1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379]
detected: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
new: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53]
detected: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Network][Acceptable]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246]
detected: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
new: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380]
detected: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
analyse: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 10.093| 0.751| 2.532|6409154.986| 0.000]
[PKTLEN......: 106.000| 1499.000| 512.200| 485.400|235625.000| 4.400]
[BINS(c->s)..: 0,0,5,3,0,0,0,0,0,1,0,0,0,1,0,0,0,2,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,0,0]
[BINS(s->c)..: 0,0,1,6,1,0,0,0,1,0,0,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0]
[DIRECTIONS..: 0,0,1,0,1,0,0,0,1,1,1,1,1,0,1,0,0,1,1,0,0,1,0,0,1,1,0,0,1,0,1,0]
[IATS(ms)....: 0.8,9998.4,10093.4,96.4,2.6,0.0,0.1,182.4,0.0,0.1,314.1,135.3,2.7,0.2,111.8,0.0,157.3,0.0,325.7,280.1,0.0,39.5,0.0,39.5,0.3,2.1,1.0,0.5,0.5,0.0,0.0,0.0]
[PKTLENS.....: 156,156,115,106,147,590,590,360,590,590,179,329,420,137,1499,1499,1499,1451,1035,1451,475,155,123,139,155,139,123,891,155,123,139,875]
new: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247]
detected: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53]
ERROR-EVENT: Unknown packet type
analyse: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.500| 4.000| 1.016| 0.875|765810.835| 0.000]
[PKTLEN......: 122.000| 325.000| 195.400| 58.400| 3415.700| 4.900]
[BINS(c->s)..: 0,0,6,7,2,9,2,5,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[IATS(ms)....: 500.0,500.0,499.9,3000.0,500.0,500.0,500.0,500.0,499.9,500.0,500.0,500.0,500.0,1000.0,1000.0,500.0,2999.8,1000.0,1000.0,500.0,1999.8,500.0,500.0,1000.0,500.0,1500.0,499.9,2000.0,1000.0,1000.0,3999.8,0.0]
[PKTLENS.....: 122,209,296,151,238,151,122,209,325,151,122,122,151,296,151,209,209,296,151,209,122,267,180,209,209,209,267,151,122,209,238,180]
update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53]
ERROR-EVENT: Unknown packet type
update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53]
ERROR-EVENT: Unknown packet type
idle: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Network][Acceptable]
idle: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53]
update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
idle: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Network][Acceptable]
idle: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Network][Acceptable]
idle: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Network][Acceptable]
DAEMON-EVENT: shutdown
|