 9 Nov 2023 23:18:55 +0100 Subject: py-flow-info: Improved analyse result printing. Signed-off-by: Toni Uhlig --- test/results/flow-info/default/openvpn.pcap.out | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'test/results/flow-info/default/openvpn.pcap.out') diff --git a/test/results/flow-info/default/openvpn.pcap.out b/test/results/flow-info/default/openvpn.pcap.out index 4d32222f8..ede367ca0 100644 --- a/test/results/flow-info/default/openvpn.pcap.out +++ b/test/results/flow-info/default/openvpn.pcap.out @@ -5,9 +5,9 @@ detected: [.....1] [ip4][..tcp] [...192.168.1.77][60140] -> [.46.101.231.218][..443] [OpenVPN][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port analyse: [.....1] [ip4][..tcp] [...192.168.1.77][60140] -> [.46.101.231.218][..443] [OpenVPN][Unknown][VPN][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.998| 0.088| 0.234| 54526.591| 2.700] - [PKTLEN......: 52.000| 357.000| 140.300| 75.300| 5671.500| 4.800] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.998| 0.088| 0.234| 54526.591| 2.700] + [PKTLEN......: 52.000| 357.000| 140.300| 75.300| 5671.500| 4.800] [BINS(c->s)..: 6,5,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,1,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,1,0,1,1,0,1,0,1,0,1,1,0,1,0,1,0,1,1,0,1] @@ -20,9 +20,9 @@ detected: [.....2] [ip4][..udp] [..192.168.43.12][41507] -> [.139.59.151.137][13680] [OpenVPN][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port analyse: [.....2] [ip4][..udp] [..192.168.43.12][41507] -> [.139.59.151.137][13680] [OpenVPN][Unknown][VPN][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.196| 0.045| 0.060| 3547.546| 3.900] - [PKTLEN......: 70.000| 331.000| 126.400| 58.600| 3436.100| 4.900] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.196| 0.045| 0.060| 3547.546| 3.900] + [PKTLEN......: 70.000| 331.000| 126.400| 58.600| 3436.100| 4.900] [BINS(c->s)..: 0,16,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,1,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0] @@ -37,9 +37,9 @@ detected: [.....3] [ip4][..udp] [..192.168.43.18][13680] -> [.139.59.151.137][13680] [OpenVPN][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port analyse: [.....3] [ip4][..udp] [..192.168.43.18][13680] -> [.139.59.151.137][13680] [OpenVPN][Unknown][VPN][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 2.242| 0.188| 0.537| 288658.031| 2.400] - [PKTLEN......: 70.000| 331.000| 123.300| 58.900| 3466.400| 4.900] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 2.242| 0.188| 0.537| 288658.031| 2.400] + [PKTLEN......: 70.000| 331.000| 123.300| 58.900| 3466.400| 4.900] [BINS(c->s)..: 0,16,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,2,0,0,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0] -- cgit v1.2.3