DumpFile: 192.168.3.104-unvirus.pcap FileSize: 12.98MB Id: 200909080329 StartTime: Tue Sep 8 03:29:48 2009 EndTime: Tue Sep 8 14:42:17 2009 TotalTime: 40349.52 seconds TotalCapSize: 10.39MB CapLen: 1466 bytes # of packets: 169914 (10.39MB) AvgRate: 5.25Kbps stddev:2.71K PeakRate: 101.87Kbps ### IP flow (unique src/dst pair) Information ### # of flows: 32587 (avg. 5.21 pkts/flow) Top 10 big flow size (bytes/total in %): 12.2% 1.8% 1.7% 0.5% 0.1% 0.1% 0.0% 0.0% 0.0% 0.0% ### IP address Information ### # of IPv4 addresses: 16406 Top 10 bandwidth usage (bytes/total in %): 100.0% 12.4% 3.5% 0.5% 0.1% 0.1% 0.0% 0.0% 0.0% 0.0% ### Packet Size Distribution (including MAC headers) ### <<<< [ 32- 63]: 154684 [ 64- 127]: 14942 [ 128- 255]: 226 [ 256- 511]: 42 [ 512- 1023]: 12 [ 1024- 2047]: 8 >>>> ### Protocol Breakdown ### <<<< protocol packets bytes bytes/pkt ------------------------------------------------------------------------ [0] total 169914 (100.00%) 10894582 (100.00%) 64.12 [1] ip 167388 ( 98.51%) 10760554 ( 98.77%) 64.29 [2] tcp 154838 ( 91.13%) 9359328 ( 85.91%) 60.45 [3] http(s) 24 ( 0.01%) 7306 ( 0.07%) 304.42 [3] http(c) 36 ( 0.02%) 4192 ( 0.04%) 116.44 [3] https 38 ( 0.02%) 12518 ( 0.11%) 329.42 [3] ms-ds 149056 ( 87.72%) 8944992 ( 82.10%) 60.01 [3] socks 22 ( 0.01%) 1364 ( 0.01%) 62.00 [3] kasaa 18 ( 0.01%) 1116 ( 0.01%) 62.00 [3] mssql-s 30 ( 0.02%) 1860 ( 0.02%) 62.00 [3] scribe 30 ( 0.02%) 1860 ( 0.02%) 62.00 [3] squid 24 ( 0.01%) 1488 ( 0.01%) 62.00 [3] ms-gc 30 ( 0.02%) 1860 ( 0.02%) 62.00 [3] ms-gcs 30 ( 0.02%) 1860 ( 0.02%) 62.00 [3] mysql 30 ( 0.02%) 1860 ( 0.02%) 62.00 [3] other 5470 ( 3.22%) 377052 ( 3.46%) 68.93 [2] udp 12476 ( 7.34%) 1397618 ( 12.83%) 112.02 [3] dns 24 ( 0.01%) 3806 ( 0.03%) 158.58 [3] netb-ns 12256 ( 7.21%) 1347080 ( 12.36%) 109.91 [3] netb-se 184 ( 0.11%) 44632 ( 0.41%) 242.57 [3] mcast 12 ( 0.01%) 2100 ( 0.02%) 175.00 [2] icmp 66 ( 0.04%) 3128 ( 0.03%) 47.39 [2] igmp 8 ( 0.00%) 480 ( 0.00%) 60.00 >>>>