The capture duration specifically is enlarged by injecting attacks.
Issue seems to sit [here](https://git.tk.informatik.tu-darmstadt.de/SPIN/ID2T-toolkit/src/master/code/ID2TLib/Utility.py#L62).
Capture duration should be fixed with this commit 69145d59e1.
EDIT:
Data sizes are to diffrent before and after the injection.
before:
$capinfosresources/dump.pcapFile name:resources/dump.pcapFile type:Wireshark/tcpdump/...-pcapFile encapsulation:EthernetFile timestamp precision:microseconds(6)Packet size limit: file hdr:96bytesPacket size limit: inferred:34bytes-96bytes(range)Number of packets:78MFile size:5556MBData size:54GBCapture duration:899.883512secondsFirst packet time:2018-04-0407:00:00.448274Last packet time:2018-04-0407:15:00.331786Data byte rate:60MBpsData bit rate:482MbpsAverage packet size:692.23bytesAverage packet rate:87kpackets/sSHA1:13d829ed0ef260a270d9fbf515286e5c1ce49f54RIPEMD160:fd27884eed001d8fba01aa08d89ced8ed3a72776MD5:7b9be685d780838b7fd2a9cbfd387bd8Strict time order:TrueNumber of interfaces in file:1Interface#0 info:Encapsulation=Ethernet(1/1-ether)Capturelength=96Timeprecision=microseconds(6)Timetickspersecond=1000000Numberofstatentries=0Numberofpackets=78424128
after:
$capinfosresources/ID2T_results/dump_20180605-150914.pcapFile name:resources/ID2T_results/dump_20180605-150914.pcapFile type:Wireshark/tcpdump/...-pcapFile encapsulation:EthernetFile timestamp precision:microseconds(6)Packet size limit: file hdr:65535bytesNumber of packets:78MFile size:6210MBData size:4957MBCapture duration:899.883512secondsFirst packet time:2018-04-0407:00:00.448274Last packet time:2018-04-0407:15:00.331786Data byte rate:5508kBpsData bit rate:44MbpsAverage packet size:63.29bytesAverage packet rate:87kpackets/sSHA1:d3c71e4bfcf1dad41170820f3de11f41441df739RIPEMD160:a9b24fb8b2c095db421f48002702d15d7f859a90MD5:7ac7636962d96ab109b260b5ab8249fbStrict time order:TrueNumber of interfaces in file:1Interface#0 info:Encapsulation=Ethernet(1/1-ether)Capturelength=65535Timeprecision=microseconds(6)Timetickspersecond=1000000Numberofstatentries=0Numberofpackets=78330141
Capture duration should be fixed with this commit 69145d59e1e36311e6b7470bcb69ed301dc148c3.
EDIT:
Data sizes are to diffrent before and after the injection.
before:
$ capinfos resources/dump.pcap
File name: resources/dump.pcap
File type: Wireshark/tcpdump/... - pcap
File encapsulation: Ethernet
File timestamp precision: microseconds (6)
Packet size limit: file hdr: 96 bytes
Packet size limit: inferred: 34 bytes - 96 bytes (range)
Number of packets: 78 M
File size: 5556 MB
Data size: 54 GB
Capture duration: 899.883512 seconds
First packet time: 2018-04-04 07:00:00.448274
Last packet time: 2018-04-04 07:15:00.331786
Data byte rate: 60 MBps
Data bit rate: 482 Mbps
Average packet size: 692.23 bytes
Average packet rate: 87 kpackets/s
SHA1: 13d829ed0ef260a270d9fbf515286e5c1ce49f54
RIPEMD160: fd27884eed001d8fba01aa08d89ced8ed3a72776
MD5: 7b9be685d780838b7fd2a9cbfd387bd8
Strict time order: True
Number of interfaces in file: 1
Interface #0 info:
Encapsulation = Ethernet (1/1 - ether)
Capture length = 96
Time precision = microseconds (6)
Time ticks per second = 1000000
Number of stat entries = 0
Number of packets = 78424128
after:
$ capinfos resources/ID2T_results/dump_20180605-150914.pcap
File name: resources/ID2T_results/dump_20180605-150914.pcap
File type: Wireshark/tcpdump/... - pcap
File encapsulation: Ethernet
File timestamp precision: microseconds (6)
Packet size limit: file hdr: 65535 bytes
Number of packets: 78 M
File size: 6210 MB
Data size: 4957 MB
Capture duration: 899.883512 seconds
First packet time: 2018-04-04 07:00:00.448274
Last packet time: 2018-04-04 07:15:00.331786
Data byte rate: 5508 kBps
Data bit rate: 44 Mbps
Average packet size: 63.29 bytes
Average packet rate: 87 kpackets/s
SHA1: d3c71e4bfcf1dad41170820f3de11f41441df739
RIPEMD160: a9b24fb8b2c095db421f48002702d15d7f859a90
MD5: 7ac7636962d96ab109b260b5ab8249fb
Strict time order: True
Number of interfaces in file: 1
Interface #0 info:
Encapsulation = Ethernet (1/1 - ether)
Capture length = 65535
Time precision = microseconds (6)
Time ticks per second = 1000000
Number of stat entries = 0
Number of packets = 78330141
This seems to be an issue with [libtins](https://github.com/mfontanini/libtins).
An [issue](https://github.com/mfontanini/libtins/issues/300) was opened on github.
The capture duration specifically is enlarged by injecting attacks.
Issue seems to sit here.
Capture duration should be fixed with this commit
69145d59e1
.EDIT: Data sizes are to diffrent before and after the injection.
before:
$ capinfos resources/dump.pcap File name: resources/dump.pcap File type: Wireshark/tcpdump/... - pcap File encapsulation: Ethernet File timestamp precision: microseconds (6) Packet size limit: file hdr: 96 bytes Packet size limit: inferred: 34 bytes - 96 bytes (range) Number of packets: 78 M File size: 5556 MB Data size: 54 GB Capture duration: 899.883512 seconds First packet time: 2018-04-04 07:00:00.448274 Last packet time: 2018-04-04 07:15:00.331786 Data byte rate: 60 MBps Data bit rate: 482 Mbps Average packet size: 692.23 bytes Average packet rate: 87 kpackets/s SHA1: 13d829ed0ef260a270d9fbf515286e5c1ce49f54 RIPEMD160: fd27884eed001d8fba01aa08d89ced8ed3a72776 MD5: 7b9be685d780838b7fd2a9cbfd387bd8 Strict time order: True Number of interfaces in file: 1 Interface #0 info: Encapsulation = Ethernet (1/1 - ether) Capture length = 96 Time precision = microseconds (6) Time ticks per second = 1000000 Number of stat entries = 0 Number of packets = 78424128
after:
$ capinfos resources/ID2T_results/dump_20180605-150914.pcap File name: resources/ID2T_results/dump_20180605-150914.pcap File type: Wireshark/tcpdump/... - pcap File encapsulation: Ethernet File timestamp precision: microseconds (6) Packet size limit: file hdr: 65535 bytes Number of packets: 78 M File size: 6210 MB Data size: 4957 MB Capture duration: 899.883512 seconds First packet time: 2018-04-04 07:00:00.448274 Last packet time: 2018-04-04 07:15:00.331786 Data byte rate: 5508 kBps Data bit rate: 44 Mbps Average packet size: 63.29 bytes Average packet rate: 87 kpackets/s SHA1: d3c71e4bfcf1dad41170820f3de11f41441df739 RIPEMD160: a9b24fb8b2c095db421f48002702d15d7f859a90 MD5: 7ac7636962d96ab109b260b5ab8249fb Strict time order: True Number of interfaces in file: 1 Interface #0 info: Encapsulation = Ethernet (1/1 - ether) Capture length = 65535 Time precision = microseconds (6) Time ticks per second = 1000000 Number of stat entries = 0 Number of packets = 78330141
This seems to be an issue with libtins.
An issue was opened on github.