1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
DPI Packets (TCP): 15 (3.75 pkts/flow)
DPI Packets (UDP): 2 (1.00 pkts/flow)
Confidence DPI : 6 (flows)
Num dissector calls: 58 (9.67 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 6/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 2/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 10/2 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
H323 75 7998 6
Acceptable 75 7998 6
1 TCP 10.1.3.143:32803 <-> 10.1.6.18:1720 [proto: 158/H323][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: VoIP/10][11 pkts/934 bytes <-> 10 pkts/1018 bytes][Goodput ratio: 34/44][1.05 sec][bytes ratio: -0.043 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 103/149 627/627 206/209][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 85/102 214/151 61/35][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (m.jemec)][Plen Bins: 0,0,50,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 UDP 10.47.208.204:1719 <-> 10.47.208.50:1719 [proto: 158/H323][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][3 pkts/1137 bytes <-> 2 pkts/592 bytes][Goodput ratio: 89/86][60.24 sec][PLAIN TEXT (Tandberg)][Plen Bins: 0,0,0,0,0,0,0,40,0,0,60,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
3 UDP 17.2.0.124:2034 <-> 17.2.0.161:1719 [proto: 158/H323][IP: 140/Apple][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][3 pkts/665 bytes <-> 7 pkts/853 bytes][Goodput ratio: 81/65][80.21 sec][bytes ratio: -0.124 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 247/336 288/13362 330/70142 42/25418][Pkt Len c2s/s2c min/avg/max/stddev: 80/67 222/122 411/176 139/48][PLAIN TEXT (@333333330)][Plen Bins: 20,20,10,10,30,0,0,0,0,0,0,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
4 TCP 10.1.3.143:32804 <-> 10.1.6.18:1232 [proto: 158/H323][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: VoIP/10][13 pkts/849 bytes <-> 9 pkts/612 bytes][Goodput ratio: 15/17][0.56 sec][bytes ratio: 0.162 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 1/4 39/71 173/173 49/56][Pkt Len c2s/s2c min/avg/max/stddev: 54/60 65/68 103/85 15/10][Risk: ** Known Proto on Non Std Port **** Probing attempt **][Risk Score: 100][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 90,9,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
5 TCP 192.168.0.208:56837 <-> 192.168.0.1:1720 [proto: 158/H323][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: VoIP/10][9 pkts/660 bytes <-> 6 pkts/371 bytes][Goodput ratio: 20/12][44.95 sec][bytes ratio: 0.280 (Upload)][IAT c2s/s2c min/avg/max/stddev: 0/0 4279/7498 14994/14994 6708/7496][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 73/62 180/93 38/14][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][Plen Bins: 67,16,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
6 TCP 17.2.0.124:3032 <-> 17.2.0.122:1720 [proto: 158/H323][IP: 140/Apple][ClearText][Confidence: DPI][DPI packets: 1][cat: VoIP/10][1 pkts/207 bytes <-> 1 pkts/100 bytes][Goodput ratio: 74/46][0.06 sec][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][PLAIN TEXT (5295672)][Plen Bins: 0,50,0,0,50,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|