1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
Guessed flow protos: 0
DPI Packets (TCP): 4 (4.00 pkts/flow)
DPI Packets (UDP): 4 (4.00 pkts/flow)
Confidence DPI : 2 (flows)
Num dissector calls: 145 (72.50 diss/flow)
LRU cache ookla: 0/0/0 (insert/search/found)
LRU cache bittorrent: 0/0/0 (insert/search/found)
LRU cache zoom: 0/0/0 (insert/search/found)
LRU cache stun: 0/0/0 (insert/search/found)
LRU cache tls_cert: 0/0/0 (insert/search/found)
LRU cache mining: 0/0/0 (insert/search/found)
LRU cache msteams: 0/0/0 (insert/search/found)
Automa host: 0/0 (search/found)
Automa domain: 0/0 (search/found)
Automa tls cert: 0/0 (search/found)
Automa risk mask: 0/0 (search/found)
Automa common alpns: 0/0 (search/found)
Patricia risk mask: 4/0 (search/found)
Patricia risk: 0/0 (search/found)
Patricia protocols: 10/0 (search/found)
TeamViewer 1298 704218 2
1 UDP 10.0.2.15:34417 <-> 93.47.224.241:36037 [proto: 148/TeamViewer][Encrypted][Confidence: DPI][cat: RemoteAccess/12][1 pkts/138 bytes <-> 1008 pkts/562734 bytes][Goodput ratio: 69/92][37.93 sec][bytes ratio: -1.000 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 0/36 0/981 0/97][Pkt Len c2s/s2c min/avg/max/stddev: 138/58 138/558 138/1066 0/462][Risk: ** Known Proto on Non Std Port **** Desktop/File Sharing **][Risk Score: 60][Risk Info: Found TeamViewer][PLAIN TEXT (93.47.224.241)][Plen Bins: 12,12,8,3,6,0,1,1,0,0,0,1,1,0,1,0,2,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,47,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
2 TCP 10.0.2.15:35732 <-> 162.250.2.170:5938 [proto: 148/TeamViewer][Encrypted][Confidence: DPI][cat: RemoteAccess/12][129 pkts/67997 bytes <-> 160 pkts/73349 bytes][Goodput ratio: 89/88][399.56 sec][bytes ratio: -0.038 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 3451/2522 50678/50677 9036/8571][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 527/458 1514/1514 537/563][PLAIN TEXT (XDsiBZ)][Plen Bins: 9,4,0,2,0,2,8,0,2,0,0,1,0,1,2,0,0,2,2,0,0,0,2,1,0,0,1,0,0,0,0,0,0,23,1,0,0,2,1,1,1,1,0,0,1,23,0,0]
|