feur

securite/dm/pcap_analyzer/src/main.rs

@@ -67,7 +67,7 @@ fn main() -> Result<(), Box<dyn Error>> {
 			let last_timestamp = last_timestamp.map(tv_to_sec).unwrap_or_default();
 			println!("Last timestamp:  {last_timestamp: >14.2}");
 			let avg_packet = total as f64 / (last_timestamp - first_timestamp);
-			println!("Avg packet rate: {avg_packet: >14.4}");
+			println!("Avg packet rate: {avg_packet: >14.2}");
 			println!("Errors:          {errs: >14}");
 			println!();
 

securite/dm/rapport.md

@@ -2,6 +2,8 @@
 
 > Matthieu Jolimaitre <matthieu.jolimaitre@epita.fr>
 
+[TOC]
+
 ## Exploring Macs and Hash Functions
 
 ### Task 2: Checking Software Digests
@@ -168,7 +170,7 @@ pcap_analyzer ./trace2.pcap stats
 # non-IPv4 count:         1717607
 # First timestamp:  1474265898.92
 # Last timestamp:   1474309098.10
-# Avg packet rate:         0.0014
+# Avg packet rate:         708.60
 # Errors:                 1717607
 # 
 # Main Protocols:
@@ -224,7 +226,10 @@ L'addresse ayant envoyée le plus grand nombre de packets est 58.51.150.96.
 
 #### List 3 characteristics of the traffic that seem unusual to you.
 
-- Tout le traffic est en TCP.
+- Le taux de trafic est élevé.
-- Le traffic est très étalé : < 0.01 packet par seconde.
+- Beaucoup de paquets sont envoyés par 58.51.150.96 (publique, classe A).
+- Il y a bien plus d'addresses de sources que de destinations.
 
 #### Provide a reasonable explanation for what traffic the trace represents, taking into account the unusual characteristics you have identified.
+
+Le trafic est probablement issu d'un routeur.