1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22]
detected: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher
detection-update: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher
detection-update: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher, SSH Obsolete Ser Vers/Cipher
detection-update: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher, SSH Obsolete Ser Vers/Cipher
detection-update: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher, SSH Obsolete Ser Vers/Cipher
analyse: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.907| 0.395| 0.889|789856.780| 0.000]
[PKTLEN......: 66.000| 970.000| 172.700| 230.100|52961.800| 4.200]
[BINS(c->s)..: 12,1,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,1,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,0,1,0,1,1,0,0,1,0,0,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0]
[IATS(ms)....: 0.0,0.0,8.1,8.1,0.3,0.8,0.5,0.1,1.5,1.6,0.3,1.8,1.6,1.6,14.7,13.1,1.8,42.3,40.5,0.2,0.3,0.4,0.3,40.6,51.2,91.6,2632.3,2632.6,1868.8,1869.1,2907.1,0.0]
[PKTLENS.....: 78,74,66,87,66,87,66,970,66,850,66,90,218,66,210,786,66,82,66,114,66,114,66,130,66,146,66,210,66,146,66,210]
end: [.....1] [ip4][..tcp] [...172.16.238.1][58395] -> [.172.16.238.168][...22] [SSH][RemoteAccess][Acceptable]
RISK: SSH Obsolete Cli Vers/Cipher, SSH Obsolete Ser Vers/Cipher
DAEMON-EVENT: shutdown
|