1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [MIDSTREAM]
analyse: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 30.166| 9.710| 14.065| 197823744.180| 3.300]
[PKTLEN......: 52.000| 777.000| 155.000| 234.800| 55144.500| 4.000]
[BINS(c->s)..: 23,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,0,0,1,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,1,1,0,0,0,1,0]
[IATS(ms)....: 0.0,1.5,1.5,0.0,1.2,1.2,0.0,30097.7,30099.5,1.8,0.0,1.2,1.2,30097.5,0.0,30099.3,1.8,1.2,30097.4,1.8,0.0,30101.7,1.2,30097.5,30165.6,1.3,69.4,30031.1,0.0,30032.8,1.7]
[PKTLENS.....: 65,65,126,52,52,777,52,52,65,106,52,52,765,52,65,65,106,52,52,65,52,52,777,52,65,106,777,52,65,65,106,52]
[ENTROPIES...: 5.5,5.5,3.0,5.2,5.2,5.3,5.2,5.2,5.4,5.6,5.1,5.1,0.5,5.1,5.4,5.4,5.6,5.2,5.2,5.5,5.1,5.2,5.3,5.1,5.4,5.6,5.3,5.0,5.4,5.4,5.6,5.2]
not-detected: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unrated]
RISK: Susp Entropy
DAEMON-EVENT: [Processed: 93 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 0]
DAEMON-EVENT: [Processed: 169 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 0]
end: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unrated]
RISK: Susp Entropy
DAEMON-EVENT: shutdown
|