Argus-3.0.8.2 output
Hasanen Alyasiri via Argus-info
argus-info at lists.andrew.cmu.edu
Mon Jan 23 05:27:40 EST 2017
Hi,
Best Wishes...
I am trying to extract the following features (SrcAddr, Sport, DstAddr,
Dport and Proto) from pcap file using ra argus, but the port output gives
wrong values. Please, could you help with that? I will be grateful.
Please find below a sample of the output:
SrcAddr Sport DstAddr Dport Proto
85.153.118.24 39715 150.75.68.63 telnet tcp
85.153.40.80 51304 203.74.89.109 telnet tcp
37.98.222.20 36841 150.75.12.251 telnet tcp
192.37.232.201 https 202.10.167.248 51996 tcp
120.227.128.2 http 202.10.167.248 50169 tcp
203.74.98.241 ssh 58.230.207.182 27711 tcp
203.74.124.110 0x0008 191.56.118.93 0x4f52 icmp
203.74.124.110 0x0008 88.238.126.98 0x4f52 icmp
157.242.24.222 12959 17.111.211.23 https tcp
181.49.6.231 58155 163.220.237.15 telnet tcp
54.238.51.139 https 163.220.5.130 49807 tcp
77.227.180.73 42280 163.220.226.178 7547 tcp
13.171.83.25 https 202.133.66.133 36885 tcp
106.160.99.50 0x0008 203.74.124.110 0x4f51 icmp
70.201.41.135 0x0008 203.74.124.110 0x4f50 icmp
37.8.137.186 62440 133.29.143.76 telnet tcp
61.100.104.225 5760 203.74.105.78 ntp udp
156.121.228.134 domain 203.74.105.219 56685 tcp
17.3.99.196 http 202.10.167.248 49343 tcp
163.220.253.55 57585 199.175.246.161 https tcp
Regards...
Hasanen Alyasiri
Research Student
Department of Computer Science
University of York
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20170123/92e65247/attachment.html>
More information about the argus
mailing list