aboutsummaryrefslogtreecommitdiff
path: root/tests/result/iphone.pcap.out
diff options
context:
space:
mode:
authorLuca Deri <deri@ntop.org>2022-06-13 23:19:47 +0200
committerLuca Deri <deri@ntop.org>2022-06-13 23:19:47 +0200
commitcf5873ffd72ba8b530429bda3c8931f9ada33747 (patch)
treeb41586b7fcd1f8e7291c0e348f57f2d0b532ef20 /tests/result/iphone.pcap.out
parent32428026d6dbcf7ee36aa3c882056b869b593d65 (diff)
Improved DNS traffic analysis
Added ability to identify application and network protocols
Diffstat (limited to 'tests/result/iphone.pcap.out')
-rw-r--r--tests/result/iphone.pcap.out36
1 files changed, 18 insertions, 18 deletions
diff --git a/tests/result/iphone.pcap.out b/tests/result/iphone.pcap.out
index 96f4181eb..ca7e41b71 100644
--- a/tests/result/iphone.pcap.out
+++ b/tests/result/iphone.pcap.out
@@ -46,28 +46,28 @@ JA3 Host Stats:
20 UDP 192.168.2.1:17500 -> 192.168.2.255:17500 [proto: 121/Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][2 pkts/1104 bytes -> 0 pkts/0 bytes][Goodput ratio: 92/0][30.05 sec][PLAIN TEXT (version)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
21 UDP 192.168.2.1:67 -> 192.168.2.17:68 [proto: 18/DHCP][ClearText][Confidence: DPI][cat: Network/14][2 pkts/684 bytes -> 0 pkts/0 bytes][Goodput ratio: 88/0][1.02 sec][PLAIN TEXT (iMac.local)][Plen Bins: 0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
22 UDP [fe80::823:3f17:8298:a29c]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][4 pkts/512 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][3.56 sec][Hostname/SNI: _homekit._tcp.local][_homekit._tcp.local][PLAIN TEXT (homekit)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 23 UDP 192.168.2.17:63381 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/264 bytes][Goodput ratio: 53/84][0.04 sec][Hostname/SNI: p26-keyvalueservice.icloud.com][17.248.185.87][PLAIN TEXT (valueservice)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 23 UDP 192.168.2.17:63381 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/90 bytes <-> 1 pkts/264 bytes][Goodput ratio: 53/84][0.04 sec][Hostname/SNI: p26-keyvalueservice.icloud.com][17.248.185.87][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 53][PLAIN TEXT (valueservice)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
24 ICMP 192.168.2.17:0 -> 192.168.2.1:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][5 pkts/350 bytes -> 0 pkts/0 bytes][Goodput ratio: 40/0][0.34 sec][Plen Bins: 100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 25 UDP 192.168.2.17:63143 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/252 bytes][Goodput ratio: 49/83][0.04 sec][Hostname/SNI: p26-fmfmobile.icloud.com][17.248.185.140][PLAIN TEXT (fmfmobile)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 26 UDP 192.168.2.17:52852 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/78 bytes <-> 1 pkts/244 bytes][Goodput ratio: 46/82][0.04 sec][Hostname/SNI: gateway.icloud.com][17.248.176.75][PLAIN TEXT (gateway)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 27 UDP 192.168.2.17:53272 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.05 sec][Hostname/SNI: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 28 UDP 192.168.2.17:65079 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.00 sec][Hostname/SNI: play.itunes.apple.com][92.123.77.26][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 29 UDP 192.168.2.17:61862 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/83 bytes <-> 1 pkts/227 bytes][Goodput ratio: 49/81][0.04 sec][Hostname/SNI: gspe35-ssl.ls.apple.com][95.101.25.53][PLAIN TEXT (gspe35)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 30 UDP 192.168.2.17:49880 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.05 sec][Hostname/SNI: init.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 31 UDP 192.168.2.17:53317 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/224 bytes][Goodput ratio: 46/81][0.04 sec][Hostname/SNI: iphone-ld.apple.com][92.122.252.82][PLAIN TEXT (iphone)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 32 UDP 192.168.2.17:63677 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.04 sec][Hostname/SNI: sync.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 33 UDP 192.168.2.17:53983 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Hostname/SNI: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 34 UDP 192.168.2.17:63377 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Hostname/SNI: bag.itunes.apple.com][95.101.24.53][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 35 UDP 192.168.2.17:51007 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: ConnCheck/30][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Hostname/SNI: captive.apple.com][17.253.105.202][PLAIN TEXT (captive)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 36 UDP 192.168.2.17:55457 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/214 bytes][Goodput ratio: 43/80][0.04 sec][Hostname/SNI: mesu.apple.com][17.253.105.202][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 37 UDP 192.168.2.17:62526 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/212 bytes][Goodput ratio: 42/80][0.05 sec][Hostname/SNI: cl4.apple.com][104.73.61.30][PLAIN TEXT (origin)][Plen Bins: 50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 38 UDP 192.168.2.17:52682 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/203 bytes][Goodput ratio: 43/79][0.04 sec][Hostname/SNI: www.icloud.com][23.45.74.46][PLAIN TEXT (icloud)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 25 UDP 192.168.2.17:63143 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/84 bytes <-> 1 pkts/252 bytes][Goodput ratio: 49/83][0.04 sec][Hostname/SNI: p26-fmfmobile.icloud.com][17.248.185.140][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 15][PLAIN TEXT (fmfmobile)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 26 UDP 192.168.2.17:52852 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/78 bytes <-> 1 pkts/244 bytes][Goodput ratio: 46/82][0.04 sec][Hostname/SNI: gateway.icloud.com][17.248.176.75][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 34][PLAIN TEXT (gateway)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 27 UDP 192.168.2.17:53272 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.05 sec][Hostname/SNI: play.itunes.apple.com][92.123.77.26][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 95][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 28 UDP 192.168.2.17:65079 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/241 bytes][Goodput ratio: 48/82][0.00 sec][Hostname/SNI: play.itunes.apple.com][92.123.77.26][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 94][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 29 UDP 192.168.2.17:61862 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/83 bytes <-> 1 pkts/227 bytes][Goodput ratio: 49/81][0.04 sec][Hostname/SNI: gspe35-ssl.ls.apple.com][95.101.25.53][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 15][PLAIN TEXT (gspe35)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 30 UDP 192.168.2.17:49880 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.05 sec][Hostname/SNI: init.itunes.apple.com][95.101.24.53][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 27][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 31 UDP 192.168.2.17:53317 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/79 bytes <-> 1 pkts/224 bytes][Goodput ratio: 46/81][0.04 sec][Hostname/SNI: iphone-ld.apple.com][92.122.252.82][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 199][PLAIN TEXT (iphone)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 32 UDP 192.168.2.17:63677 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/81 bytes <-> 1 pkts/222 bytes][Goodput ratio: 48/81][0.04 sec][Hostname/SNI: sync.itunes.apple.com][95.101.24.53][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 24][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 33 UDP 192.168.2.17:53983 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Hostname/SNI: bag.itunes.apple.com][95.101.24.53][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 23][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 34 UDP 192.168.2.17:63377 <-> 192.168.2.1:53 [proto: 5.145/DNS.AppleiTunes][ClearText][Confidence: DPI][cat: Streaming/17][1 pkts/80 bytes <-> 1 pkts/221 bytes][Goodput ratio: 47/81][0.05 sec][Hostname/SNI: bag.itunes.apple.com][95.101.24.53][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 23][PLAIN TEXT (itunes)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 35 UDP 192.168.2.17:51007 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: ConnCheck/30][1 pkts/77 bytes <-> 1 pkts/221 bytes][Goodput ratio: 45/81][0.04 sec][Hostname/SNI: captive.apple.com][17.253.105.202][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 188][PLAIN TEXT (captive)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 36 UDP 192.168.2.17:55457 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/214 bytes][Goodput ratio: 43/80][0.04 sec][Hostname/SNI: mesu.apple.com][17.253.105.202][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 68][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 37 UDP 192.168.2.17:62526 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/212 bytes][Goodput ratio: 42/80][0.05 sec][Hostname/SNI: cl4.apple.com][104.73.61.30][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 100][PLAIN TEXT (origin)][Plen Bins: 50,0,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 38 UDP 192.168.2.17:52682 <-> 192.168.2.1:53 [proto: 5.143/DNS.AppleiCloud][ClearText][Confidence: DPI][cat: Web/5][1 pkts/74 bytes <-> 1 pkts/203 bytes][Goodput ratio: 43/79][0.04 sec][Hostname/SNI: www.icloud.com][23.45.74.46][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 143][PLAIN TEXT (icloud)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
39 ICMPV6 [fe80::823:3f17:8298:a29c]:0 -> [ff02::16]:0 [proto: 102/ICMPV6][ClearText][Confidence: DPI][cat: Network/14][2 pkts/260 bytes -> 0 pkts/0 bytes][Goodput ratio: 46/0][1.00 sec][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 40 UDP 192.168.2.17:55914 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/146 bytes][Goodput ratio: 48/71][0.04 sec][Hostname/SNI: gsp85-ssl.ls.apple.com][17.130.2.46][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 40 UDP 192.168.2.17:55914 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/82 bytes <-> 1 pkts/146 bytes][Goodput ratio: 48/71][0.04 sec][Hostname/SNI: gsp85-ssl.ls.apple.com][17.130.2.46][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 63][PLAIN TEXT (akadns)][Plen Bins: 0,50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
41 UDP 192.168.2.17:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][2 pkts/216 bytes -> 0 pkts/0 bytes][Goodput ratio: 61/0][1.02 sec][Hostname/SNI: _homekit._tcp.local][_homekit._tcp.local][PLAIN TEXT (homekit)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
42 UDP 192.168.2.17:64203 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/80 bytes <-> 1 pkts/135 bytes][Goodput ratio: 47/68][0.04 sec][Hostname/SNI: basejumper.apple.com][::][PLAIN TEXT (basejumper)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 43 UDP 192.168.2.17:52031 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.03 sec][Hostname/SNI: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 44 UDP 192.168.2.17:62160 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.04 sec][Hostname/SNI: gsa.apple.com][17.137.166.35][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 43 UDP 192.168.2.17:52031 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.03 sec][Hostname/SNI: gsa.apple.com][17.137.166.35][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 225][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 44 UDP 192.168.2.17:62160 <-> 192.168.2.1:53 [proto: 5.140/DNS.Apple][ClearText][Confidence: DPI][cat: Web/5][1 pkts/73 bytes <-> 1 pkts/127 bytes][Goodput ratio: 42/66][0.04 sec][Hostname/SNI: gsa.apple.com][17.137.166.35][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 225][PLAIN TEXT (akadns)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.2.1:57621 -> 192.168.2.255:57621 [proto: 156/Spotify][Encrypted][Confidence: DPI][cat: Music/25][2 pkts/172 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][30.01 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 169.254.225.216:60538 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 239.255.255.250:1900][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
47 UDP 192.168.2.1:51411 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][1 pkts/168 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][< 1 sec][Hostname/SNI: 239.255.255.250:1900][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.