1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [254.125.135.128][21359] -> [..66.152.103.45][...80]
detected: [.....1] [ip4][..tcp] [254.125.135.128][21359] -> [..66.152.103.45][...80] [HTTP][Unknown][Web][Acceptable][]
detection-update: [.....1] [ip4][..tcp] [254.125.135.128][21359] -> [..66.152.103.45][...80] [HTTP][Unknown][Web][Acceptable][va.origin.startappservice.com]
analyse: [.....1] [ip4][..tcp] [254.125.135.128][21359] -> [..66.152.103.45][...80] [HTTP][Unknown][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.002| 23.452| 4.562| 7.140| 50981941.281| 3.500]
[PKTLEN......: 60.000| 1440.000| 626.300| 557.200| 310424.400| 4.500]
[BINS(c->s)..: 1,0,0,0,0,0,5,0,3,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0]
[BINS(s->c)..: 1,0,0,0,8,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1]
[IATS(ms)....: 200.2,228.8,3.2,234.0,1087.5,3.3,1090.8,5345.7,5.8,5351.7,23448.9,3.2,23451.8,8290.0,3.2,8292.3,1123.8,3.4,1127.5,8802.3,4.3,8806.8,19530.3,2.3,19532.4,1784.9,3.7,1788.8,938.5,3.4,943.3]
[PKTLENS.....: 60,60,1440,327,181,1440,259,181,1440,535,410,1440,257,181,1440,327,181,1440,257,181,1440,461,410,1440,258,181,1440,313,181,1440,259,181]
[ENTROPIES...: 4.7,5.1,5.9,5.8,5.7,5.9,5.7,5.7,5.9,6.0,5.8,5.9,5.7,5.7,5.9,5.8,5.7,5.9,5.7,5.7,5.9,6.0,5.8,5.9,5.7,5.7,5.9,5.8,5.7,5.8,5.7,5.8]
end: [.....1] [ip4][..tcp] [254.125.135.128][21359] -> [..66.152.103.45][...80] [HTTP][Unknown][Web][Acceptable]
DAEMON-EVENT: shutdown
|