aboutsummaryrefslogtreecommitdiff
path: root/tests/result/telegram.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'tests/result/telegram.pcap.out')
-rw-r--r--tests/result/telegram.pcap.out16
1 files changed, 8 insertions, 8 deletions
diff --git a/tests/result/telegram.pcap.out b/tests/result/telegram.pcap.out
index 91b12b0e4..f381f28b2 100644
--- a/tests/result/telegram.pcap.out
+++ b/tests/result/telegram.pcap.out
@@ -52,17 +52,17 @@ GoogleServices 2 186 1
30 UDP 192.168.1.53:54306 -> 239.255.255.250:1900 [proto: 12/SSDP][ClearText][Confidence: DPI][cat: System/18][2 pkts/336 bytes -> 0 pkts/0 bytes][Goodput ratio: 75/0][2.00 sec][Hostname/SNI: 239.255.255.250:1900][PLAIN TEXT (SEARCH )][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
31 UDP 192.168.1.77:5353 -> 192.168.1.53:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/320 bytes -> 0 pkts/0 bytes][Goodput ratio: 87/0][< 1 sec][Hostname/SNI: _companion-link._tcp.local][_companion-link._tcp.local][PLAIN TEXT (companion)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
32 UDP 192.168.1.77:54595 <-> 192.168.1.1:53 [proto: 5.26/DNS.ntop][ClearText][Confidence: DPI][cat: Network/14][2 pkts/166 bytes <-> 1 pkts/136 bytes][Goodput ratio: 49/69][8.49 sec][Hostname/SNI: b._dns-sd._udp.ntop.org][::][Risk: ** Error Code **][Risk Score: 10][Risk Info: DNS Error Code 3][PLAIN TEXT (postmaster)][Plen Bins: 0,66,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 33 UDP 192.168.1.77:52118 <-> 192.168.1.1:53 [proto: 5.212/DNS.Microsoft][ClearText][Confidence: DPI][cat: Cloud/13][1 pkts/75 bytes <-> 1 pkts/209 bytes][Goodput ratio: 43/80][0.01 sec][Hostname/SNI: in.appcenter.ms][20.44.78.251][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 93][PLAIN TEXT (appcenter)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 33 UDP 192.168.1.77:52118 <-> 192.168.1.1:53 [proto: 5.212/DNS.Microsoft][ClearText][Confidence: DPI][cat: Cloud/13][1 pkts/75 bytes <-> 1 pkts/209 bytes][Goodput ratio: 43/80][0.01 sec][Hostname/SNI: in.appcenter.ms][20.44.78.251][PLAIN TEXT (appcenter)][Plen Bins: 0,50,0,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
34 UDP 192.168.1.77:137 -> 192.168.1.255:137 [proto: 10/NetBIOS][ClearText][Confidence: DPI][cat: System/18][3 pkts/276 bytes -> 0 pkts/0 bytes][Goodput ratio: 54/0][< 1 sec][Hostname/SNI: workgroup][PLAIN TEXT ( FHEPFCELEHFCEPFFFACACACACACACA)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
35 UDP 192.168.1.43:138 -> 192.168.1.255:138 [proto: 10.16/NetBIOS.SMBv1][ClearText][Confidence: DPI][cat: System/18][1 pkts/243 bytes -> 0 pkts/0 bytes][Goodput ratio: 82/0][< 1 sec][Hostname/SNI: desktop-rb5t12g][Risk: ** Unsafe Protocol **][Risk Score: 10][PLAIN TEXT ( EEEFFDELFEEPFACNFCECDFFEDBDCEH)][Plen Bins: 0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
36 UDP 192.168.1.77:23174 -> 87.11.205.195:60723 [proto: 159/OpenVPN][Encrypted][Confidence: DPI][cat: VPN/2][2 pkts/212 bytes -> 0 pkts/0 bytes][Goodput ratio: 60/0][1.50 sec][Risk: ** Known Proto on Non Std Port **][Risk Score: 50][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 37 UDP 192.168.1.77:58615 <-> 192.168.1.1:53 [proto: 5.121/DNS.Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][1 pkts/81 bytes <-> 1 pkts/123 bytes][Goodput ratio: 48/65][0.03 sec][Hostname/SNI: telemetry.dropbox.com][162.125.19.9][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 112][PLAIN TEXT (telemetry)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 38 UDP 192.168.1.77:49764 <-> 192.168.1.1:53 [proto: 5.26/DNS.ntop][ClearText][Confidence: DPI][cat: Network/14][1 pkts/73 bytes <-> 1 pkts/121 bytes][Goodput ratio: 42/65][0.05 sec][Hostname/SNI: dati.ntop.org][167.99.215.164][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 60][PLAIN TEXT (digitalocean)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 39 UDP 192.168.1.77:47127 <-> 192.168.1.1:53 [proto: 5.239/DNS.GoogleServices][ClearText][Confidence: DPI][cat: Web/5][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.00 sec][Hostname/SNI: www.googletagservices.com][192.168.1.157][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 0][PLAIN TEXT (googletagservices)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 40 UDP 192.168.1.77:49533 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.01 sec][Hostname/SNI: e4518.dscx.akamaiedge.net][92.122.246.223][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 7][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 41 UDP 192.168.1.77:61120 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.01 sec][Hostname/SNI: e4518.dscx.akamaiedge.net][92.122.246.223][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 14][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 42 UDP 192.168.1.77:61631 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.01 sec][Hostname/SNI: e7047.e12.akamaiedge.net][92.122.247.92][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 20][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 43 UDP 192.168.1.77:5812 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.00 sec][Hostname/SNI: pixel.wp.com][192.168.1.157][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: Low DNS Record TTL 0][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 37 UDP 192.168.1.77:58615 <-> 192.168.1.1:53 [proto: 5.121/DNS.Dropbox][ClearText][Confidence: DPI][cat: Cloud/13][1 pkts/81 bytes <-> 1 pkts/123 bytes][Goodput ratio: 48/65][0.03 sec][Hostname/SNI: telemetry.dropbox.com][162.125.19.9][PLAIN TEXT (telemetry)][Plen Bins: 0,50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 38 UDP 192.168.1.77:49764 <-> 192.168.1.1:53 [proto: 5.26/DNS.ntop][ClearText][Confidence: DPI][cat: Network/14][1 pkts/73 bytes <-> 1 pkts/121 bytes][Goodput ratio: 42/65][0.05 sec][Hostname/SNI: dati.ntop.org][167.99.215.164][PLAIN TEXT (digitalocean)][Plen Bins: 50,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 39 UDP 192.168.1.77:47127 <-> 192.168.1.1:53 [proto: 5.239/DNS.GoogleServices][ClearText][Confidence: DPI][cat: Web/5][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.00 sec][Hostname/SNI: www.googletagservices.com][192.168.1.157][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: DNS Record with zero TTL][PLAIN TEXT (googletagservices)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 40 UDP 192.168.1.77:49533 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.01 sec][Hostname/SNI: e4518.dscx.akamaiedge.net][92.122.246.223][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 41 UDP 192.168.1.77:61120 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/85 bytes <-> 1 pkts/101 bytes][Goodput ratio: 50/58][0.01 sec][Hostname/SNI: e4518.dscx.akamaiedge.net][92.122.246.223][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 42 UDP 192.168.1.77:61631 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/84 bytes <-> 1 pkts/100 bytes][Goodput ratio: 49/57][0.01 sec][Hostname/SNI: e7047.e12.akamaiedge.net][92.122.247.92][PLAIN TEXT (akamaiedge)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 43 UDP 192.168.1.77:5812 <-> 192.168.1.1:53 [proto: 5/DNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/72 bytes <-> 1 pkts/88 bytes][Goodput ratio: 41/52][0.00 sec][Hostname/SNI: pixel.wp.com][192.168.1.157][Risk: ** Suspicious DNS Traffic **][Risk Score: 100][Risk Info: DNS Record with zero TTL][Plen Bins: 50,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
44 UDP [fe80::4dc:edec:5b0c:a661]:5353 -> [ff02::fb]:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/111 bytes -> 0 pkts/0 bytes][Goodput ratio: 44/0][< 1 sec][Hostname/SNI: _raop._tcp.local][_raop._tcp.local][PLAIN TEXT (airplay)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
45 UDP 192.168.1.52:5353 -> 224.0.0.251:5353 [proto: 8/MDNS][ClearText][Confidence: DPI][cat: Network/14][1 pkts/91 bytes -> 0 pkts/0 bytes][Goodput ratio: 53/0][< 1 sec][Hostname/SNI: _raop._tcp.local][_raop._tcp.local][PLAIN TEXT (airplay)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
46 UDP 192.168.1.77:57621 -> 192.168.1.255:57621 [proto: 156/Spotify][Encrypted][Confidence: DPI][cat: Music/25][1 pkts/86 bytes -> 0 pkts/0 bytes][Goodput ratio: 51/0][< 1 sec][PLAIN TEXT (SpotUdp)][Plen Bins: 0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.