1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [192.168.110.131][.2074] -> [192.168.110.138][..502] [MIDSTREAM]
detected: [.....1] [ip4][..tcp] [192.168.110.131][.2074] -> [192.168.110.138][..502] [Modbus][Unknown][IoT-Scada][Acceptable]
RISK: Unidirectional Traffic
analyse: [.....1] [ip4][..tcp] [192.168.110.131][.2074] -> [192.168.110.138][..502] [Modbus][Unknown][IoT-Scada][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.001| 1.014| 0.452| 0.497| 247304.159| 3.800]
[PKTLEN......: 51.000| 52.000| 51.500| 0.500| 0.200| 5.000]
[BINS(c->s)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 1.1,1.2,0.9,1013.6,1014.2,1.5,0.9,986.5,986.9,1.2,0.9,1000.2,1000.5,1.2,0.9,1000.2,1000.6,1.2,0.9,1000.2,1000.6,1.6,0.9,999.8,1000.4,1.2,0.8,1000.2,1000.6,1.2,0.9]
[PKTLENS.....: 52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51]
[ENTROPIES...: 4.5,4.7,4.4,4.9,4.4,4.6,4.4,4.9,4.6,4.7,4.6,4.8,4.6,4.7,4.6,4.9,4.6,4.8,4.6,4.9,4.6,4.7,4.6,4.9,4.6,4.8,4.6,4.9,4.6,4.8,4.6,4.9]
idle: [.....1] [ip4][..tcp] [192.168.110.131][.2074] -> [192.168.110.138][..502] [Modbus][Unknown][IoT-Scada][Acceptable]
DAEMON-EVENT: shutdown
|