test/results/flow-info/iec60780-5-104.pcap.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [.172.27.248.109][.1568] -> [..172.27.248.79][.2404] 
         detected: [.....1] [ip4][..tcp] [.172.27.248.109][.1568] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              new: [.....2] [ip4][..tcp] [.172.27.248.109][.1570] -> [..172.27.248.79][.2404] 
         detected: [.....2] [ip4][..tcp] [.172.27.248.109][.1570] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              new: [.....3] [ip4][..tcp] [.172.27.248.109][.1571] -> [..172.27.248.79][.2404] 
         detected: [.....3] [ip4][..tcp] [.172.27.248.109][.1571] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              end: [.....1] [ip4][..tcp] [.172.27.248.109][.1568] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              new: [.....4] [ip4][..tcp] [.172.27.248.109][.1572] -> [..172.27.248.79][.2404] 
         detected: [.....4] [ip4][..tcp] [.172.27.248.109][.1572] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              end: [.....2] [ip4][..tcp] [.172.27.248.109][.1570] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              end: [.....3] [ip4][..tcp] [.172.27.248.109][.1571] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              new: [.....5] [ip4][..tcp] [.172.27.248.109][.1577] -> [..172.27.248.79][.2404] 
         detected: [.....5] [ip4][..tcp] [.172.27.248.109][.1577] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              new: [.....6] [ip4][..tcp] [.172.27.248.109][.1578] -> [..172.27.248.79][.2404] 
         detected: [.....6] [ip4][..tcp] [.172.27.248.109][.1578] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
     DAEMON-EVENT: [Processed: 106 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 3 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              end: [.....4] [ip4][..tcp] [.172.27.248.109][.1572] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
              end: [.....5] [ip4][..tcp] [.172.27.248.109][.1577] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
          analyse: [.....6] [ip4][..tcp] [.172.27.248.109][.1578] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
                   [min|max|avg|stddev]
                   [IAT(flow)...:    0.000|  32.516|  11.085|  10.877]
                   [IAT(c->s)...:    0.000|  32.485|   9.540|  10.735][IAT(s->c)...:    0.000|  32.516|  13.224|  10.709]
                   [PKTLEN(c->s):   60.000|  70.000|  62.200|   4.000][PKTLEN(s->c):   54.000| 118.000|  70.500|  16.100]
                   [BINS(c->s)..: 19,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 12,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
              end: [.....6] [ip4][..tcp] [.172.27.248.109][.1578] -> [..172.27.248.79][.2404] [IEC60870][IoT-Scada][Acceptable]
     DAEMON-EVENT: shutdown