DumpFile: 2018-04-04_win16.pcap FileSize: 250.60MB Id: 197001010100 StartTime: Thu Jan 1 01:00:16 1970 EndTime: Thu Jan 1 01:00:00 1970 TotalTime: -16.60 seconds TotalCapSize: 212.35MB CapLen: 1500 bytes # of packets: 2507104 (212.35MB) AvgRate: 2.01Kbps stddev:1.36K PeakRate: 551.44Kbps ### IP flow (unique src/dst pair) Information ### # of flows: 132 (avg. 18993.21 pkts/flow) Top 10 big flow size (bytes/total in %): 12.1% 4.9% 3.6% 2.6% 1.8% 0.8% 0.7% 0.7% 0.7% 0.6% ### IP address Information ### # of IPv4 addresses: 56 Top 10 bandwidth usage (bytes/total in %): 57.1% 49.4% 16.5% 11.7% 10.4% 7.6% 7.4% 5.4% 5.1% 5.1% ### Packet Size Distribution (including MAC headers) ### <<<< [ 1- 1]: 145 [ 32- 63]: 818276 [ 64- 127]: 1442514 [ 128- 255]: 137555 [ 256- 511]: 105342 [ 512- 1023]: 3229 [ 1024- 2047]: 43 >>>> ### Protocol Breakdown ### <<<< protocol packets bytes bytes/pkt ------------------------------------------------------------------------ [0] total 2507104 (100.00%) 222660126 (100.00%) 88.81 [1] ip 526089 ( 20.98%) 76725157 ( 34.46%) 145.84 [2] tcp 236965 ( 9.45%) 38068944 ( 17.10%) 160.65 [3] ftpdata 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ftp 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ssh 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] telnet 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] smtp 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] name 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] dns 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] http(s) 5 ( 0.00%) 270 ( 0.00%) 54.00 [3] http(c) 5 ( 0.00%) 370 ( 0.00%) 74.00 [3] kerb5 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] pop3 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] sunrpc 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ident 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] nntp 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] epmap 4 ( 0.00%) 280 ( 0.00%) 70.00 [3] netb-se 4 ( 0.00%) 280 ( 0.00%) 70.00 [3] imap 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] bgp 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ldap 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] https 4 ( 0.00%) 256 ( 0.00%) 64.00 [3] ms-ds 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] rlogin 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] rtsp 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ldaps 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] socks 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] mssql-s 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] squid 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ms-gc 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] ms-gcs 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] mysql 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] realaud 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] icecast 4 ( 0.00%) 280 ( 0.00%) 70.00 [3] gnu6346 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] irc6666 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] irc6667 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] irc6668 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] irc6669 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] napster 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] irc7000 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] http-a 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] http-tw 2 ( 0.00%) 128 ( 0.00%) 64.00 [3] other 236869 ( 9.45%) 38062728 ( 17.09%) 160.69 [2] udp 208164 ( 8.30%) 30968182 ( 13.91%) 148.77 [3] dns 119 ( 0.00%) 9076 ( 0.00%) 76.27 [3] sunrpc 1 ( 0.00%) 98 ( 0.00%) 98.00 [3] netb-ns 90990 ( 3.63%) 8380456 ( 3.76%) 92.10 [3] netb-se 277 ( 0.01%) 64196 ( 0.03%) 231.75 [3] mcast 57944 ( 2.31%) 12670218 ( 5.69%) 218.66 [3] other 58833 ( 2.35%) 9844138 ( 4.42%) 167.32 [2] icmp 47212 ( 1.88%) 5755561 ( 2.58%) 121.91 [2] igmp 33746 ( 1.35%) 1932334 ( 0.87%) 57.26 [2] pim 2 ( 0.00%) 136 ( 0.00%) 68.00 >>>>