epita/notes-ing2
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

dm secu

Browse source
This commit is contained in:
JOLIMAITRE Matthieu 2024-06-21 04:14:13 +02:00
parent 7ea44045c9
commit 6a5eddd447
2 changed files with 30 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
securite/dm/pcap_analyzer/src/main.rs
View file

@ -66,7 +66,7 @@ fn main() -> Result<(), Box<dyn Error>> {
println!("First timestamp: {first_timestamp: >14.2}"); println!("First timestamp: {first_timestamp: >14.2}");
let last_timestamp = last_timestamp.map(tv_to_sec).unwrap_or_default(); let last_timestamp = last_timestamp.map(tv_to_sec).unwrap_or_default();
println!("Last timestamp: {last_timestamp: >14.2}"); println!("Last timestamp: {last_timestamp: >14.2}");
let avg_packet = (last_timestamp - first_timestamp) / total as f64; let avg_packet = total as f64 / (last_timestamp - first_timestamp);
println!("Avg packet rate: {avg_packet: >14.4}"); println!("Avg packet rate: {avg_packet: >14.4}");
println!("Errors: {errs: >14}"); println!("Errors: {errs: >14}");
println!(); println!();

36
securite/dm/rapport.md
View file

@ -163,15 +163,21 @@ Le PcapNg introduit les fonctionnalités suivantes :
```sh ```sh
pcap_analyzer ./trace2.pcap stats pcap_analyzer ./trace2.pcap stats
# Count: 30611000 # Count: 30611000
# Count IPv4: 28893393 # Count IPv4: 28893393
# non-IPv4 count: 1717607 # non-IPv4 count: 1717607
# First timestamp: 1474265898.92 # First timestamp: 1474265898.92
# Last timestamp: 1474309098.10 # Last timestamp: 1474309098.10
# Avg packet rate: 0.0014 # Avg packet rate: 0.0014
# Errors: 1717607 # Errors: 1717607
#
# Main Protocols: # Main Protocols:
# - 6 (TCP - Transmission Control) 28893393 ( 94.39%) # - 6 (TCP - Transmission Control) 28893393 ( 94.39%)
#
# Unique sources: 988082
# Unique destinations: 32769
# Source with most bytes: "[58, 51, 150, 96]"
# Source with most packets: "[58, 51, 150, 96]"
``` ```
La trace contient 28 893 393 paquets IPv4. La trace contient 28 893 393 paquets IPv4.
@ -197,12 +203,28 @@ Le taux de paquets de la trace est 0.0014 paquet par seconde.
... ...
#### How many unique IPv4 source addresses are present in the trace (as Unique sources:)? #### How many unique IPv4 source addresses are present in the trace (as Unique sources:)?
La trace montre des paquets ayant 988 082 sources différentes.
#### How many unique IPv4 destination addresses are present in the trace (as Unique destinations:)? #### How many unique IPv4 destination addresses are present in the trace (as Unique destinations:)?
La trace montre des paquets ayant 32 769 destinations différentes.
#### Create a cumulative distribution function (CDF) plot. The x-axis is the number of bytes sent and the y-axis is the cumulative fraction of sources. #### Create a cumulative distribution function (CDF) plot. The x-axis is the number of bytes sent and the y-axis is the cumulative fraction of sources.
... ...
#### Which source sent the most bytes (as Source with most bytes:)? #### Which source sent the most bytes (as Source with most bytes:)?
L'addresse ayant envoyée le plus grand nombre d'octets est 58.51.150.96.
#### Which source sent the most packets (as Source with most packets:)? Based on your analysis of the trace: #### Which source sent the most packets (as Source with most packets:)? Based on your analysis of the trace:
L'addresse ayant envoyée le plus grand nombre de packets est 58.51.150.96.
#### List 3 characteristics of the traffic that seem unusual to you. #### List 3 characteristics of the traffic that seem unusual to you.
- Tout le traffic est en TCP.
- Le traffic est très étalé : < 0.01 packet par seconde.
#### Provide a reasonable explanation for what traffic the trace represents, taking into account the unusual characteristics you have identified. #### Provide a reasonable explanation for what traffic the trace represents, taking into account the unusual characteristics you have identified.