diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2023-11-08 17:07:20 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2023-11-08 17:07:20 +0100 |
| commit | b667f9e1daa913acddb0bf2117651481d788fdf8 (patch) | |
| tree | ba30ba11c159888e5cac8adb2747df0562849342 /test/results/default/gnutella.pcap.out | |
| parent | 55c8a848d3ee160c2b4630180b62d534c2b70788 (diff) | |
Forcefully reset `NDPI_UNIDIRECTIONAL_TRAFFIC` if classification was done after the first packet. Nonsense.
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/default/gnutella.pcap.out')
| -rw-r--r-- | test/results/default/gnutella.pcap.out | 652 |
1 files changed, 326 insertions, 326 deletions
diff --git a/test/results/default/gnutella.pcap.out b/test/results/default/gnutella.pcap.out index 75b4aeeae..0f0f9e3f3 100644 --- a/test/results/default/gnutella.pcap.out +++ b/test/results/default/gnutella.pcap.out @@ -19,7 +19,7 @@ 01008{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":7,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":5,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12446804,"flow_src_last_pkt_time":12446804,"flow_dst_last_pkt_time":12446804,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":314,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":314,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":314,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12446804,"l3_proto":"ip4","src_ip":"0.0.0.0","dst_ip":"255.255.255.255","src_port":68,"dst_port":67,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"msedgewin10","dhcp": {"fingerprint":"1,3,6,15,31,33,43,44,46,47,119,121,249,252","class_ident":"MSFT 5.0"}}} 00735{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 01223{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_packet_id":1,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":590,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":590,"pkt_l4_len":556,"thread_ts_usec":12447076,"pkt":"CAAn5uVZUlQAEjUCCABFEAJAAAAAAEARYI0KAAICCgACDwBDAEQCLAYSAgEGAKZ4S30AAAAACgACDwoAAg8KAAIEAAAAAAgAJ+blWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATVNFZGdlIC0gV2luMTAucHhlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjglNjNQEFAQT\/\/\/8AAwQKAAICBgQKAAIDDwNsYW4zBAABUYA2BAoAAgL\/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="} -01067{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dhcp": {"fingerprint":"","class_ident":""}}} +00942{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":8,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":6,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12447076,"flow_src_last_pkt_time":12447076,"flow_dst_last_pkt_time":12447076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":548,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":548,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":548,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12447076,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","src_port":67,"dst_port":68,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCP","proto_id":"18","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","hostname":"","dhcp": {"fingerprint":"","class_ident":""}}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":91,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12461875,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00636{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_packet_id":1,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":153,"pkt_type":34525,"pkt_l3_offset":14,"pkt_l4_offset":54,"pkt_len":153,"pkt_l4_len":99,"thread_ts_usec":12461875,"pkt":"MzMAAQACCAAn5uVZht1gDPpkAGMRAf6AAAAAAAAAxQ1Rn5ak4Qj\/AgAAAAAAAAAAAAAAAQACAiICIwBj3RcBE9HtAAgAAgAAAAEADgABAAEkIvGzCAAn5uVZAAMADAUIACcAAAAAAAAAAAAnAA0AC01TRURHRVdJTjEwABAADgAAATcACE1TRlQgNS4wAAYACAARABcAGAAn"} 00903{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":9,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":7,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":12461875,"flow_src_last_pkt_time":12461875,"flow_dst_last_pkt_time":12461875,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":91,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":91,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":91,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":12461875,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1:2","src_port":546,"dst_port":547,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"DHCPV6","proto_id":"103","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} @@ -141,10 +141,10 @@ 00900{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":43490007,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61191313,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_packet_id":1,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61191313,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegT8AAIARoX8KAAIPCgACAuETFOcACvHOAAA="} -01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61191313,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} +00978{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61191313,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_packet_id":1,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61470563,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUAAAIARoX4KAAIPCgACAuEUFOcACvHNAAA="} -01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} +00978{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":158,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61470563,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974633,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.140.63.147","src_port":50190,"dst_port":29545,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":159,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":1,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":61974633,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61974633,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XhVAAIAGAIEKAAIPUIw\/k8QOc2l5awyyAAAAAIAC+vAaXAAAAgQFtAEDAwgBAQQC"} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":160,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":29,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61974915,"flow_src_last_pkt_time":61974915,"flow_dst_last_pkt_time":61974915,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61974915,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":50191,"dst_port":6778,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} @@ -159,7 +159,7 @@ 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":164,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":33,"flow_packet_id":1,"flow_src_last_pkt_time":61977895,"flow_dst_last_pkt_time":61977895,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":61977895,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0c7hAAIAGSJYKAAIPop2PycQTdELYuuv1AAAAAIAC+vA4owAAAgQFtAEDAwgBAQQC"} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_packet_id":1,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":61999388,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUEAAIARoX0KAAIPCgACAuEVFOcACvHMAAA="} -01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} +00978{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":165,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":61999388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":166,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":30,"flow_packet_id":2,"flow_src_last_pkt_time":61975137,"flow_dst_last_pkt_time":62017825,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62017825,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoIAAEAG5+ItQVcYCgACDz9JxBAAXcABhPHErWAS\/\/\/6VgAAAgQFtA=="} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":167,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":31,"flow_packet_id":2,"flow_src_last_pkt_time":61975321,"flow_dst_last_pkt_time":62020527,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62020527,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoMAAEAG3txZSzQTCgACD7O6xBEAXroBd2GZhGAS\/\/+7lwAAAgQFtA=="} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":168,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":2,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":62023491,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":62023491,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoQAAEAG3BpQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} @@ -178,7 +178,7 @@ 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":40,"flow_packet_id":1,"flow_src_last_pkt_time":63002631,"flow_dst_last_pkt_time":63002631,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":63002631,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IqxAAIAGH9YKAAIPTnpducQZGMpcVbolAAAAAIAC+vDIfgAAAgQFtAEDAwgBAQQC"} 00737{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00491{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_packet_id":1,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":44,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":44,"pkt_l4_len":10,"thread_ts_usec":63029620,"pkt":"UlQAEjUCCAAn5uVZCABFAAAegUIAAIARoXwKAAIPCgACAuEWFOcACvHLAAA="} -01103{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} +00978{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":63029620,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","natpmp": {"result":0,"internal_port":0,"external_port":0,"external_address":"0.0.0.0"}}} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":177,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":2,"flow_src_last_pkt_time":63001980,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63233986,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAoYAAEAGCJAvkzQVCgACD494xBcAY5wBOEHDT2AS\/\/882gAAAgQFtA=="} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":178,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":38,"flow_packet_id":3,"flow_src_last_pkt_time":63234208,"flow_dst_last_pkt_time":63233986,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":63234208,"pkt":"UlQAEjUCCAAn5uVZCABFAAAouwVAAIAG0BMKAAIPL5M0FcQXj3g4QcNPAGOcAlAQ+vBZpgAA"} 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":179,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":35,"flow_packet_id":2,"flow_src_last_pkt_time":63000408,"flow_dst_last_pkt_time":63250328,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":63250328,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAocAAEAGiwHa+gY7CgACDzEMxBQAZJYBrKXgdGAS\/\/+SMQAAAgQFtA=="} @@ -363,16 +363,16 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":352,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":84,"flow_packet_id":1,"flow_src_last_pkt_time":70172719,"flow_dst_last_pkt_time":70172719,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70172719,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0UWtAAIAGasMKAAIPsIqB\/MRDbToYK0huAAAAAIAC+vCjcgAAAgQFtAEDAwgBAQQC"} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230046,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":1,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230046,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0djYAAIARTnwKAAIPVYoUbnAJGMoAIKDVR05EED6PAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230046,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":356,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230046,"flow_src_last_pkt_time":70230046,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230046,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.138.20.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_packet_id":1,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230444,"pkt":"UlQAEjUCCAAn5uVZCABFAAA022gAAIARFCcKAAIPStL0SHAJGMoAIMuxR05EED6QAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":358,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":86,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230444,"flow_src_last_pkt_time":70230444,"flow_dst_last_pkt_time":70230444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_packet_id":1,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230689,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LQAAIARp30KAAIPXINV9XAJe\/8AIPUdR05EED6RAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":360,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230689,"flow_src_last_pkt_time":70230689,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230689,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.131.85.245","src_port":28681,"dst_port":31743,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00743{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230940,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_packet_id":1,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":70230940,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tBIAAIAREWQKAAIPUTIYAnAJRdIAIHSOR05EED6SAQFUC1FLUlAGUk5BXS\/iNQlw"} -01136{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230940,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01026{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":361,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":70230940,"flow_src_last_pkt_time":70230940,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":70230940,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.50.24.2","src_port":28681,"dst_port":17874,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":362,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":70,"flow_packet_id":2,"flow_src_last_pkt_time":71122761,"flow_dst_last_pkt_time":68109715,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122761,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vG1AAIAGN8gKAAIPAST5W8Q1\/ZgxDGGiAAAAAIAC+vAZFAAAAgQFtAEDAwgBAQQC"} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":363,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":68,"flow_packet_id":2,"flow_src_last_pkt_time":71122842,"flow_dst_last_pkt_time":68108638,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122842,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K4lAAIAGtdcKAAIPb\/adXsQzx+daqkeOAAAAAIAC+vAsaAAAAgQFtAEDAwgBAQQC"} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":364,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":72,"flow_packet_id":2,"flow_src_last_pkt_time":71122875,"flow_dst_last_pkt_time":68110677,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71122875,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ZZpAAIAGsgcKAAIPTESKz8Q3sBfW5xLuAAAAAIAC+vAy2AAAAgQFtAEDAwgBAQQC"} @@ -406,7 +406,7 @@ 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":371,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":1,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71205609,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71205609,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08yJAAIAG8AwKAAIPVtC0tcRJszsghBY3AAAAAIAC+vCuSgAAAgQFtAEDAwgBAQQC"} 00708{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":1,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":71216656,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4AsYAAP8BoC4KAAICCgACDwMBntkAAAAARQAANGWZQAB\/BrMICgACD0xEis\/EN7AX1ucS7g=="} -01001{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.521641}} +00876{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":372,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71216656,"flow_src_last_pkt_time":71216656,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":36,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":36,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":36,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71216656,"l3_proto":"ip4","src_ip":"10.0.2.2","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.521641}} 00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":373,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":2,"flow_src_last_pkt_time":71205609,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71312602,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAscAAEAGYHFW0LS1CgACD7M7xEkAehIBIIQWOGAS\/\/+\/xQAAAgQFtA=="} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":374,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":3,"flow_src_last_pkt_time":71312945,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71312945,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo8yNAAIAG8BcKAAIPVtC0tcRJszsghBY4AHoSAlAQ+vDckQAA"} 00911{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":375,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":4,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71312602,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":357,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":357,"pkt_l4_len":323,"thread_ts_usec":71313221,"pkt":"UlQAEjUCCAAn5uVZCABFAAFX8yRAAIAG7ucKAAIPVtC0tcRJszsghBY4AHoSAlAY+vB1IQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDg2LjIwOC4xODAuMTgxDQpVc2VyLUFnZW50OiBndGstZ251dGVsbGEvMS4yLjIgKDIwMjItMDItMjU7IEdUSzI7IFdpbmRvd3MgeDY0KQ0KQnllLVBhY2tldDogMC4xDQpBY2NlcHQ6IGFwcGxpY2F0aW9uL3gtZ251dGVsbGEyDQpBY2NlcHQtRW5jb2Rpbmc6IGRlZmxhdGUNClgtTGl2ZS1TaW5jZTogU3VuLCAwNiBNYXIgMjAyMiAxMToyMjoxMCAtMDgwMA0KWC1IdWI6IEZhbHNlDQpYLUh1Yi1OZWVkZWQ6IFRydWUNCg0K"} @@ -414,73 +414,73 @@ 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":376,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":94,"flow_packet_id":5,"flow_src_last_pkt_time":71313221,"flow_dst_last_pkt_time":71313407,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71313407,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAsgAAEAGYHRW0LS1CgACD7M7xEkAehICIIQXZ1AQ\/\/\/WUwAA"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_packet_id":1,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71535614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnYAAIARfQoKAAIPWKDWiXAJGMoAINufR05EED6TAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":381,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":96,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535614,"flow_src_last_pkt_time":71535614,"flow_dst_last_pkt_time":71535614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_packet_id":1,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71535977,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnEAAIARDS8KAAIPGE6GvHAJv5YAIMTxR05EED6UAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":382,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":97,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71535977,"flow_src_last_pkt_time":71535977,"flow_dst_last_pkt_time":71535977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71535977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":71536330,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536330,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_packet_id":1,"flow_src_last_pkt_time":71536330,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71536330,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0alYAAIAR6csKAAIPy94OqnAJWyQAIO3kR05EED6VAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":71536330,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536330,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":383,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536330,"flow_src_last_pkt_time":71536330,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536330,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.222.14.170","src_port":28681,"dst_port":23332,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536631,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_packet_id":1,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71536631,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IoEAAIARkLEKAAIPciYJUnAJXp8AIEl5R05EED6WAQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536631,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":384,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":99,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536631,"flow_src_last_pkt_time":71536631,"flow_dst_last_pkt_time":71536631,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536631,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_packet_id":1,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71536922,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xrwAAIAREI8KAAIP3IV62XAJW6IAIHCOR05EED6XAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":385,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":100,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71536922,"flow_src_last_pkt_time":71536922,"flow_dst_last_pkt_time":71536922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71536922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_packet_id":1,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71537199,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bocAAIARxe8KAAIPe81+ZnAJFEkAIBUSR05EED6YAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":386,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":101,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537199,"flow_src_last_pkt_time":71537199,"flow_dst_last_pkt_time":71537199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_packet_id":1,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71537663,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oV4AAIARir4KAAIP2qQn6XAJUXcAIM+IR05EED6ZAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":387,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":102,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537663,"flow_src_last_pkt_time":71537663,"flow_dst_last_pkt_time":71537663,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537663,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537931,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_packet_id":1,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71537931,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nSoAAIARDacKAAIP3IanUnAJFrwAIIj3R05EED6aAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537931,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":388,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":103,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71537931,"flow_src_last_pkt_time":71537931,"flow_dst_last_pkt_time":71537931,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71537931,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538247,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_packet_id":1,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71538247,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RlgAAIARSnAKAAIPKmJzgHAJW6IAICoHR05EED6bAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538247,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":389,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":104,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538247,"flow_src_last_pkt_time":71538247,"flow_dst_last_pkt_time":71538247,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538247,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_packet_id":1,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71538408,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09nMAAIARUYwKAAIP21ULVXAJKeIAIBL+R05EED6cAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":390,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538650,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_packet_id":1,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71538650,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0wuYAAIARX1cKAAIPcieaRXAJEuAAIAQ9R05EED6dAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538650,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":391,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":106,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538650,"flow_src_last_pkt_time":71538650,"flow_dst_last_pkt_time":71538650,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538650,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.39.154.69","src_port":28681,"dst_port":4832,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538933,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_packet_id":1,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71538933,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0odAAAIARgwcKAAIPypc\/O3AJHcgAIPvtR05EED6eAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538933,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":392,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":107,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538933,"flow_src_last_pkt_time":71538933,"flow_dst_last_pkt_time":71538933,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71538933,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_packet_id":1,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71539248,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B\/4AAIARw8YKAAIPcHfybnAJHvIAIKGvR05EED6fAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":393,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539248,"flow_src_last_pkt_time":71539248,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539248,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"112.119.242.110","src_port":28681,"dst_port":7922,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":71539473,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539473,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_packet_id":1,"flow_src_last_pkt_time":71539473,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71539473,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0p7QAAIARK7QKAAIPWKkCmXAJzL4AIPuFR05EED6gAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":71539473,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539473,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":394,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539473,"flow_src_last_pkt_time":71539473,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539473,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.169.2.153","src_port":28681,"dst_port":52414,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539621,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_packet_id":1,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71539621,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QZMAAIAR3loKAAIPw4RLOHAJ2skAIDn\/R05EED6hAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539621,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":395,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":110,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71539621,"flow_src_last_pkt_time":71539621,"flow_dst_last_pkt_time":71539621,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71539621,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":71540138,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":1,"flow_src_last_pkt_time":71540138,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540138,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JF0AAIARIm8KAAIPWkGNnXAJGMoAICLcR05EED6iAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":71540138,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":396,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540138,"flow_src_last_pkt_time":71540138,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.65.141.157","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540307,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_packet_id":1,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540307,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MesAAIARAj4KAAIPJO\/VknAJVPYAINQLR05EED6jAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540307,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":397,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":112,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540307,"flow_src_last_pkt_time":71540307,"flow_dst_last_pkt_time":71540307,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540307,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540385,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_packet_id":1,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540385,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09PMAAIARS78KAAIPaWWEknAJ4ZIAIFP4R05EED6kAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540385,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":398,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":113,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540385,"flow_src_last_pkt_time":71540385,"flow_dst_last_pkt_time":71540385,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540385,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"105.101.132.146","src_port":28681,"dst_port":57746,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540581,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_packet_id":1,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540581,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0WkwAAIARMwIKAAIPVhdLRXAJGMoAIGlbR05EED6lAQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540581,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":399,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":114,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540581,"flow_src_last_pkt_time":71540581,"flow_dst_last_pkt_time":71540581,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540581,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.23.75.69","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540687,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_packet_id":1,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540687,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05HkAAIARhcUKAAIPmgMqaHAJLhwAIDD5R05EED6mAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540687,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":400,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":115,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540687,"flow_src_last_pkt_time":71540687,"flow_dst_last_pkt_time":71540687,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540687,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.104","src_port":28681,"dst_port":11804,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":71540796,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540796,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_packet_id":1,"flow_src_last_pkt_time":71540796,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540796,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00HAAAIARI3wKAAIPfCy+kXAJJ7oAIMEHR05EED6nAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":71540796,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540796,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":401,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":116,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540796,"flow_src_last_pkt_time":71540796,"flow_dst_last_pkt_time":71540796,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540796,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"124.44.190.145","src_port":28681,"dst_port":10170,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_packet_id":1,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71540885,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0POoAAIARNbgKAAIPyHjzj3AJGMoAIE6sR05EED6oAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":402,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":117,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71540885,"flow_src_last_pkt_time":71540885,"flow_dst_last_pkt_time":71540885,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71540885,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.120.243.143","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71541038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":1,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":71541038,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02U0AAIAREUUKAAIPBbQ+ZHAJtTEAICo0R05EED6pAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71541038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":403,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71541038,"flow_src_last_pkt_time":71541038,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":71541038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.100","src_port":28681,"dst_port":46385,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00515{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":405,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":2,"flow_src_last_pkt_time":71205274,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":71605139,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAswAAEAGY0Nt1prYCgACDxjKxEgAewwBHNfF\/mAS\/\/+29AAAAgQFtA=="} 00504{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":406,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":3,"flow_src_last_pkt_time":71605439,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":71605439,"pkt":"UlQAEjUCCAAn5uVZCABFAAAo5AxAAIAGAgYKAAIPbdaa2MRIGMoc18X+AHsMAlAQ+vDTwAAA"} 00915{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":407,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_packet_id":4,"flow_src_last_pkt_time":71608015,"flow_dst_last_pkt_time":71605139,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":358,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":358,"pkt_l4_len":324,"thread_ts_usec":71608015,"pkt":"UlQAEjUCCAAn5uVZCABFAAFY5A1AAIAGANUKAAIPbdaa2MRIGMoc18X+AHsMAlAY+vDYuQAAR05VVEVMTEEgQ09OTkVDVC8wLjYNCkxpc3Rlbi1JUDogOTMuNDcuMjI2LjUzOjI4NjgxDQpSZW1vdGUtSVA6IDEwOS4yMTQuMTU0LjIxNg0KVXNlci1BZ2VudDogZ3RrLWdudXRlbGxhLzEuMi4yICgyMDIyLTAyLTI1OyBHVEsyOyBXaW5kb3dzIHg2NCkNCkJ5ZS1QYWNrZXQ6IDAuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi94LWdudXRlbGxhMg0KQWNjZXB0LUVuY29kaW5nOiBkZWZsYXRlDQpYLUxpdmUtU2luY2U6IFN1biwgMDYgTWFyIDIwMjIgMTE6MjI6MTAgLTA4MDANClgtSHViOiBGYWxzZQ0KWC1IdWItTmVlZGVkOiBUcnVlDQoNCg=="} @@ -519,58 +519,58 @@ 00507{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":436,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":122,"flow_packet_id":5,"flow_src_last_pkt_time":72596459,"flow_dst_last_pkt_time":72596635,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":72596635,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoAtYAAEAGmJ9n6GtkCgACD6n0xE0Af+4CiO6FblAQ\/\/9lWAAA"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72848739,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_packet_id":1,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72848739,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XAwAAIARFJoKAAIPqv4TBnAJXnQAIAcER05EED6qAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72848739,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72848739,"flow_src_last_pkt_time":72848739,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72848739,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"170.254.19.6","src_port":28681,"dst_port":24180,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849111,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_packet_id":1,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72849111,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0qfwAAIARfpsKAAIPU1yytnAJ39YAID2SR05EED6rAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849111,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849111,"flow_src_last_pkt_time":72849111,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849111,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.92.178.182","src_port":28681,"dst_port":57302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":72849569,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849569,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_packet_id":1,"flow_src_last_pkt_time":72849569,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72849569,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0M\/8AAIAR\/+AKAAIPW0WfhXAJbWAAILtPR05EED6sAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":72849569,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849569,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":126,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72849569,"flow_src_last_pkt_time":72849569,"flow_dst_last_pkt_time":72849569,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72849569,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.69.159.133","src_port":28681,"dst_port":28000,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850054,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_packet_id":1,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72850054,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NSIAAIARFyoKAAIPsL8xn3AJBAAAID0bR05EED6tAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850054,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":453,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":127,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850054,"flow_src_last_pkt_time":72850054,"flow_dst_last_pkt_time":72850054,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850054,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":1024,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_packet_id":1,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72850420,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09U0AAIARELQKAAIPTY3bG3AJkswAIGgDR05EED6uAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850420,"flow_src_last_pkt_time":72850420,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.141.219.27","src_port":28681,"dst_port":37580,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":72850779,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850779,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_packet_id":1,"flow_src_last_pkt_time":72850779,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72850779,"pkt":"UlQAEjUCCAAn5uVZCABFAAA079wAAIARW5AKAAIPsIoys3AJcuMAIM1WR05EED6vAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":72850779,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850779,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":456,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72850779,"flow_src_last_pkt_time":72850779,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72850779,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.138.50.179","src_port":28681,"dst_port":29411,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":72851137,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_packet_id":1,"flow_src_last_pkt_time":72851137,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72851137,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0f64AAIAR17oKAAIPd+BfYXAJtRQAIJcgR05EED6wAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":72851137,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":457,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851137,"flow_src_last_pkt_time":72851137,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.224.95.97","src_port":28681,"dst_port":46356,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_packet_id":1,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72851488,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hfsAAIARxRMKAAIPVuGMunAJGMoAICcQR05EED6xAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":458,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":131,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851488,"flow_src_last_pkt_time":72851488,"flow_dst_last_pkt_time":72851488,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851488,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.225.140.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851799,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_packet_id":1,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72851799,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xSwAAIARbPoKAAIPT1atLXAJGMoAIA4nR05EED6yAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851799,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":459,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":132,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72851799,"flow_src_last_pkt_time":72851799,"flow_dst_last_pkt_time":72851799,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72851799,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.86.173.45","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":72852255,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852255,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_packet_id":1,"flow_src_last_pkt_time":72852255,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72852255,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09RcAAIARAUIKAAIPW6\/coXAJPWkAIK25R05EED6zAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":72852255,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852255,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":460,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":133,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852255,"flow_src_last_pkt_time":72852255,"flow_dst_last_pkt_time":72852255,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852255,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.175.220.161","src_port":28681,"dst_port":15721,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852470,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_packet_id":1,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72852470,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05pIAAIARsCIKAAIPTudJDnAJGMoAIHKzR05EED60AQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852470,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":461,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":134,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852470,"flow_src_last_pkt_time":72852470,"flow_dst_last_pkt_time":72852470,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852470,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":72852642,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852642,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_packet_id":1,"flow_src_last_pkt_time":72852642,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72852642,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fT0AAIARi9QKAAIPwfpjnnAJGMoAIOUOR05EED61AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":72852642,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852642,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":462,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852642,"flow_src_last_pkt_time":72852642,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852642,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.250.99.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852834,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_packet_id":1,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72852834,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02w4AAIARCzcKAAIPUOz3eHAJPq8AIJxcR05EED62AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852834,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":464,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":136,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72852834,"flow_src_last_pkt_time":72852834,"flow_dst_last_pkt_time":72852834,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72852834,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":16047,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":72853009,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853009,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_packet_id":1,"flow_src_last_pkt_time":72853009,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853009,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05U8AAIARsFQKAAIPUkFGxXAJVL0AIDWsR05EED63AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":72853009,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853009,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":466,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853009,"flow_src_last_pkt_time":72853009,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853009,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.65.70.197","src_port":28681,"dst_port":21693,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":72853189,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853189,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":1,"flow_src_last_pkt_time":72853189,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853189,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJIAAIARUAkKAAIPp3KqnHAJXSQAIHQ7R05EED64AQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":72853189,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853189,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":467,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":72853189,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853189,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":72853366,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853366,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_packet_id":1,"flow_src_last_pkt_time":72853366,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853366,"pkt":"UlQAEjUCCAAn5uVZCABFAAA077sAAIARtrYKAAIPpanijnAJGMoAIIJrR05EED65AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":72853366,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853366,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":468,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":139,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853366,"flow_src_last_pkt_time":72853366,"flow_dst_last_pkt_time":72853366,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853366,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.226.142","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853538,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":1,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853538,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JXgAAIARS7MKAAIPTcVvunAJGMoAIE0jR05EED66AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853538,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853538,"flow_src_last_pkt_time":72853538,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853538,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"77.197.111.186","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853723,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":1,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":72853723,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s0kAAIARB\/EKAAIPrGHHDnAJGMoAIJcxR05EED67AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853723,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":470,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":72853723,"flow_src_last_pkt_time":72853723,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":72853723,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.97.199.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":478,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":47,"flow_packet_id":3,"flow_src_last_pkt_time":73064966,"flow_dst_last_pkt_time":64033019,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73064966,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0kpVAAIAGVgUKAAIPWk6rzMQfGMqXoNUlAAAAAIAC+vAYRgAAAgQFtAEDAwgBAQQC"} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":44,"flow_packet_id":3,"flow_src_last_pkt_time":73065072,"flow_dst_last_pkt_time":64032037,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065072,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FYFAAIAGQkoKAAIPfNoaEMQcJgCBbg3uAAAAAIAC+vBXrQAAAgQFtAEDAwgBAQQC"} 00520{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":480,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":45,"flow_packet_id":3,"flow_src_last_pkt_time":73065113,"flow_dst_last_pkt_time":64032422,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":73065113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XTJAAIAGk6kKAAIPci6Lq8Qdy5gelScRAAAAAIAC+vCU2gAAAgQFtAEDAwgBAQQC"} @@ -685,172 +685,172 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":120,"flow_packet_id":3,"flow_src_last_pkt_time":81294293,"flow_dst_last_pkt_time":72265587,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":81294293,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cvlAAIAGYVIKAAIPGH8B68RLk7Zj+37vAAAAAIAC+vASugAAAgQFtAEDAwgBAQQC"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_packet_id":1,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82057279,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vx8AAIARUTcKAAIPrnNv4HAJyxAAIDoGR05EED68AQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":154,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057279,"flow_src_last_pkt_time":82057279,"flow_dst_last_pkt_time":82057279,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057279,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"174.115.111.224","src_port":28681,"dst_port":51984,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057536,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_packet_id":1,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82057536,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SSkAAIAR1nEKAAIPWKi2Z3AJGMoAIPuPR05EED69AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057536,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":155,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057536,"flow_src_last_pkt_time":82057536,"flow_dst_last_pkt_time":82057536,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057536,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.182.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":82057972,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":1,"flow_src_last_pkt_time":82057972,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82057972,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lsIAAIARXJ0KAAIPVvTkVnAJJ5MAIMCKR05EED6+AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":82057972,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":595,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82057972,"flow_src_last_pkt_time":82057972,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82057972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.244.228.86","src_port":28681,"dst_port":10131,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":82058208,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058208,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_packet_id":1,"flow_src_last_pkt_time":82058208,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82058208,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rD0AAIARiPMKAAIPVuOilnAJGMoAIBEkR05EED6\/AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":82058208,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058208,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058208,"flow_src_last_pkt_time":82058208,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058208,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.162.150","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058413,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":1,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82058413,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SbkAAIARjAQKAAIPdqbiRnAJGMoAILGvR05EED7AAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058413,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058413,"flow_src_last_pkt_time":82058413,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058413,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.166.226.70","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":82058634,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058634,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_packet_id":1,"flow_src_last_pkt_time":82058634,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82058634,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dT8AAIARIScKAAIPsKPnoHAJGMoAIHJXR05EED7BAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":82058634,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058634,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":159,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058634,"flow_src_last_pkt_time":82058634,"flow_dst_last_pkt_time":82058634,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058634,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.163.231.160","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":82058765,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058765,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":1,"flow_src_last_pkt_time":82058765,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82058765,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XrkAAIARSzgKAAIPU5YxI3AJfsAAIB\/rR05EED7CAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":82058765,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058765,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058765,"flow_src_last_pkt_time":82058765,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058765,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.150.49.35","src_port":28681,"dst_port":32448,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":82058913,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058913,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_packet_id":1,"flow_src_last_pkt_time":82058913,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82058913,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tpQAAIARiEcKAAIP1XgaVnAJdPoAIL6aR05EED7DAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":82058913,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058913,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":161,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82058913,"flow_src_last_pkt_time":82058913,"flow_dst_last_pkt_time":82058913,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82058913,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059148,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_packet_id":1,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059148,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0COQAAIARLdwKAAIPWHufb3AJrrkAIHy+R05EED7EAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059148,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":162,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059148,"flow_src_last_pkt_time":82059148,"flow_dst_last_pkt_time":82059148,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059148,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.159.111","src_port":28681,"dst_port":44729,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":82059277,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059277,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_packet_id":1,"flow_src_last_pkt_time":82059277,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059277,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0yVcAAIARbDYKAAIPWH6gnnAJGMoAIBF7R05EED7FAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":82059277,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059277,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":163,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059277,"flow_src_last_pkt_time":82059277,"flow_dst_last_pkt_time":82059277,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059277,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.126.160.158","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":82059383,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":1,"flow_src_last_pkt_time":82059383,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059383,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MzgAAIARkVcKAAIPjsXbVXAJZnoAIFLLR05EED7GAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":82059383,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059383,"flow_src_last_pkt_time":82059383,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059383,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.197.219.85","src_port":28681,"dst_port":26234,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":82059497,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_packet_id":1,"flow_src_last_pkt_time":82059497,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059497,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06P0AAIARw6sKAAIPVksrtnAJqe4AIPdvR05EED7HAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":82059497,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":165,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059497,"flow_src_last_pkt_time":82059497,"flow_dst_last_pkt_time":82059497,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059497,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":82059658,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":1,"flow_src_last_pkt_time":82059658,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059658,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rnEAAIARKEMKAAIPWjv9unAJPMMAII6lR05EED7IAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":82059658,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059658,"flow_src_last_pkt_time":82059658,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.59.253.186","src_port":28681,"dst_port":15555,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":82059773,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059773,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":1,"flow_src_last_pkt_time":82059773,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059773,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08GUAAIARdXcKAAIPXR1rsHAJT4sAIAsFR05EED7JAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":82059773,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059773,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059773,"flow_src_last_pkt_time":82059773,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059773,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.29.107.176","src_port":28681,"dst_port":20363,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059900,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_packet_id":1,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82059900,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0cs0AAIARJxUKAAIPWZ07K3AJ3lcAILA8R05EED7KAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059900,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":168,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82059900,"flow_src_last_pkt_time":82059900,"flow_dst_last_pkt_time":82059900,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82059900,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.157.59.43","src_port":28681,"dst_port":56919,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060041,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_packet_id":1,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060041,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VdQAAIARSNcKAAIPW6I0XXAJh+8AIAttR05EED7LAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060041,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":169,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060041,"flow_src_last_pkt_time":82060041,"flow_dst_last_pkt_time":82060041,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060041,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.162.52.93","src_port":28681,"dst_port":34799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060300,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_packet_id":1,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060300,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mmsAAIARSEoKAAIPQ8EINHAJlrgAIECtR05EED7MAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060300,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060300,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":82060415,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060415,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":1,"flow_src_last_pkt_time":82060415,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060415,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mjkAAIARSygKAAIPxNmEb3AJYzIAIHbeR05EED7NAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":82060415,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060415,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060415,"flow_src_last_pkt_time":82060415,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060415,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.217.132.111","src_port":28681,"dst_port":25394,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":82060552,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":1,"flow_src_last_pkt_time":82060552,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060552,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dBwAAIAR1MMKAAIPV0WOhXAJPG8AIAEfR05EED7OAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":82060552,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060552,"flow_src_last_pkt_time":82060552,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.69.142.133","src_port":28681,"dst_port":15471,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":82060665,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_packet_id":1,"flow_src_last_pkt_time":82060665,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060665,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TpsAAIARiIcKAAIPeWPeJHAJr7wAIBwTR05EED7PAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":82060665,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":612,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":173,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060665,"flow_src_last_pkt_time":82060665,"flow_dst_last_pkt_time":82060665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"121.99.222.36","src_port":28681,"dst_port":44988,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_packet_id":1,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060791,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0\/XsAAIARzasKAAIPxEqfOHAJclcAIE18R05EED7QAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":174,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060791,"flow_src_last_pkt_time":82060791,"flow_dst_last_pkt_time":82060791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"196.74.159.56","src_port":28681,"dst_port":29271,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":82060952,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060952,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_packet_id":1,"flow_src_last_pkt_time":82060952,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82060952,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0v80AAIARvTQKAAIPc0U+Y3AJGMoAIFjjR05EED7RAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":82060952,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060952,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060952,"flow_src_last_pkt_time":82060952,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82060952,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.69.62.99","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":82061139,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_packet_id":1,"flow_src_last_pkt_time":82061139,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061139,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nFAAAIARxPIKAAIPKWOkBHAJGMoAID0jR05EED7SAQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":82061139,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":176,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061139,"flow_src_last_pkt_time":82061139,"flow_dst_last_pkt_time":82061139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.99.164.4","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":82061259,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":1,"flow_src_last_pkt_time":82061259,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061259,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xBEAAIARbZEKAAIPRZ23anAJGMoAIA2CR05EED7TAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":82061259,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061259,"flow_src_last_pkt_time":82061259,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.157.183.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061374,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_packet_id":1,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061374,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oQgAAIARPWwKAAIPUy79B3AJGMoAILpSR05EED7UAQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061374,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":178,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061374,"flow_src_last_pkt_time":82061374,"flow_dst_last_pkt_time":82061374,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061374,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.46.253.7","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061491,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_packet_id":1,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061491,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XmMAAIARi6AKAAIPsjOSc3AJGMoAIMXgR05EED7VAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061491,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":179,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061491,"flow_src_last_pkt_time":82061491,"flow_dst_last_pkt_time":82061491,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061491,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"178.51.146.115","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":82061705,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061705,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_packet_id":1,"flow_src_last_pkt_time":82061705,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061705,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0amcAAIARaXgKAAIPQoMYSHAJd\/cAIFCOR05EED7WAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":82061705,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061705,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061705,"flow_src_last_pkt_time":82061705,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061705,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.131.24.72","src_port":28681,"dst_port":30711,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061887,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_packet_id":1,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82061887,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DHwAAIAR2fYKAAIPQrEFh3AJGMoAIMJNR05EED7XAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061887,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":181,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82061887,"flow_src_last_pkt_time":82061887,"flow_dst_last_pkt_time":82061887,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82061887,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.177.5.135","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":82062130,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062130,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_packet_id":1,"flow_src_last_pkt_time":82062130,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062130,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BKMAAIARed8KAAIPSQNnJXAJiwUAIOggR05EED7YAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":82062130,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062130,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":182,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062130,"flow_src_last_pkt_time":82062130,"flow_dst_last_pkt_time":82062130,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062130,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.3.103.37","src_port":28681,"dst_port":35589,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":82062320,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062320,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_packet_id":1,"flow_src_last_pkt_time":82062320,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062320,"pkt":"UlQAEjUCCAAn5uVZCABFAAA085cAAIARz7AKAAIPW6wPtnAJk8UAICQmR05EED7ZAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":82062320,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062320,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062320,"flow_src_last_pkt_time":82062320,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062320,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.15.182","src_port":28681,"dst_port":37829,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":82062444,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_packet_id":1,"flow_src_last_pkt_time":82062444,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062444,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09AoAAIARpNsKAAIPVu8+1XAJGMoAIHS+R05EED7aAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":82062444,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062444,"flow_src_last_pkt_time":82062444,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062444,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.239.62.213","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":82062565,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062565,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_packet_id":1,"flow_src_last_pkt_time":82062565,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062565,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tZ8AAIARR0wKAAIPbYTEOnAJGMoAINjCR05EED7bAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":82062565,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062565,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":185,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062565,"flow_src_last_pkt_time":82062565,"flow_dst_last_pkt_time":82062565,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062565,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.196.58","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062738,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_packet_id":1,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062738,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gcEAAIARJGkKAAIPW7YsynAJdkUAICSFR05EED7cAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062738,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":625,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":186,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062738,"flow_src_last_pkt_time":82062738,"flow_dst_last_pkt_time":82062738,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062738,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.182.44.202","src_port":28681,"dst_port":30277,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":82062863,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":1,"flow_src_last_pkt_time":82062863,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uoAAAIARu5kKAAIPXFhcOHAJUhEAIBioR05EED7dAQFUC1FLUlAGUk5BXS\/iNQlw"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":82062863,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062863,"flow_src_last_pkt_time":82062863,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.88.92.56","src_port":28681,"dst_port":21009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":82062993,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_packet_id":1,"flow_src_last_pkt_time":82062993,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82062993,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05JMAAIARi3AKAAIPU4ZrIHAJl7QAIMztR05EED7eAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":82062993,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":627,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82062993,"flow_src_last_pkt_time":82062993,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82062993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_packet_id":1,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063123,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Q2AAAIARDZQKAAIPc8Np83AJGMoAICzHR05EED7fAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":628,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":189,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063123,"flow_src_last_pkt_time":82063123,"flow_dst_last_pkt_time":82063123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"115.195.105.243","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":82063260,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":1,"flow_src_last_pkt_time":82063260,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063260,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0VbkAAIARb2QKAAIPpanD43AJGMoAIKDvR05EED7gAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":82063260,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":629,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063260,"flow_src_last_pkt_time":82063260,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.195.227","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":82063378,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063378,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":1,"flow_src_last_pkt_time":82063378,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063378,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RwMAAIARmdcKAAIPvpmPNnAJ\/\/8AINV1R05EED7hAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":82063378,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063378,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":630,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063378,"flow_src_last_pkt_time":82063378,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063378,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.153.143.54","src_port":28681,"dst_port":65535,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_packet_id":1,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063492,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aoUAAIARLM0KAAIPXAg7UHAJiXgAIAJ0R05EED7iAQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":631,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":192,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063492,"flow_src_last_pkt_time":82063492,"flow_dst_last_pkt_time":82063492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":632,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063616,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":632,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_packet_id":1,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063616,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rRwAAIARRxcKAAIPvCx+SnAJ1WkAIBNjR05EED7jAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":632,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063616,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":632,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":193,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063616,"flow_src_last_pkt_time":82063616,"flow_dst_last_pkt_time":82063616,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063616,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.44.126.74","src_port":28681,"dst_port":54633,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063782,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_packet_id":1,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063782,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09TYAAIARCkEKAAIPsJZ+nHAJQFcAILO4R05EED7kAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063782,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":633,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":194,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063782,"flow_src_last_pkt_time":82063782,"flow_dst_last_pkt_time":82063782,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063782,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.150.126.156","src_port":28681,"dst_port":16471,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":634,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":82063897,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063897,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":634,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":1,"flow_src_last_pkt_time":82063897,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82063897,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D4MAAIAR1i8KAAIPseeXEHAJGMoAIMF\/R05EED7lAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":634,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":82063897,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063897,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":634,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82063897,"flow_src_last_pkt_time":82063897,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82063897,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"177.231.151.16","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":635,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064076,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":635,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_packet_id":1,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82064076,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0z+UAAIARvdsKAAIPWH9IanAJGMoAIGmNR05EED7mAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":635,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064076,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":635,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":196,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064076,"flow_src_last_pkt_time":82064076,"flow_dst_last_pkt_time":82064076,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064076,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.127.72.106","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":636,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":636,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_packet_id":1,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82064299,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dXQAAIARfkIKAAIP0Fxql3AJftwAIGlvR05EED7nAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":636,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":636,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":197,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064299,"flow_src_last_pkt_time":82064299,"flow_dst_last_pkt_time":82064299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064449,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_packet_id":1,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82064449,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0h78AAIARwQIKAAIPOrarMnAJO0wAIAIKR05EED7oAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064449,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":637,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":198,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064449,"flow_src_last_pkt_time":82064449,"flow_dst_last_pkt_time":82064449,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064449,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.182.171.50","src_port":28681,"dst_port":15180,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":638,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064635,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":638,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_packet_id":1,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82064635,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0OpsAAIARAKwKAAIPckmBGnAJ0VEAIF6IR05EED7pAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":638,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064635,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":638,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":199,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064635,"flow_src_last_pkt_time":82064635,"flow_dst_last_pkt_time":82064635,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064635,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.73.129.26","src_port":28681,"dst_port":53585,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":639,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":82064863,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":639,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":1,"flow_src_last_pkt_time":82064863,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82064863,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oO4AAIAR8nkKAAIPiscQe3AJzwEAILj4R05EED7qAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":639,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":82064863,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":639,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82064863,"flow_src_last_pkt_time":82064863,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82064863,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"138.199.16.123","src_port":28681,"dst_port":52993,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_packet_id":1,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82065036,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ANIAAIARBlgKAAIPVarR1nAJtIIAIEc4R05EED7rAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":640,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":201,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065036,"flow_src_last_pkt_time":82065036,"flow_dst_last_pkt_time":82065036,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065036,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":641,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065172,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":641,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_packet_id":1,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82065172,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K1QAAIARx6gKAAIPsIaLJ3AJGMoAIM7CR05EED7sAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":641,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065172,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":641,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":202,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065172,"flow_src_last_pkt_time":82065172,"flow_dst_last_pkt_time":82065172,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065172,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":642,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065387,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":642,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_packet_id":1,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82065387,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06YYAAIARAGEKAAIPeJzMJnAJ1jAAIAhGR05EED7tAQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":642,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065387,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":642,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":203,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065387,"flow_src_last_pkt_time":82065387,"flow_dst_last_pkt_time":82065387,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065387,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"120.156.204.38","src_port":28681,"dst_port":54832,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":643,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065556,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":643,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_packet_id":1,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82065556,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0TesAAIARnCAKAAIPVH7wIHAJsQEAIC2YR05EED7uAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":643,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065556,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":643,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":204,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065556,"flow_src_last_pkt_time":82065556,"flow_dst_last_pkt_time":82065556,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065556,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.126.240.32","src_port":28681,"dst_port":45313,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065828,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_packet_id":1,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82065828,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00QQAAIARN\/4KAAIPYB3FinAJGMoAIOTFR05EED7vAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065828,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":644,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":205,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82065828,"flow_src_last_pkt_time":82065828,"flow_dst_last_pkt_time":82065828,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82065828,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.29.197.138","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":645,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":645,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_packet_id":1,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066069,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GtoAAIARuV0KAAIP1aaEzHAJK7oAIJ0JR05EED7wAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":645,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":645,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":206,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066069,"flow_src_last_pkt_time":82066069,"flow_dst_last_pkt_time":82066069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.166.132.204","src_port":28681,"dst_port":11194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":646,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066178,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":646,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_packet_id":1,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066178,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J\/gAAIAR9OgKAAIPUfK\/13AJGMoAIPihR05EED7xAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":646,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066178,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":646,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":207,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066178,"flow_src_last_pkt_time":82066178,"flow_dst_last_pkt_time":82066178,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066178,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.242.191.215","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_packet_id":1,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066316,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0e5YAAIARIEQKAAIPUflA13AJYeIAIC6CR05EED7yAQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":647,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":208,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066316,"flow_src_last_pkt_time":82066316,"flow_dst_last_pkt_time":82066316,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066316,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.64.215","src_port":28681,"dst_port":25058,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_packet_id":1,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82066425,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06UQAAIARhsgKAAIPW7Ni6nAJGMoAIEvMR05EED7zAQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":648,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":209,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82066425,"flow_src_last_pkt_time":82066425,"flow_dst_last_pkt_time":82066425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":82066425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.98.234","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":650,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":144,"flow_packet_id":3,"flow_src_last_pkt_time":82326516,"flow_dst_last_pkt_time":73300612,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326516,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+G5AAIAG6ugKAAIP20YwF8RRC+6AEyaiAAAAAIAC+vDlvQAAAgQFtAEDAwgBAQQC"} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":651,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":142,"flow_packet_id":3,"flow_src_last_pkt_time":82326618,"flow_dst_last_pkt_time":73299039,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326618,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00ENAAIAGLmAKAAIPJOzLJcRPy8UyAvKaAAAAAIAC+vDDTAAAAgQFtAEDAwgBAQQC"} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":652,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":145,"flow_packet_id":3,"flow_src_last_pkt_time":82326660,"flow_dst_last_pkt_time":73301240,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":82326660,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0hYhAAIAGFfYKAAIPemTY0sRSG7mAD45dAAAAAIAC+vAmYQAAAgQFtAEDAwgBAQQC"} @@ -861,34 +861,34 @@ 00514{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":659,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":28,"flow_packet_id":4,"flow_src_last_pkt_time":61974633,"flow_dst_last_pkt_time":83345541,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":83345541,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsAwMAAEAG25tQjD+TCgACD3NpxA4AX7QBeWsMs2AS\/\/+J8QAAAgQFtA=="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517645,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_packet_id":1,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83517645,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bTAAAIARH4QKAAIPKWR4knAJMiYAIE8WR05EED70AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517645,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":661,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":210,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517645,"flow_src_last_pkt_time":83517645,"flow_dst_last_pkt_time":83517645,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517645,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.100.120.146","src_port":28681,"dst_port":12838,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517985,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_packet_id":1,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83517985,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0DJEAAIAR3F8KAAIPul2LXHAJGMoAIMStR05EED71AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517985,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":211,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83517985,"flow_src_last_pkt_time":83517985,"flow_dst_last_pkt_time":83517985,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83517985,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"186.93.139.92","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_packet_id":1,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83518339,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D6MAAIAR9j8KAAIPJOkD33AJMjAAIMg4R05EED72AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":212,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518339,"flow_src_last_pkt_time":83518339,"flow_dst_last_pkt_time":83518339,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518339,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.3.223","src_port":28681,"dst_port":12848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00744{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":664,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518597,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":664,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_packet_id":1,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83518597,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0zQUAAIARHcwKAAIPBbQ+JXAJGMoAIMaMR05EED73AQFUC1FLUlAGUk5BXS\/iNQlw"} -01137{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":664,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518597,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01027{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":664,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":213,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518597,"flow_src_last_pkt_time":83518597,"flow_dst_last_pkt_time":83518597,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518597,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"5.180.62.37","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":665,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":665,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_packet_id":1,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83518912,"pkt":"UlQAEjUCCAAn5uVZCABFAAA024QAAIARH5kKAAIPW6nX43AJaMQAIIbdR05EED74AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":665,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":665,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":214,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83518912,"flow_src_last_pkt_time":83518912,"flow_dst_last_pkt_time":83518912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83518912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.169.215.227","src_port":28681,"dst_port":26820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":667,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519424,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":667,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_packet_id":1,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83519424,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JvAAAIARngUKAAIPTp8bFnAJRJsAIHTdR05EED75AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":667,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519424,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":667,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":215,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519424,"flow_src_last_pkt_time":83519424,"flow_dst_last_pkt_time":83519424,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519424,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":669,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519593,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":669,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_packet_id":1,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83519593,"pkt":"UlQAEjUCCAAn5uVZCABFAAA00CEAAIARkaoKAAIP1ET4mXAJalcAIOv2R05EED76AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":669,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519593,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":669,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":216,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519593,"flow_src_last_pkt_time":83519593,"flow_dst_last_pkt_time":83519593,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519593,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"212.68.248.153","src_port":28681,"dst_port":27223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":670,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":670,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_packet_id":1,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83519791,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0p4kAAIAR2xQKAAIPfnUtl3AJS3sAICukR05EED77AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":670,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":670,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":217,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519791,"flow_src_last_pkt_time":83519791,"flow_dst_last_pkt_time":83519791,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519791,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"126.117.45.151","src_port":28681,"dst_port":19323,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":671,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":671,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_packet_id":1,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83519999,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0+tkAAIARTsIKAAIPsJs0c3AJ0sQAIGtXR05EED78AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":671,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":671,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":218,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83519999,"flow_src_last_pkt_time":83519999,"flow_dst_last_pkt_time":83519999,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83519999,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.52.115","src_port":28681,"dst_port":53956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":672,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":83520153,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83520153,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":672,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":1,"flow_src_last_pkt_time":83520153,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":83520153,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0H4AAAIARbHwKAAIPTB5WkHAJ0j0AIK49R05EED79AQFUC1FLUlAGUk5BXS\/iNQlw"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":672,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":83520153,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83520153,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":672,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83520153,"flow_src_last_pkt_time":83520153,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83520153,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.30.86.144","src_port":28681,"dst_port":53821,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":673,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":83564038,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83564038,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":47,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":47,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":47,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":83564038,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"113.252.86.162","src_port":28681,"dst_port":9239,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":673,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":1,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83564038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":89,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":89,"pkt_l4_len":55,"thread_ts_usec":83564038,"pkt":"UlQAEjUCCAAn5uVZCABFAABLd8UAAIAR7i8KAAIPcfxWonAJJBcANy3AJNUxAmj8GYH\/vMbgH9u+AwABABgAAADDA1NDUEECAlZDRUdUS0dihkRIVElQUEA="} 00618{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":220,"flow_packet_id":2,"flow_src_last_pkt_time":83564038,"flow_dst_last_pkt_time":83804788,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":133,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":133,"pkt_l4_len":99,"thread_ts_usec":83804788,"pkt":"CAAn5uVZUlQAEjUCCABFAAB3AwYAAEARosNx\/FaiCgACDyQXcAkAY+agJNUxAmj8GYH\/vMbgH9u+AwEBAEQAAAAXJHH8VqIWAAAAAAAABMMCVVBDAQsGo0lQUGl4nAEeAOH\/2qTGGyrrJOoSptzxtNqH3sQRchsYX6MsAay4MHcT\/6kOwg=="} @@ -993,72 +993,72 @@ 00521{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":784,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":245,"flow_packet_id":1,"flow_src_last_pkt_time":89733458,"flow_dst_last_pkt_time":89733458,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":89733458,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nYFAAIAGGXcKAAIPSsPs+cRxSH3g2g3bAAAAAIAC+vA0rwAAAgQFtAEDAwgBAQQC"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":1,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829104,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBGAAAIARhQ4KAAIPYEFEwnAJipkAWRiep7MxAim3LsYw33fFcko2zkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":786,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829104,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89829104,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829104,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.65.68.194","src_port":28681,"dst_port":35481,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":787,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":787,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":1,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829259,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYHgAAIARZpQKAAIPtVSyEHAJ62YAWWkRdMAxAjueygYrMQV+6lVI4UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":787,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":787,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829259,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":89829259,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829259,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":788,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":788,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_packet_id":1,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89829492,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDeAAAIARAL4KAAIPQh7dtXAJLuwAWQScCKYxAn7wSVwJearIKZuX\/UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":788,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":788,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":248,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89829492,"flow_src_last_pkt_time":89829492,"flow_dst_last_pkt_time":89829492,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89829492,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"66.30.221.181","src_port":28681,"dst_port":12012,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01475{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":789,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":2,"flow_src_last_pkt_time":89829104,"flow_dst_last_pkt_time":89964910,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":89964910,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAzsAAEARw61gQUTCCgACD4qZcAkC3\/jzp7MxAim3LsYw33fFcko2zkQAAMACAAAGR1RLRwAAKfRYs\/Fa1CmeYJshGT65b9iJmmUEYEFEwoqZAQAAAARL51cQFEdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":790,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":790,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":1,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89966123,"pkt":"UlQAEjUCCAAn5uVZCABFAABthPwAAIARBkMKAAIPLVh12nAJGv0AWWOTCPExAoCeF40w0KwTJyzTOUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":790,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":790,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":249,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966123,"flow_src_last_pkt_time":89966123,"flow_dst_last_pkt_time":89966123,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966123,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.218","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":791,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":791,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":1,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89966706,"pkt":"UlQAEjUCCAAn5uVZCABFAABteN4AAIAR6HgKAAIPM0SZ1nAJZo0AWRfF0U0xAgQATbK3Z+3BHrxn1kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":791,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":791,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89966706,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":89966706,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89966706,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"51.68.153.214","src_port":28681,"dst_port":26253,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":792,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":792,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_packet_id":1,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":89967108,"pkt":"UlQAEjUCCAAn5uVZCABFAABtv\/sAAIAR2k0KAAIPucvaXHAJ3oIAWehILgsxAjPZohvFNPL\/fzMDzUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":792,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":792,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":251,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":89967108,"flow_src_last_pkt_time":89967108,"flow_dst_last_pkt_time":89967108,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":89967108,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.203.218.92","src_port":28681,"dst_port":56962,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":793,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":2,"flow_src_last_pkt_time":89966706,"flow_dst_last_pkt_time":90003667,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90003667,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAzwAAEARm5UzRJnWCgACD2aNcAkC356C0U0xAgQATbK3Z+3BHrxn1kQAAMACAAAGR1RLRwAAP8uu0MEeyu8HazDjgCpjZAKtBhAEM0SZ1maNAQAAAAT9K4fbFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":794,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":794,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_packet_id":1,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90004820,"pkt":"UlQAEjUCCAAn5uVZCABFAABtaUEAAIARBHsKAAIPSIx4KXAJunsAWfVM+10xAo9f69NRsDNb4\/pKE0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":794,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":794,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90004820,"flow_src_last_pkt_time":90004820,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90004820,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.140.120.41","src_port":28681,"dst_port":47739,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":795,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":795,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":1,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90005045,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgogAAIAR60AKAAIPwSX\/gnAJ8LAAWXkqrf0xAupVi8ylWZxhuwdOwkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":795,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":795,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005045,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90005045,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005045,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"193.37.255.130","src_port":28681,"dst_port":61616,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":1,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90005361,"pkt":"UlQAEjUCCAAn5uVZCABFAABt+\/sAAIARkCYKAAIPWHhJ13AJX\/IAWfWM7VYxAm\/Ch\/PFy9OUV6XMR0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90005361,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90005361,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90005361,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.120.73.215","src_port":28681,"dst_port":24562,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":797,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":2,"flow_src_last_pkt_time":90005361,"flow_dst_last_pkt_time":90038567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90038567,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAz0AAEARxl9YeEnXCgACD1\/ycAkC3xJi7VYxAm\/Ch\/PFy9OUV6XMR0QAAMACAAAGR1RLRwAADJe19wd9tDyoR\/wXh6nJoKWkNEIEWHhJ11\/yAQAAAATxtX5bFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2Q=="} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":1,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039406,"pkt":"UlQAEjUCCAAn5uVZCABFAABt7XgAAIAREsUKAAIPUD3d9nAJd3EAWbzbp0UxAokhPuR+ZJu6wwLrOkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":798,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039406,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90039406,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039406,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.61.221.246","src_port":28681,"dst_port":30577,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":799,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":799,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_packet_id":1,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039633,"pkt":"UlQAEjUCCAAn5uVZCABFAABtEcIAAIARHzsKAAIPYPacfnAJxHkAWRCy7dwxAiOKI2B1HBL1\/IoOJUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":799,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":799,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":256,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039633,"flow_src_last_pkt_time":90039633,"flow_dst_last_pkt_time":90039633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":50297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":800,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":800,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_packet_id":1,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90039956,"pkt":"UlQAEjUCCAAn5uVZCABFAABtsx4AAIARLMMKAAIPUrX72nAJjhAAWVPSkYYxArzIs2GmVy70sFjiYEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":800,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":800,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":257,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90039956,"flow_src_last_pkt_time":90039956,"flow_dst_last_pkt_time":90039956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90039956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.181.251.218","src_port":28681,"dst_port":36368,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01475{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":801,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":2,"flow_src_last_pkt_time":90039406,"flow_dst_last_pkt_time":90071609,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90071609,"pkt":"CAAn5uVZUlQAEjUCCABFAALzAz4AAEAROnpQPd32CgACD3dxcAkC3wb\/p0UxAokhPuR+ZJu6wwLrOkQAAMACAAAGR1RLRwAADWk0EbJTji7xq2N2EERly+h8FzIEUD3d9ndxAQAAAATOg6hoFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":802,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":802,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_packet_id":1,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90072633,"pkt":"UlQAEjUCCAAn5uVZCABFAABthFwAAIARuZsKAAIPGBrYX3AJNkEAWZh4MEMxAu0STIEN6nLhhZZqvEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":802,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":802,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":258,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072633,"flow_src_last_pkt_time":90072633,"flow_dst_last_pkt_time":90072633,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072633,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.26.216.95","src_port":28681,"dst_port":13889,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":803,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":803,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":1,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90072798,"pkt":"UlQAEjUCCAAn5uVZCABFAABt0UkAAIARidsKAAIPZ+hrZHAJqfQAWVSlBkIxAi75axRUS7XsWs\/C60QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":803,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":803,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90072798,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90072798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90072798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"103.232.107.100","src_port":28681,"dst_port":43508,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":804,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":804,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":1,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90073006,"pkt":"UlQAEjUCCAAn5uVZCABFAABtDzkAAIARfk0KAAIPLoBya3AJGbIAWQrBwagxArEYlVcnjAyV6XOvHEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":804,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":804,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90073006,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90073006,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90073006,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"46.128.114.107","src_port":28681,"dst_port":6578,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01475{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":809,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":2,"flow_src_last_pkt_time":90005045,"flow_dst_last_pkt_time":90132904,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90132904,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0EAAEARqALBJf+CCgACD\/CwcAkC35hMrf0xAupVi8ylWZxhuwdOwkQAAMACAAAGR1RLRwAAC5wNVaWmIUX476YAPO2IwX6VsyAEwSX\/gvCwAQAAAASWmcaYFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":810,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":260,"flow_packet_id":2,"flow_src_last_pkt_time":90073006,"flow_dst_last_pkt_time":90137530,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90137530,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0IAAEARx74ugHJrCgACDxmycAkC32FSwagxArEYlVcnjAyV6XOvHEQAAMACAAAGR1RLRwAAGIXhRHN5ftV2L3caNPMmmEQDSzUELoByaxmyAQAAAARlWXO2FEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":811,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":811,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":1,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138188,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxUwAAIAR+3EKAAIPPPEwwnAJUzUAWWdCqc0xAhWpgpzJQk2EqzRt70QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":811,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":811,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138188,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90138188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"60.241.48.194","src_port":28681,"dst_port":21301,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00745{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":1,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138420,"pkt":"UlQAEjUCCAAn5uVZCABFAABtRC0AAIARXOYKAAIPWUs0E3AJs7oAWZEdEsYxApinpNiOVYwKMx8qLUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01138{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01028{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138420,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90138420,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138420,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.75.52.19","src_port":28681,"dst_port":46010,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":813,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":813,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_packet_id":1,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90138798,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTM8AAIAR3pQKAAIPUtmwNHAJHRYAWfrhGukxApDm6ECPcKUTk+0ioUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":813,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":813,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":263,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90138798,"flow_src_last_pkt_time":90138798,"flow_dst_last_pkt_time":90138798,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90138798,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.217.176.52","src_port":28681,"dst_port":7446,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":814,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":262,"flow_packet_id":2,"flow_src_last_pkt_time":90138420,"flow_dst_last_pkt_time":90182821,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90182821,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0MAAEAR20pZSzQTCgACD7O6cAkC35hjEsYxApinpNiOVYwKMx8qLUQAAMACAAAGR1RLRwAAGcOxs9Yotu5YI3ngDJa2NEz7hxIEWUs0E7O6AQAAAAQphpmTFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNVdTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":815,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":4,"flow_src_last_pkt_time":90183636,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90183636,"pkt":"UlQAEjUCCAAn5uVZCABFAABtcdIAAIARC70KAAIPS4VlXXAJzI8AWdObBqcxAmqkVzgaRoTnhmdbAkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":816,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":816,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_packet_id":1,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90183929,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGYoAAIAR6JkKAAIPXwrNQ3AJLVMAWdsMrwExAn9FQ02TKgtsdnbe2UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":816,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":816,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":264,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90183929,"flow_src_last_pkt_time":90183929,"flow_dst_last_pkt_time":90183929,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90183929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"95.10.205.67","src_port":28681,"dst_port":11603,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_packet_id":1,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":90184128,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTH0AAIARTyMKAAIPy9zG9HAJBKoAWeojZPExAoo7ciOaCRHkTxe8NEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":265,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":90184128,"flow_src_last_pkt_time":90184128,"flow_dst_last_pkt_time":90184128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":90184128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.198.244","src_port":28681,"dst_port":1194,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":818,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":2,"flow_src_last_pkt_time":89829259,"flow_dst_last_pkt_time":90267957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90267957,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0QAAEARAUO1VLIQCgACD+tmcAkC3zlLdMAxAjueygYrMQV+6lVI4UQAAMACAAAGR1RLRwAAKnLYr\/aGTLaMbt4HEbnkS5LKRh0EtVSyEOtmAQAAAAQDkoiwFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzA=="} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":819,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":259,"flow_packet_id":2,"flow_src_last_pkt_time":90072798,"flow_dst_last_pkt_time":90386058,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90386058,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0UAAEARlVpn6GtkCgACD6n0cAkC312iBkIxAi75axRUS7XsWs\/C60QAAMACAAAGR1RLRwAABkx5M4bYu4J4fOkW\/7Sl8nWo53gEZ+hrZKn0AQAAAASAlqYNFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":820,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":261,"flow_packet_id":2,"flow_src_last_pkt_time":90138188,"flow_dst_last_pkt_time":90452008,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":90452008,"pkt":"CAAn5uVZUlQAEjUCCABFAALzA0YAAEAR+vI88TDCCgACD1M1cAkC31EXqc0xAhWpgpzJQk2EqzRt70QAAMACAAAGR1RLRwAAGN\/m\/5SuT3RX9Y8zGKdBIhyITj8EPPEwwlM1AQAAAASjKCcfFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqg=="} @@ -1303,10 +1303,10 @@ 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":224,"flow_packet_id":3,"flow_src_last_pkt_time":93622611,"flow_dst_last_pkt_time":84593194,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93622611,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0y5RAAIAGmKYKAAIPchsYX8ReLKPFX+7aAAAAAIAC+vA4WgAAAgQFtAEDAwgBAQQC"} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93713981,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_packet_id":1,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93713981,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Ab0AAIARJSYKAAIPWKivH3AJGMoAIAKXR05EED7+AQFUC1FLUlAGUk5BXS\/iNQlw"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93713981,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":305,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93713981,"flow_src_last_pkt_time":93713981,"flow_dst_last_pkt_time":93713981,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93713981,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.168.175.31","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93714209,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_packet_id":1,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93714209,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3cAAIARnXIKAAIPKfk\/yHAJWDYAIGEwR05EED7\/AQFUC1FLUlAGUk5BXS\/iNQlw"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93714209,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":306,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":93714209,"flow_src_last_pkt_time":93714209,"flow_dst_last_pkt_time":93714209,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":93714209,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":268,"flow_packet_id":2,"flow_src_last_pkt_time":93763238,"flow_dst_last_pkt_time":90738695,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763238,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0GYxAAIAGqNsKAAIPXwrNQ8R0LVPIsf8hAAAAAIAC+vCCJwAAAgQFtAEDAwgBAQQC"} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1209,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":297,"flow_packet_id":2,"flow_src_last_pkt_time":93763366,"flow_dst_last_pkt_time":90747448,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763366,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0AsBAAIAGpi8KAAIP1eVv4MSREwzLMAmEAAAAAIAC+vB1+AAAAgQFtAEDAwgBAQQC"} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1210,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_packet_id":2,"flow_src_last_pkt_time":93763394,"flow_dst_last_pkt_time":90738015,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":93763394,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Rs1AAIAGRA4KAAIPyAeb0sRzbs28TEPZAAAAAIAC+vDQzwAAAgQFtAEDAwgBAQQC"} @@ -1320,19 +1320,19 @@ 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1219,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_packet_id":5,"flow_src_last_pkt_time":94669588,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":94669588,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8cdQAAIARC+wKAAIPS4VlXXAJzI8AKL1nYiUKBAAGD9YAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_packet_id":1,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95216801,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOX8AAIAR2+8KAAIPSMnQOXAJltkAWSBpTGIxAqnQz8i8hdkTM6c6p0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1222,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":95216801,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95216801,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1223,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1223,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_packet_id":1,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95264285,"pkt":"UlQAEjUCCAAn5uVZCABFAABteh0AAIARB1oKAAIPUc1bLXAJnMkAWTuNUisxAvjRH\/hajsQp0x+4CkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1223,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1223,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":308,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264285,"flow_src_last_pkt_time":95264285,"flow_dst_last_pkt_time":95264285,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264285,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":40137,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1224,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1224,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":1,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95264476,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBMUAAIARP0QKAAIPL9y6jHAJa\/kAWcmWUFgxAsm+7Dhb\/+NPw\/hwmEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1224,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1224,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95264476,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95264476,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95264476,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1225,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":2,"flow_src_last_pkt_time":95264476,"flow_dst_last_pkt_time":95411780,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95411780,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAUAAEARfX4v3LqMCgACD2v5cAkC33tEUFgxAsm+7Dhb\/+NPw\/hwmEQAAMACAAAGR1RLRwAAapTkMLTCnHtO3\/4C25AmQ4OUYisEL9y6jGv5AQAAAAR8wXsRFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1226,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":3,"flow_src_last_pkt_time":95412811,"flow_dst_last_pkt_time":90907947,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95412811,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYpsAAIARi98KAAIPwSB+1nAJ6MwAWeiNeJExAmLu0Xk4X2RsSVj1uUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1227,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":304,"flow_packet_id":4,"flow_src_last_pkt_time":95412811,"flow_dst_last_pkt_time":95442276,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95442276,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAYAAEARJ+\/BIH7WCgACD+jMcAkC3zO9eJExAmLu0Xk4X2RsSVj1uUQAAMACAAAGR1RLRwAAZJA+ElhhzOo718DW6rAJZ5s+NykEwSB+1ujMAQAAAARXle5GFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":1,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95443212,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0UAAIARMnUKAAIPdvBFx3AJGMwAWTV1zcQxAjBRcglTz+ngOj6nIkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1228,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95443212,"flow_src_last_pkt_time":95443212,"flow_dst_last_pkt_time":95443212,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95443212,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"118.240.69.199","src_port":28681,"dst_port":6348,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00529{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1229,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":95,"flow_packet_id":4,"flow_src_last_pkt_time":95489541,"flow_dst_last_pkt_time":71216656,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":95489541,"pkt":"CAAn5uVZUlQAEjUCCABFwAA4BAcAAP8Bnu0KAAICCgACDwMBvHoAAAAARQAANFApQAB\/BsDICgACD3p1ZE7EYyMyoRe31g=="} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1230,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":231,"flow_packet_id":3,"flow_src_last_pkt_time":95653781,"flow_dst_last_pkt_time":86639757,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653781,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0sx9AAIAG7QUKAAIPUrX72sRljhBQLtKuAAAAAIAC+vCkLQAAAgQFtAEDAwgBAQQC"} 00522{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1231,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":233,"flow_packet_id":3,"flow_src_last_pkt_time":95653938,"flow_dst_last_pkt_time":86641393,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":95653938,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0vENAAIAGZKwKAAIPcfxbycRnEMmMdJG3AAAAAIAC+vCm7gAAAgQFtAEDAwgBAQQC"} @@ -1344,67 +1344,67 @@ 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1237,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":3,"flow_src_last_pkt_time":95685258,"flow_dst_last_pkt_time":95411780,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95685258,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBMYAAIARP0MKAAIPL9y6jHAJa\/kAWT8LpTgxAh8vpCECmjOT1kHZjEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1239,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1239,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":1,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95715707,"pkt":"UlQAEjUCCAAn5uVZCABFAABtSkUAAIARukUKAAIPbYS8YnAJ9YMAWQnlOt4xAkt+phdWa3WZX\/1iLEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1239,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1239,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95715707,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95715707,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95715707,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.132.188.98","src_port":28681,"dst_port":62851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1240,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1240,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_packet_id":1,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95716226,"pkt":"UlQAEjUCCAAn5uVZCABFAABtyVMAAIARg0EKAAIPGKfJNXAJuLIAWdvQozIxAmeG11K2Zk+mg8cBskQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1240,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1240,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716226,"flow_src_last_pkt_time":95716226,"flow_dst_last_pkt_time":95716226,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716226,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":1,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95716693,"pkt":"UlQAEjUCCAAn5uVZCABFAABtGLgAAIARtUEKAAIPsGOwFHAJGMoAWdWFw\/gxApkT0lWtd136yOWRcEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1241,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95716693,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95716693,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95716693,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.99.176.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1242,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":311,"flow_packet_id":2,"flow_src_last_pkt_time":95715707,"flow_dst_last_pkt_time":95753158,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95753158,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAoAAEARPftthLxiCgACD\/WDcAkC3zUCOt4xAkt+phdWa3WZX\/1iLEQAAMACAAAGR1RLRwAA4JsjIdkeuStic2CcxenuP1eRs7wEbYS8YvWDAQAAAATOKYIxFFdTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1243,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":3,"flow_src_last_pkt_time":95754103,"flow_dst_last_pkt_time":90840335,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754103,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBlcAAIAREjIKAAIPaO6s+nAJW\/wAWVUmk6UxAqo+0NIYX4FTPMU3uEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_packet_id":1,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754317,"pkt":"UlQAEjUCCAAn5uVZCABFAABt5WoAAIARNr4KAAIPR+3KW3AJPvUAWTG5sdMxAjDioXa7maFRwy28tUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1244,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":314,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754317,"flow_src_last_pkt_time":95754317,"flow_dst_last_pkt_time":95754317,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754317,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.237.202.91","src_port":28681,"dst_port":16117,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":1,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95754583,"pkt":"UlQAEjUCCAAn5uVZCABFAABtX54AAIARHeoKAAIPXNlUEHAJTv8AWaUwJBUxAlN7nQQgyNq1K1wDakQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1245,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95754583,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95754583,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95754583,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.217.84.16","src_port":28681,"dst_port":20223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1246,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":313,"flow_packet_id":2,"flow_src_last_pkt_time":95716693,"flow_dst_last_pkt_time":95773465,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95773465,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAsAAEARB2mwY7AUCgACDxjKcAkC343Vw\/gxApkT0lWtd136yOWRcEQAAMACAAAGR1RLRwAA8snLCFuSuhsM38lDoCe4Q7IZIaMEsGOwFBjKAQAAAARm60BZFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01469{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1247,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":4,"flow_src_last_pkt_time":95754103,"flow_dst_last_pkt_time":95783404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95783404,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBAwAAEARUfdo7qz6CgACD1v8cAkC36Olk6UxAqo+0NIYX4FTPMU3uEQAAMACAAAGR1RLRwAA92udJrbDD9aMhEsLWKnJYj4oN6QEaO6s+lv8AQAAAASAhLpmFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYyldTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00746{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1248,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1248,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_packet_id":1,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784128,"pkt":"UlQAEjUCCAAn5uVZCABFAABtMiYAAIARW8MKAAIPXjZCUnAJ+JUAWU8lLkYxAuq77b+oti7DkMaMrEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01139{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1248,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01029{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1248,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":316,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784128,"flow_src_last_pkt_time":95784128,"flow_dst_last_pkt_time":95784128,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784128,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.54.66.82","src_port":28681,"dst_port":63637,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1249,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1249,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":1,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784399,"pkt":"UlQAEjUCCAAn5uVZCABFAABtkeMAAIARbpoKAAIPYOzNB3AJh+oAWd3xqy0xAvOz2v7bFV7JjaoOuEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1249,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1249,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784399,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95784399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.236.205.7","src_port":28681,"dst_port":34794,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1250,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1250,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":1,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95784533,"pkt":"UlQAEjUCCAAn5uVZCABFAABtcekAAIARV2IKAAIPrbe3bnAJ6hAAWRURh5oxAjZAPvXTOccHXf+KmUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1250,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1250,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95784533,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95784533,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95784533,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.183.183.110","src_port":28681,"dst_port":59920,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1251,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":315,"flow_packet_id":2,"flow_src_last_pkt_time":95754583,"flow_dst_last_pkt_time":95818452,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95818452,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBA0AAEARtvVc2VQQCgACD07\/cAkC3\/0wJBUxAlN7nQQgyNq1K1wDakQAAMACAAAGR1RLRwAA9cCVEE\/2P06nFdVsmWWAWjUBRZwEXNlUEE7\/AQAAAATtCo4VFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1252,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_packet_id":4,"flow_src_last_pkt_time":95685258,"flow_dst_last_pkt_time":95851159,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95851159,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBA4AAEARfXUv3LqMCgACD2v5cAkC30MUpTgxAh8vpCECmjOT1kHZjEQAAMACAAAGR1RLRwAAapTkMLTCnHtO3\/4C25AmQ4OUYisEL9y6jGv5AQAAAAR8wXsRFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1253,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":317,"flow_packet_id":2,"flow_src_last_pkt_time":95784399,"flow_dst_last_pkt_time":95892313,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95892313,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBA8AAEAROelg7M0HCgACD4fqcAkC3\/BRqy0xAvOz2v7bFV7JjaoOuEQAAMACAAAGR1RLRwAA+Ts9p8WeGiSZuDZKSPQI3121aXEEYOzNB4fqAQAAAASVRD4TFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":1,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893239,"pkt":"UlQAEjUCCAAn5uVZCABFAABtptYAAIAR2P0KAAIPpIQKGXAJ2AYAWVxSIsUxAlnYy6KYCQUz3Ng+pkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1254,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893239,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95893239,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893239,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_packet_id":1,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893440,"pkt":"UlQAEjUCCAAn5uVZCABFAABtLrQAAIARfUcKAAIPuezIiXAJvA4AWfki1SYxAiU091nTuxkeneMv2EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1255,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893440,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":1,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95893685,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxQIAAIAR4QoKAAIPvKXLvnAJVesAWQc1IDExAvwLw9eirMeJjOQnPkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1256,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893685,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95893685,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95893685,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.165.203.190","src_port":28681,"dst_port":21995,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1257,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":4,"flow_src_last_pkt_time":95685130,"flow_dst_last_pkt_time":95911831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95911831,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBAAAEARqyR28EXHCgACDxjMcAkC325wRrQxAjeibVUOEjw\/2AtAPUQAAMACAAAGR1RLRwAAZ\/Bj20DGHUBcXRlTYQ4h+oNDTy0EdvBFxxjMAQAAAARQf99GFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIanw=="} 01471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1258,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":2,"flow_src_last_pkt_time":95893685,"flow_dst_last_pkt_time":95918456,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95918456,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBEAAEAR33a8pcu+CgACD1XrcAkC37R2IDExAvwLw9eirMeJjOQnPkQAAMACAAAGR1RLRwAA0WC9XX1Cv4OMIP5Uj2dxFVfelx8EvKXLvlXrAQAAAAT+NOnnFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DldTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_packet_id":1,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923521,"pkt":"UlQAEjUCCAAn5uVZCABFAABtLi4AAIARXRAKAAIPLVh123AJGv0AWeqxHFUxAta++c2ylLcKBb\/ez0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1259,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":322,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923521,"flow_src_last_pkt_time":95923521,"flow_dst_last_pkt_time":95923521,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923521,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.88.117.219","src_port":28681,"dst_port":6909,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_packet_id":1,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923574,"pkt":"UlQAEjUCCAAn5uVZCABFAABtEcQAAIARHzkKAAIPYPacfnAJ2wYAWfibSFoxAjjwuKgFGYZC9XxYD0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1260,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":323,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923574,"flow_src_last_pkt_time":95923574,"flow_dst_last_pkt_time":95923574,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923574,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"96.246.156.126","src_port":28681,"dst_port":56070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":1,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":95923657,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTeMAAIAR4qYKAAIPSfqz7XAJUXAAWYypWMIxAuib5nRI0KcHRTGrFEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1261,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95923657,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":95923657,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":95923657,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"73.250.179.237","src_port":28681,"dst_port":20848,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01471{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1262,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":2,"flow_src_last_pkt_time":95893239,"flow_dst_last_pkt_time":95941178,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95941178,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBIAAEARuTykhAoZCgACD9gGcAkC39H3IsUxAlnYy6KYCQUz3Ng+pkQAAMACAAAGR1RLRwAAwkI+xsLIWLYQq6EiNHwU7EsyAwwEpIQKGdgGAQAAAAQMPEZKFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 01472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1263,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":318,"flow_packet_id":2,"flow_src_last_pkt_time":95784533,"flow_dst_last_pkt_time":95956975,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":95956975,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBMAAEARArOtt7duCgACD+oQcAkC3zGfh5oxAjZAPvXTOccHXf+KmUQAAMACAAAGR1RLRwAA\/YvF6OaM0g0Esl9zeFHFBmeEb50Erbe3buoQAQAAAASYSwA1FEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 01472{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1264,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":2,"flow_src_last_pkt_time":95923657,"flow_dst_last_pkt_time":96048683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":96048683,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBBQAAEARafBJ+rPtCgACD1FwcAkC30eYWMIxAuib5nRI0KcHRTGrFEQAAMACAAAGR1RLRwAA1jyfIL1wKx4dMkSe+\/yFksXUYD4ESfqz7VFwAQAAAASK6DCmFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00602{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_packet_id":1,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049643,"pkt":"UlQAEjUCCAAn5uVZCABFAABtwDYAAIARi2oKAAIPU6CPMHAJkKwAWa9gWsoxAsGbN6aupxEpyf\/jN0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1265,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":325,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049643,"flow_src_last_pkt_time":96049643,"flow_dst_last_pkt_time":96049643,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049643,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.160.143.48","src_port":28681,"dst_port":37036,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":1,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049781,"pkt":"UlQAEjUCCAAn5uVZCABFAABtFDIAAIARzrMKAAIPZAHninAJ3O4AWZFZFoUxAuK7tbNnNS+8oB5EGUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1266,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":96049781,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049781,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00747{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":1,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":96049954,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTdQAAIARVqAKAAIPVBw14XAJrzsAWZ3TvxoxApctlOGi4VjuIFMFmUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01140{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01030{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1267,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":96049954,"flow_src_last_pkt_time":96049954,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":96049954,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.28.53.225","src_port":28681,"dst_port":44859,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1273,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":3,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":90857929,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":96404307,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8c1IAAIARylsKAAIPvD00t3AJLkwAKChuYiUKBgACAwMAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":300,"flow_packet_id":5,"flow_src_last_pkt_time":96404444,"flow_dst_last_pkt_time":95783404,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":96404444,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8BlgAAIAREmIKAAIPaO6s+nAJW\/wAKNXJYiUKBgACAwMAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} 00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1276,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":4,"flow_src_last_pkt_time":96404307,"flow_dst_last_pkt_time":96577312,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":96577312,"pkt":"CAAn5uVZUlQAEjUCCABFAABEBBkAAEAReY28PTS3CgACDy5McAkAMAYQYiUKBgACAwNiJQoGAAYk8TEBABEAAABHVEtHCgABAABiJQoGAAYk8Q=="} @@ -1431,17 +1431,17 @@ 02282{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":1370,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":288,"flow_state":"finished","flow_src_packets_processed":16,"flow_dst_packets_processed":16,"flow_first_seen":90745963,"flow_src_last_pkt_time":101065402,"flow_dst_last_pkt_time":101065057,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":601,"flow_dst_max_l4_payload_len":628,"flow_src_tot_l4_payload_len":1115,"flow_dst_tot_l4_payload_len":1487,"midstream":0,"thread_ts_usec":101065402,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":50312,"dst_port":23548,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":346,"avg":665759.1,"max":8692014,"stddev":2110974.0,"var":4456211546112.0,"ent":1.9,"data": [30928,31210,439,818,29157,31647,2471,501745,502012,17074,17362,35097,479690,480352,544167,592641,8643736,8692014,619,570,563,598,427,387,461,428,346,360,379,396,439]},"pktlen": {"min":40,"avg":121.8,"max":668,"stddev":170.0,"var":28912.7,"ent":4.1,"data": [52,44,40,641,40,668,90,40,353,40,182,370,40,67,40,427,40,94,40,50,40,50,40,50,40,50,40,50,40,50,40,50]},"bins": {"c_to_s": [12,2,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,0,0,1,0,0,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0],"entropies": [4.492582321,4.720129013,4.521928787,5.809185505,4.508695602,5.773917675,5.619303703,4.558695793,7.143177032,4.389823914,6.687948704,7.327623844,4.671928406,5.289166927,4.558695793,7.411965370,4.621928692,5.812307358,4.489823818,4.722780704,4.489823818,4.682780743,4.489823818,4.722780704,4.489823818,4.722780704,4.439823627,4.722780704,4.489823818,4.722780704,4.489823818,4.642780781]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_packet_id":1,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122346,"pkt":"UlQAEjUCCAAn5uVZCABFAABt2AwAAIARIW0KAAIPy9xpG3AJSzwAWVR20YMxAsOjfW6uj7unlpr730QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1450,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":328,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122346,"flow_src_last_pkt_time":101122346,"flow_dst_last_pkt_time":101122346,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122346,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.220.105.27","src_port":28681,"dst_port":19260,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_packet_id":1,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122468,"pkt":"UlQAEjUCCAAn5uVZCABFAABt42oAAIAR9S4KAAIPXHX5YnAJGp8AWRo4clsxAgMe5rjiFfxxH3X\/E0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1451,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":329,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122468,"flow_src_last_pkt_time":101122468,"flow_dst_last_pkt_time":101122468,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122468,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.117.249.98","src_port":28681,"dst_port":6815,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":1,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101122636,"pkt":"UlQAEjUCCAAn5uVZCABFAABt9MQAAIARu2EKAAIPUkAsC3AJBUgAWavKICYxAiIojdyDEATTYjr6S0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1452,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101122636,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101122636,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101122636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01474{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1453,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":2,"flow_src_last_pkt_time":101122636,"flow_dst_last_pkt_time":101161822,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":101161822,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBIEAAEAR6R9SQCwLCgACDwVIcAkC356IICYxAiIojdyDEATTYjr6S0QAAMACAAAGR1RLRwAAs3LU9XX2K5mbs3OMTMwDrBQ47bYEUkAsCwVIAQAAAASFeL+FFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANCctnuhx+ItXQPhY9ykozj36PhcBGD2nH7bBkdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcEdUS0cAAN60b0CUs3pQ36DSdMP3NoNcDa2fBFOgjzCQrEdUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIanw=="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":1,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101162745,"pkt":"UlQAEjUCCAAn5uVZCABFAABte4oAAIAR7VcKAAIPLR+YcHAJaOMAWVACTGsxArv8OnSqKZfgjqpR7EQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1454,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101162745,"flow_src_last_pkt_time":101162745,"flow_dst_last_pkt_time":101162745,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101162745,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"45.31.152.112","src_port":28681,"dst_port":26851,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1456,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":3,"flow_src_last_pkt_time":101163011,"flow_dst_last_pkt_time":90267957,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101163011,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYHkAAIARZpMKAAIPtVSyEHAJ62YAWXddengxAvwV4+vWhWE2kdf1ukQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1458,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":246,"flow_packet_id":3,"flow_src_last_pkt_time":101259418,"flow_dst_last_pkt_time":89964910,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101259418,"pkt":"UlQAEjUCCAAn5uVZCABFAABtBGcAAIARhQcKAAIPYEFEwnAJipkAWaF8mwwxArcB6GYWxEVcLYtOuEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1459,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":250,"flow_packet_id":3,"flow_src_last_pkt_time":101259475,"flow_dst_last_pkt_time":90003667,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101259475,"pkt":"UlQAEjUCCAAn5uVZCABFAABteOQAAIAR6HIKAAIPM0SZ1nAJZo0AWYTH3zwxAjTRxsrRaTsZKs8ZWEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} @@ -1454,7 +1454,7 @@ 01478{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1478,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_packet_id":4,"flow_src_last_pkt_time":101163011,"flow_dst_last_pkt_time":101836600,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":101836600,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBI4AAEAR\/\/i1VLIQCgACD+tmcAkC36d+engxAvwV4+vWhWE2kdf1ukQAAMACAAAGR1RLRwAAKnLYr\/aGTLaMbt4HEbnkS5LKRh0EtVSyEOtmAQAAAAQDkoiwFEdUS0cAAOCbIyHZHrkrYnNgnMXp7j9XkbO8BG2EvGL1g1dTSFIAAPJ8p2NaB+IvDcmOjYwpnv4Dgo0cBBinyTW4skdUS0cAAPLJywhbkrobDN\/JQ6AnuEOyGSGjBLBjsBQYykdUS0cAAPdrnSa2ww\/WjIRLC1ipyWI+KDekBGjurPpb\/FdTSFIAAPUb1vVQWKsuipKs18obx69UnmxtBEftyls+9UdUS0cAAPXAlRBP9j9OpxXVbJllgFo1AUWcBFzZVBBO\/0dUS0cAAPsDRyUcIF2wLlroEqQFEsSbAhy\/BF42QlL4lUdUS0cAAPk7PafFnhokmbg2Skj0CN9dtWlxBGDszQeH6kdUS0cAAP2LxejmjNINBLJfc3hRxQZnhG+dBK23t27qEEdUS0cAAMJCPsbCyFi2EKuhIjR8FOxLMgMMBKSEChnYBkdUS0cAAMs4SkQs8Plx39K+G3osYia2QR5gBLnsyIm8DkdUS0cAANFgvV19Qr+DjCD+VI9ncRVX3pcfBLyly75V61dTSFIAANEo391sZyCjuFpU0yy2PWYlrl8ABC1Yddsa\/UdUS0cAANY8nyC9cCseHTJEnvv8hZLF1GA+BEn6s+1RcFdTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan0dUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDA=="} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":1,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":101837355,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAsIAAIAR5ekKAAIP1eVv4HAJEwwAWTJ5PKcxAijtzcGdOPipHVZyGEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1479,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":101837355,"flow_src_last_pkt_time":101837355,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":101837355,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.229.111.224","src_port":28681,"dst_port":4876,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00518{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1509,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":90,"flow_packet_id":4,"flow_src_last_pkt_time":80232165,"flow_dst_last_pkt_time":102943717,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":58,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":58,"pkt_l4_len":24,"thread_ts_usec":102943717,"pkt":"CAAn5uVZUlQAEjUCCABFAAAsBK8AAEAGPxtJPuG1CgACD7b7xEUA2cYBqiCae2AS\/\/\/aWwAAAgQFtA=="} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1538,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":3,"flow_src_last_pkt_time":106200868,"flow_dst_last_pkt_time":90132904,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200868,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgo8AAIAR6zkKAAIPwSX\/gnAJ8LAAWcdbqxExAsF5aprYo0LmkOznoEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1539,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":255,"flow_packet_id":3,"flow_src_last_pkt_time":106200960,"flow_dst_last_pkt_time":90071609,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":106200960,"pkt":"UlQAEjUCCAAn5uVZCABFAABt7XkAAIAREsQKAAIPUD3d9nAJd3EAWRpRkUIxAvIfqgvF6WkSbnxZFUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAONVJKmT8c3egN9Xa0CwzKQP3iGM"} @@ -1475,10 +1475,10 @@ 00918{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":10750507,"flow_src_last_pkt_time":10750507,"flow_dst_last_pkt_time":10750507,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::1","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00919{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":0,"flow_first_seen":9752486,"flow_src_last_pkt_time":14765993,"flow_dst_last_pkt_time":9752486,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":48,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":412,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"fe80::c50d:519f:96a4:e108","dst_ip":"ff02::16","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00902{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":9752391,"flow_src_last_pkt_time":9752391,"flow_dst_last_pkt_time":9752391,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip6","src_ip":"::","dst_ip":"ff02::1:ffa4:e108","l4_proto":"icmp6","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMPV6","proto_id":"102","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":110848856,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1940,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":252,"flow_packet_id":2,"flow_src_last_pkt_time":111377862,"flow_dst_last_pkt_time":90004820,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":111377862,"pkt":"UlQAEjUCCAAn5uVZCABFAABtaUIAAIARBHoKAAIPSIx4KXAJunsAWR8sGNIxAigwQqvDAye6DaSDvEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00608{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1941,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":253,"flow_packet_id":5,"flow_src_last_pkt_time":111378061,"flow_dst_last_pkt_time":106325430,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":111378061,"pkt":"UlQAEjUCCAAn5uVZCABFAABtgpAAAIAR6zgKAAIPwSX\/gnAJ8LAAWdTfBsoxAmff\/\/wHHJMobSWd30QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1942,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":254,"flow_packet_id":3,"flow_src_last_pkt_time":111378187,"flow_dst_last_pkt_time":90038567,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":111378187,"pkt":"UlQAEjUCCAAn5uVZCABFAABt\/AEAAIARkCAKAAIPWHhJ13AJX\/IAWXHaSscxAtAehZxkzy2fwIIymUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} @@ -1522,7 +1522,7 @@ 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1998,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":310,"flow_packet_id":5,"flow_src_last_pkt_time":116628818,"flow_dst_last_pkt_time":95911831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116628818,"pkt":"UlQAEjUCCAAn5uVZCABFAABtP0cAAIARMnMKAAIPdvBFx3AJGMwAWboABjMxAj4wOckacH6ZjRVmWUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":1,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116628965,"pkt":"UlQAEjUCCAAn5uVZCABFAABtIxgAAIARvpEKAAIPUAf8wHAJGugAWSw6p+kxAjYZLonacBdkV9ywAUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":1999,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":116628965,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116628965,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":116628965,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01480{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2000,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":2,"flow_src_last_pkt_time":116628965,"flow_dst_last_pkt_time":116679914,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":116679914,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBfMAAEARGTFQB\/zACgACDxrocAkC3\/Iip+kxAjYZLonacBdkV9ywAUQAAMACAAAGR1RLRwAAZxkkdSip9v6JKj37UBrDicBfjMAEUAf8wBroAQAAAASysOQuFEdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegldTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEFdTSFIAAAPVZnOFlO42Ib8H+pWWlT4wyAL3BBga2F82QUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzuldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtUw=="} 00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2003,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":331,"flow_packet_id":3,"flow_src_last_pkt_time":116776566,"flow_dst_last_pkt_time":101305936,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116776566,"pkt":"UlQAEjUCCAAn5uVZCABFAABte4sAAIAR7VYKAAIPLR+YcHAJaOMAWSdx+0cxAtvllYjgRR1H\/sPbPUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} 00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2005,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_packet_id":3,"flow_src_last_pkt_time":116859120,"flow_dst_last_pkt_time":101161822,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":116859120,"pkt":"UlQAEjUCCAAn5uVZCABFAABt9MUAAIARu2AKAAIPUkAsC3AJBUgAWR\/CHmUxAhaifRIPh7YCtQDKL0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAACidCo0G3v\/IJjwziXwskXn9hKth"} @@ -1603,32 +1603,32 @@ 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2052,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":3,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":95941178,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123877237,"pkt":"UlQAEjUCCAAn5uVZCABFAABtptcAAIAR2PwKAAIPpIQKGXAJ2AYAWdpE9ZMxAnuYArMNMRKsJogRPUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2054,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2054,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_packet_id":1,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912290,"pkt":"UlQAEjUCCAAn5uVZCABFAABtUhMAAIARg2YKAAIPGHRAhHAJyBsAWUp2fKAxAtxaLOqCcitFlOv4V0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2054,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2054,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":337,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912290,"flow_src_last_pkt_time":123912290,"flow_dst_last_pkt_time":123912290,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912290,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.116.64.132","src_port":28681,"dst_port":51227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2055,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2055,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":1,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912514,"pkt":"UlQAEjUCCAAn5uVZCABFAABt60MAAIARl6IKAAIP3cbNxHAJUSoAWRoYg28xAvjrsUFUSfHbBKidMkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2055,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2055,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912514,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":123912514,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912514,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"221.198.205.196","src_port":28681,"dst_port":20778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2056,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2056,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_packet_id":1,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":123912731,"pkt":"UlQAEjUCCAAn5uVZCABFAABtoEYAAIAR\/8UKAAIPV3s26nAJ03IAWfTcKgkxAlGmPJUzLkH07Ma7h0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2056,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2056,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":339,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":123912731,"flow_src_last_pkt_time":123912731,"flow_dst_last_pkt_time":123912731,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":123912731,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":54130,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2057,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_packet_id":4,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":123936810,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkUAAEARtwmkhAoZCgACD9gGcAkC3\/Sv9ZMxAnuYArMNMRKsJogRPUQAAMACAAAGR1RLRwAAwkI+xsLIWLYQq6EiNHwU7EsyAwwEpIQKGdgGAQAAAAQMPEZKFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo4w=="} 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2059,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":338,"flow_packet_id":2,"flow_src_last_pkt_time":123912514,"flow_dst_last_pkt_time":124065276,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124065276,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkcAAEARuhndxs3ECgACD1EqcAkC3zKOg28xAvjrsUFUSfHbBKidMkQAAMACAAAGR1RLRwAAhAWx\/4G\/aeOxkw5wrlcHOTlCresE3cbNxFEqAQAAAAT9knizFEdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2060,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":3,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":90892029,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124065911,"pkt":"UlQAEjUCCAAn5uVZCABFAABtOI8AAIAR8XkKAAIPubtKrXAJ0PEAWeogCGsxAoAKiW4WeGL5TjmTYEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2061,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2061,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":1,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124066131,"pkt":"UlQAEjUCCAAn5uVZCABFAABtpB8AAIAR69kKAAIPJo536nAJwkQAWcjqSEIxAiBrw4qXLe42xzCJ9UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2061,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2061,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066131,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124066131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066131,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"38.142.119.234","src_port":28681,"dst_port":49732,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2062,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2062,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_packet_id":1,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124066283,"pkt":"UlQAEjUCCAAn5uVZCABFAABtsCgAAIARfIsKAAIPGIHpPHAJThYAWZr\/PMAxAkVlEJdEiTyKQUzsekQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2062,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2062,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":341,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124066283,"flow_src_last_pkt_time":124066283,"flow_dst_last_pkt_time":124066283,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124066283,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.129.233.60","src_port":28681,"dst_port":19990,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2063,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":4,"flow_src_last_pkt_time":124065911,"flow_dst_last_pkt_time":124089575,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124089575,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkgAAEARYTu5u0qtCgACD9DxcAkC34eiCGsxAoAKiW4WeGL5TjmTYEQAAMACAAAGR1RLRwAAgEMN8I1UOoWAFZM0F79HVrZXsBcEubtKrdDxAQAAAAQEm1g0FEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2064,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2064,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_packet_id":1,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090360,"pkt":"UlQAEjUCCAAn5uVZCABFAABtt4sAAIAR+XsKAAIPYtAamnAJE4IAWYPzFGQxAgG2rIRjjgWOdH93UEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2064,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2064,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":342,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090360,"flow_src_last_pkt_time":124090360,"flow_dst_last_pkt_time":124090360,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090360,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.208.26.154","src_port":28681,"dst_port":4994,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2065,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2065,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_packet_id":1,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090579,"pkt":"UlQAEjUCCAAn5uVZCABFAABt2TsAAIARn8YKAAIPWdRbm3AJFEsAWd1KrbwxApZ9ZL+wNENsMFG4eUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2065,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2065,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":343,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090579,"flow_src_last_pkt_time":124090579,"flow_dst_last_pkt_time":124090579,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090579,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.212.91.155","src_port":28681,"dst_port":5195,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":1,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":124090730,"pkt":"UlQAEjUCCAAn5uVZCABFAABtN+oAAIARg3wKAAIPzyaj5HAJGnoAWUl8GqIxAsDHb8ARC\/TCVyKtTkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2066,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":124090730,"flow_src_last_pkt_time":124090730,"flow_dst_last_pkt_time":124090730,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":124090730,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"207.38.163.228","src_port":28681,"dst_port":6778,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2067,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":340,"flow_packet_id":2,"flow_src_last_pkt_time":124066131,"flow_dst_last_pkt_time":124181723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":124181723,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBkkAAEARxyomjnfqCgACD8JEcAkC3z99SEIxAiBrw4qXLe42xzCJ9UQAAMACAAAGR1RLRwAAjVz9Bf0jf1LZ5zMd\/xsbFCoGHdIEJo536sJEAQAAAAT9X3JyFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8VdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkA=="} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":126831784,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":0,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":0,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":126831784,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"69.118.162.229","src_port":50330,"dst_port":46906,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2078,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":1,"flow_src_last_pkt_time":126831784,"flow_dst_last_pkt_time":126831784,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":126831784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bCBAAIAGmjkKAAIPRXai5cSatzq0d6IdAAAAAIAC+vCtSgAAAgQFtAEDAwgBAQQC"} @@ -1639,25 +1639,25 @@ 00511{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2082,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":345,"flow_packet_id":5,"flow_src_last_pkt_time":126944176,"flow_dst_last_pkt_time":126944392,"flow_idle_time":7580000000,"pkt_datalink":1,"pkt_caplen":54,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":54,"pkt_l4_len":20,"thread_ts_usec":126944392,"pkt":"CAAn5uVZUlQAEjUCCABFAAAoBmQAAEAGgAJFdqLlCgACD7c6xJoBCaACtHekH1AQ\/\/9F8gAA"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":1,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174282,"pkt":"UlQAEjUCCAAn5uVZCABFAABtuPMAAIAR0zIKAAIPTOJVaXAJGMoAWVtEeBkxArN0R\/zFhR7fMHiNqUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2094,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174282,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129174282,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174282,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"76.226.85.105","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_packet_id":1,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174425,"pkt":"UlQAEjUCCAAn5uVZCABFAABt3TUAAIAR+CYKAAIPsAqpCnAJMf8AWSFl+80xAiQL9J1qTYJox\/q2yUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2095,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":347,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174425,"flow_src_last_pkt_time":129174425,"flow_dst_last_pkt_time":129174425,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174425,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.10.169.10","src_port":28681,"dst_port":12799,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_packet_id":1,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129174578,"pkt":"UlQAEjUCCAAn5uVZCABFAABttG4AAIARw98KAAIPVMVhXnAJBVAAWURxEsIxAlakBl2ebhXyeemOeEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2096,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":348,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129174578,"flow_src_last_pkt_time":129174578,"flow_dst_last_pkt_time":129174578,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129174578,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.197.97.94","src_port":28681,"dst_port":1360,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00721{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00645{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_packet_id":1,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":151,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":151,"pkt_l4_len":117,"thread_ts_usec":129210409,"pkt":"CAAn5uVZUlQAEjUCCABFwACJBngAAH8BcgpUxWFeCgACDwMDv5kAAAAARQAAbbRuAAB\/EcTfCgACD1TFYV5wCQVQAFlEcRLCMQJWpAZdnm4V8nnpjnhEAAA6AAAABUdUS0cAACidCo0G3v\/IJjwziXwskXn9hKthBF0v4jVwCQEBAACHpNmcaMjLrgz72SMJ7seAsLgKkg=="} -01014{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.868061}} +00889{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2097,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129210409,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.868061}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2098,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":346,"flow_packet_id":2,"flow_src_last_pkt_time":129174282,"flow_dst_last_pkt_time":129344463,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":129344463,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBnkAAEARwydM4lVpCgACDxjKcAkC3ybmeBkxArN0R\/zFhR7fMHiNqUQAAMACAAAGR1RLRwAAnpfHNvHWgDxrrvMwVMRjMd2z66QETOJVaRjKAQAAAAS4IqVOFEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaeldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkEdUS0cAALyzuhm5M4uYhLkABGRqZbdy38iOBGIjVe59rQ=="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_packet_id":1,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345202,"pkt":"UlQAEjUCCAAn5uVZCABFAABtA3wAAIARyZcKAAIPY\/r9Y3AJLisAWcb1VskxAtkesLI2UdbrHnvJmEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2099,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":350,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129345202,"flow_src_last_pkt_time":129345202,"flow_dst_last_pkt_time":129345202,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":129345202,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.250.253.99","src_port":28681,"dst_port":11819,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2100,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_packet_id":2,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345276,"pkt":"UlQAEjUCCAAn5uVZCABFAABtFDMAAIARzrIKAAIPZAHninAJ3O4AWa5oGAExAiz8sZobXXh7jKY+cEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2101,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":327,"flow_packet_id":2,"flow_src_last_pkt_time":129345403,"flow_dst_last_pkt_time":96049954,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":129345403,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTdUAAIARVp8KAAIPVBw14XAJrzsAWRB8uXsxAsNFs8rL71MevwvUD0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2118,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131668560,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2118,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_packet_id":1,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131668560,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0FboAAIARBg4KAAIPuyVXvXAJGMoAIPd5R05EED8AAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2118,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131668560,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2118,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":351,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131668560,"flow_src_last_pkt_time":131668560,"flow_dst_last_pkt_time":131668560,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131668560,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"187.37.87.189","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2119,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_packet_id":2,"flow_src_last_pkt_time":131668865,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131668865,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0f68AAIAR17kKAAIPd+BfYXAJtRQAIJbPR05EED8BAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2120,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":188,"flow_packet_id":2,"flow_src_last_pkt_time":131669387,"flow_dst_last_pkt_time":82062993,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131669387,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05JQAAIARi28KAAIPU4ZrIHAJl7QAIMzJR05EED8CAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2121,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":2,"flow_src_last_pkt_time":131669767,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131669767,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s0oAAIARB\/AKAAIPrGHHDnAJGMoAIJbpR05EED8DAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1667,7 +1667,7 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2125,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":164,"flow_packet_id":2,"flow_src_last_pkt_time":131671261,"flow_dst_last_pkt_time":82059383,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131671261,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MzkAAIARkVYKAAIPjsXbVXAJZnoAIFKKR05EED8HAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":131671537,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131671537,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_packet_id":1,"flow_src_last_pkt_time":131671537,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131671537,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0NSMAAIARFykKAAIPsL8xn3AJGMoAICf2R05EED8IAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":131671537,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131671537,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2126,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":352,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":131671537,"flow_src_last_pkt_time":131671537,"flow_dst_last_pkt_time":131671537,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":131671537,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.191.49.159","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2127,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":128,"flow_packet_id":2,"flow_src_last_pkt_time":131671769,"flow_dst_last_pkt_time":72850420,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131671769,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09U4AAIARELMKAAIPTY3bG3AJkswAIGeoR05EED8JAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2128,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":2,"flow_src_last_pkt_time":131671934,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131671934,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rnIAAIARKEIKAAIPWjv9unAJPMMAII5jR05EED8KAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2129,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":129,"flow_packet_id":2,"flow_src_last_pkt_time":131672247,"flow_dst_last_pkt_time":72850779,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":131672247,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0790AAIARW48KAAIPsIoys3AJcuMAIMz6R05EED8LAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1753,7 +1753,7 @@ 02341{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":2139,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":93,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":18,"flow_first_seen":71205274,"flow_src_last_pkt_time":117002547,"flow_dst_last_pkt_time":132821508,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":304,"flow_dst_max_l4_payload_len":1024,"flow_src_tot_l4_payload_len":705,"flow_dst_tot_l4_payload_len":2420,"midstream":0,"thread_ts_usec":132821508,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.214.154.216","src_port":50248,"dst_port":6346,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":1091,"avg":3464951.8,"max":22684647,"stddev":6255594.5,"var":39132462055424.0,"ent":3.3,"data": [399865,400165,2576,3065,879170,880284,1091,343284,15848,359592,3003,2180,5087,145122,145627,10048654,10048652,469496,2676,472723,3557750,3604090,6175326,6222212,413766,464528,22633783,22684647,605343,604983,15818919]},"pktlen": {"min":40,"avg":138.2,"max":1064,"stddev":217.4,"var":47264.8,"ent":4.0,"data": [52,44,40,344,40,323,143,40,118,762,40,53,58,40,149,40,104,40,1064,45,40,122,40,70,40,213,40,52,40,123,40,62]},"bins": {"c_to_s": [9,0,2,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"s_to_c": [12,0,2,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"directions": [0,1,0,0,1,1,0,1,1,1,0,1,1,0,0,1,0,1,1,1,0,1,0,0,1,1,0,0,1,0,1,1],"entropies": [4.638531685,4.760457039,4.611769199,5.768550396,4.503056526,5.575543404,5.615631580,4.553056717,5.640929699,7.709812641,4.680641174,4.708038807,4.874885082,4.592897415,6.317804813,4.453056812,5.923436165,4.453056812,7.776337624,4.335103989,4.830641270,6.163827896,4.780641556,5.454720020,4.621928692,6.573338509,4.730640888,4.776329994,4.621928692,6.159438610,4.571928978,4.925578117]},"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132831233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_packet_id":1,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831233,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0BqoAAIARzHEKAAIPw7WX2XAJYsIAIGTAR05EED8VAQFUC1FLUlAGUk5BXS\/iNQlw"} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132831233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2142,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":353,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132831233,"flow_src_last_pkt_time":132831233,"flow_dst_last_pkt_time":132831233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132831233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":25282,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2143,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_packet_id":2,"flow_src_last_pkt_time":132831544,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831544,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jJMAAIARUAgKAAIPp3KqnHAJXSQAIHPdR05EED8WAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2144,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_packet_id":2,"flow_src_last_pkt_time":132831688,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831688,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0v84AAIARvTMKAAIPc0U+Y3AJGMoAIFidR05EED8XAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2145,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":160,"flow_packet_id":2,"flow_src_last_pkt_time":132831843,"flow_dst_last_pkt_time":82058765,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132831843,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XroAAIARSzcKAAIPU5YxI3AJfsAAIB+VR05EED8YAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1767,7 +1767,7 @@ 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2153,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":180,"flow_packet_id":2,"flow_src_last_pkt_time":132833113,"flow_dst_last_pkt_time":82061705,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132833113,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0amgAAIARaXcKAAIPQoMYSHAJd\/cAIFBER05EED8gAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2154,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132833303,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2154,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_packet_id":1,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132833303,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02w8AAIARCzYKAAIPUOz3eHAJBAgAINaYR05EED8hAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2154,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132833303,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2154,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":354,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":132833303,"flow_src_last_pkt_time":132833303,"flow_dst_last_pkt_time":132833303,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":132833303,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.236.247.120","src_port":28681,"dst_port":1032,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2155,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":98,"flow_packet_id":2,"flow_src_last_pkt_time":132833488,"flow_dst_last_pkt_time":71536330,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132833488,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0alcAAIAR6coKAAIPy94OqnAJWyQAIO1XR05EED8iAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2156,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":177,"flow_packet_id":2,"flow_src_last_pkt_time":132833697,"flow_dst_last_pkt_time":82061259,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132833697,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xBIAAIARbZAKAAIPRZ23anAJGMoAIA0yR05EED8jAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2157,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":135,"flow_packet_id":2,"flow_src_last_pkt_time":132834112,"flow_dst_last_pkt_time":72852642,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":132834112,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fT4AAIARi9MKAAIPwfpjnnAJGMoAIOSfR05EED8kAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -1779,17 +1779,17 @@ 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2163,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":332,"flow_packet_id":2,"flow_src_last_pkt_time":134428529,"flow_dst_last_pkt_time":101837355,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":134428529,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAsMAAIAR5egKAAIP1eVv4HAJEwwAWfhP39IxAiTPawjpKg8FqMjKpUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":1,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506098,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAv8AAIARQCgKAAIPtXY11HAJdS4AWScUhfMxArbJ5SyHh4zpjzvfRkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2169,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506098,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139506098,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506098,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.118.53.212","src_port":28681,"dst_port":29998,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":1,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506262,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYr4AAIAR3CUKAAIPP+SvqXAJB5AAWZrqJBYxAlmizjMkdrKTCQRuaEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2170,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506262,"flow_src_last_pkt_time":139506262,"flow_dst_last_pkt_time":139506262,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506262,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"63.228.175.169","src_port":28681,"dst_port":1936,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_packet_id":1,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139506403,"pkt":"UlQAEjUCCAAn5uVZCABFAABtewQAAIAR+1sKAAIPYiNV7nAJfa0AWf9BqZoxAuJR0ARRd\/sw16p3JUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2171,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":357,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139506403,"flow_src_last_pkt_time":139506403,"flow_dst_last_pkt_time":139506403,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139506403,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"98.35.85.238","src_port":28681,"dst_port":32173,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2172,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":2,"flow_src_last_pkt_time":139506098,"flow_dst_last_pkt_time":139668978,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":139668978,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBs0AAEARedS1djXUCgACD3UucAkC3zh9hfMxArbJ5SyHh4zpjzvfRkQAAMACAAAGR1RLRwAAtKvoCtBqd4zMwnzU9a6qM7XaCosEtXY11HUuAQAAAARfhHP4FEdUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSEdUS0cAALFbZ+HgSIrho0RaGRNTd1qTgMZFBC0fmHBo40dUS0cAAL1cZVAaZZhJTOPlkpw6jfT8aYRtBD\/kr6kHkEdUS0cAALyzuhm5M4uYhLkABGRqZbdy38iOBGIjVe59rUdUS0cAALrtVGIh6HCMeHje7ytMi7+QCmj9BC\/grq4Yyg=="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_packet_id":1,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669712,"pkt":"UlQAEjUCCAAn5uVZCABFAABtmlYAAIARtYwKAAIPL+CurnAJGMoAWfYTyxgxAvXWHJDN+FF7HrIjWEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2173,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":358,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":139669712,"flow_src_last_pkt_time":139669712,"flow_dst_last_pkt_time":139669712,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":139669712,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.224.174.174","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00603{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2174,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":324,"flow_packet_id":3,"flow_src_last_pkt_time":139669839,"flow_dst_last_pkt_time":96048683,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669839,"pkt":"UlQAEjUCCAAn5uVZCABFAABtTeQAAIAR4qUKAAIPSfqz7XAJUXAAWTtzDAwxAhYFwQyFnvxYxDh4UUQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2175,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":3,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":95918456,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":139669995,"pkt":"UlQAEjUCCAAn5uVZCABFAABtxQMAAIAR4QkKAAIPvKXLvnAJVesAWccLy3UxAr1ooy\/Zmhwx1EOQ8UQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAIek2ZxoyMuuDPvZIwnux4CwuAqS"} 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2176,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":321,"flow_packet_id":4,"flow_src_last_pkt_time":139669995,"flow_dst_last_pkt_time":139694412,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":139694412,"pkt":"CAAn5uVZUlQAEjUCCABFAALzBs4AAEAR3Lm8pcu+CgACD1XrcAkC39Nzy3UxAr1ooy\/Zmhwx1EOQ8UQAAMACAAAGR1RLRwAA0WC9XX1Cv4OMIP5Uj2dxFVfelx8EvKXLvlXrAQAAAAT+NOnnFEdUS0cAAISEnKMAahWoBBfUee10B\/B49\/r0BBh0QITIG0dUS0cAAIQFsf+Bv2njsZMOcK5XBzk5Qq3rBN3GzcRRKkdUS0cAAIPPdMtTw3ywAQrcKHskULaFt8T9BFd7NurTckdUS0cAAIBDDfCNVDqFgBWTNBe\/R1a2V7AXBLm7Sq3Q8UdUS0cAAI1c\/QX9I39S2eczHf8bGxQqBh3SBCaOd+rCRFdTSFIAAIsML3baZ9qjEzov01XuwUWPp8CvBBiB6TxOFldTSFIAAIgInuBYn2DWNYTpgSOhE3nGOSSqBGLQGpoTgldTSFIAAJMpLUy99S6l5+o3G\/7HZbY0zUPGBFnUW5sUS1NOT1cAAJJLJdecP9uDvZhuUeP7MwcedtuWBM8mo+QaekdUS0cAAJ6Xxzbx1oA8a67zMFTEYzHds+ukBEziVWkYyldTSFIAAJ7Bez1ZQQgPxovuLAykgS8CMrDdBLAKqQox\/0dUS0cAAJp\/6ofTpH0Z7c9sfONgy\/6jjg5ZBFTFYV4FUFdTSFIAAJgFqYyWS9v2Yq4KyYrmzTVJWc5SBGP6\/WMuK0dUS0cAAKZeyrvsa5mvejLQ38QnOIQ2zbdtBGQB54rc7ldTSFIAAKQeYlqSZYffwoHRlw8bFrfmBFSvBFQcNeGvO0dUS0cAAK10JPaTOb0hgYkPVi8cpzY7gtJoBFx1+WIan1dTSFIAAKr7G8iP9T\/W+jUmPMkpEJiqR57KBMvcaRtLPEdUS0cAALd6AZ7svQKtiRxAHRTzpxSemu\/LBNXlb+ATDEdUS0cAALSr6ArQaneMzMJ81PWuqjO12gqLBLV2NdR1LkdUS0cAALNy1PV19iuZm7NzjEzMA6wUOO22BFJALAsFSA=="} @@ -1896,52 +1896,52 @@ 00759{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":335,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":115369554,"flow_src_last_pkt_time":121820041,"flow_dst_last_pkt_time":122157131,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":29,"flow_dst_max_l4_payload_len":78,"flow_src_tot_l4_payload_len":57,"flow_dst_tot_l4_payload_len":124,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"14.200.255.229","src_port":28681,"dst_port":37058,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 01080{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":116628965,"flow_src_last_pkt_time":163335638,"flow_dst_last_pkt_time":163387809,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"80.7.252.192","src_port":28681,"dst_port":6888,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00911{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":349,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":129210409,"flow_src_last_pkt_time":129210409,"flow_dst_last_pkt_time":129210409,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":117,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":117,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":117,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"84.197.97.94","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2274,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":163563577,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":3,"flow_src_last_pkt_time":168224745,"flow_dst_last_pkt_time":139713966,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168224745,"pkt":"UlQAEjUCCAAn5uVZCABFAABtYr8AAIAR3CQKAAIPP+SvqXAJB5AAWcmhvWcxAkYxxPd4wtcssZ9PX0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":3,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":139668978,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168391152,"pkt":"UlQAEjUCCAAn5uVZCABFAABtAwAAAIARQCcKAAIPtXY11HAJdS4AWVKoRtYxAgh8ZUKNU31EKcU+K0QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} 01473{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":356,"flow_packet_id":4,"flow_src_last_pkt_time":168224745,"flow_dst_last_pkt_time":168428006,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168428006,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB7gAAEARdKY\/5K+pCgACDweQcAkC32IyvWcxAkYxxPd4wtcssZ9PX0QAAMACAAAGR1RLRwAAvVxlUBplmElM4+WSnDqN9PxphG0EP+SvqQeQAQAAAAQC89xEFEdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyUdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAAZMeTOG2LuCeHzpFv+0pfJ1qOd4BGfoa2Sp9EdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzFdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu0dUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmQ=="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":1,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168428692,"pkt":"UlQAEjUCCAAn5uVZCABFAABtVroAAIARN3AKAAIPxjraDHAJuygAWfAoVB4xAiIUq1VNOT5K4PsAnkQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":168428692,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168428692,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":355,"flow_packet_id":4,"flow_src_last_pkt_time":168391152,"flow_dst_last_pkt_time":168554777,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168554777,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB7sAAEAReOa1djXUCgACD3UucAkC3xXwRtYxAgh8ZUKNU31EKcU+K0QAAMACAAAGR1RLRwAAtKvoCtBqd4zMwnzU9a6qM7XaCosEtXY11HUuAQAAAARfhHP4FEdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj1dTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2UdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeQ=="} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00604{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":1,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168555545,"pkt":"UlQAEjUCCAAn5uVZCABFAABtB2EAAIARDDsKAAIPVoHEVHAJJrsAWdbAQsoxAjcNEhOQ8aGFyag54kQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168555545,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168555545,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168555545,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.129.196.84","src_port":28681,"dst_port":9915,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01477{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2292,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":2,"flow_src_last_pkt_time":168555545,"flow_dst_last_pkt_time":168593913,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168593913,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB7wAAEARSVpWgcRUCgACDya7cAkC37LQQsoxAjcNEhOQ8aGFyag54kQAAMACAAAGR1RLRwAAUhNI53eBGeJh0nCkclkfZJnzMvMEVoHEVCa7AQAAAATmnBkoFEdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj1dTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2UdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeUdUS0cAAABa1S31uxK2I4OJWHaC\/PKs7lhZBFK1+9qOEA=="} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00606{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":1,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168594778,"pkt":"UlQAEjUCCAAn5uVZCABFAABtbeQAAIARLxYKAAIPvsDStnAJGmIAWe\/nYtExAgjn\/Ke847x2NG4oVEQAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2293,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168594778,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168594778,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168594778,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"190.192.210.182","src_port":28681,"dst_port":6754,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00605{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_packet_id":1,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":123,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":123,"pkt_l4_len":89,"thread_ts_usec":168840831,"pkt":"UlQAEjUCCAAn5uVZCABFAABteiAAAIARB1cKAAIPUc1bLXAJlZkAWXbGOhUxApJjO\/JuqWKA3F9q70QAADoAAAAFR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAADgZnrrTUxbZJrkUeNZFbiSwaUPd"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2295,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":168840831,"flow_src_last_pkt_time":168840831,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":168840831,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.205.91.45","src_port":28681,"dst_port":38297,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2297,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":2,"flow_src_last_pkt_time":168594778,"flow_dst_last_pkt_time":168854304,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":168854304,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB8MAAEAR0rG+wNK2CgACDxpicAkC32qFYtExAgjn\/Ke847x2NG4oVEQAAMACAAAGR1RLRwAAVhpgfx\/FIwIUkbHoonVeeVgxwBsEvsDSthpiAQAAAAQZ71djFEdUS0cAAD\/LrtDBHsrvB2sw44AqY2QCrQYQBDNEmdZmjUdUS0cAADcgJ3MxU+9gPezRvKa4p+wbOpp4BLnL2lzegkdUS0cAACn0WLPxWtQpnmCbIRk+uW\/YiZplBGBBRMKKmUdUS0cAACpy2K\/2hky2jG7eBxG55EuSykYdBLVUshDrZkdUS0cAACwUV8A2ZtuYGpHmurFJ9ZjbPjd\/BEIe3bUu7FdTSFIAACfu4Bqdy+iW81L+1nr6boaqfinyBC1Yddoa\/UdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj1dTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABEOG4JNEDwVGDdOEVl98CTJsF5uBMvcxvQEqkdUS0cAABK1XVsEZ16ugW6JpsS4xfhpSq81BEjJ0DmW2UdUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyVdTSFIAAAl5O+8DCDmOkVzxf\/SPVwlYhBdwBEiMeCm6e0dUS0cAAAucDVWlpiFF+O+mADztiMF+lbMgBMEl\/4LwsEdUS0cAAAyXtfcHfbQ8qEf8F4epyaClpDRCBFh4Sddf8kdUS0cAAA1pNBGyU44u8atjdhBEZcvofBcyBFA93fZ3cUdUS0cAAAAs7ncgF1geHmh4DMpMbatHwhb+BGD2nH7EeQ=="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2313,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":3,"flow_src_last_pkt_time":174268839,"flow_dst_last_pkt_time":168854304,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174268839,"pkt":"UlQAEjUCCAAn5uVZCABFAABybeUAAIARLxAKAAIPvsDStnAJGmIAXsbRDJkxAiMikaZOqXdSUPahXUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2314,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":3,"flow_src_last_pkt_time":174269002,"flow_dst_last_pkt_time":168593913,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174269002,"pkt":"UlQAEjUCCAAn5uVZCABFAAByB2IAAIARDDUKAAIPVoHEVHAJJrsAXjsDcFExAhHLtY5GdmAVhlELQEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2315,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":361,"flow_packet_id":4,"flow_src_last_pkt_time":174269002,"flow_dst_last_pkt_time":174302614,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174302614,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB+kAAEARSS1WgcRUCgACDya7cAkC366hcFExAhHLtY5GdmAVhlELQEQAAMACAAAGR1RLRwAAUhNI53eBGeJh0nCkclkfZJnzMvMEVoHEVCa7AQAAAATmnBkoFEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCkdUS0cAAFuWTCQAv7KdBMgSGC6mmSLY5\/ECBMKjtH4qSVdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAE3VqZZmQu9JEb4xS9XAL1zJJdrgBLwXGNVIgVdTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmUdUS0cAAEE1vJAZC\/Oid7YdKVGKEGbtSapFBJUco6\/DJEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZsldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00614{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":1,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174303564,"pkt":"UlQAEjUCCAAn5uVZCABFAAByStEAAIARbHkKAAIPwqO0fnAJKkkAXkeElzExAuaUt3SA\/qxG7F60jUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2316,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174303564,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174303564,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174303564,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"194.163.180.126","src_port":28681,"dst_port":10825,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2317,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_packet_id":2,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174303640,"pkt":"UlQAEjUCCAAn5uVZCABFAAByVrsAAIARN2oKAAIPxjraDHAJuygAXpm7NG4xAlN4rvcHLSWuyVzKGkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2318,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":301,"flow_packet_id":5,"flow_src_last_pkt_time":174303687,"flow_dst_last_pkt_time":96577312,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174303687,"pkt":"UlQAEjUCCAAn5uVZCABFAAByc1oAAIARyh0KAAIPvD00t3AJLkwAXspjtQoxApnQ\/5wC2EReDmleoEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00612{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2320,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":3,"flow_src_last_pkt_time":174321941,"flow_dst_last_pkt_time":90892088,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174321941,"pkt":"UlQAEjUCCAAn5uVZCABFAAByxlcAAIARNIMKAAIPjoSlDXAJd2YAXu8TjWExApO4DvtDKbdx2klNVkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2321,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00614{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2321,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_packet_id":1,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174322199,"pkt":"UlQAEjUCCAAn5uVZCABFAABy\/iwAAIARW1MKAAIPvBcY1XAJSIEAXn4ZciIxAgUt47TCA6DBC1+HrEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2321,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2321,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":365,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322199,"flow_src_last_pkt_time":174322199,"flow_dst_last_pkt_time":174322199,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322199,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"188.23.24.213","src_port":28681,"dst_port":18561,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2322,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2322,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_packet_id":1,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174322734,"pkt":"UlQAEjUCCAAn5uVZCABFAAByI9AAAIARdPYKAAIPXgg3nnAJx8QAXqKieDQxAq3mE0dDpkvWQzLgPUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2322,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2322,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":366,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174322734,"flow_src_last_pkt_time":174322734,"flow_dst_last_pkt_time":174322734,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174322734,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.8.55.158","src_port":28681,"dst_port":51140,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01479{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2323,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":364,"flow_packet_id":2,"flow_src_last_pkt_time":174303564,"flow_dst_last_pkt_time":174323550,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174323550,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB+sAAEAR7N7Co7R+CgACDypJcAkC36eTlzExAuaUt3SA\/qxG7F60jUQAAMACAAAGR1RLRwAAW5ZMJAC\/sp0EyBIYLqaZItjn8QIEwqO0fipJAQAAAAQkVMV3FEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCldTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu0dUS0cAAE3VqZZmQu9JEb4xS9XAL1zJJdrgBLwXGNVIgVdTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmUdUS0cAAEE1vJAZC\/Oid7YdKVGKEGbtSapFBJUco6\/DJFdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZskdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mjw=="} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2324,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":4,"flow_src_last_pkt_time":174321941,"flow_dst_last_pkt_time":174341975,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174341975,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB+wAAEARMG6OhKUNCgACD3dmcAkC3wuvjWExApO4DvtDKbdx2klNVkQAAMACAAAGR1RLRwAAUUjYEDcrwBV7QiokASfD38PrfSUEjoSlDXdmAQAAAARrKAM7FEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCkdUS0cAAFuWTCQAv7KdBMgSGC6mmSLY5\/ECBMKjtH4qSVdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu1dTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmUdUS0cAAEE1vJAZC\/Oid7YdKVGKEGbtSapFBJUco6\/DJFdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZsldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2325,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":363,"flow_packet_id":2,"flow_src_last_pkt_time":174342629,"flow_dst_last_pkt_time":168840831,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174342629,"pkt":"UlQAEjUCCAAn5uVZCABFAAByeiEAAIARB1EKAAIPUc1bLXAJlZkAXranfCExAmltWPgHip8OOUDUwEQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":1,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174342792,"pkt":"UlQAEjUCCAAn5uVZCABFAAByzKsAAIARKPUKAAIPlRyjr3AJwyQAXo4hNNYxAkNtQBP87WWbzy94OkQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2326,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174342792,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174342792,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174342792,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"149.28.163.175","src_port":28681,"dst_port":49956,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_packet_id":1,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174343218,"pkt":"UlQAEjUCCAAn5uVZCABFAAByuwkAAIARD7sKAAIPL5M0FXAJj3gAXq06x7YxAq8Sv7XsAP61JE4GfUQAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2327,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":368,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":174343218,"flow_src_last_pkt_time":174343218,"flow_dst_last_pkt_time":174343218,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":86,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":86,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":174343218,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.147.52.21","src_port":28681,"dst_port":36728,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01480{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2329,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":362,"flow_packet_id":4,"flow_src_last_pkt_time":174268839,"flow_dst_last_pkt_time":174522506,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174522506,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB\/AAAEAR0oS+wNK2CgACDxpicAkC3xqGDJkxAiMikaZOqXdSUPahXUQAAMACAAAGR1RLRwAAVhpgfx\/FIwIUkbHoonVeeVgxwBsEvsDSthpiAQAAAAQZ71djFEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCkdUS0cAAFuWTCQAv7KdBMgSGC6mmSLY5\/ECBMKjtH4qSVdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu0dUS0cAAE3VqZZmQu9JEb4xS9XAL1zJJdrgBLwXGNVIgVdTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmUdUS0cAAEE1vJAZC\/Oid7YdKVGKEGbtSapFBJUco6\/DJFdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAAB9npzFZ8csWEevUVjGg\/Ev3bcglBF8KzUMtU0dUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZsldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFg=="} 01476{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2334,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":367,"flow_packet_id":2,"flow_src_last_pkt_time":174342792,"flow_dst_last_pkt_time":174648242,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":769,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":769,"pkt_l4_len":735,"thread_ts_usec":174648242,"pkt":"CAAn5uVZUlQAEjUCCABFAALzB\/MAAEARKy2VHKOvCgACD8MkcAkC37mfNNYxAkNtQBP87WWbzy94OkQAAMACAAAGR1RLRwAAQTW8kBkL86J3th0pUYoQZu1JqkUElRyjr8MkAQAAAAThq6+iFEdUS0cAAFxg+taEWAYB1unX7flSWQRG3beNBGic4kjQCkdUS0cAAFuWTCQAv7KdBMgSGC6mmSLY5\/ECBMKjtH4qSVdTSFIAAFpCOi4aZIiG9lYEyciBumqkMMTzBMY62gy7KEdUS0cAAFf2jq05FgyfJOGIcRJLg6NdtQ1eBLw9NLcuTEdUS0cAAFYaYH8fxSMCFJGx6KJ1XnlYMcAbBL7A0rYaYkdUS0cAAFFI2BA3K8AVe0IqJAEnw9\/D630lBI6EpQ13ZkdUS0cAAFITSOd3gRniYdJwpHJZH2SZ8zLzBFaBxFQmu1dTSFIAAEwNRRSjJbzqx43c9rTKLbxkbHgKBF4IN57HxEdUS0cAAElxJg9dajjzW3txW7a4q7j8IGI0BFHNWy2VmVdTSFIAAEJDtkelhifx87ftq707Fzo\/U0PdBC+TNBWPeEdUS0cAAGqU5DC0wpx7Tt\/+AtuQJkODlGIrBC\/cuoxr+UdUS0cAAGSQPhJYYczqO9fA1uqwCWebPjcpBMEgftbozEdUS0cAAGfwY9tAxh1AXF0ZU2EOIfqDQ08tBHbwRccYzEdUS0cAAGcZJHUoqfb+iSo9+1Aaw4nAX4zABFAH\/MAa6EdUS0cAABnDsbPWKLbuWCN54AyWtjRM+4cSBFlLNBOzukdUS0cAABjf5v+Urk90V\/WPMxinQSIciE4\/BDzxMMJTNUdUS0cAABiF4URzeX7Vdi93GjTzJphEA0s1BC6AcmsZsldTSFIAABreJpDCEhk5HaHmWa2KZ2KgQT+tBFLZsDQdFkdUS0cAABpaaFBDXGgpcSmxYhITGidbcBteBEuFZV3Mj0dUS0cAABZMZh8YJqCRZ8rsFWpJujOrF1VMBFHNWy2cyQ=="} 00613{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2339,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":336,"flow_packet_id":5,"flow_src_last_pkt_time":174679434,"flow_dst_last_pkt_time":163387809,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":128,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":128,"pkt_l4_len":94,"thread_ts_usec":174679434,"pkt":"UlQAEjUCCAAn5uVZCABFAAByIxoAAIARvooKAAIPUAf8wHAJGugAXpyRqVIxAmGFa8ucpYvWyyN910QAAD8AAAAHR1RLRwAAKJ0KjQbe\/8gmPDOJfCyRef2Eq2EEXS\/iNXAJAQEAAF3Q\/QP6n0+w02aNGZLhtNuwNXioAEFMT0M="} @@ -2269,10 +2269,10 @@ 01081{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":319,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":2,"flow_first_seen":95893239,"flow_src_last_pkt_time":123877237,"flow_dst_last_pkt_time":123936810,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":1454,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"164.132.10.25","src_port":28681,"dst_port":55302,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01079{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":330,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":4,"flow_first_seen":101122636,"flow_src_last_pkt_time":168321077,"flow_dst_last_pkt_time":168840075,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":324,"flow_dst_tot_l4_payload_len":2413,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.64.44.11","src_port":28681,"dst_port":1352,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01077{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":360,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":168428692,"flow_src_last_pkt_time":174303640,"flow_dst_last_pkt_time":168428692,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":167,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"198.58.218.12","src_port":28681,"dst_port":47912,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01054{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00929{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01075{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2485,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":326,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":96049781,"flow_src_last_pkt_time":129345276,"flow_dst_last_pkt_time":96049781,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":162,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":213810438,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"100.1.231.138","src_port":28681,"dst_port":56558,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2491,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":219447137,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":219447137,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.187.171.240","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00545{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2491,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":369,"flow_packet_id":1,"flow_src_last_pkt_time":219447137,"flow_dst_last_pkt_time":219447137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":81,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":81,"pkt_l4_len":47,"thread_ts_usec":219447137,"pkt":"UlQAEjUCCAAn5uVZCABFAABD+bUAAIARLzoKAAIPWbur8HAJGMoAL2mkIFAxArFAxy3\/Egk2kZ9VAwABABAAAADDA1NDUEECglZDRUdUS0di"} @@ -2354,19 +2354,19 @@ 01076{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":138,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":72853189,"flow_src_last_pkt_time":192908402,"flow_dst_last_pkt_time":72853189,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":72,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":222018990,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"167.114.170.156","src_port":28681,"dst_port":23844,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238441,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_packet_id":1,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229238441,"pkt":"UlQAEjUCCAAn5uVZCABFAABpeXIAAIARIJEKAAIPW6w4xnAJLtAAVXM5R05EED9JAQFMQVEyUApVRFBdL+I1CXBBRaArSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238441,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2494,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":370,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238441,"flow_src_last_pkt_time":229238441,"flow_dst_last_pkt_time":229238441,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238441,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.172.56.198","src_port":28681,"dst_port":11984,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238800,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_packet_id":1,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229238800,"pkt":"UlQAEjUCCAAn5uVZCABFAABp+fkAAIAR\/N8KAAIPbYPKGHAJrswAVYv2R05EED9KAQFMQVEyUApVRFBdL+I1CXA\/EL4kSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238800,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":371,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229238800,"flow_src_last_pkt_time":229238800,"flow_dst_last_pkt_time":229238800,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229238800,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.131.202.24","src_port":28681,"dst_port":44748,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_packet_id":1,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229239365,"pkt":"UlQAEjUCCAAn5uVZCABFAABpnhUAAIARey4KAAIPW7O5fnAJGMoAVSnyR05EED9LAQFMQVEyUApVRFBdL+I1CXBXghXNSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2496,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":372,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239365,"flow_src_last_pkt_time":229239365,"flow_dst_last_pkt_time":229239365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"91.179.185.126","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239821,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_packet_id":1,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229239821,"pkt":"UlQAEjUCCAAn5uVZCABFAABpd+QAAIARdQcKAAIPWHrpD3AJLOAAVT9CR05EED9MAQFMQVEyUApVRFBdL+I1CXDHjOZsSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239821,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":373,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229239821,"flow_src_last_pkt_time":229239821,"flow_dst_last_pkt_time":229239821,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229239821,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.122.233.15","src_port":28681,"dst_port":11488,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229240388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_packet_id":1,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":229240388,"pkt":"UlQAEjUCCAAn5uVZCABFAABpQyQAAIAR7ygKAAIPPiO+BXAJSKwAVQDtR05EED9NAQFMQVEyUApVRFBdL+I1CXAx8WVwSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229240388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":374,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":229240388,"flow_src_last_pkt_time":229240388,"flow_dst_last_pkt_time":229240388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":229240388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"62.35.190.5","src_port":28681,"dst_port":18604,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00939{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":21,"flow_state":"finished","flow_src_packets_processed":4,"flow_dst_packets_processed":0,"flow_first_seen":40005419,"flow_src_last_pkt_time":43055141,"flow_dst_last_pkt_time":40005419,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":696,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":55708,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System"}} 00931{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":9,"flow_state":"finished","flow_src_packets_processed":9,"flow_dst_packets_processed":0,"flow_first_seen":12529525,"flow_src_last_pkt_time":43193100,"flow_dst_last_pkt_time":12529525,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":30,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":73,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":348,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"224.0.0.251","src_port":5353,"dst_port":5353,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"MDNS","proto_id":"8","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01074{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":2507,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":267,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":3,"flow_first_seen":90738015,"flow_src_last_pkt_time":106390698,"flow_dst_last_pkt_time":115276904,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":599,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":599,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":238361827,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"200.7.155.210","src_port":50291,"dst_port":28365,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -2506,10 +2506,10 @@ 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2552,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":384,"flow_packet_id":2,"flow_src_last_pkt_time":243617811,"flow_dst_last_pkt_time":244088424,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":244088424,"pkt":"CAAn5uVZUlQAEjUCCABFAABKCegAAEAREr5LQAavCgACDxKHcAkANhLe3zAxAlWwCWL\/xiCmeq0xAwEBABcAAACHEktABq8AAAAACAAAAMOCUUtEatOUjQ=="} 00557{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2553,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":376,"flow_packet_id":2,"flow_src_last_pkt_time":243615848,"flow_dst_last_pkt_time":244095343,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":244095343,"pkt":"CAAn5uVZUlQAEjUCCABFAABKCekAAEARnnCcOSoCCgACD4LEcAkANgOuEkUxAuVTIJT\/qP0FXn0lAwEBABcAAADEgpw5KgJZAAAAAAAIAMOCUUtENA+q8Q=="} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":379,"flow_packet_id":2,"flow_src_last_pkt_time":243616544,"flow_dst_last_pkt_time":244452929,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":244452929,"pkt":"CAAn5uVZUlQAEjUCCABFAABKCeoAAEAR1ItQjD+TCgACD3NpcAkANq7MHNIxAm253jL\/\/DUsuAicAwEBABcAAABpc1CMP5MAAAAACAAAAMOCUUtEtjiVcw=="} -01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} -01052{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00927{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":26,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61191313,"flow_src_last_pkt_time":61191313,"flow_dst_last_pkt_time":61191313,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57619,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00927{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":27,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61470563,"flow_src_last_pkt_time":61470563,"flow_dst_last_pkt_time":61470563,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57620,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00927{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":34,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":61999388,"flow_src_last_pkt_time":61999388,"flow_dst_last_pkt_time":61999388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57621,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} +00927{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":41,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":63029620,"flow_src_last_pkt_time":63029620,"flow_dst_last_pkt_time":63029620,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":2,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":2,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":2,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"10.0.2.2","src_port":57622,"dst_port":5351,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"confidence": {"6":"DPI"},"proto":"NAT-PMP","proto_id":"312","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network"}} 01082{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":247,"flow_state":"finished","flow_src_packets_processed":5,"flow_dst_packets_processed":5,"flow_first_seen":89829259,"flow_src_last_pkt_time":174145848,"flow_dst_last_pkt_time":174528829,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":556,"flow_dst_tot_l4_payload_len":3014,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"181.84.178.16","src_port":28681,"dst_port":60262,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01075{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":307,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":0,"flow_first_seen":95216801,"flow_src_last_pkt_time":162802551,"flow_dst_last_pkt_time":95216801,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":243,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"72.201.208.57","src_port":28681,"dst_port":38617,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 01083{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":309,"flow_state":"finished","flow_src_packets_processed":6,"flow_dst_packets_processed":6,"flow_first_seen":95264476,"flow_src_last_pkt_time":175759013,"flow_dst_last_pkt_time":176255145,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":232,"flow_dst_max_l4_payload_len":727,"flow_src_tot_l4_payload_len":642,"flow_dst_tot_l4_payload_len":3741,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.220.186.140","src_port":28681,"dst_port":27641,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -2557,12 +2557,12 @@ 01078{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":2555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":2,"flow_dst_packets_processed":1,"flow_first_seen":95716226,"flow_src_last_pkt_time":243617528,"flow_dst_last_pkt_time":243760248,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":46,"flow_src_tot_l4_payload_len":109,"flow_dst_tot_l4_payload_len":46,"midstream":0,"thread_ts_usec":244452929,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":251734977,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251734977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_packet_id":1,"flow_src_last_pkt_time":251734977,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251734977,"pkt":"UlQAEjUCCAAn5uVZCABFAAA086wAAIARiikKAAIPgS0vp3AJGMoAIFk6R05EED9OAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":251734977,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251734977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2560,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":400,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251734977,"flow_src_last_pkt_time":251734977,"flow_dst_last_pkt_time":251734977,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251734977,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"129.45.47.167","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2561,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":166,"flow_packet_id":3,"flow_src_last_pkt_time":251735454,"flow_dst_last_pkt_time":82059658,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251735454,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rnMAAIARKEEKAAIPWjv9unAJPMMAII4eR05EED9PAQFUC1FLUlAGUk5BXS\/iNQlw"} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2562,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":2,"flow_src_last_pkt_time":251735642,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251735642,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RwQAAIARmdYKAAIPvpmPNnAJ\/\/8AINUGR05EED9QAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251735839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_packet_id":1,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251735839,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0jpwAAIARMg8KAAIPrbLATHAJGMoAIJwMR05EED9RAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251735839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2563,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":401,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251735839,"flow_src_last_pkt_time":251735839,"flow_dst_last_pkt_time":251735839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251735839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"173.178.192.76","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2564,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":109,"flow_packet_id":4,"flow_src_last_pkt_time":251736271,"flow_dst_last_pkt_time":71539473,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251736271,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0p7cAAIARK7EKAAIPWKkCmXAJzL4AIPrTR05EED9SAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2565,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":157,"flow_packet_id":4,"flow_src_last_pkt_time":251736359,"flow_dst_last_pkt_time":82058208,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251736359,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rEAAAIARiPAKAAIPVuOilnAJGMoAIBCQR05EED9TAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2566,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":4,"flow_src_last_pkt_time":251736500,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251736500,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JGAAAIARImwKAAIPWkGNnXAJGMoAICIqR05EED9UAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -2582,126 +2582,126 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2580,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":124,"flow_packet_id":3,"flow_src_last_pkt_time":251738527,"flow_dst_last_pkt_time":72848739,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251738527,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0XA4AAIARFJgKAAIPqv4TBnAJXnQAIAZMR05EED9iAQFUC1FLUlAGUk5BXS\/iNQlw"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251738882,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_packet_id":1,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251738882,"pkt":"UlQAEjUCCAAn5uVZCABFAABpgBkAAIARlX4KAAIPTtvKAnAJGMoAVResR05EED9jAQFMQVEyUApVRFBdL+I1CXBvOYAkSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251738882,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2581,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":402,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251738882,"flow_src_last_pkt_time":251738882,"flow_dst_last_pkt_time":251738882,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251738882,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.219.202.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_packet_id":1,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251739069,"pkt":"UlQAEjUCCAAn5uVZCABFAABpn\/EAAIARHQsKAAIPxfSrhHAJGMoAVUkZR05EED9kAQFMQVEyUApVRFBdL+I1CXA0OLGbSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2582,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":403,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739069,"flow_src_last_pkt_time":251739069,"flow_dst_last_pkt_time":251739069,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739069,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"197.244.171.132","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739244,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_packet_id":1,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251739244,"pkt":"UlQAEjUCCAAn5uVZCABFAABpjkwAAIARcEMKAAIPVurY+3AJRbUAVQcCR05EED9lAQFMQVEyUApVRFBdL+I1CXDHMdz4SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739244,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2583,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":404,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739244,"flow_src_last_pkt_time":251739244,"flow_dst_last_pkt_time":251739244,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739244,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.234.216.251","src_port":28681,"dst_port":17845,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739411,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_packet_id":1,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251739411,"pkt":"UlQAEjUCCAAn5uVZCABFAABpJdUAAIAROI8KAAIPsJsfdnAJGMoAVbHHR05EED9mAQFMQVEyUApVRFBdL+I1CXBQgEyMSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739411,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2584,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":405,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739411,"flow_src_last_pkt_time":251739411,"flow_dst_last_pkt_time":251739411,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739411,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.155.31.118","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739607,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_packet_id":1,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251739607,"pkt":"UlQAEjUCCAAn5uVZCABFAABpkwUAAIARKxEKAAIPbRsDRHAJ4CQAVb5+R05EED9nAQFMQVEyUApVRFBdL+I1CXCQaKwvSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739607,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2585,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":406,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739607,"flow_src_last_pkt_time":251739607,"flow_dst_last_pkt_time":251739607,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739607,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.27.3.68","src_port":28681,"dst_port":57380,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00569{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2586,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":303,"flow_packet_id":5,"flow_src_last_pkt_time":251739691,"flow_dst_last_pkt_time":174341975,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":251739691,"pkt":"UlQAEjUCCAAn5uVZCABFAABUxlgAAIARNKAKAAIPjoSlDXAJd2YAQAphXS\/iNTECAGQaxPLpTglwD4ABACEAAAD5AHBpbmtmbG95ZADDAlFLRFrK9p0DU0NQQAFaQIJQUkA="} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2587,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2587,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_packet_id":1,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251739830,"pkt":"UlQAEjUCCAAn5uVZCABFAABpBqsAAIARzDsKAAIPw7WX2XAJGMoAVdFRR05EED9oAQFMQVEyUApVRFBdL+I1CXDKQckfSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2587,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2587,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":407,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251739830,"flow_src_last_pkt_time":251739830,"flow_dst_last_pkt_time":251739830,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251739830,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.181.151.217","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2588,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":108,"flow_packet_id":2,"flow_src_last_pkt_time":251739950,"flow_dst_last_pkt_time":71539248,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251739950,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0B\/8AAIARw8UKAAIPcHfybnAJHvIAIKDlR05EED9pAQFUC1FLUlAGUk5BXS\/iNQlw"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_packet_id":1,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251740138,"pkt":"UlQAEjUCCAAn5uVZCABFAABp+vMAAIAR1iUKAAIPWmcC9XAJGMoAVbquR05EED9qAQFMQVEyUApVRFBdL+I1CXDvdHgBSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2589,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":408,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740138,"flow_src_last_pkt_time":251740138,"flow_dst_last_pkt_time":251740138,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740138,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.103.2.245","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2590,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2590,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_packet_id":1,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251740269,"pkt":"UlQAEjUCCAAn5uVZCABFAABp6gYAAIARuGgKAAIPVsI1RHAJg+oAVTU8R05EED9rAQFMQVEyUApVRFBdL+I1CXDTUzsOSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2590,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2590,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":409,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740269,"flow_src_last_pkt_time":251740269,"flow_dst_last_pkt_time":251740269,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740269,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.194.53.68","src_port":28681,"dst_port":33770,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2591,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740418,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2591,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_packet_id":1,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251740418,"pkt":"UlQAEjUCCAAn5uVZCABFAABpE5AAAIARO0YKAAIPXRyCg3AJGMoAVTPWR05EED9sAQFMQVEyUApVRFBdL+I1CXAD+PaCSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2591,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740418,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2591,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":410,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740418,"flow_src_last_pkt_time":251740418,"flow_dst_last_pkt_time":251740418,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740418,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.28.130.131","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2592,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2592,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_packet_id":1,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251740552,"pkt":"UlQAEjUCCAAn5uVZCABFAABpwd8AAIAR9sYKAAIPWY8cQHAJGMoAVVMGR05EED9tAQFMQVEyUApVRFBdL+I1CXAhZ3heSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2592,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2592,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":411,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740552,"flow_src_last_pkt_time":251740552,"flow_dst_last_pkt_time":251740552,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740552,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.143.28.64","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740694,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_packet_id":1,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251740694,"pkt":"UlQAEjUCCAAn5uVZCABFAABp3loAAIAR4SAKAAIPOrE0SXAJGMoAVVoRR05EED9uAQFMQVEyUApVRFBdL+I1CXAwmTIsSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740694,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2593,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":412,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251740694,"flow_src_last_pkt_time":251740694,"flow_dst_last_pkt_time":251740694,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251740694,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"58.177.52.73","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2594,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":87,"flow_packet_id":2,"flow_src_last_pkt_time":251740802,"flow_dst_last_pkt_time":70230689,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251740802,"pkt":"UlQAEjUCCAAn5uVZCABFAAA01LUAAIARp3wKAAIPXINV9XAJe\/8AIPQ\/R05EED9vAQFUC1FLUlAGUk5BXS\/iNQlw"} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2595,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":88,"flow_packet_id":2,"flow_src_last_pkt_time":251740913,"flow_dst_last_pkt_time":70230940,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251740913,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tBMAAIAREWMKAAIPUTIYAnAJRdIAIHOwR05EED9wAQFUC1FLUlAGUk5BXS\/iNQlw"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_packet_id":1,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741037,"pkt":"UlQAEjUCCAAn5uVZCABFAABptKwAAIARZmoKAAIPV0G8HXAJYGQAVfy4R05EED9xAQFMQVEyUApVRFBdL+I1CXAsjoyoSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2596,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":413,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741037,"flow_src_last_pkt_time":251741037,"flow_dst_last_pkt_time":251741037,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741037,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.65.188.29","src_port":28681,"dst_port":24676,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":251741183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741183,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_packet_id":1,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":251741183,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741183,"pkt":"UlQAEjUCCAAn5uVZCABFAABpyBYAAIARGbUKAAIPr7Wc9HAJID8AVaTlR05EED9yAQFMQVEyUApVRFBdL+I1CXAnhz4OSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":251741183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741183,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2597,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":414,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741183,"flow_src_last_pkt_time":251741183,"flow_dst_last_pkt_time":251741183,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741183,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.181.156.244","src_port":28681,"dst_port":8255,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741302,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_packet_id":1,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741302,"pkt":"UlQAEjUCCAAn5uVZCABFAABp2rQAAIARWGkKAAIPWvegYHAJRZkAVVg2R05EED9zAQFMQVEyUApVRFBdL+I1CXBQFbv4SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741302,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2598,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":415,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741302,"flow_src_last_pkt_time":251741302,"flow_dst_last_pkt_time":251741302,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741302,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.247.160.96","src_port":28681,"dst_port":17817,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_packet_id":1,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741399,"pkt":"UlQAEjUCCAAn5uVZCABFAABpgP4AAIARE4UKAAIPXIs9Z3AJXiAAVReAR05EED90AQFMQVEyUApVRFBdL+I1CXAgCH+PSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2599,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":416,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741399,"flow_src_last_pkt_time":251741399,"flow_dst_last_pkt_time":251741399,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741399,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.139.61.103","src_port":28681,"dst_port":24096,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741506,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_packet_id":1,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741506,"pkt":"UlQAEjUCCAAn5uVZCABFAABpPOUAAIARpiEKAAIPXrvss3AJGMoAVc9JR05EED91AQFMQVEyUApVRFBdL+I1CXAK96N8SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741506,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2600,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":417,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741506,"flow_src_last_pkt_time":251741506,"flow_dst_last_pkt_time":251741506,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741506,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.187.236.179","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741613,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_packet_id":1,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741613,"pkt":"UlQAEjUCCAAn5uVZCABFAABpWIsAAIAR9QEKAAIPS4GVZ3AJGMoAVejfR05EED92AQFMQVEyUApVRFBdL+I1CXB7zyH1SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741613,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2601,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":418,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741613,"flow_src_last_pkt_time":251741613,"flow_dst_last_pkt_time":251741613,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741613,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.129.149.103","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_packet_id":1,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741711,"pkt":"UlQAEjUCCAAn5uVZCABFAABptLQAAIARPvcKAAIPTsHsCHAJtd0AVaGTR05EED93AQFMQVEyUApVRFBdL+I1CXBWRJ3QSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2602,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":419,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741711,"flow_src_last_pkt_time":251741711,"flow_dst_last_pkt_time":251741711,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741711,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.193.236.8","src_port":28681,"dst_port":46557,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741806,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_packet_id":1,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741806,"pkt":"UlQAEjUCCAAn5uVZCABFAABp\/oQAAIARWesKAAIPVuN\/InAJGMoAVVdoR05EED94AQFMQVEyUApVRFBdL+I1CXD9RPkbSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741806,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2603,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":420,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741806,"flow_src_last_pkt_time":251741806,"flow_dst_last_pkt_time":251741806,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741806,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.227.127.34","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":251741922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_packet_id":1,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":251741922,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251741922,"pkt":"UlQAEjUCCAAn5uVZCABFAABpD2cAAIARSE0KAAIPr7YnC3AJMrEAVZiQR05EED95AQFMQVEyUApVRFBdL+I1CXCiUoeySAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":251741922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2604,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":421,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251741922,"flow_src_last_pkt_time":251741922,"flow_dst_last_pkt_time":251741922,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251741922,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"175.182.39.11","src_port":28681,"dst_port":12977,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742020,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_packet_id":1,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742020,"pkt":"UlQAEjUCCAAn5uVZCABFAABpDCwAAIARpfMKAAIPWHsj23AJpOMAVY76R05EED96AQFMQVEyUApVRFBdL+I1CXA5574PSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742020,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2605,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":422,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742020,"flow_src_last_pkt_time":251742020,"flow_dst_last_pkt_time":251742020,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742020,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.123.35.219","src_port":28681,"dst_port":42211,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":251742117,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742117,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_packet_id":1,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":251742117,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742117,"pkt":"UlQAEjUCCAAn5uVZCABFAABpUuIAAIARXLoKAAIPd\/cG4nAJJfEAVXf1R05EED97AQFMQVEyUApVRFBdL+I1CXCyY7kmSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":251742117,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742117,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2606,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":423,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742117,"flow_src_last_pkt_time":251742117,"flow_dst_last_pkt_time":251742117,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742117,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.247.6.226","src_port":28681,"dst_port":9713,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742217,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_packet_id":1,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742217,"pkt":"UlQAEjUCCAAn5uVZCABFAABp9RgAAIARA3UKAAIPXQ\/Y2HAJGMoAVYvoR05EED98AQFMQVEyUApVRFBdL+I1CXCl\/OnPSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742217,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2607,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":424,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742217,"flow_src_last_pkt_time":251742217,"flow_dst_last_pkt_time":251742217,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742217,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"93.15.216.216","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742343,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_packet_id":1,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742343,"pkt":"UlQAEjUCCAAn5uVZCABFAABpyoQAAIARnPkKAAIPkVI1pXAJGMoAVbRqR05EED99AQFMQVEyUApVRFBdL+I1CXBpxpNMSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742343,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2608,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":425,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742343,"flow_src_last_pkt_time":251742343,"flow_dst_last_pkt_time":251742343,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742343,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"145.82.53.165","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_packet_id":1,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742442,"pkt":"UlQAEjUCCAAn5uVZCABFAABpjvsAAIARl7kKAAIP20cseXAJOD4AVTM8R05EED9+AQFMQVEyUApVRFBdL+I1CXDAVizdSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2609,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":426,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742442,"flow_src_last_pkt_time":251742442,"flow_dst_last_pkt_time":251742442,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742442,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.71.44.121","src_port":28681,"dst_port":14398,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_packet_id":1,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742554,"pkt":"UlQAEjUCCAAn5uVZCABFAABp\/4AAAIARz90KAAIPUfkNHnAJOyIAVV3HR05EED9\/AQFMQVEyUApVRFBdL+I1CXDXBU+pSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2610,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":427,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742554,"flow_src_last_pkt_time":251742554,"flow_dst_last_pkt_time":251742554,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742554,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.249.13.30","src_port":28681,"dst_port":15138,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742656,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_packet_id":1,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742656,"pkt":"UlQAEjUCCAAn5uVZCABFAABpxSAAAIARsaoKAAIPVqJhCHAJGMoAVbYBR05EED+AAQFMQVEyUApVRFBdL+I1CXBICmgWSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742656,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2611,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":428,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742656,"flow_src_last_pkt_time":251742656,"flow_dst_last_pkt_time":251742656,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742656,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.162.97.8","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2612,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":125,"flow_packet_id":2,"flow_src_last_pkt_time":251742741,"flow_dst_last_pkt_time":72849111,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251742741,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0qf0AAIARfpoKAAIPU1yytnAJ39YAIDy8R05EED+BAQFUC1FLUlAGUk5BXS\/iNQlw"} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742837,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_packet_id":1,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742837,"pkt":"UlQAEjUCCAAn5uVZCABFAABpbRYAAIARQ+AKAAIPpanX1XAJXBgAVc6AR05EED+CAQFMQVEyUApVRFBdL+I1CXBThrh4SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742837,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2613,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":429,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742837,"flow_src_last_pkt_time":251742837,"flow_dst_last_pkt_time":251742837,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742837,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.169.215.213","src_port":28681,"dst_port":23576,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742935,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_packet_id":1,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251742935,"pkt":"UlQAEjUCCAAn5uVZCABFAABpkTwAAIAR44sKAAIPWghfpXAJnzsAVR0tR05EED+DAQFMQVEyUApVRFBdL+I1CXDGRkbqSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742935,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2614,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":430,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251742935,"flow_src_last_pkt_time":251742935,"flow_dst_last_pkt_time":251742935,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251742935,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.8.95.165","src_port":28681,"dst_port":40763,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743039,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_packet_id":1,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743039,"pkt":"UlQAEjUCCAAn5uVZCABFAABpAKcAAIARjVwKAAIPWHxH9nAJv4sAVfWnR05EED+EAQFMQVEyUApVRFBdL+I1CXBJizLGSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743039,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2615,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":431,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743039,"flow_src_last_pkt_time":251743039,"flow_dst_last_pkt_time":251743039,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743039,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.124.71.246","src_port":28681,"dst_port":49035,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_packet_id":1,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743139,"pkt":"UlQAEjUCCAAn5uVZCABFAABpRRcAAIARCyMKAAIPaAZ2NXAJGMoAVRHkR05EED+FAQFMQVEyUApVRFBdL+I1CXCTBKSZSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2616,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":432,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743139,"flow_src_last_pkt_time":251743139,"flow_dst_last_pkt_time":251743139,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743139,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.6.118.53","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_packet_id":1,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743232,"pkt":"UlQAEjUCCAAn5uVZCABFAABpc60AAIARxQkKAAIPY\/+Rv3AJuKAAVf+gR05EED+GAQFMQVEyUApVRFBdL+I1CXClGHrgSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2617,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":433,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743232,"flow_src_last_pkt_time":251743232,"flow_dst_last_pkt_time":251743232,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743232,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"99.255.145.191","src_port":28681,"dst_port":47264,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":251743326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_packet_id":1,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":251743326,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743326,"pkt":"UlQAEjUCCAAn5uVZCABFAABprogAAIARV1IKAAIPchi2gnAJVtgAVTeWR05EED+HAQFMQVEyUApVRFBdL+I1CXDG5k8JSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":251743326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2618,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":434,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743326,"flow_src_last_pkt_time":251743326,"flow_dst_last_pkt_time":251743326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.24.182.130","src_port":28681,"dst_port":22232,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743428,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_packet_id":1,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743428,"pkt":"UlQAEjUCCAAn5uVZCABFAABpKe0AAIARBQsKAAIPbRiSZXAJGMoAVc8GR05EED+IAQFMQVEyUApVRFBdL+I1CXCk7CrTSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743428,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2619,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":435,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743428,"flow_src_last_pkt_time":251743428,"flow_dst_last_pkt_time":251743428,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743428,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"109.24.146.101","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743527,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_packet_id":1,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743527,"pkt":"UlQAEjUCCAAn5uVZCABFAABpBbYAAIARmfEKAAIP20SziXAJGQYAVWDBR05EED+JAQFMQVEyUApVRFBdL+I1CXC3ZdA4SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743527,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2620,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":436,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743527,"flow_src_last_pkt_time":251743527,"flow_dst_last_pkt_time":251743527,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743527,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.68.179.137","src_port":28681,"dst_port":6406,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743626,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_packet_id":1,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743626,"pkt":"UlQAEjUCCAAn5uVZCABFAABpXhUAAIARDjgKAAIPHyajAnAJGMoAVb8RR05EED+KAQFMQVEyUApVRFBdL+I1CXCCZpWmSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743626,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2621,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":437,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743626,"flow_src_last_pkt_time":251743626,"flow_dst_last_pkt_time":251743626,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743626,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"31.38.163.2","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743729,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_packet_id":1,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743729,"pkt":"UlQAEjUCCAAn5uVZCABFAABpnzUAAIARiUYKAAIPR1a+o3AJNz4AVZWpR05EED+LAQFMQVEyUApVRFBdL+I1CXAC+zbZSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743729,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2622,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":438,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743729,"flow_src_last_pkt_time":251743729,"flow_dst_last_pkt_time":251743729,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743729,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"71.86.190.163","src_port":28681,"dst_port":14142,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743840,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_packet_id":1,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743840,"pkt":"UlQAEjUCCAAn5uVZCABFAABpeMgAAIAR9c8KAAIPsIcPVnAJGMoAVfORR05EED+MAQFMQVEyUApVRFBdL+I1CXBFn5s7SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743840,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2623,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":439,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743840,"flow_src_last_pkt_time":251743840,"flow_dst_last_pkt_time":251743840,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743840,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.135.15.86","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_packet_id":1,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251743945,"pkt":"UlQAEjUCCAAn5uVZCABFAABptQEAAIARA14KAAIPy6WqcHAJkN8AVThSR05EED+NAQFMQVEyUApVRFBdL+I1CXAo9qhxSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2624,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":440,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251743945,"flow_src_last_pkt_time":251743945,"flow_dst_last_pkt_time":251743945,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251743945,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"203.165.170.112","src_port":28681,"dst_port":37087,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251763326,"flow_src_last_pkt_time":251763326,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251763326,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.237.199.108","src_port":28681,"dst_port":56040,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2626,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_packet_id":1,"flow_src_last_pkt_time":251763326,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":251763326,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4Im4AAIARH98KAAIPJO3HbHAJ2ugAJO8DDHExAr2T6ZT\/ObNg3LKLAwABAAUAAADDglFLQA=="} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2627,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251763431,"flow_src_last_pkt_time":251763431,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251763431,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"89.204.130.55","src_port":28681,"dst_port":29545,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -2755,16 +2755,16 @@ 00534{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2653,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":464,"flow_packet_id":1,"flow_src_last_pkt_time":251768524,"flow_dst_last_pkt_time":251768524,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":251768524,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4kWwAAIAR9bEKAAIPZYBCCHAJhtAAJEI7\/fExAretIzz\/aAK525tdAwABAAUAAADDglFLQA=="} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2654,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768679,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2654,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_packet_id":1,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251768679,"pkt":"UlQAEjUCCAAn5uVZCABFAABptDMAAIARURQKAAIPAhwnEnAJPTgAVXP4R05EED+OAQFMQVEyUApVRFBdL+I1CXCOOiuSSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2654,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768679,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2654,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":465,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768679,"flow_src_last_pkt_time":251768679,"flow_dst_last_pkt_time":251768679,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768679,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"2.28.39.18","src_port":28681,"dst_port":15672,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_packet_id":1,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251768912,"pkt":"UlQAEjUCCAAn5uVZCABFAABpkwYAAIARXPIKAAIPRnf4BXAJwwkAVWk8R05EED+PAQFMQVEyUApVRFBdL+I1CXCywaF6SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2656,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":466,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251768912,"flow_src_last_pkt_time":251768912,"flow_dst_last_pkt_time":251768912,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251768912,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"70.119.248.5","src_port":28681,"dst_port":49929,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":251769032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769032,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_packet_id":1,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":251769032,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251769032,"pkt":"UlQAEjUCCAAn5uVZCABFAABphhwAAIARueMKAAIPPUCxNXAJW6IAVYBcR05EED+QAQFMQVEyUApVRFBdL+I1CXCCOR+jSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":251769032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769032,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2657,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":467,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769032,"flow_src_last_pkt_time":251769032,"flow_dst_last_pkt_time":251769032,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769032,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"61.64.177.53","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_packet_id":1,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251769188,"pkt":"UlQAEjUCCAAn5uVZCABFAABpuX4AAIARCSoKAAIPXtYM93AJq+EAVTOfR05EED+RAQFMQVEyUApVRFBdL+I1CXBhK2YwSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2658,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":468,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251769188,"flow_src_last_pkt_time":251769188,"flow_dst_last_pkt_time":251769188,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251769188,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"94.214.12.247","src_port":28681,"dst_port":44001,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2659,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":2,"flow_src_last_pkt_time":251769302,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":251769302,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0djcAAIARTnsKAAIPVYoUbnAJGMoAIJ\/SR05EED+SAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251799823,"flow_src_last_pkt_time":251799823,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":28,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251799823,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"87.123.54.234","src_port":28681,"dst_port":47184,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":469,"flow_packet_id":1,"flow_src_last_pkt_time":251799823,"flow_dst_last_pkt_time":251799823,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":251799823,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4oEcAAIAR\/\/kKAAIPV3s26nAJuFAAJLIzoTgxArDMLAv\/7an+30aEAwABAAUAAADDglFLQA=="} @@ -2792,10 +2792,10 @@ 00535{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2673,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":480,"flow_packet_id":1,"flow_src_last_pkt_time":251801900,"flow_dst_last_pkt_time":251801900,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":251801900,"pkt":"UlQAEjUCCAAn5uVZCABFAAA49tgAAIARfTwKAAIPcHdKGnAJ\/9oAJJAPBCMxArDSw4b\/H0\/S10KbAwABAAUAAADDglFLQA=="} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802309,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_packet_id":1,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251802309,"pkt":"UlQAEjUCCAAn5uVZCABFAABplkUAAIARam0KAAIPUnjbSnAJGMoAVeuTR05EED+TAQFMQVEyUApVRFBdL+I1CXAFqezLSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802309,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2674,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":481,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802309,"flow_src_last_pkt_time":251802309,"flow_dst_last_pkt_time":251802309,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802309,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"82.120.219.74","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802485,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_packet_id":1,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":251802485,"pkt":"UlQAEjUCCAAn5uVZCABFAABpmQMAAIARJwUKAAIPVsEXrHAJpPMAVbfKR05EED+UAQFMQVEyUApVRFBdL+I1CXAJ2N0DSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802485,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2675,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":482,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":251802485,"flow_src_last_pkt_time":251802485,"flow_dst_last_pkt_time":251802485,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":251802485,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.193.23.172","src_port":28681,"dst_port":42227,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00558{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2678,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":3,"flow_src_last_pkt_time":251763582,"flow_dst_last_pkt_time":251868720,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":251868720,"pkt":"CAAn5uVZUlQAEjUCCABFAABKCiIAAEAR8WfPJqPkCgACDxp6cAkANsFJWpsxApZGj4\/\/M2sG2xKbAwEBABcAAAB6Gs8mo+QAAAAAAAAAAMOCUUtEhU4oKg=="} 00563{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2679,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":452,"flow_packet_id":2,"flow_src_last_pkt_time":251765853,"flow_dst_last_pkt_time":251884410,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":92,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":92,"pkt_l4_len":58,"thread_ts_usec":251884410,"pkt":"CAAn5uVZUlQAEjUCCABFAABOCiMAAEARXmVE48ElCgACD2tZcAkAOq9\/xWExAmB\/ov7\/ILlztKqjAwEBABsAAABZa0TjwSUMAAAAAIAAAMOCUUtIaDpKbQye1TA="} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2680,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":447,"flow_packet_id":2,"flow_src_last_pkt_time":251764749,"flow_dst_last_pkt_time":251943083,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":251943083,"pkt":"CAAn5uVZUlQAEjUCCABFAABJCiQAAEARS28Oxwo8CgACD1uicAkANVFGLAcxApbO4XT\/cwIBXYVTAwEBABYAAACiWw7HCjwAAAAACAAAAMOCVVBDAQAC"} @@ -2816,17 +2816,17 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2698,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":4,"flow_src_last_pkt_time":253024455,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024455,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JXsAAIARS7AKAAIPTcVvunAJGMoAIExER05EED+ZAQFUC1FLUlAGUk5BXS\/iNQlw"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253024623,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_packet_id":1,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024623,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rIYAAIAR3m4KAAIPawQ4sXAJJxAAIFfHR05EED+aAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253024623,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2699,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":484,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253024623,"flow_src_last_pkt_time":253024623,"flow_dst_last_pkt_time":253024623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253024623,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"107.4.56.177","src_port":28681,"dst_port":10000,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2700,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":175,"flow_packet_id":3,"flow_src_last_pkt_time":253024749,"flow_dst_last_pkt_time":82060952,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024749,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0v88AAIARvTIKAAIPc0U+Y3AJGMoAIFgZR05EED+bAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2701,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_packet_id":4,"flow_src_last_pkt_time":253024867,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024867,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05VIAAIARsFEKAAIPUkFGxXAJVL0AIDTHR05EED+cAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2702,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":3,"flow_src_last_pkt_time":253024996,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253024996,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02U8AAIAREUMKAAIPBbQ+ZHAJtTEAIClAR05EED+dAQFUC1FLUlAGUk5BXS\/iNQlw"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2703,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":253025155,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025155,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2703,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":1,"flow_src_last_pkt_time":253025155,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025155,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fvgAAIAR6t0KAAIPmgMq0XAJGMoAIETqR05EED+eAQFUC1FLUlAGUk5BXS\/iNQlw"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2703,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":253025155,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025155,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2703,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025155,"flow_src_last_pkt_time":253025155,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025155,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"154.3.42.209","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2704,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":200,"flow_packet_id":3,"flow_src_last_pkt_time":253025278,"flow_dst_last_pkt_time":82064863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025278,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oPAAAIAR8ncKAAIPiscQe3AJzwEAILhDR05EED+fAQFUC1FLUlAGUk5BXS\/iNQlw"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2705,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":253025433,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025433,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2705,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_packet_id":1,"flow_src_last_pkt_time":253025433,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025433,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rssAAIAR+c8KAAIPWEQty3AJGMoAIIOtR05EED+gAQFUC1FLUlAGUk5BXS\/iNQlw"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2705,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":253025433,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025433,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2705,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":253025433,"flow_src_last_pkt_time":253025433,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":253025433,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.68.45.203","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2706,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":3,"flow_src_last_pkt_time":253025519,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025519,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lsQAAIARXJsKAAIPVvTkVnAJJ5MAIL+nR05EED+hAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2707,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":195,"flow_packet_id":4,"flow_src_last_pkt_time":253025614,"flow_dst_last_pkt_time":82063897,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D4YAAIAR1iwKAAIPseeXEHAJGMoAIMDCR05EED+iAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2708,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":3,"flow_src_last_pkt_time":253025731,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":253025731,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mjsAAIARSyYKAAIPxNmEb3AJYzIAIHYIR05EED+jAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -2859,22 +2859,22 @@ 01070{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":105,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":71538408,"flow_src_last_pkt_time":71538408,"flow_dst_last_pkt_time":71538408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":258518644,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2728,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2728,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_packet_id":1,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":264769233,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gnUAAIARDSsKAAIPGE6GvHAJv5YAIMPdR05EED+oAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2728,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2728,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":487,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769233,"flow_src_last_pkt_time":264769233,"flow_dst_last_pkt_time":264769233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.78.134.188","src_port":28681,"dst_port":49046,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2729,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":264769911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2729,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_packet_id":1,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":264769911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264769911,"pkt":"UlQAEjUCCAAn5uVZCABFAABp4pAAAIAROcEKAAIPt7NacHAJJnwAVd0aR05EED+pAQFMQVEyUApVRFBdL+I1CXCJt7jZSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2729,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":264769911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2729,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264769911,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":264769911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264769911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"183.179.90.112","src_port":28681,"dst_port":9852,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2730,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770348,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2730,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_packet_id":1,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264770348,"pkt":"UlQAEjUCCAAn5uVZCABFAABpkz4AAIARAfIKAAIPbCwtGXAJGMoAVdqpR05EED+qAQFMQVEyUApVRFBdL+I1CXAI8TopSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2730,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770348,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2730,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":489,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770348,"flow_src_last_pkt_time":264770348,"flow_dst_last_pkt_time":264770348,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770348,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"108.44.45.25","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2731,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2731,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_packet_id":1,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264770979,"pkt":"UlQAEjUCCAAn5uVZCABFAABpirEAAIARcjwKAAIPWgPXhHAJT4QAVQgYR05EED+rAQFMQVEyUApVRFBdL+I1CXAxwKVdSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2731,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2731,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":490,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264770979,"flow_src_last_pkt_time":264770979,"flow_dst_last_pkt_time":264770979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264770979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"90.3.215.132","src_port":28681,"dst_port":20356,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":264771328,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771328,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_packet_id":1,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":264771328,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264771328,"pkt":"UlQAEjUCCAAn5uVZCABFAABpGyoAAIARw5AKAAIPJOkq0nAJFYgAVWvGR05EED+sAQFMQVEyUApVRFBdL+I1CXAmCcrMSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":264771328,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771328,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771328,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":264771328,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771328,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.233.42.210","src_port":28681,"dst_port":5512,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_packet_id":1,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":264771658,"pkt":"UlQAEjUCCAAn5uVZCABFAABpgtwAAIAR1fMKAAIPrF4pR3AJGMoAVRJfR05EED+tAQFMQVEyUApVRFBdL+I1CXB2YrRDSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2733,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":492,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":264771658,"flow_src_last_pkt_time":264771658,"flow_dst_last_pkt_time":264771658,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":264771658,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"172.94.41.71","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00909{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2734,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":488,"flow_packet_id":2,"flow_src_last_pkt_time":264769911,"flow_dst_last_pkt_time":265025254,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":343,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":343,"pkt_l4_len":309,"thread_ts_usec":265025254,"pkt":"CAAn5uVZUlQAEjUCCABFAAFJCocAAEARUOu3s1pwCgACDyZ8cAkBNf6\/R05EAdfTAQF4nOvJYQx09GAJCd7JpZrkwOGyfXNUQY2aNgOQqcVkJ\/NZQgHELP822eOOoBqIeWuJ+svywBMg5m03A\/E2ebCoyvurk76F7AMxiyS2Nd0IOwZWu\/ZZko3XfhDzTtvyoD1ih8DM1qqbi6KPg5jrt6lzbzQ6ABbtzFqbqbsXbHFSccOi6B0gZvXZujRPkaMQKxZJG8mDrbjtrlNpZ7EdzAzlDn2keRDsSL7+t4uiGcBuUJ\/l+kCIEcS0ddhouiiaH8y8o\/lxqhgTiHlqur31CVlBEJNxYUDQBUV5ELOg\/FPeJzmwApWXzPcNjBghTK1LHaJAH7MFF6lxBs2PAzIgrgUyIOGFzID4yYMlyFGHkYGBIVb\/kakhE0OK1JFPL\/04C\/gBLLx7vA=="} 00906{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2737,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":491,"flow_packet_id":2,"flow_src_last_pkt_time":264771328,"flow_dst_last_pkt_time":265818202,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":345,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":345,"pkt_l4_len":311,"thread_ts_usec":265818202,"pkt":"CAAn5uVZUlQAEjUCCABFAAFLCokAAEARE1Ak6SrSCgACDxWIcAkBNyevR05EASbRAQF4nOtJZAx09GAJCV7HpZrkwOGi8lLrUofoCQYg83Yod+gjzYNgprtOpZ3FdhDzTmfW2kzdvWBma9XNRdHHwcy25UF7xA6BmEVqnEHz4w6DmLfWPkuy8doPYqq8vzrpW8g+EPP0Pb5VKtHHIKKLpI3kwaK3lqi\/LA8EW7x+mzr3RqMDIGb5t8kedwTVQEytpOKGRdE7QMzqs3VpniJgE267GYi3yauCmAXln\/I+yTGCTdg654u9ghKIaeuw0XRRNB\/Ykf1KD9P9VMCGMdnJfJaQB7tXYlvTjTCwYaem21ufkBUEMbdvjiqoUdNmcGALLv\/O9uijKpABCRCQCF\/\/20XRQAbETUAGxGgPliBHHUYGBoZY\/UemhkwMKVJHPr304yzgBwBT3ny5"} 01069{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":2740,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":170,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":82060300,"flow_src_last_pkt_time":82060300,"flow_dst_last_pkt_time":82060300,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":269300082,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -2989,83 +2989,83 @@ 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2745,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":493,"flow_packet_id":4,"flow_src_last_pkt_time":283055110,"flow_dst_last_pkt_time":280014541,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":283055110,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LYAAAER3GMKAAIP7\/\/\/+uDQB2wAtgxeTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308439,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_packet_id":1,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287308439,"pkt":"UlQAEjUCCAAn5uVZCABFAABpuTwAAIARzSsKAAIPVtJRO3AJGMoAVf5iR05EED+uAQFMQVEyUApVRFBdL+I1CXBbSWKeSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308439,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2748,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":494,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308439,"flow_src_last_pkt_time":287308439,"flow_dst_last_pkt_time":287308439,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308439,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.210.81.59","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_packet_id":1,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287308993,"pkt":"UlQAEjUCCAAn5uVZCABFAABpBO4AAIARfnwKAAIPUfdZFHAJGMoAVSV2R05EED+vAQFMQVEyUApVRFBdL+I1CXBK2WDkSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2749,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":495,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287308993,"flow_src_last_pkt_time":287308993,"flow_dst_last_pkt_time":287308993,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287308993,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"81.247.89.20","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309338,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_packet_id":1,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287309338,"pkt":"UlQAEjUCCAAn5uVZCABFAABpS4QAAIARIeEKAAIP2q3mYnAJSjwAVZ4oR05EED+wAQFMQVEyUApVRFBdL+I1CXD1PIvASAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309338,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2750,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":496,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309338,"flow_src_last_pkt_time":287309338,"flow_dst_last_pkt_time":287309338,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309338,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.173.230.98","src_port":28681,"dst_port":19004,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309691,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_packet_id":1,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287309691,"pkt":"UlQAEjUCCAAn5uVZCABFAABpHlMAAIARb0MKAAIPVGRMe3AJmswAVei0R05EED+xAQFMQVEyUApVRFBdL+I1CXAo12urSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309691,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2751,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":497,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287309691,"flow_src_last_pkt_time":287309691,"flow_dst_last_pkt_time":287309691,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287309691,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"84.100.76.123","src_port":28681,"dst_port":39628,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_packet_id":1,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287310048,"pkt":"UlQAEjUCCAAn5uVZCABFAABp7AUAAIARpHQKAAIPCCyVz3AJd1cAVT1hR05EED+yAQFMQVEyUApVRFBdL+I1CXDbuWSaSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2752,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":498,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310048,"flow_src_last_pkt_time":287310048,"flow_dst_last_pkt_time":287310048,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310048,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"8.44.149.207","src_port":28681,"dst_port":30551,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287310365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_packet_id":1,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287310365,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287310365,"pkt":"UlQAEjUCCAAn5uVZCABFAABpPEAAAIARoEIKAAIPAaFQUnAJIdAAVf09R05EED+zAQFMQVEyUApVRFBdL+I1CXCAEXIkSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287310365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2753,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":499,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310365,"flow_src_last_pkt_time":287310365,"flow_dst_last_pkt_time":287310365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"1.161.80.82","src_port":28681,"dst_port":8656,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2754,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310684,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2754,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_packet_id":1,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287310684,"pkt":"UlQAEjUCCAAn5uVZCABFAABpHKcAAIAREl4KAAIP3I8i4XAJTmcAVVqAR05EED+0AQFMQVEyUApVRFBdL+I1CXCHDBLySAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2754,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310684,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2754,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":500,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310684,"flow_src_last_pkt_time":287310684,"flow_dst_last_pkt_time":287310684,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310684,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.143.34.225","src_port":28681,"dst_port":20071,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2755,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2755,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_packet_id":1,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":287310956,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0gncAAIARfQkKAAIPWKDWiXAJGMoAINp9R05EED+1AQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2755,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2755,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":501,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287310956,"flow_src_last_pkt_time":287310956,"flow_dst_last_pkt_time":287310956,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287310956,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"88.160.214.137","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2756,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2756,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_packet_id":1,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287311299,"pkt":"UlQAEjUCCAAn5uVZCABFAABpU7QAAIARcFIKAAIPL5w603AJGMoAVfKmR05EED+2AQFMQVEyUApVRFBdL+I1CXAIdAe9SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2756,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2756,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":502,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311299,"flow_src_last_pkt_time":287311299,"flow_dst_last_pkt_time":287311299,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311299,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"47.156.58.211","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2757,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":287311602,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311602,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2757,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_packet_id":1,"flow_src_last_pkt_time":287311602,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":287311602,"pkt":"UlQAEjUCCAAn5uVZCABFAAA022kAAIARFCYKAAIPStL0SHAJGMoAIMqKR05EED+3AQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2757,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":287311602,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311602,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2757,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311602,"flow_src_last_pkt_time":287311602,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311602,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"74.210.244.72","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311908,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_packet_id":1,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287311908,"pkt":"UlQAEjUCCAAn5uVZCABFAABpqvYAAIARAEkKAAIPVcsta3AJGMoAVcw9R05EED+4AQFMQVEyUApVRFBdL+I1CXBb6lRUSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311908,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2758,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":504,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287311908,"flow_src_last_pkt_time":287311908,"flow_dst_last_pkt_time":287311908,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287311908,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.203.45.107","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00748{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2759,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":287312193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312193,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2759,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_packet_id":1,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":287312193,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287312193,"pkt":"UlQAEjUCCAAn5uVZCABFAABpRQoAAIARgU0KAAIPKgI+HHAJGPMAVW5BR05EED+5AQFMQVEyUApVRFBdL+I1CXAtSm1tSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01141{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2759,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":287312193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312193,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01031{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2759,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":505,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312193,"flow_src_last_pkt_time":287312193,"flow_dst_last_pkt_time":287312193,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312193,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.2.62.28","src_port":28681,"dst_port":6387,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2760,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312421,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2760,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_packet_id":1,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287312421,"pkt":"UlQAEjUCCAAn5uVZCABFAABpUpMAAIAR\/zYKAAIPiCBUi3AJGMoAVZzZR05EED+6AQFMQVEyUApVRFBdL+I1CXAH+JUcSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2760,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312421,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2760,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":506,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312421,"flow_src_last_pkt_time":287312421,"flow_dst_last_pkt_time":287312421,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312421,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"136.32.84.139","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2761,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2761,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_packet_id":1,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287312665,"pkt":"UlQAEjUCCAAn5uVZCABFAABpbgEAAIARwZMKAAIPMgTM3HAJGMoAVXirR05EED+7AQFMQVEyUApVRFBdL+I1CXD7jJmJSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2761,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2761,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":507,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312665,"flow_src_last_pkt_time":287312665,"flow_dst_last_pkt_time":287312665,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312665,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"50.4.204.220","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2762,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312889,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2762,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_packet_id":1,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287312889,"pkt":"UlQAEjUCCAAn5uVZCABFAABpGF4AAIARVj4KAAIPXJBjSXAJKfkAVVAmR05EED+8AQFMQVEyUApVRFBdL+I1CXDZtxe1SAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2762,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312889,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2762,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":508,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287312889,"flow_src_last_pkt_time":287312889,"flow_dst_last_pkt_time":287312889,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287312889,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.144.99.73","src_port":28681,"dst_port":10745,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2763,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287313271,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2763,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_packet_id":1,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287313271,"pkt":"UlQAEjUCCAAn5uVZCABFAABpV3kAAIARDLAKAAIPXI5tvnAJoZoAVQupR05EED+9AQFMQVEyUApVRFBdL+I1CXA3XiHRSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2763,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287313271,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2763,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":509,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287313271,"flow_src_last_pkt_time":287313271,"flow_dst_last_pkt_time":287313271,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287313271,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.142.109.190","src_port":28681,"dst_port":41370,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00569{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2765,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":302,"flow_packet_id":5,"flow_src_last_pkt_time":287313728,"flow_dst_last_pkt_time":124089575,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":287313728,"pkt":"UlQAEjUCCAAn5uVZCABFAABUOJEAAIAR8ZAKAAIPubtKrXAJ0PEAQMSnXS\/iNTECAGQaxPLpTglwD4ABACEAAAD5AHBpbmtmbG95ZADDAlFLRB3BTv4DU0NQQAFaQIJQUkA="} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2767,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314125,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00598{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2767,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_packet_id":1,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287314125,"pkt":"UlQAEjUCCAAn5uVZCABFAABpnB4AAIAR7YcKAAIPT15VcXAJGMoAVSitR05EED++AQFMQVEyUApVRFBdL+I1CXC2+OrHSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2767,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314125,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2767,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":510,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314125,"flow_src_last_pkt_time":287314125,"flow_dst_last_pkt_time":287314125,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314125,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"79.94.85.113","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2768,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00601{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2768,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_packet_id":1,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287314350,"pkt":"UlQAEjUCCAAn5uVZCABFAABpmn8AAIARcKsKAAIPRC\/fG3AJGMoAVbg\/R05EED+\/AQFMQVEyUApVRFBdL+I1CXCJygjoSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2768,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2768,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":511,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314350,"flow_src_last_pkt_time":287314350,"flow_dst_last_pkt_time":287314350,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314350,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"68.47.223.27","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2769,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314573,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2769,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_packet_id":1,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287314573,"pkt":"UlQAEjUCCAAn5uVZCABFAABpsMgAAIAR3NoKAAIP0czPBXAJwGgAVVmNR05EED\/AAQFMQVEyUApVRFBdL+I1CXDFlVhWSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2769,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314573,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2769,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":512,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314573,"flow_src_last_pkt_time":287314573,"flow_dst_last_pkt_time":287314573,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314573,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"209.204.207.5","src_port":28681,"dst_port":49256,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2770,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2770,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_packet_id":1,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287314783,"pkt":"UlQAEjUCCAAn5uVZCABFAABph8IAAIARf+IKAAIPTsTYDHAJ5h4AVWPLR05EED\/BAQFMQVEyUApVRFBdL+I1CXDwiDmtSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2770,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2770,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":513,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314783,"flow_src_last_pkt_time":287314783,"flow_dst_last_pkt_time":287314783,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314783,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.196.216.12","src_port":28681,"dst_port":58910,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2771,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2771,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_packet_id":1,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287314979,"pkt":"UlQAEjUCCAAn5uVZCABFAABpvHwAAIAR9dcKAAIPU3Ior3AJXAAAVSFCR05EED\/CAQFMQVEyUApVRFBdL+I1CXAlJFuJSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2771,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2771,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":514,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287314979,"flow_src_last_pkt_time":287314979,"flow_dst_last_pkt_time":287314979,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287314979,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.114.40.175","src_port":28681,"dst_port":23552,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2772,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315207,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2772,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_packet_id":1,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287315207,"pkt":"UlQAEjUCCAAn5uVZCABFAABp2kQAAIARDPoKAAIP3IlqrXAJLWkAVTFkR05EED\/DAQFMQVEyUApVRFBdL+I1CXDPsw9NSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2772,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315207,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2772,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":515,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315207,"flow_src_last_pkt_time":287315207,"flow_dst_last_pkt_time":287315207,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315207,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.137.106.173","src_port":28681,"dst_port":11625,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2773,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315409,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00600{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2773,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_packet_id":1,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287315409,"pkt":"UlQAEjUCCAAn5uVZCABFAABpRHMAAIAR3sMKAAIPd\/aTSHAJEdwAVb+qR05EED\/EAQFMQVEyUApVRFBdL+I1CXCNl48ySAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2773,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315409,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2773,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":516,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315409,"flow_src_last_pkt_time":287315409,"flow_dst_last_pkt_time":287315409,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315409,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"119.246.147.72","src_port":28681,"dst_port":4572,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2774,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":287315710,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315710,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2774,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_packet_id":1,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":287315710,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287315710,"pkt":"UlQAEjUCCAAn5uVZCABFAABpwVIAAIARphgKAAIPJO+iG3AJHzIAVfUVR05EED\/FAQFMQVEyUApVRFBdL+I1CXD7uZMRSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2774,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":287315710,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315710,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2774,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287315710,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":287315710,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287315710,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.162.27","src_port":28681,"dst_port":7986,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2775,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316018,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00527{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2775,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_packet_id":1,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":287316018,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0odEAAIARgwYKAAIPypc\/O3AJHcgAIPrFR05EED\/GAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2775,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316018,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2775,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":518,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316018,"flow_src_last_pkt_time":287316018,"flow_dst_last_pkt_time":287316018,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316018,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"202.151.63.59","src_port":28681,"dst_port":7624,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":2776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00599{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_packet_id":1,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":119,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":119,"pkt_l4_len":85,"thread_ts_usec":287316233,"pkt":"UlQAEjUCCAAn5uVZCABFAABp+G8AAIARKqgKAAIP20YwF3AJH4YAVfd3R05EED\/HAQFMQVEyUApVRFBdL+I1CXBhgiICSAlETnBpbmtmbG95ZEANSVVSTABQRlMARE4AQQAQTkFUAF0v4jUxAgBkGsTy6U4JcA8="} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":2776,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":519,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":287316233,"flow_src_last_pkt_time":287316233,"flow_dst_last_pkt_time":287316233,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":77,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":77,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":77,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":287316233,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.70.48.23","src_port":28681,"dst_port":8070,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2777,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":441,"flow_packet_id":2,"flow_src_last_pkt_time":287316376,"flow_dst_last_pkt_time":251763326,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":287316376,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4Im8AAIARH94KAAIPJO3HbHAJ2ugAJBUGCNsxAuNxtNL\/CPfpN9LYAwABAAUAAADDglFLQA=="} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2778,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":442,"flow_packet_id":2,"flow_src_last_pkt_time":287316451,"flow_dst_last_pkt_time":251763431,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":287316451,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4rcIAAIARpOAKAAIPWcyCN3AJc2kAJDj2y8wxAiUpPSv\/Rrn8E2YBAwABAAUAAADDglFLQA=="} 00569{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":2779,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":344,"flow_packet_id":4,"flow_src_last_pkt_time":287316477,"flow_dst_last_pkt_time":251868720,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":287316477,"pkt":"UlQAEjUCCAAn5uVZCABFAABUN+wAAIARg5MKAAIPzyaj5HAJGnoAQMvDXS\/iNTECAGQaxPLpTglwD4ABACEAAAD5AHBpbmtmbG95ZADDAlFLRIVOKCoDU0NQQAFaQIJQUkA="} @@ -3661,7 +3661,7 @@ 00575{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3204,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":743,"flow_packet_id":4,"flow_src_last_pkt_time":288181360,"flow_dst_last_pkt_time":288382894,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":100,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":100,"pkt_l4_len":66,"thread_ts_usec":288382894,"pkt":"CAAn5uVZUlQAEjUCCABFAABWC3YAAEARrX8bXpo1CgACDxjKcAkAQhIRXS\/iNTECAGQaxPLpTglwDwEBACMAAAB1MGLXgpwAAAAACAAAAMMDREhUQwAAAgNHVUVAglVQQwAADg=="} 00719{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00570{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_packet_id":1,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":288409044,"pkt":"CAAn5uVZUlQAEjUCCABFwABUC3cAAH8BdMakhAoZCgACDwMDt94AAAAARQAAOKbcAAB\/EdosCgACD6SEChlwCbx6ACQmrqOvMQLqit4m\/1WVjmwhhQMAAQAFAAAAw4JRS0A="} -01012{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.020679}} +00887{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3205,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":745,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":288409044,"flow_src_last_pkt_time":288409044,"flow_dst_last_pkt_time":288409044,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288409044,"l3_proto":"ip4","src_ip":"164.132.10.25","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.020679}} 00579{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3206,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":627,"flow_packet_id":4,"flow_src_last_pkt_time":287714018,"flow_dst_last_pkt_time":288483516,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":105,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":105,"pkt_l4_len":71,"thread_ts_usec":288483516,"pkt":"CAAn5uVZUlQAEjUCCABFAABbC3oAAEAROBZJPuG1CgACD7b7cAkARwAGXS\/iNTECAGQaxPLpTglwDwEBACgAAAB1MGLXgpwAAAAACAAAAMMDREhUQwAAAgNHVUVAA1RMU0CCVVBDACId"} 00921{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3207,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":517,"flow_packet_id":2,"flow_src_last_pkt_time":287315710,"flow_dst_last_pkt_time":288490528,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":356,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":356,"pkt_l4_len":322,"thread_ts_usec":288490528,"pkt":"CAAn5uVZUlQAEjUCCABFAAFWC3sAAEARmwMk76IbCgACDx8ycAkBQkS1R05EAVjxAQF4nOspZwx09GAJCT7CpZrkwOGi8n6RtJH8bgYgs0hiW9ONsGMg5p3WqpuLoo8zgBVcnfQtZB+Iedtdp9LOYjtYQWfW2kzdvWBtapxB8+MOg5haScUNi6J3gJi3lqi\/LA88AdYWyh36SPMAiLl+mzr3RiMwU+Wl1qUOUbCCO23Lg\/aI7Qcxq8\/WpXmKHAWr3Trni72CMtgENwPxNnk1ELP8O9ujj6rqYCZf\/9tF0Qxg5rfJHncEwQps72h+nCrGBHYOk53MZwkFEHP75qiCGjVtsAKHjaaLovnBTlef5fpAiBHEPDXd3vqErCCIybgwIOiCojzEkcz3DYyACtiCIaJABiSYgIw7\/UoP0\/2ADIhDgAyI9zxYghx1GBkYGGL1H5kaMjGkSB359NKPs4AfAD6Dfz4="} 01073{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3208,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":320,"flow_state":"finished","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":95893440,"flow_src_last_pkt_time":95893440,"flow_dst_last_pkt_time":95893440,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":81,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":81,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":288490528,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"185.236.200.137","src_port":28681,"dst_port":48142,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} @@ -3936,29 +3936,29 @@ 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3278,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":140,"flow_packet_id":5,"flow_src_last_pkt_time":312956056,"flow_dst_last_pkt_time":72853538,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956056,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JXwAAIARS68KAAIPTcVvunAJGMoAIEv3R05EED\/mAQFUC1FLUlAGUk5BXS\/iNQlw"} 00749{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":312956203,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956203,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_packet_id":1,"flow_src_last_pkt_time":312956203,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956203,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0aoYAAIARLMwKAAIPXAg7UHAJiXgAIAFvR05EED\/nAQFUC1FLUlAGUk5BXS\/iNQlw"} -01142{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":312956203,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956203,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01032{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3279,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":748,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956203,"flow_src_last_pkt_time":312956203,"flow_dst_last_pkt_time":312956203,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956203,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"92.8.59.80","src_port":28681,"dst_port":35192,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3280,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":172,"flow_packet_id":4,"flow_src_last_pkt_time":312956310,"flow_dst_last_pkt_time":82060552,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956310,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dB8AAIAR1MAKAAIPV0WOhXAJPG8AIAAFR05EED\/oAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3281,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":167,"flow_packet_id":3,"flow_src_last_pkt_time":312956479,"flow_dst_last_pkt_time":82059773,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956479,"pkt":"UlQAEjUCCAAn5uVZCABFAAA08GcAAIARdXUKAAIPXR1rsHAJT4sAIAnlR05EED\/pAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3282,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":171,"flow_packet_id":4,"flow_src_last_pkt_time":312956593,"flow_dst_last_pkt_time":82060415,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956593,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mjwAAIARSyUKAAIPxNmEb3AJYzIAIHXBR05EED\/qAQFUC1FLUlAGUk5BXS\/iNQlw"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":312956768,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956768,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_packet_id":1,"flow_src_last_pkt_time":312956768,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956768,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JvEAAIARngQKAAIPTp8bFnAJRJsAIHPrR05EED\/rAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":312956768,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956768,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3283,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956768,"flow_src_last_pkt_time":312956768,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956768,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.159.27.22","src_port":28681,"dst_port":17563,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":312956911,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_packet_id":1,"flow_src_last_pkt_time":312956911,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312956911,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mmwAAIARSEkKAAIPQ8EINHAJlrgAID+NR05EED\/sAQFUC1FLUlAGUk5BXS\/iNQlw"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":312956911,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3284,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312956911,"flow_src_last_pkt_time":312956911,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312956911,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"67.193.8.52","src_port":28681,"dst_port":38584,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3285,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":118,"flow_packet_id":4,"flow_src_last_pkt_time":312957021,"flow_dst_last_pkt_time":71541038,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957021,"pkt":"UlQAEjUCCAAn5uVZCABFAAA02VAAAIAREUIKAAIPBbQ+ZHAJtTEAICjwR05EED\/tAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3286,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":3,"flow_src_last_pkt_time":312957127,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957127,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0djgAAIARTnoKAAIPVYoUbnAJGMoAIJ92R05EED\/uAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3287,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":111,"flow_packet_id":5,"flow_src_last_pkt_time":312957227,"flow_dst_last_pkt_time":71540138,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957227,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JGEAAIARImsKAAIPWkGNnXAJGMoAICGPR05EED\/vAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3288,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":141,"flow_packet_id":5,"flow_src_last_pkt_time":312957301,"flow_dst_last_pkt_time":72853723,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957301,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s00AAIARB+0KAAIPrGHHDnAJGMoAIJX8R05EED\/wAQFUC1FLUlAGUk5BXS\/iNQlw"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":312957456,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957456,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_packet_id":1,"flow_src_last_pkt_time":312957456,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957456,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D1AAAIARtk4KAAIPjnPamHAJFwwAIKIdR05EED\/xAQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":312957456,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957456,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3289,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957456,"flow_src_last_pkt_time":312957456,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957456,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"142.115.218.152","src_port":28681,"dst_port":5900,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957614,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_packet_id":1,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312957614,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05pQAAIARsCAKAAIPTudJDnAJGMoAIHF1R05EED\/yAQFUC1FLUlAGUk5BXS\/iNQlw"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957614,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3290,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312957614,"flow_src_last_pkt_time":312957614,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312957614,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"78.231.73.14","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312961164,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_packet_id":1,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":312961164,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0s80AAIARSSgKAAIPpVSMYHAJOEAAILg+R05EED\/zAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312961164,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3291,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":753,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":312961164,"flow_src_last_pkt_time":312961164,"flow_dst_last_pkt_time":312961164,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":312961164,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"165.84.140.96","src_port":28681,"dst_port":14400,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3298,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":528,"flow_packet_id":2,"flow_src_last_pkt_time":320290371,"flow_dst_last_pkt_time":287338641,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320290371,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4TFkAAIARXF4KAAIPdqgPR3AJ5EoAJEU1rxgxAkijNFD\/98wlZJR4AwABAAUAAADDglFLQA=="} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3299,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":529,"flow_packet_id":2,"flow_src_last_pkt_time":320290433,"flow_dst_last_pkt_time":287338845,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320290433,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4bmsAAIARqKcKAAIPdPGionAJ4kkAJCDgNOsxArkJ75n\/2X37nQtxAwABAAUAAADDglFLQA=="} 00533{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3300,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":530,"flow_packet_id":2,"flow_src_last_pkt_time":320290446,"flow_dst_last_pkt_time":287339043,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"thread_ts_usec":320290446,"pkt":"UlQAEjUCCAAn5uVZCABFAAA4R1AAAIARd9IKAAIPdqf43HAJ56gAJBG+sRMxAjM8jgr\/OCOtVAIyAwABAAUAAADDglFLQA=="} @@ -4539,7 +4539,7 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3420,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":4,"flow_src_last_pkt_time":371838816,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":371838816,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0SbwAAIARjAEKAAIPdqbiRnAJGMoAILBsR05EEEADAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":371838970,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":371838970,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_packet_id":1,"flow_src_last_pkt_time":371838970,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":371838970,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05JUAAIARi24KAAIPU4ZrIHAJl7QAIMvHR05EEEAEAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":371838970,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":371838970,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3421,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":755,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":371838970,"flow_src_last_pkt_time":371838970,"flow_dst_last_pkt_time":371838970,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":371838970,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"83.134.107.32","src_port":28681,"dst_port":38836,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3422,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":191,"flow_packet_id":3,"flow_src_last_pkt_time":371839164,"flow_dst_last_pkt_time":82063378,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":371839164,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RwUAAIARmdUKAAIPvpmPNnAJ\/\/8AINRRR05EEEAFAQFUC1FLUlAGUk5BXS\/iNQlw"} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":371891623,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00752{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3424,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":242,"flow_state":"info","flow_src_packets_processed":8,"flow_dst_packets_processed":0,"flow_first_seen":88941886,"flow_src_last_pkt_time":179376876,"flow_dst_last_pkt_time":88941886,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":86,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":511,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":371891623,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"75.133.101.93","src_port":28681,"dst_port":52367,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -5039,14 +5039,14 @@ 01079{"flow_event_id":4,"flow_event_name":"update","thread_id":0,"packet_id":3469,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":312,"flow_state":"finished","flow_src_packets_processed":3,"flow_dst_packets_processed":2,"flow_first_seen":95716226,"flow_src_last_pkt_time":350800628,"flow_dst_last_pkt_time":350954135,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":81,"flow_dst_max_l4_payload_len":58,"flow_src_tot_l4_payload_len":165,"flow_dst_tot_l4_payload_len":104,"midstream":0,"thread_ts_usec":393888183,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"24.167.201.53","src_port":28681,"dst_port":47282,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3477,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3477,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_packet_id":1,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":399168972,"pkt":"UlQAEjUCCAAn5uVZCABFAAA854sAAIAR\/DEKAAIPaJziSHAJ0AoAKHNuYiULNAANuxoAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3477,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3477,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":399168972,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399168972,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":399168972,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.156.226.72","src_port":28681,"dst_port":53258,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3481,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":757,"flow_packet_id":2,"flow_src_last_pkt_time":399168972,"flow_dst_last_pkt_time":399265426,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":399265426,"pkt":"CAAn5uVZUlQAEjUCCABFAABEDoMAAEARFTNonOJICgACD9AKcAkAMN2JYiULNAANuxpiJQs1AA5dgzEBABEAAABHVEtHCgABAABiJQs1AA5ddw=="} 00756{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400018839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":1,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":400018839,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LcAAAER3GIKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00938{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3487,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400018839,"flow_src_last_pkt_time":400018839,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":174,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":174,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":174,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400018839,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"239.255.255.250","src_port":50213,"dst_port":1900,"l4_proto":"udp","ndpi": {"confidence": {"6":"DPI"},"proto":"SSDP","proto_id":"12","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":18,"category":"System","hostname":"239.255.255.250:1900"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00537{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_packet_id":1,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"thread_ts_usec":400872943,"pkt":"UlQAEjUCCAAn5uVZCABFAAA8Bs8AAIAREesKAAIPaO6s+nAJW\/wAKKTOYiULNgAJMscAAAAAAAAAADEBAAkAAABHVEtHCQABAAA="} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3493,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":400872943,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400872943,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":32,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":32,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":32,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":400872943,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"104.238.172.250","src_port":28681,"dst_port":23548,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00548{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3495,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":759,"flow_packet_id":2,"flow_src_last_pkt_time":400872943,"flow_dst_last_pkt_time":400901727,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":82,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":82,"pkt_l4_len":48,"thread_ts_usec":400901727,"pkt":"CAAn5uVZUlQAEjUCCABFAABEDpQAAEARSh5o7qz6CgACD1v8cAkAMAJCYiULNgAJMsdiJQs2AAlj5TEBABEAAABHVEtHCgABAABiJQs2AAljxQ=="} 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3497,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":2,"flow_src_last_pkt_time":401028587,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":401028587,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LgAAAER3GEKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} 00732{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3498,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":758,"flow_packet_id":3,"flow_src_last_pkt_time":402032886,"flow_dst_last_pkt_time":400018839,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":216,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":216,"pkt_l4_len":182,"thread_ts_usec":402032886,"pkt":"AQBef\/\/6CAAn5uVZCABFAADK4LkAAAER3GAKAAIP7\/\/\/+sQlB2wAtikJTS1TRUFSQ0ggKiBIVFRQLzEuMQ0KSE9TVDogMjM5LjI1NS4yNTUuMjUwOjE5MDANCk1BTjogInNzZHA6ZGlzY292ZXIiDQpNWDogMQ0KU1Q6IHVybjpkaWFsLW11bHRpc2NyZWVuLW9yZzpzZXJ2aWNlOmRpYWw6MQ0KVVNFUi1BR0VOVDogTWljcm9zb2Z0IEVkZ2UvOTkuMC4xMTUwLjMwIFdpbmRvd3MNCg0K"} @@ -5120,14 +5120,14 @@ 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3543,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":752,"flow_packet_id":2,"flow_src_last_pkt_time":431829020,"flow_dst_last_pkt_time":312957614,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431829020,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05pUAAIARsB8KAAIPTudJDnAJGMoAIHFFR05EEEAiAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431829260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_packet_id":1,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431829260,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0QZQAAIAR3lkKAAIPw4RLOHAJ2skAIDh8R05EEEAkAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431829260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3545,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":761,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431829260,"flow_src_last_pkt_time":431829260,"flow_dst_last_pkt_time":431829260,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431829260,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"195.132.75.56","src_port":28681,"dst_port":56009,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3549,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":184,"flow_packet_id":5,"flow_src_last_pkt_time":431829784,"flow_dst_last_pkt_time":82062444,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431829784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09A4AAIARpNcKAAIPVu8+1XAJGMoAIHNwR05EEEAoAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3551,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":219,"flow_packet_id":4,"flow_src_last_pkt_time":431830029,"flow_dst_last_pkt_time":83520153,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830029,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0H4MAAIARbHkKAAIPTB5WkHAJ0j0AIK0QR05EEEAqAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3552,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_packet_id":3,"flow_src_last_pkt_time":431830157,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830157,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mm4AAIARSEcKAAIPQ8EINHAJlrgAID9OR05EEEArAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3553,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":190,"flow_packet_id":5,"flow_src_last_pkt_time":431830264,"flow_dst_last_pkt_time":82063260,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830264,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Vb0AAIARb2AKAAIPpanD43AJGMoAIJ+jR05EEEAsAQFUC1FLUlAGUk5BXS\/iNQlw"} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431830401,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_packet_id":1,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830401,"pkt":"UlQAEjUCCAAn5uVZCABFAAA06P8AAIARw6kKAAIPVksrtnAJqe4AIPYJR05EEEAtAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431830401,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3554,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":762,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":431830401,"flow_src_last_pkt_time":431830401,"flow_dst_last_pkt_time":431830401,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":431830401,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"86.75.43.182","src_port":28681,"dst_port":43502,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3555,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":158,"flow_packet_id":5,"flow_src_last_pkt_time":431830502,"flow_dst_last_pkt_time":82058413,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431830502,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0Sb0AAIARjAAKAAIPdqbiRnAJGMoAILBBR05EEEAuAQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3561,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":137,"flow_packet_id":5,"flow_src_last_pkt_time":431831362,"flow_dst_last_pkt_time":72853009,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431831362,"pkt":"UlQAEjUCCAAn5uVZCABFAAA05VMAAIARsFAKAAIPUkFGxXAJVL0AIDQvR05EEEA0AQFUC1FLUlAGUk5BXS\/iNQlw"} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3562,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":183,"flow_packet_id":5,"flow_src_last_pkt_time":431831496,"flow_dst_last_pkt_time":82062320,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":431831496,"pkt":"UlQAEjUCCAAn5uVZCABFAAA085sAAIARz6wKAAIPW6wPtnAJk8UAICLKR05EEEA1AQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -5483,13 +5483,13 @@ 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3570,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":130,"flow_packet_id":5,"flow_src_last_pkt_time":433135172,"flow_dst_last_pkt_time":72851137,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433135172,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0f7IAAIAR17YKAAIPd+BfYXAJtRQAIJWWR05EEEA6AQFUC1FLUlAGUk5BXS\/iNQlw"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3571,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433135408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3571,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_packet_id":1,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433135408,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0ANMAAIARBlcKAAIPVarR1nAJtIIAIEXoR05EEEA7AQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3571,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433135408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3571,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":763,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433135408,"flow_src_last_pkt_time":433135408,"flow_dst_last_pkt_time":433135408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433135408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"85.170.209.214","src_port":28681,"dst_port":46210,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3572,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_packet_id":2,"flow_src_last_pkt_time":433135644,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433135644,"pkt":"UlQAEjUCCAAn5uVZCABFAAA022oAAIARFCUKAAIPStL0SHAJGMoAIMoFR05EEEA8AQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3573,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":486,"flow_packet_id":4,"flow_src_last_pkt_time":433135784,"flow_dst_last_pkt_time":253025433,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433135784,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0rs4AAIAR+cwKAAIPWEQty3AJGMoAIIMQR05EEEA9AQFUC1FLUlAGUk5BXS\/iNQlw"} 00523{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3574,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":85,"flow_packet_id":5,"flow_src_last_pkt_time":433135893,"flow_dst_last_pkt_time":70230046,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433135893,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0djoAAIARTngKAAIPVYoUbnAJGMoAIJ8mR05EEEA+AQFUC1FLUlAGUk5BXS\/iNQlw"} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3575,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433136175,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3575,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_packet_id":1,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136175,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0dXUAAIARfkEKAAIP0Fxql3AJftwAIGgXR05EEEA\/AQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3575,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433136175,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3575,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":764,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":433136175,"flow_src_last_pkt_time":433136175,"flow_dst_last_pkt_time":433136175,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":433136175,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"208.92.106.151","src_port":28681,"dst_port":32476,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3577,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":156,"flow_packet_id":5,"flow_src_last_pkt_time":433136506,"flow_dst_last_pkt_time":82057972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136506,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0lsYAAIARXJkKAAIPVvTkVnAJJ5MAIL8HR05EEEBBAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3578,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":4,"flow_src_last_pkt_time":433136626,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136626,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fvsAAIAR6toKAAIPmgMq0XAJGMoAIERGR05EEEBCAQFUC1FLUlAGUk5BXS\/iNQlw"} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3579,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_packet_id":2,"flow_src_last_pkt_time":433136748,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":433136748,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0M5gAAIARjK8KAAIPKWRE\/3AJMiYAIIFaR05EEEBDAQFUC1FLUlAGUk5BXS\/iNQlw"} @@ -6266,7 +6266,7 @@ 00554{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3662,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_packet_id":2,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490873972,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":490873972,"pkt":"CAAn5uVZUlQAEjUCCABFAABJEL8AAEARuWtwaTQCCgACD1uicAkANU8DODExAiD\/PoD\/dZiXmj2bAwEBABYAAACiW3BpNAIfAAAAAACAAMOCVVBDAQEB"} 00720{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00570{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_packet_id":1,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":98,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":98,"pkt_l4_len":64,"thread_ts_usec":490916095,"pkt":"CAAn5uVZUlQAEjUCCABFwABUEMAAAH8B9HtBtufoCgACDwMDMuAAAAAARQAAOFJyAAB\/EbOVCgACD0G25+hwCR7SACTlBTqzMQL2cg0m\/8bpadQ5WwMAAQAFAAAAw4JRS0A="} -01013{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.984965}} +00888{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3663,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":783,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":490916095,"flow_src_last_pkt_time":490916095,"flow_dst_last_pkt_time":490916095,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":64,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":64,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":64,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":490916095,"l3_proto":"ip4","src_ip":"65.182.231.232","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":4.984965}} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3664,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":775,"flow_packet_id":2,"flow_src_last_pkt_time":490660023,"flow_dst_last_pkt_time":490939326,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":490939326,"pkt":"CAAn5uVZUlQAEjUCCABFAABJEMEAAEAR+rDfEYQSCgACD1uicAkANcVlg9sxAjy4c4P\/utzozFbSAwEBABYAAACiW98RhBJuAAAA+KYpBMOCVVBDACAf"} 00559{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3665,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":768,"flow_packet_id":2,"flow_src_last_pkt_time":490658810,"flow_dst_last_pkt_time":490991311,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":88,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":88,"pkt_l4_len":54,"thread_ts_usec":490991311,"pkt":"CAAn5uVZUlQAEjUCCABFAABKEMIAAEARTyUOyP\/lCgACD5DCcAkANpg9XGQxAgSi0ID\/hbiT8iWZAwEBABcAAADCkA7I\/+WyNgAAAAAgAMOCUUtEGERIlw=="} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3672,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":784,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":491496121,"flow_src_last_pkt_time":491496121,"flow_dst_last_pkt_time":491496121,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":39,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":39,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":39,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":491496121,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"23.19.141.110","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} @@ -6294,32 +6294,32 @@ 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3712,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_packet_id":3,"flow_src_last_pkt_time":493286206,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493286206,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JvMAAIARngIKAAIPTp8bFnAJRJsAIHNuR05EEEBoAQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_packet_id":1,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493286408,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0K1UAAIARx6cKAAIPsIaLJ3AJGMoAIM1FR05EEEBpAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3713,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":785,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286408,"flow_src_last_pkt_time":493286408,"flow_dst_last_pkt_time":493286408,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286408,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"176.134.139.39","src_port":28681,"dst_port":6346,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3714,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":750,"flow_packet_id":4,"flow_src_last_pkt_time":493286521,"flow_dst_last_pkt_time":312956911,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493286521,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0mm8AAIARSEYKAAIPQ8EINHAJlrgAID8PR05EEEBqAQFUC1FLUlAGUk5BXS\/iNQlw"} 00750{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286950,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_packet_id":1,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493286950,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0IoIAAIARkLAKAAIPciYJUnAJXp8AIEeiR05EEEBtAQFUC1FLUlAGUk5BXS\/iNQlw"} -01143{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286950,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01033{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3717,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":786,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493286950,"flow_src_last_pkt_time":493286950,"flow_dst_last_pkt_time":493286950,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493286950,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"114.38.9.82","src_port":28681,"dst_port":24223,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00754{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3718,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287114,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3718,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_packet_id":1,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493287114,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0xr0AAIAREI4KAAIP3IV62XAJW6IAIG63R05EEEBuAQFUC1FLUlAGUk5BXS\/iNQlw"} -01147{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3718,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287114,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01037{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3718,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":787,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287114,"flow_src_last_pkt_time":493287114,"flow_dst_last_pkt_time":493287114,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287114,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.133.122.217","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3719,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3719,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_packet_id":1,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493287365,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0nSsAAIARDaYKAAIP3IanUnAJFrwAIIciR05EEEBvAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3719,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3719,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":788,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287365,"flow_src_last_pkt_time":493287365,"flow_dst_last_pkt_time":493287365,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287365,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"220.134.167.82","src_port":28681,"dst_port":5820,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287531,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_packet_id":1,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493287531,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0RlkAAIARSm8KAAIPKmJzgHAJW6IAICgyR05EEEBwAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287531,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3720,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":789,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493287531,"flow_src_last_pkt_time":493287531,"flow_dst_last_pkt_time":493287531,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493287531,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"42.98.115.128","src_port":28681,"dst_port":23458,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288007,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_packet_id":1,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288007,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0oV8AAIARir0KAAIP2qQn6XAJUXcAIM2wR05EEEBxAQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288007,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3721,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":790,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288007,"flow_src_last_pkt_time":493288007,"flow_dst_last_pkt_time":493288007,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288007,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"218.164.39.233","src_port":28681,"dst_port":20855,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00751{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288174,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_packet_id":1,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288174,"pkt":"UlQAEjUCCAAn5uVZCABFAAA09nUAAIARUYoKAAIP21ULVXAJKeIAIBEoR05EEEByAQFUC1FLUlAGUk5BXS\/iNQlw"} -01144{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288174,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01034{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3722,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":791,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288174,"flow_src_last_pkt_time":493288174,"flow_dst_last_pkt_time":493288174,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288174,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"219.85.11.85","src_port":28681,"dst_port":10722,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_packet_id":1,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288388,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0MewAAIARAj0KAAIPJO\/VknAJVPYAINI7R05EEEBzAQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3723,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":792,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288388,"flow_src_last_pkt_time":493288388,"flow_dst_last_pkt_time":493288388,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288388,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.239.213.146","src_port":28681,"dst_port":21750,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00753{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288490,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_packet_id":1,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":493288490,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0bokAAIARxe0KAAIPe81+ZnAJFEkAIBM2R05EEEB0AQFUC1FLUlAGUk5BXS\/iNQlw"} -01146{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288490,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01036{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3724,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":793,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":493288490,"flow_src_last_pkt_time":493288490,"flow_dst_last_pkt_time":493288490,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":493288490,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"123.205.126.102","src_port":28681,"dst_port":5193,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00965{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341251,"flow_src_last_pkt_time":320291193,"flow_dst_last_pkt_time":287341251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":503074636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.184.29.35","src_port":28681,"dst_port":30582,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} 00753{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":3732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":544,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287341251,"flow_src_last_pkt_time":320291193,"flow_dst_last_pkt_time":287341251,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":503074636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"111.184.29.35","src_port":28681,"dst_port":30582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00964{"flow_event_id":9,"flow_event_name":"not-detected","thread_id":0,"packet_id":3732,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":533,"flow_state":"info","flow_src_packets_processed":2,"flow_dst_packets_processed":0,"flow_first_seen":287339588,"flow_src_last_pkt_time":320290592,"flow_dst_last_pkt_time":287339588,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":28,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":28,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":56,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":503074636,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"36.229.185.60","src_port":28681,"dst_port":6898,"l4_proto":"udp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"proto":"Unknown","proto_id":"0","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Unrated"}} @@ -6512,16 +6512,16 @@ 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3795,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":756,"flow_packet_id":4,"flow_src_last_pkt_time":551890239,"flow_dst_last_pkt_time":373494060,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551890239,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0M5oAAIARjK0KAAIPKWRE\/3AJMiYAIIEnR05EEEB2AQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551890376,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_packet_id":1,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551890376,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0tpcAAIARiEQKAAIP1XgaVnAJdPoAILzmR05EEEB3AQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551890376,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3796,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":795,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551890376,"flow_src_last_pkt_time":551890376,"flow_dst_last_pkt_time":551890376,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551890376,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"213.120.26.86","src_port":28681,"dst_port":29946,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00524{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3798,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":187,"flow_packet_id":5,"flow_src_last_pkt_time":551890628,"flow_dst_last_pkt_time":82062863,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551890628,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0uoQAAIARu5UKAAIPXFhcOHAJUhEAIBcMR05EEEB5AQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3802,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":503,"flow_packet_id":4,"flow_src_last_pkt_time":551891091,"flow_dst_last_pkt_time":287311602,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551891091,"pkt":"UlQAEjUCCAAn5uVZCABFAAA022wAAIARFCMKAAIPStL0SHAJGMoAIMnER05EEEB9AQFUC1FLUlAGUk5BXS\/iNQlw"} 00752{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551892012,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5} 00526{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_packet_id":1,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551892012,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0J3oAAIARnW8KAAIPKfk\/yHAJWDYAIF+oR05EEECHAQFUC1FLUlAGUk5BXS\/iNQlw"} -01145{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551892012,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} +01035{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3812,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":796,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":551892012,"flow_src_last_pkt_time":551892012,"flow_dst_last_pkt_time":551892012,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":24,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":24,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":24,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":551892012,"l3_proto":"ip4","src_ip":"10.0.2.15","dst_ip":"41.249.63.200","src_port":28681,"dst_port":22582,"l4_proto":"udp","ndpi": {"flow_risk": {"22": {"risk":"Unsafe Protocol","severity":"Low","risk_score": {"total":450,"client":345,"server":105}}},"confidence": {"6":"DPI"},"proto":"Gnutella","proto_id":"35","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Potentially Dangerous","category_id":7,"category":"Download"}} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3816,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":485,"flow_packet_id":5,"flow_src_last_pkt_time":551892013,"flow_dst_last_pkt_time":253025155,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":551892013,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0fvwAAIAR6tkKAAIPmgMq0XAJGMoAIEP9R05EEECLAQFUC1FLUlAGUk5BXS\/iNQlw"} 00718{"flow_event_id":1,"flow_event_name":"new","thread_id":0,"packet_id":3817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","flow_datalink":1,"flow_max_packets":5} 00566{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_packet_id":1,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"pkt_datalink":1,"pkt_caplen":94,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":94,"pkt_l4_len":60,"thread_ts_usec":552011039,"pkt":"CAAn5uVZUlQAEjUCCABFwABQEicAAH8BV+OaAyrRCgACDwMDzhEAAAAARQAANH78AAB\/EevZCgACD5oDKtFwCRjKACBD\/UdORBBAiwEBVAtRS1JQBlJOQV0v4jUJcA=="} -01011{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"flow_risk": {"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.209868}} +00886{"flow_event_id":7,"flow_event_name":"detected","thread_id":0,"packet_id":3817,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":797,"flow_state":"info","flow_src_packets_processed":1,"flow_dst_packets_processed":0,"flow_first_seen":552011039,"flow_src_last_pkt_time":552011039,"flow_dst_last_pkt_time":552011039,"flow_idle_time":140000000,"flow_src_min_l4_payload_len":60,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":60,"flow_dst_max_l4_payload_len":0,"flow_src_tot_l4_payload_len":60,"flow_dst_tot_l4_payload_len":0,"midstream":0,"thread_ts_usec":552011039,"l3_proto":"ip4","src_ip":"154.3.42.209","dst_ip":"10.0.2.15","l4_proto":"icmp","ndpi": {"confidence": {"6":"DPI"},"proto":"ICMP","proto_id":"81","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":14,"category":"Network","entropy":5.209868}} 00553{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3818,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":781,"flow_packet_id":4,"flow_src_last_pkt_time":551881619,"flow_dst_last_pkt_time":552092880,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":87,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":87,"pkt_l4_len":53,"thread_ts_usec":552092880,"pkt":"CAAn5uVZUlQAEjUCCABFAABJEigAAEARuAJwaTQCCgACD1uicAkANZuMbKYxAvsfW2T\/qR3jmLqfAwEBABYAAACiW3BpNAIfAAAAAACAAMOCVVBDAQEB"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3822,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":749,"flow_packet_id":4,"flow_src_last_pkt_time":553212305,"flow_dst_last_pkt_time":312956768,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":553212305,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0JvQAAIARngEKAAIPTp8bFnAJRJsAIHNKR05EEECMAQFUC1FLUlAGUk5BXS\/iNQlw"} 00525{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":3823,"source":"cfgs\/default\/pcap\/gnutella.pcap","alias":"nDPId-test","flow_id":751,"flow_packet_id":4,"flow_src_last_pkt_time":553212469,"flow_dst_last_pkt_time":312957456,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"thread_ts_usec":553212469,"pkt":"UlQAEjUCCAAn5uVZCABFAAA0D1MAAIARtksKAAIPjnPamHAJFwwAIKGBR05EEECNAQFUC1FLUlAGUk5BXS\/iNQlw"} |