1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
DPI Packets (TCP): 3 (1.50 pkts/flow)
Confidence DPI : 2 (flows)
Num dissector calls: 2 (1.00 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 2/0 (search/found)
Patricia risk mask IPv6: 0/0 (search/found)
Patricia risk: 1/0 (search/found)
Patricia risk IPv6: 0/0 (search/found)
Patricia protocols: 3/1 (search/found)
Patricia protocols IPv6: 0/0 (search/found)
MQTT 9 1481 2
Acceptable 9 1481 2
1 TCP 10.10.10.1:1883 <-> 192.168.0.1:41892 [proto: 222/MQTT][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 2][cat: RPC/16][4 pkts/370 bytes <-> 4 pkts/756 bytes][Goodput ratio: 26/65][1.69 sec][bytes ratio: -0.343 (Download)][IAT c2s/s2c min/avg/max/stddev: 79/80 261/561 618/1000 253/377][Pkt Len c2s/s2c min/avg/max/stddev: 70/68 92/189 155/458 36/157][Risk: ** Probing attempt **][Risk Score: 50][Risk Info: TCP connection with unidirectional traffic][PLAIN TEXT (bbbbbaaaaab)][Plen Bins: 42,14,28,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 100.67.35.238:35035 -> 51.137.28.239:1883 [VLAN: 1008][proto: 222/MQTT][IP: 276/Azure][ClearText][Confidence: DPI][DPI packets: 1][cat: RPC/16][1 pkts/355 bytes -> 0 pkts/0 bytes][Goodput ratio: 80/0][< 1 sec][Risk: ** Unidirectional Traffic **** Probing attempt **][Risk Score: 60][Risk Info: No server to client traffic / TCP connection with unidirectional traffic][PLAIN TEXT (Jiotazewpmlithub.azure)][Plen Bins: 0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
|