1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
|
00453{"daemon_event_id":1,"daemon_event_name":"init","thread_id":0,"packet_id":0,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","max-flows-per-thread":2048,"max-idle-flows-per-thread":64,"tick-resolution":1000,"reader-thread-count":1,"flow-scan-interval":10000,"generic-max-idle-time":600000,"icmp-max-idle-time":120000,"udp-max-idle-time":180000,"tcp-max-idle-time":7560000,"max-packets-per-flow-to-send":3,"max-packets-per-flow-to-process":32}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":1,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409796586,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAACQAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgAw=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":1,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":2,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409796586,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgAA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":2,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":3,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409796586,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAABwAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgAA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":3,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":4,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409796605,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAACgAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgIA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":4,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":5,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409797075,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAACQAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgAw=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":5,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":6,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409797075,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgAA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":6,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":7,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409797075,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAABwAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgAA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":7,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00373{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":8,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409797101,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAACgAAAAAAAAAAAAAAAAAAAAAATURKUjk4ICAgICAgICAgIA=="}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":8,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00586{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409797553,"flow_last_seen":1576409797553,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":68,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409797553,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.2","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00532{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":1,"flow_last_seen":1576409797553,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409797553,"pkt":"AFBW6YlWAFBWM3ieCABFAABgBwAAAIAR07fAqO+BwKjvAgCJAIkATAvHAAQpAAABAAAAAAABIEVORUVFS0ZDREpESUNBQ0FDQUNBQ0FDQUNBQ0FDQUFEAAAgAAHADAAgAAEABJPgAAYAAMCo74E="}
00647{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409797553,"flow_last_seen":1576409797553,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":68,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409797553,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.2","src_port":137,"dst_port":137,"l4_proto":"udp","ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":10,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":2,"flow_last_seen":1576409797553,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409797553,"pkt":"AFBW6YlWAFBWM3ieCABFAABgCAAAAIAR0rfAqO+BwKjvAgCJAIkATHy8AAIpAAABAAAAAAABIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAaAAMCo74E="}
00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":11,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_packet_id":3,"flow_last_seen":1576409797554,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409797554,"pkt":"AFBW6YlWAFBWM3ieCABFAABgCQAAAIAR0bfAqO+BwKjvAgCJAIkATA7DAAgpAAABAAAAAAABIEVORUVFS0ZDREpESUNBQ0FDQUNBQ0FDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAYAAMCo74E="}
00550{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":13,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409798047,"flow_last_seen":1576409798047,"flow_idle_time":120000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1576409798047,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"224.0.0.2","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3}
00462{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":13,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":2,"flow_packet_id":1,"flow_last_seen":1576409798047,"flow_idle_time":120000,"pkt_oversize":false,"pkt_caplen":60,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":60,"pkt_l4_len":8,"ts_msec":1576409798047,"pkt":"AQBeAAACAFBWM3ieCABFAAAcCwAAAIABn7TAqO+B4AAAAgoA9f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA"}
00609{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":13,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409798047,"flow_last_seen":1576409798047,"flow_idle_time":120000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1576409798047,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"224.0.0.2","l4_proto":"icmp","ndpi": {"confidence": {"4":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}}
00374{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":14,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409798642,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHg=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":14,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00374{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":19,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409799428,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHg=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":19,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00374{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":20,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409800348,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHg=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":20,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00589{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":21,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409800543,"flow_last_seen":1576409800543,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":68,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409800543,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":1,"flow_last_seen":1576409800543,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409800543,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAABgEAAAAIARybrAqO+BwKjv\/wCJAIkATAq6AAQpEAABAAAAAAABIEVORUVFS0ZDREpESUNBQ0FDQUNBQ0FDQUNBQ0FDQUFEAAAgAAHADAAgAAEABJPgAAYAAMCo74E="}
00650{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409800543,"flow_last_seen":1576409800543,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":68,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409800543,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":137,"dst_port":137,"l4_proto":"udp","ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":2,"flow_last_seen":1576409800544,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409800544,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAABgEQAAAIARyLrAqO+BwKjv\/wCJAIkATHuvAAIpEAABAAAAAAABIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAaAAMCo74E="}
00542{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_packet_id":3,"flow_last_seen":1576409800544,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":110,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":110,"pkt_l4_len":76,"ts_msec":1576409800544,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAABgEgAAAIARx7rAqO+BwKjv\/wCJAIkATA22AAgpEAABAAAAAAABIEVORUVFS0ZDREpESUNBQ0FDQUNBQ0FDQUNBQ0FDQUFBAAAgAAHADAAgAAEABJPgAAYAAMCo74E="}
00532{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":33,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":180,"pkt_type":166,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":180,"pkt_l4_len":0,"ts_msec":1576409802223,"pkt":"AwAAAAABAFBWM3ieAKbw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAAAAAAAAAAAAAAAhAFYAAwABAAEAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQNg6gAATURKUjk4AAAAAAAAAAAAAAQAAyBAABUEVaoA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":33,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":166}
00593{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":42,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409807597,"flow_last_seen":1576409807597,"flow_idle_time":180000,"flow_min_l4_payload_len":201,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":201,"flow_avg_l4_payload_len":201,"midstream":0,"ts_msec":1576409807597,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3}
00719{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":42,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":1,"flow_last_seen":1576409807597,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":243,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":243,"pkt_l4_len":209,"ts_msec":1576409807597,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAADlJAAAAIARtTXAqO+BwKjv\/wCKAIoA0Qn+EQIADMCo74EAigC7AAAgRU5FRUVLRkNESkRJQ0FDQUNBQ0FDQUNBQ0FDQUNBQUEAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAAAAAAAAAAAAAAAhAFYAAwABAAEAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQNg6gAATURKUjk4AAAAAAAAAAAAAAQAAyBAABUEVaoA"}
00778{"flow_event_id":6,"flow_event_name":"detected","thread_id":0,"packet_id":42,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"info","flow_packets_processed":1,"flow_first_seen":1576409807597,"flow_last_seen":1576409807597,"flow_idle_time":180000,"flow_min_l4_payload_len":201,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":201,"flow_avg_l4_payload_len":201,"midstream":0,"ts_msec":1576409807597,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":138,"dst_port":138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"4":"DPI"},"proto":"NetBIOS.SMBv1","breed":"Dangerous","category":"System"}}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":43,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409811132,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":43,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":44,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409811517,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":44,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":45,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409811901,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":45,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":46,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409812669,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":46,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":47,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409813829,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":47,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":48,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409815308,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":48,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":49,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409817241,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":49,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":50,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409819547,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":50,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":51,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409822253,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":51,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":52,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409825334,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":52,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":53,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409828857,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":53,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":54,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409832716,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":54,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":55,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":91,"pkt_type":77,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":91,"pkt_l4_len":0,"ts_msec":1576409836953,"pkt":"AFBWM3ieAAwp1HmyAE3g4AP\/\/wBKAAQAAAAAAFBWM3ieBVAAAAAAAAwp1HmyBVL\/U01CKwAAAAAAAAAAAAAAAAACAQwAAAAA0AAyAADBAwEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":55,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":77}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":56,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409844797,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAQAAAAAAAQACo2haC8B0A+lo+\/82xHHoVEVTVDEgICAgICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":56,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":57,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409844798,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAAAAAAAAAgAEuP7\/UOih91uNRuQWUOhaV09SS0dST1VQICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":57,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":58,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409845301,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAAAAAAAAAgACo2haC8B0A+lo+\/82xHHoV09SS0dST1VQICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":58,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":59,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409845301,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAQAAAAAAAQAEuP7\/UOih91uNRuQWUOhaVEVTVDEgICAgICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":59,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":60,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409845853,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAQAAAAAAAQACo2haC8B0A+lo+\/82xHHoVEVTVDEgICAgICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":60,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":61,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409845853,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vAAAAAAAAAgAEuP7\/UOih91uNRuQWUOhaV09SS0dST1VQICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":61,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00500{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":62,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409846177,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":62,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00687{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":63,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":2,"flow_last_seen":1576409851581,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":219,"pkt_l4_len":185,"ts_msec":1576409851581,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAADNJQAAAIARtE3AqO+BwKjv\/wCKAIoAuRxGEQIADsCo74EAigCjAAAgRU5FRUVLRkNESkRJQ0FDQUNBQ0FDQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00500{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":64,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409856181,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":64,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00465{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":65,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":115,"pkt_type":101,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":115,"pkt_l4_len":0,"ts_msec":1576409859028,"pkt":"\/\/\/\/\/\/\/\/AAwp1HmyAGXg4AP\/\/wBiAAQAAAAA\/\/\/\/\/\/\/\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPMBAYBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":65,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":101}
00374{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":66,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409859028,"pkt":"AwAAAAABAAwp1HmyAC\/w8AMsAP\/vCgADAAAAAwBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":66,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00374{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":67,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409859028,"pkt":"AAwp1HmyAFBWM3ieAC\/w8AMsAP\/vDhcVAAMAFQBURVNUMSAgICAgICAgICAATURKUjk4ICAgICAgICAgIA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":67,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":68,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":3,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AFBWM3ieAAwp1HmyAAPw8H8sAP\/vAQAAAAAAAQACo2haC8B0A+lo+\/82xHHoVEVTVDEgICAgICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":68,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":3}
00367{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":69,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":3,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AAwp1HmyAFBWM3ieAAPw8XNgDAAAAIARzrfAqO+BwKjvAgCJAIkATA7DAAgpAAABAAAAAAABIEVORUVF"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":69,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":3}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":70,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AFBWM3ieAAwp1HmyAATw8AEBAP\/vAAAAAAAAAgAEuP7\/UOih91uNRuQWUOhaV09SS0dST1VQICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":70,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00367{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":71,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AAwp1HmyAFBWM3ieAATw8QEBDQAAAIARzbfAqO+BwKjvAgCJAIkATHy8AAIpAAABAAAAAAABIEZIRVBG"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":71,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":72,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AFBWM3ieAAwp1HmyABLw8AAADgD\/7xmPygUVAAMAFQP\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAA"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":72,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":73,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AAwp1HmyAFBWM3ieABLw8AADDgD\/7xeBvAUDABUAAxXvAgCJAIkATAvHAAQpAAABAAAAAAABIEVORUVF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":73,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":74,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AFBWM3ieAAwp1HmyAATw8QEDAP\/vCgADAAAAAwBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":74,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00525{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":75,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":174,"pkt_type":160,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":174,"pkt_l4_len":0,"ts_msec":1576409859029,"pkt":"AFBWM3ieAAwp1HmyAKDw8AICDgD\/7xYEAAAAAAEAFQP\/U01CcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyAAAhAABrAAJQQyBORVRXT1JLIFBST0dSQU0gMS4wAAJNSUNST1NPRlQgTkVUV09SS1MgMy4wAAJET1MgTE0xLjJYMDAyAAJET1MgTEFOTUFOMi4xAAJXaW5kb3dzIGZvciBXb3JrZ3JvdXBzIDMuMWEA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":75,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":160}
00367{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":76,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAATw8QEEDwAAAIARy7fAqO+BwKjvAgCJAIkATA7DAAYpAAABAAAAAAABIEVORUVF"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":76,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00429{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":77,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":101,"pkt_type":87,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":101,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAFfw8AIEDgD\/7xYMAAABACgAAxX\/U01CcgAAAACAAAAAAAAAAAAAAAAAAAAAAAAyAAAhAA0EAAIAaAsCAAEAAwAVBQOAsmSPT8T\/AAAAAAgAFQUDgAEb9l0="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":77,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":87}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":78,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AFBWM3ieAAwp1HmyAATw8QEEAP\/vAAAAAAAAAgAEuP7\/UOih91uNRuQWUOhaV09SS0dST1VQICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":78,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00503{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":79,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":155,"pkt_type":141,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":155,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AFBWM3ieAAwp1HmyAI3w8AQEDgD\/7xYMAAAoAAIAFQP\/U01CcwAAAAAQAAAAAAAAAAAAAAAAAAAAAAAyAQAhAAp1AEcAPgYCAAAAFQUDgAEAAAAAABAAAE1BUlRJTiBST1NFTkFVAAT\/AAAAAAAYACkANLVcqnsYd8yVvD05\/JKBnmi3H4Zsvi3FXFxNREpSOThcVEVTVABBOgA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":79,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":141}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":80,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAATw8QEGAP\/vAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":80,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00403{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":81,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":83,"pkt_type":69,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":83,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAEXw8AQGDgD\/7xYMAAACACgAAxX\/U01CcwAAAACQAAAAAAAAAAAAAAAAAAAAyAAyAAAhAAN1ACkAAAAAAAL\/AAAAAwBBOgA="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":81,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":69}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":82,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AFBWM3ieAAwp1HmyAATw8QEGAP\/vCgADAAAAAwBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":82,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00394{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":83,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AFBWM3ieAAwp1HmyAD7w8AYGDgD\/7xYMAAAoAAMAFQP\/U01CKwAAAAAAAAAAAAAAAAAAAAAAAAAAyAAyAABhAAEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":83,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":84,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAATw8QEIEQAAAIARyLrAqO+BwKjv\/wCJAIkATHuvAAIpEAABAAAAAAABIEZIRVBG"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":84,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00394{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":85,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409859030,"pkt":"AAwp1HmyAFBWM3ieAD7w8AYIDgD\/7xYMAAADACgAAxX\/U01CKwAAAACAAAAAAAAAAAAAAAAAAAAAyAAyAABhAAEBAAcABEhlbGxvAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":85,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":86,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859031,"pkt":"AFBWM3ieAAwp1HmyAATw8QEIAP\/vAAAAAAAAAgAEuP7\/UOih91uNRuQWUOhaV09SS0dST1VQICAgICAg"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":86,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":87,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859141,"pkt":"AFBWM3ieAAwp1HmyABLw8AgJDgD\/7xQAAAAoAAAAFQP\/U01CcwAAAAAQAAAAAAAAAAAAAAAAAAAAAAAy"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":87,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":88,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409859141,"pkt":"AAwp1HmyAFBWM3ieAATw8QELEwAAAIARxrrAqO+BwKjv\/wCJAIkATA22AAYpEAABAAAAAAABIEVORUVF"}
00178{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":88,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00465{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":89,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":115,"pkt_type":101,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":115,"pkt_l4_len":0,"ts_msec":1576409859529,"pkt":"\/\/\/\/\/\/\/\/AAwp1HmyAGXg4AP\/\/wBiABQAAAAA\/\/\/\/\/\/\/\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPMBAYBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":89,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":101}
00465{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":90,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":115,"pkt_type":101,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":115,"pkt_l4_len":0,"ts_msec":1576409860077,"pkt":"\/\/\/\/\/\/\/\/AAwp1HmyAGXg4AP\/\/wBiABQAAAAA\/\/\/\/\/\/\/\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPMBAYBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":90,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":101}
00465{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":91,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":115,"pkt_type":101,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":115,"pkt_l4_len":0,"ts_msec":1576409860625,"pkt":"\/\/\/\/\/\/\/\/AAwp1HmyAGXg4AP\/\/wBiABQAAAAA\/\/\/\/\/\/\/\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPMBAYBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":91,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":101}
00465{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":92,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":115,"pkt_type":101,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":115,"pkt_l4_len":0,"ts_msec":1576409861175,"pkt":"\/\/\/\/\/\/\/\/AAwp1HmyAGXg4AP\/\/wBiABQAAAAA\/\/\/\/\/\/\/\/BVEAAAAAAAwp1HmyBVIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPMBAYBNREpSOTggICAgICAgICAgVEVTVDEgICAgICAgICAgAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":92,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":101}
00687{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":93,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_last_seen":1576409861597,"flow_idle_time":180000,"pkt_oversize":false,"pkt_caplen":219,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":219,"pkt_l4_len":185,"ts_msec":1576409861597,"pkt":"\/\/\/\/\/\/\/\/AFBWM3ieCABFAADNJgAAAIARs03AqO+BwKjv\/wCKAIoAuRxEEQIAEMCo74EAigCjAAAgRU5FRUVLRkNESkRJQ0FDQUNBQ0FDQUNBQ0FDQUNBQ0EAIEZIRVBGQ0VMRUhGQ0VQRkZGQUNBQ0FDQUNBQ0FDQUJOAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00532{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":94,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":180,"pkt_type":166,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":180,"pkt_l4_len":0,"ts_msec":1576409862195,"pkt":"AwAAAAABAFBWM3ieAKbw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAAAAAAAAAAAAAAAhAFYAAwABAAEAAgAyAFxNQUlMU0xPVFxCUk9XU0UAAQRg6gAATURKUjk4AAAAAAAAAAAAAAQAAyBBABUEVaoA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":94,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":166}
00650{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":95,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":1576409798047,"flow_last_seen":1576409798047,"flow_idle_time":120000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1576409866206,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"224.0.0.2","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}}
00500{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":95,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409866206,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":95,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00414{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":97,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":89,"pkt_type":75,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":89,"pkt_l4_len":0,"ts_msec":1576409868734,"pkt":"AFBWM3ieAAwp1HmyAEvw8AoIDgD\/7xYEAAAAAAQAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAACBAAIUAAgAEgAEXD8\/Pz8\/Pz8\/Lj8\/PwAFAAA="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":97,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":75}
00382{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":98,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409868734,"pkt":"AAwp1HmyAFBWM3ieADXw8AgMDgD\/7xYMAAAEACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAACBAAAAAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":98,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00394{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":99,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409868736,"pkt":"AFBWM3ieAAwp1HmyAD7w8AwKDgD\/7xYMAAAoAAUAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAChAAIUAAAABQAEAAUAAA=="}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":99,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":100,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409868736,"pkt":"AAwp1HmyAFBWM3ieADXw8AoODgD\/7xYMAAAFACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAAChAAAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":100,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":101,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":89,"pkt_type":75,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":89,"pkt_l4_len":0,"ts_msec":1576409868736,"pkt":"AFBWM3ieAAwp1HmyAEvw8A4MDgD\/7xYMAAAoAAYAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAADBAAIUABYAEgAEXD8\/Pz8\/Pz8\/Lj8\/PwAFAAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":101,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":75}
00514{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":102,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":158,"pkt_type":144,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":158,"pkt_l4_len":0,"ts_msec":1576409868736,"pkt":"AAwp1HmyAFBWM3ieAJDw8AwQDgD\/7xYMAAAGACgAAxX\/U01CgQAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAADBAAECAFkABVYAgz8\/Pz8\/Pz8\/Pz8\/FgAAAQAAAAAAECpjj08AAAAALgAgICAgICAAAAAAAIM\/Pz8\/Pz8\/Pz8\/PxYBAAEAAAAAABAqY49PAAAAAC4uACAgICAgAAAAAAA="}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":102,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":144}
00427{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":103,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":97,"pkt_type":83,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":97,"pkt_l4_len":0,"ts_msec":1576409868739,"pkt":"AFBWM3ieAAwp1HmyAFPw8BAODgD\/7xYMAAAoAAcAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAADhAAIUAAAAGgAEAAUVAIM\/Pz8\/Pz8\/Pz8\/PxYBAAEAgwAAAQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":103,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":83}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":104,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409868740,"pkt":"AAwp1HmyAFBWM3ieADXw8A4SDgD\/7xYMAAAHACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAADhAAAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":104,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":105,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409868742,"pkt":"AFBWM3ieAAwp1HmyADXw8BIQDgD\/7xYMAAAoAAgAFQP\/U01CgAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAABAQAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":105,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00397{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":106,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":77,"pkt_type":63,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":77,"pkt_l4_len":0,"ts_msec":1576409868742,"pkt":"AAwp1HmyAFBWM3ieAD\/w8BAUDgD\/7xYMAAAIACgAAxX\/U01CgAAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAAABAQVq\/wABAAJ2+AAAAAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":106,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":63}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":107,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409868821,"pkt":"AFBWM3ieAAwp1HmyABLw8BQTDgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":107,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":108,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409868821,"pkt":"AAwp1HmyAFBWM3ieAATw8QEXHAAAAIARvbrAqO+BwKjv\/wCJAIkATA62AAgoEAABAAAAAAABIEVORUVF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":108,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00439{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":110,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":107,"pkt_type":93,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":107,"pkt_l4_len":0,"ts_msec":1576409872653,"pkt":"AFBWM3ieAAwp1HmyAF3w8BYSDgD\/7xYEAAAAAAkAFQP\/U01CLQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAAhAQ\/\/AAAABwACABYAIAAeKfZdEgAAAAAAAAAAAAAAAAAKAFxURVNULlRYVAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":110,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":93}
00425{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":111,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":97,"pkt_type":83,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":97,"pkt_l4_len":0,"ts_msec":1576409872653,"pkt":"AAwp1HmyAFBWM3ieAFPw8BIYDgD\/7xYMAAAJACgAAxX\/U01CLQAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAAAhAQ\/\/AAAAAAAgAB4p9l0AAAAAAgAAAAAAAgAAAAAAAAAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":111,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":83}
01905{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":112,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":1204,"pkt_type":1190,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":1204,"pkt_l4_len":0,"ts_msec":1576409872682,"pkt":"AFBWM3ieAAwp1HmyBKbw8BgUDgD\/7xYMAAAoAAoAFQP\/U01CCwAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAABBAQUAAGQEAAAAAGQEZwQBZAQNCiBWb2x1bWUgaW4gZHJpdmUgQyBpcyBNU0RPUyAgICAgIA0KIFZvbHVtZSBTZXJpYWwgTnVtYmVyIGlzIDQwMzEtMEZFMA0KIERpcmVjdG9yeSBvZiBDOlwNCg0KQ09NTUFORCAgQ09NICAgICAgICA1NC42NDUgMzEuMDUuOTQgICAgNjoyMg0KV0lORE9XUyAgICAgIDxESVI+ICAgICAgICAgMjYuMTEuMTMgICAgODozNw0KV0lOQTIwICAgMzg2ICAgICAgICAgOS4zNDkgMzEuMDUuOTQgICAgNjoyMg0KVEVNUCAgICAgICAgIDxESVI+ICAgICAgICAgMjYuMTEuMTMgICAgODowNA0KVE9PTFMgICAgICAgIDxESVI+ICAgICAgICAgMjYuMTEuMTMgICAgODowNQ0KRE9TICAgICAgICAgIDxESVI+ICAgICAgICAgMjYuMTEuMTMgICAgODowNQ0KQVVUT0VYRUMgTkVUICAgICAgICAgICAxNjkgMTMuMTIuMTkgICAgNjo1MA0KTk9WRUxMICAgICAgIDxESVI+ICAgICAgICAgMTQuMTIuMTkgICAyMTozOQ0KTkVUICAgICAgICAgIDxESVI+ICAgICAgICAgMDcuMTAuMTkgICAyMjoxMg0KQ09ORklHICAgV0lOICAgICAgICAgICAyNzggMDcuMTAuMTkgICAyMjoxMw0KQVVUT0VYRUMgV0lOICAgICAgICAgICAyNDEgMDcuMTAuMTkgICAyMjoxMw0KQVVUT0VYRUMgQkFUICAgICAgICAgICAxNjkgMTUuMTIuMTkgICAxMDo0NQ0KQVVUT0VYRUMgT0xEICAgICAgICAgICAyNDEgMDcuMTAuMTkgICAyMjoxMw0KQ09ORklHICAgTkVUICAgICAgICAgICAxMzQgMTMuMTIuMTkgICAgNjo1MA0KQVVUT0VYRUMgTk9WICAgICAgICAgICAzMDkgMTQuMTIuMTkgICAyMTozOQ0KQ09ORklHICAgTk9WICAgICAgICAgICAyODAgMTQuMTIuMTkgICAyMTozOQ0KQ09ORklHICAgT0xEICAgICAgICAgICAyNzggMDcuMTAuMTkgICAyMjoxMw0KTkJJSFcgICAgQ0ZHICAgICAgICAgICAzODggMTUuMTIuMTkgICAxMDoxOA0KQ09ORklHICAgMDAxICAgICAgICAgICAxMzQgMTUuMTIuMTkgICAxMDo0NQ0KQVVUT0VYRUMgMDAxICAgICAgICAgICAxNjkgMTUuMTIuMTkgICAxMDo0NQ0KQ09ORklHICAgU1lTICAgICAgICAgICAxMzQgMTUuMTIuMTkgICAxMDo0NQ0KICAgICAgIDIxIGZpbGUocykgICAgICAgICA2Ni45MTggYnl0ZXMNCiAgICAgICAgICAgICAgICAgICAgIDE1Mi44NTQuNTI4IGJ5dGVzIGZyZWUNCg=="}
00182{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":112,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":1190}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":113,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":69,"pkt_type":55,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":69,"pkt_l4_len":0,"ts_msec":1576409872683,"pkt":"AAwp1HmyAFBWM3ieADfw8BQaDgD\/7xYMAAAKACgAAxX\/U01CCwAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAABBAQFkBAAA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":113,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":55}
00391{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":114,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":73,"pkt_type":59,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":73,"pkt_l4_len":0,"ts_msec":1576409872683,"pkt":"AFBWM3ieAAwp1HmyADvw8BoWDgD\/7xYMAAAoAAsAFQP\/U01CBAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAABhAQMAAB4p9l0AAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":114,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":59}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":115,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409872683,"pkt":"AAwp1HmyAFBWM3ieADXw8BYcDgD\/7xYMAAALACgAAxX\/U01CBAAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAABhAQAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":115,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":116,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409872793,"pkt":"AFBWM3ieAAwp1HmyABLw8BwYDgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":116,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":117,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409873117,"pkt":"AAwp1HmyAFBWM3ieAATw8QEeIQAAAIARuLrAqO+BwKjv\/wCJAIkATG2mAAopEAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":117,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00501{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":118,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409876181,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":118,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00439{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":119,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":107,"pkt_type":93,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":107,"pkt_l4_len":0,"ts_msec":1576409876669,"pkt":"AFBWM3ieAAwp1HmyAF3w8B4YDgD\/7xYEAAAAAAwAFQP\/U01CLQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAACBAQ\/\/AAAABwAAABYAAAAiKfZdAQAAAAAAAAAAAAAAAAAKAFxURVNULlRYVAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":119,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":93}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":120,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409876669,"pkt":"AAwp1HmyAFBWM3ieAATw8QEgIwAAAIARtrrAqO+BwKjv\/wCJAIkATG6mAAooEAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":120,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00425{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":121,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":97,"pkt_type":83,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":97,"pkt_l4_len":0,"ts_msec":1576409876670,"pkt":"AAwp1HmyAFBWM3ieAFPw8BggDgD\/7xYMAAAMACgAAxX\/U01CLQAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAACBAQ\/\/AAAAAQAgAB4p9l1kBAAAAAAAAAAAAQAAAAAAAAAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":121,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":83}
00395{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":122,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":73,"pkt_type":59,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":73,"pkt_l4_len":0,"ts_msec":1576409876703,"pkt":"AFBWM3ieAAwp1HmyADvw8CAaDgD\/7xYMAAAoAA0AFQP\/U01CBAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAChAQMBAP\/\/\/\/8AAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":122,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":59}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":123,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409876703,"pkt":"AAwp1HmyAFBWM3ieAATw8QEiAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":123,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":124,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409876703,"pkt":"AAwp1HmyAFBWM3ieADXw8BoiDgD\/7xYMAAANACgAAxX\/U01CBAAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAAChAQAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":124,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":125,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409876764,"pkt":"AFBWM3ieAAwp1HmyABLw8CIcDgD\/7xQAAAAoAAAAFQP\/U01CBAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":125,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":126,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409876771,"pkt":"AAwp1HmyAFBWM3ieAATw8QEkAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":126,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00395{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":128,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":78,"pkt_type":64,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":78,"pkt_l4_len":0,"ts_msec":1576409882997,"pkt":"AFBWM3ieAAwp1HmyAEDw8CQcDgD\/7xYEAAAAAA4AFQP\/U01CEAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAADBAQALAARcVEVTVC5UWFQA"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":128,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":64}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":129,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409882997,"pkt":"AAwp1HmyAFBWM3ieADXw8BwmDgD\/7xYMAAAOACgAAxX\/U01CEAEAAwCAAAAAAAAAAAAAAAAAAAAAyHUFAADBAQAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":129,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00399{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":130,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":80,"pkt_type":66,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":80,"pkt_l4_len":0,"ts_msec":1576409882997,"pkt":"AFBWM3ieAAwp1HmyAELw8CYeDgD\/7xYMAAAoAA8AFQP\/U01CBgAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAADhAQEAAAsABFxURVNULlRYVAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":130,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":66}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":131,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409882997,"pkt":"AAwp1HmyAFBWM3ieADXw8B4oDgD\/7xYMAAAPACgAAxX\/U01CBgAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAADhAQAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":131,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":132,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409883083,"pkt":"AFBWM3ieAAwp1HmyABLw8CggDgD\/7xQAAAAoAAAAFQP\/U01CBAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":132,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":133,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409883461,"pkt":"AAwp1HmyAFBWM3ieAATw8QEqDgD\/7xeBvAUDABUAAxXvAgCJAIkATAvHAAQpAAABAAAAAAABIEVORUVF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":133,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00517{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":134,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":168,"pkt_type":154,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":168,"pkt_l4_len":0,"ts_msec":1576409886201,"pkt":"AwAAAAABAFBWM3ieAJrw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAFQAAAAAAAAAAAAAAAAAAAAAAAAAVAFYAAwABAAEAAgAmAFxNQUlMU0xPVFxCUk9XU0UACAEAAAAAAAAAAAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":134,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":154}
00691{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":135,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":8,"flow_first_seen":1576409797553,"flow_last_seen":1576409799059,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":544,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409888477,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.2","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00517{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":135,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":168,"pkt_type":154,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":168,"pkt_l4_len":0,"ts_msec":1576409888477,"pkt":"AwAAAAABAFBWM3ieAJrw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAFQAAAAAAAAAAAAAAAAAAAAAAAAAVAFYAAwABAAEAAgAmAFxNQUlMU0xPVFxCUk9XU0UACAEAFQQBfIgBAAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":135,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":154}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":136,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409888973,"pkt":"AFBWM3ieAAwp1HmyABLw8CogDgD\/7x8AAAAAAAAAFQP\/U01CBAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":136,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":137,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409888973,"pkt":"AAwp1HmyAFBWM3ieAATw8QEsAP\/vAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":137,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00517{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":138,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":168,"pkt_type":154,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":168,"pkt_l4_len":0,"ts_msec":1576409889485,"pkt":"AwAAAAABAFBWM3ieAJrw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAFQAAAAAAAAAAAAAAAAAAAAAAAAAVAFYAAwABAAEAAgAmAFxNQUlMU0xPVFxCUk9XU0UACAEAFQQBfIgBAAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":138,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":154}
00517{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":139,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":168,"pkt_type":154,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":168,"pkt_l4_len":0,"ts_msec":1576409890489,"pkt":"AwAAAAABAFBWM3ieAJrw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAFQAAAAAAAAAAAAAAAAAAAAAAAAAVAFYAAwABAAEAAgAmAFxNQUlMU0xPVFxCUk9XU0UACAEAFQQBfIgBAAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":139,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":154}
00517{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":140,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":168,"pkt_type":154,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":168,"pkt_l4_len":0,"ts_msec":1576409891489,"pkt":"AwAAAAABAFBWM3ieAJrw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAFQAAAAAAAAAAAAAAAAAAAAAAAAAVAFYAAwABAAEAAgAmAFxNQUlMU0xPVFxCUk9XU0UACAEAFQQBfIgBAAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":140,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":154}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":142,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409892489,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAFwAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":142,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":143,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409893317,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAFwAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":143,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":145,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409894273,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAFwAAAAAAAAAAAAAAAAAAAAAAV09SS0dST1VQICAgICAgHQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":145,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":147,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409895177,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAGABXT1JLR1JPVVAgICAgICAdAQJfX01TQlJPV1NFX18CAQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":147,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":149,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409895982,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAGABXT1JLR1JPVVAgICAgICAdAQJfX01TQlJPV1NFX18CAQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":149,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":151,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409896865,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAAAAAAAAGAAAAAAAAAAAAAAAAAAAAAAAAQJfX01TQlJPV1NFX18CAQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":151,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00501{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":152,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409897721,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":152,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00501{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":153,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":156,"pkt_type":142,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":156,"pkt_l4_len":0,"ts_msec":1576409897722,"pkt":"AwAAAAABAFBWM3ieAI7w8AMsAP\/vCAAAAAAAAAABAl9fTVNCUk9XU0VfXwIBTURKUjk4ICAgICAgICAgIP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAACQAAAAAAAAAAAAAAAAAAAAAAAAAJAFYAAwABAAEAAgAaAFxNQUlMU0xPVFxCUk9XU0UAAgBNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":153,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":142}
00533{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":155,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":180,"pkt_type":166,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":180,"pkt_l4_len":0,"ts_msec":1576409897781,"pkt":"AwAAAAABAFBWM3ieAKbw8AMsAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAgAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAIQAAAAAAAAAAAAAAAAAAAAAAAAAhAFYAAwABAAEAAgAyAFxNQUlMU0xPVFxCUk9XU0UADwXA1AEATURKUjk4AAAAAAAAAAAAAAQAAyBFABUEVaoA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":155,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":166}
00695{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":156,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_packets_processed":20,"flow_first_seen":1576409800543,"flow_last_seen":1576409805843,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":1360,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409898877,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00822{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":156,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_packets_processed":11,"flow_first_seen":1576409807597,"flow_last_seen":1576409896749,"flow_idle_time":180000,"flow_min_l4_payload_len":177,"flow_max_l4_payload_len":201,"flow_tot_l4_payload_len":2055,"flow_avg_l4_payload_len":186,"midstream":0,"ts_msec":1576409898877,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"4":"DPI"},"proto":"NetBIOS.SMBv1","breed":"Dangerous","category":"System"}}
00391{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":156,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":74,"pkt_type":60,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":74,"pkt_l4_len":0,"ts_msec":1576409898877,"pkt":"AFBWM3ieAAwp1HmyADzw8CwgDgD\/7xYEAAAAABAAFQP\/U01CAAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAABAgAHAARcVEVTVAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":156,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":60}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":157,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409898877,"pkt":"AAwp1HmyAFBWM3ieADXw8CAuDgD\/7xYMAAAQACgAAxX\/U01CAAAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAAABAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":157,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":158,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409898941,"pkt":"AFBWM3ieAAwp1HmyABLw8C4iDgD\/7xQAAAAoAAAAFQP\/U01CBgAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":158,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":160,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409899293,"pkt":"AAwp1HmyAFBWM3ieAATw8QEwIwAAAIARtrrAqO+BwKjv\/wCJAIkATG6mAAooEAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":160,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":164,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":89,"pkt_type":75,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":89,"pkt_l4_len":0,"ts_msec":1576409903670,"pkt":"AFBWM3ieAAwp1HmyAEvw8DAiDgD\/7xYEAAAAABEAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAAhAgIUAAgAEgAEXD8\/Pz8\/Pz8\/Lj8\/PwAFAAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":164,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":75}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":165,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903670,"pkt":"AAwp1HmyAFBWM3ieAATw8QEyAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAdTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":165,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":166,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409903670,"pkt":"AAwp1HmyAFBWM3ieADXw8CIyDgD\/7xYMAAARACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAAAhAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":166,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00395{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":167,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409903671,"pkt":"AFBWM3ieAAwp1HmyAD7w8DIkDgD\/7xYMAAAoABIAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAABBAgIUAAAABQAEAAUAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":167,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":168,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903671,"pkt":"AAwp1HmyAFBWM3ieAATw8QE0DgD\/7xYMAAAOACgAAxX\/U01CEAEAAwCAAAAAAAAAAAAAAAAAAAAAyHUF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":168,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":169,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409903671,"pkt":"AAwp1HmyAFBWM3ieADXw8CQ0DgD\/7xYMAAASACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAABBAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":169,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00415{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":170,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":89,"pkt_type":75,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":89,"pkt_l4_len":0,"ts_msec":1576409903672,"pkt":"AFBWM3ieAAwp1HmyAEvw8DQmDgD\/7xYMAAAoABMAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAABhAgIUABYAEgAEXD8\/Pz8\/Pz8\/Lj8\/PwAFAAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":170,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":75}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":171,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903672,"pkt":"AAwp1HmyAFBWM3ieAATw8QE2DgD\/7xeBvAUDABUAAxXvAgCJAIkATAvHAAQpAAABAAAAAAABIEVORUVF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":171,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00573{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":172,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":201,"pkt_type":187,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":201,"pkt_l4_len":0,"ts_msec":1576409903672,"pkt":"AAwp1HmyAFBWM3ieALvw8CY2DgD\/7xYMAAATACgAAxX\/U01CgQAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAABhAgEDAIQABYEAgz8\/Pz8\/Pz8\/Pz8\/FgAAAQAAAAAAECpjj08AAAAALgAgICAgICAAAAAAAIM\/Pz8\/Pz8\/Pz8\/PxYBAAEAAAAAABAqY49PAAAAAC4uACAgICAgAAAAAACDPz8\/Pz8\/Pz8\/Pz8WAgABAAAAAAAQyWSPTwAAAABURVNUACAgIAAAAAAA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":172,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":187}
00427{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":173,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":97,"pkt_type":83,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":97,"pkt_l4_len":0,"ts_msec":1576409903677,"pkt":"AFBWM3ieAAwp1HmyAFPw8DYoDgD\/7xYMAAAoABQAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAACBAgIUAAAAGgAEAAUVAIM\/Pz8\/Pz8\/Pz8\/PxYCAAEAgwAAAQ=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":173,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":83}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":174,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903677,"pkt":"AAwp1HmyAFBWM3ieAATw8QE4AP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":174,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":175,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409903677,"pkt":"AAwp1HmyAFBWM3ieADXw8Cg4DgD\/7xYMAAAUACgAAxX\/U01CgQEAEgCAAAAAAAAAAAAAAAAAAAAAyHUFAACBAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":175,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":176,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409903679,"pkt":"AFBWM3ieAAwp1HmyADXw8DgqDgD\/7xYMAAAoABUAFQP\/U01CgAAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAAChAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":176,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":177,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903679,"pkt":"AAwp1HmyAFBWM3ieAATw8QE6AP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":177,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00397{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":178,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":77,"pkt_type":63,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":77,"pkt_l4_len":0,"ts_msec":1576409903679,"pkt":"AAwp1HmyAFBWM3ieAD\/w8Co6DgD\/7xYMAAAVACgAAxX\/U01CgAAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAAChAgVq\/wABAAJ2+AAAAAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":178,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":63}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":179,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903737,"pkt":"AFBWM3ieAAwp1HmyABLw8DosDgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":179,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":180,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409903738,"pkt":"AAwp1HmyAFBWM3ieAATw8QE8AP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":180,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00391{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":184,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":74,"pkt_type":60,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":74,"pkt_l4_len":0,"ts_msec":1576409905957,"pkt":"AFBWM3ieAAwp1HmyADzw8DwsDgD\/7xYEAAAAABYAFQP\/U01CAQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUFAADBAgAHAARcVEVTVAA="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":184,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":60}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":185,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409905958,"pkt":"AAwp1HmyAFBWM3ieADXw8Cw+DgD\/7xYMAAAWACgAAxX\/U01CAQAAAACAAAAAAAAAAAAAAAAAAAAAyHUFAADBAgAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":185,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":186,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409906045,"pkt":"AFBWM3ieAAwp1HmyABLw8D4uDgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":186,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":188,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409906373,"pkt":"AAwp1HmyAFBWM3ieAATw8QFALAAAAIARrUHAqO+BwKjv\/wCKAIoAxYA7EQIAHMCo74EAigCvAAAgRU5F"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":188,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00395{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":194,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409908865,"pkt":"AFBWM3ieAAwp1HmyAD7w8EAuDgD\/7xYEAAAAABcAFQP\/U01CKwAAAAAAAAAAAAAAAAAAAAAAAAAAyAAyAADhAgEBAAcABEhlbGxvAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":194,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":195,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409908865,"pkt":"AAwp1HmyAFBWM3ieAATw8QFCAP\/vCAAAAAAAAABXT1JLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAg"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":195,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00395{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":196,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":76,"pkt_type":62,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":76,"pkt_l4_len":0,"ts_msec":1576409908865,"pkt":"AAwp1HmyAFBWM3ieAD7w8C5CDgD\/7xYMAAAXACgAAxX\/U01CKwAAAACAAAAAAAAAAAAAAAAAAAAAyAAyAADhAgEBAAcABEhlbGxvAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":196,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":62}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":197,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409908973,"pkt":"AFBWM3ieAAwp1HmyABLw8EIwDgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":197,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":198,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409908973,"pkt":"AAwp1HmyAFBWM3ieAATw8QFELwAAAIARq7fAqO+BwKjvAgCJAIkATO+bACIpAAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":198,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":199,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409909161,"pkt":"AAwp1HmyAFBWM3ieABLw8DBEDgD\/7x8AAAAAAAAAAxVLR1JPVVAgICAgICAeTURKUjk4ICAgICAgICAg"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":199,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":200,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409909358,"pkt":"AFBWM3ieAAwp1HmyAATw8QEyDgD\/7xYEAAAAABYAFQP\/U01CAQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":200,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":201,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409911828,"pkt":"AFBWM3ieAAwp1HmyADXw8EQyDgD\/7xYEAAAAABgAFQP\/U01CcQAAAAAAAAAAAAAAAAAAAAAAAAAAyAAyAAABAwAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":201,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00383{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":202,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":67,"pkt_type":53,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":67,"pkt_l4_len":0,"ts_msec":1576409911828,"pkt":"AAwp1HmyAFBWM3ieADXw8DJGDgD\/7xYMAAAYACgAAxX\/U01CcQAAAACAAAAAAAAAAAAAAAAAAAAAyAAyAAABAwAAAA=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":202,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":53}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":203,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911828,"pkt":"AFBWM3ieAAwp1HmyAATw8QE0DgD\/7xYEAAAAABcAFQP\/U01CKwAAAAAAAAAAAAAAAAAAAAAAAAAAyAAy"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":203,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":204,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911828,"pkt":"AFBWM3ieAAwp1HmyABLw8EY0DgD\/7xQAAAAoAAAAFQP\/U01CgQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":204,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00371{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":205,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":18,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911828,"pkt":"AFBWM3ieAAwp1HmyABLw8Eg1DgD\/7xgAAAAAAAAAFQP\/U01CAQAAAAAAAAAAAAAAAAAAAAAAAAAAyHUF"}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":205,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":18}
00368{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":206,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":4,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911829,"pkt":"AAwp1HmyAFBWM3ieAATw8QFLMAAAAIARqrfAqO+BwKjvAgCJAIkATO+bACIpAAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":206,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":4}
00370{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":207,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":3,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911829,"pkt":"AFBWM3ieAAwp1HmyAAPw8FMyDgD\/7xYEAAAAABgAFQP\/U01CcQAAAAAAAAAAAAAAAAAAAAAAAAAAyAAy"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":207,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":3}
00369{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":208,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":60,"pkt_type":3,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":60,"pkt_l4_len":0,"ts_msec":1576409911829,"pkt":"AAwp1HmyAFBWM3ieAAPw8XMwIwAAAIARtrrAqO+BwKjv\/wCJAIkATG6mAAooEAABAAAAAAABIEZIRVBG"}
00179{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":208,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":3}
00541{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":209,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":186,"pkt_type":172,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":186,"pkt_l4_len":0,"ts_msec":1576409912777,"pkt":"AwAAAAABAFBWM3ieAKzw8AMsAP\/vCAAAAAAAAAABAl9fTVNCUk9XU0VfXwIBTURKUjk4ICAgICAgICAgAP9TTUIlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQAAJwAAAAAAAAAAAAAAAAAAAAAAAAAnAFYAAwABAAEAAgA4AFxNQUlMU0xPVFxCUk9XU0UADADA1AEAV09SS0dST1VQAAAAAAAAAAQAACBAgAAAAABNREpSOTgA"}
00181{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":209,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":172}
00649{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":210,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_packets_processed":1,"flow_first_seen":1576409798047,"flow_last_seen":1576409798047,"flow_idle_time":120000,"flow_min_l4_payload_len":8,"flow_max_l4_payload_len":8,"flow_tot_l4_payload_len":8,"flow_avg_l4_payload_len":8,"midstream":0,"ts_msec":1576409923353,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"224.0.0.2","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"ICMP","breed":"Acceptable","category":"Network"}}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":212,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409925058,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAGQBXT1JLR1JPVVAgICAgICAdTUFSVElOIFJPU0VOQVUgAw=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":212,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":213,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409925661,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAGQBXT1JLR1JPVVAgICAgICAeTUFSVElOIFJPU0VOQVUgAw=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":213,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00375{"packet_event_id":1,"packet_event_name":"packet","thread_id":0,"packet_id":214,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_caplen":61,"pkt_type":47,"pkt_l3_offset":14,"pkt_l4_offset":0,"pkt_len":61,"pkt_l4_len":0,"ts_msec":1576409926307,"pkt":"AwAAAAABAFBWM3ieAC\/w8AMsAP\/vAQAAAAAAGQAAAAAAAAAAAAAAAAAAAAAATUFSVElOIFJPU0VOQVUgAw=="}
00180{"basic_event_id":5,"basic_event_name":"Unknown packet type","datalink":1,"thread_id":0,"packet_id":214,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","layer_type":47}
00693{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_packets_processed":32,"flow_first_seen":1576409800543,"flow_last_seen":1576409931837,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":2176,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409931837,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00690{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_packets_processed":14,"flow_first_seen":1576409797553,"flow_last_seen":1576409928060,"flow_idle_time":180000,"flow_min_l4_payload_len":68,"flow_max_l4_payload_len":68,"flow_tot_l4_payload_len":952,"flow_avg_l4_payload_len":68,"midstream":0,"ts_msec":1576409931837,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.2","src_port":137,"dst_port":137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"confidence": {"4":"DPI"},"proto":"NetBIOS","breed":"Acceptable","category":"System"}}
00820{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_packets_processed":15,"flow_first_seen":1576409807597,"flow_last_seen":1576409923353,"flow_idle_time":180000,"flow_min_l4_payload_len":177,"flow_max_l4_payload_len":207,"flow_tot_l4_payload_len":2817,"flow_avg_l4_payload_len":187,"midstream":0,"ts_msec":1576409931837,"l3_proto":"ip4","src_ip":"192.168.239.129","dst_ip":"192.168.239.255","src_port":138,"dst_port":138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":3,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":750,"client":575,"server":175}}},"confidence": {"4":"DPI"},"proto":"NetBIOS.SMBv1","breed":"Dangerous","category":"System"}}
00172{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":220,"source":"dos_win98_smb_netbeui.pcap","alias":"nDPId-test","total-events-serialized":344}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
~~ packets captured/processed: 220/62
~~ skipped flows.............: 0
~~ total layer4 data length..: 5953 bytes
~~ total detected protocols..: 4
~~ total active/idle flows...: 4/4
~~ total timeout flows.......: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ total memory allocated....: 4684196 bytes
~~ total memory freed........: 4684196 bytes
~~ total allocations/frees...: 101214/101214
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 177 chars
~~ json string max len.......: 1910 chars
~~ json string avg len.......: 1044 chars
|