From 8ebaccc27d779e981b500e80b69f62396dcaa0ca Mon Sep 17 00:00:00 2001 From: Toni Uhlig Date: Thu, 9 Nov 2023 23:18:55 +0100 Subject: py-flow-info: Improved analyse result printing. Signed-off-by: Toni Uhlig --- test/results/flow-info/default/stun.pcap.out | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'test/results/flow-info/default/stun.pcap.out') diff --git a/test/results/flow-info/default/stun.pcap.out b/test/results/flow-info/default/stun.pcap.out index ac88606a3..86fd9977e 100644 --- a/test/results/flow-info/default/stun.pcap.out +++ b/test/results/flow-info/default/stun.pcap.out @@ -23,9 +23,9 @@ update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] analyse: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.003| 10.359| 9.105| 2.980| 8880623.976| 4.800] - [PKTLEN......: 68.000| 92.000| 80.000| 12.000| 144.000| 5.000] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.003| 10.359| 9.105| 2.980| 8880623.976| 4.800] + [PKTLEN......: 68.000| 92.000| 80.000| 12.000| 144.000| 5.000] [BINS(c->s)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] @@ -41,9 +41,9 @@ detection-update: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable][turner.facebook] RISK: Known Proto on Non Std Port analyse: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 6.004| 0.447| 1.463| 2139022.033| 1.900] - [PKTLEN......: 56.000| 168.000| 139.600| 32.100| 1033.400| 5.000] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 6.004| 0.447| 1.463| 2139022.033| 1.900] + [PKTLEN......: 56.000| 168.000| 139.600| 32.100| 1033.400| 5.000] [BINS(c->s)..: 1,0,0,4,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,3,1,6,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,0,0,1,0,1,1,0,0,1,0,0,1,0,1,1,0,0,1,0,0,1,1,1,0,0,1,0,1] @@ -63,9 +63,9 @@ new: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable][] analyse: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 0.836| 0.131| 0.227| 51553.292| 3.400] - [PKTLEN......: 62.000| 1226.000| 179.200| 221.300| 48965.100| 4.400] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.836| 0.131| 0.227| 51553.292| 3.400] + [PKTLEN......: 62.000| 1226.000| 179.200| 221.300| 48965.100| 4.400] [BINS(c->s)..: 0,0,9,5,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,2,9,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,0,1,1,1,0,0,1,0,1,1,1,1,0,0,1,1,0,1,1,0,0,1,0,0,0,0,0] -- cgit v1.2.3