1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [..192.168.1.118][56848] -> [..192.168.1.187][..445] [MIDSTREAM]
detected: [.....1] [ip4][..tcp] [..192.168.1.118][56848] -> [..192.168.1.187][..445] [NetBIOS.SMBv23][Unknown][System][Acceptable][]
analyse: [.....1] [ip4][..tcp] [..192.168.1.118][56848] -> [..192.168.1.187][..445] [NetBIOS.SMBv23][Unknown][System][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 2.158| 0.143| 0.529| 280112.169| 1.200]
[PKTLEN......: 40.000| 540.000| 252.600| 190.900| 36432.900| 4.500]
[BINS(c->s)..: 10,0,0,2,0,0,0,1,0,0,4,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,1,2,0,0,0,0,0,1,0,1,1,0,1,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,1,0,0,0,1,1,0,1,0,0,1,0,0,1,0,0,1,0,0,1]
[IATS(ms)....: 1.2,1.2,2157.3,2158.4,1.2,0.1,1.3,1.2,7.5,9.4,1.9,0.1,0.1,0.1,0.0,0.5,0.2,0.6,5.6,5.6,4.7,5.9,1.1,0.1,1.2,1.1,0.1,1.0,0.9,26.0,26.9]
[PKTLENS.....: 420,540,40,364,508,40,380,524,40,452,166,40,540,40,144,140,46,144,40,116,40,380,524,40,420,396,40,284,356,40,388,452]
[ENTROPIES...: 3.1,3.4,4.5,2.7,3.0,4.5,2.9,3.2,4.5,3.0,3.5,4.5,2.9,4.5,3.5,3.2,4.4,3.7,4.5,3.4,4.5,2.9,3.2,4.5,3.1,2.8,4.5,2.8,3.0,4.5,2.6,3.0]
idle: [.....1] [ip4][..tcp] [..192.168.1.118][56848] -> [..192.168.1.187][..445] [NetBIOS.SMBv23][Unknown][System][Acceptable]
DAEMON-EVENT: shutdown
|