1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [MIDSTREAM]
detected: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [FIX][Unknown][RPC][Safe]
new: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [MIDSTREAM]
detected: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [FIX][Unknown][RPC][Safe]
new: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [MIDSTREAM]
detected: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][Unknown][RPC][Safe]
new: [.....4] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47952] [MIDSTREAM]
detected: [.....4] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47952] [FIX][Unknown][RPC][Safe]
new: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [MIDSTREAM]
detected: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][Unknown][RPC][Safe]
new: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [MIDSTREAM]
detected: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [FIX][Unknown][RPC][Safe]
analyse: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][Unknown][RPC][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.315| 0.065| 0.068| 4636.039| 4.400]
[PKTLEN......: 40.000| 497.000| 93.100| 87.500| 7658.200| 4.600]
[BINS(c->s)..: 4,6,1,1,1,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 0.2,0.2,52.4,3.6,94.0,87.6,49.4,50.7,50.7,52.8,52.9,49.7,49.6,49.7,49.7,49.5,49.4,49.8,49.8,50.0,50.0,49.9,49.9,49.6,49.6,49.8,49.8,50.2,50.2,314.9,315.0]
[PKTLENS.....: 79,46,126,155,40,46,497,46,216,46,219,46,129,46,96,46,171,46,98,46,67,46,92,46,67,46,75,46,94,46,67,46]
[ENTROPIES...: 5.2,4.4,6.4,5.1,4.8,4.5,5.2,4.4,5.0,4.5,5.2,4.4,5.1,4.5,5.1,4.5,5.1,4.4,5.1,4.3,5.1,4.5,5.0,4.4,5.1,4.4,5.2,4.5,4.9,4.5,5.1,4.4]
new: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [MIDSTREAM]
detected: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [FIX][Unknown][RPC][Safe]
new: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [MIDSTREAM]
detected: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][Unknown][RPC][Safe]
analyse: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [FIX][Unknown][RPC][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.300| 0.091| 0.084| 7079.807| 4.200]
[PKTLEN......: 52.000| 139.000| 72.000| 23.600| 558.300| 4.900]
[BINS(c->s)..: 6,8,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,0,1,1,1,0,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 0.1,100.1,0.1,100.2,0.1,100.0,0.1,100.1,0.0,99.9,100.0,100.2,100.2,100.8,100.8,300.2,0.0,300.2,0.0,0.2,17.9,82.4,142.0,200.5,158.5,100.0,99.9,0.4,0.4,200.2,200.3]
[PKTLENS.....: 82,52,87,78,52,52,87,86,52,52,78,52,121,52,77,52,91,121,52,52,139,52,91,52,87,52,87,52,76,52,84,52]
[ENTROPIES...: 5.4,5.2,5.4,5.4,5.1,5.2,5.4,5.4,5.1,5.2,5.3,5.1,5.6,5.2,5.5,5.2,5.4,5.2,5.1,5.1,6.5,5.1,5.5,5.2,5.5,5.2,5.2,5.2,5.2,5.2,5.4,5.1]
new: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [MIDSTREAM]
detected: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [FIX][Unknown][RPC][Safe]
analyse: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [FIX][Unknown][RPC][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.291| 0.178| 0.113| 12753.578| 4.500]
[PKTLEN......: 52.000| 240.000| 95.700| 52.000| 2700.500| 4.800]
[BINS(c->s)..: 2,4,3,5,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 15,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,0,1,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,1,0,1,0,1,0,1]
[IATS(ms)....: 0.2,0.3,0.3,250.6,0.1,250.6,0.0,0.2,18.2,232.1,291.3,250.1,209.0,250.7,250.7,250.6,250.6,250.7,250.7,250.7,250.7,250.6,0.0,250.7,0.0,251.5,251.5,249.7,249.8,250.3,250.3]
[PKTLENS.....: 138,52,77,52,91,138,52,52,137,52,155,52,155,52,172,52,155,52,155,52,104,52,240,99,52,52,121,52,189,52,104,52]
[ENTROPIES...: 5.5,5.2,5.3,5.1,5.4,5.4,5.2,5.1,6.4,5.1,5.4,5.2,5.5,5.2,5.6,5.2,5.4,5.2,5.5,5.2,5.4,5.2,5.6,5.6,5.2,5.2,5.5,5.2,5.4,5.2,5.5,5.2]
new: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [MIDSTREAM]
detected: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [FIX][Unknown][RPC][Safe]
new: [....11] [ip4][..tcp] [..217.192.86.32][.4000] -> [...192.168.0.20][53330] [MIDSTREAM]
detected: [....11] [ip4][..tcp] [..217.192.86.32][.4000] -> [...192.168.0.20][53330] [FIX][Unknown][RPC][Safe]
new: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [MIDSTREAM]
detected: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [FIX][Unknown][RPC][Safe]
analyse: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][Unknown][RPC][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 5.507| 0.699| 1.281| 1640706.605| 3.700]
[PKTLEN......: 40.000| 127.000| 63.600| 21.900| 481.200| 4.900]
[BINS(c->s)..: 2,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 14,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,0,1]
[IATS(ms)....: 0.2,500.7,500.7,200.4,200.5,0.2,89.7,210.7,340.3,500.7,460.5,5507.3,5507.3,601.0,601.0,400.4,400.5,701.0,701.0,400.4,400.4,600.6,600.6,400.8,400.8,600.8,600.8,0.2,54.3,45.7,140.3]
[PKTLENS.....: 75,46,75,46,79,46,127,40,75,46,75,46,75,46,75,46,75,46,75,46,75,46,75,46,75,46,79,46,126,40,75,46]
[ENTROPIES...: 4.9,4.4,5.2,4.4,5.2,4.5,6.5,4.7,5.0,4.5,5.2,4.5,5.2,4.5,5.0,4.5,5.1,4.5,5.2,4.5,5.2,4.5,5.2,4.5,5.0,4.5,5.2,4.5,6.4,4.7,5.0,4.5]
analyse: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][Unknown][RPC][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 4.175| 1.332| 1.132| 1282462.056| 4.400]
[PKTLEN......: 52.000| 137.000| 77.700| 28.500| 811.200| 4.900]
[BINS(c->s)..: 2,13,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 14,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1]
[IATS(ms)....: 0.1,1093.3,1093.4,599.0,599.0,1546.1,1546.1,0.2,22.8,2072.7,2137.8,913.3,870.7,442.0,442.0,3366.1,3366.1,1195.4,1195.4,437.7,437.7,1550.2,1550.2,0.2,22.4,1711.4,1774.3,1498.2,1457.5,4175.1,4175.0]
[PKTLENS.....: 91,52,112,52,91,52,91,52,137,52,91,52,91,52,112,52,91,52,112,52,91,52,91,52,137,52,91,52,133,52,91,52]
[ENTROPIES...: 5.6,5.1,5.5,5.1,5.5,5.1,5.4,5.1,6.3,5.1,5.4,5.2,5.5,5.2,5.4,5.2,5.4,5.1,5.6,5.2,5.4,5.2,5.4,5.1,6.5,5.2,5.5,5.1,5.5,5.2,5.5,5.2]
idle: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][Unknown][RPC][Safe]
idle: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][Unknown][RPC][Safe]
idle: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][Unknown][RPC][Safe]
idle: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [FIX][Unknown][RPC][Safe]
idle: [....11] [ip4][..tcp] [..217.192.86.32][.4000] -> [...192.168.0.20][53330] [FIX][Unknown][RPC][Safe]
idle: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [FIX][Unknown][RPC][Safe]
idle: [.....4] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47952] [FIX][Unknown][RPC][Safe]
idle: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [FIX][Unknown][RPC][Safe]
idle: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [FIX][Unknown][RPC][Safe]
idle: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [FIX][Unknown][RPC][Safe]
idle: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [FIX][Unknown][RPC][Safe]
idle: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [FIX][Unknown][RPC][Safe]
DAEMON-EVENT: shutdown
|