diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2023-05-23 04:38:07 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2023-05-24 19:30:19 +0200 |
| commit | c9514136b7c4246a57b85474d1a8e376a9009d4a (patch) | |
| tree | eb17d83ea16815000a4f723c240e54f21cf0691b /test/results/flow-info/default/waze.pcap.out | |
| parent | a4e5bab9b2826ae50a48da275b6b441624aab50f (diff) | |
bump libnDPI to ...
* upstream changed regression test interface, needed to adapt
* improved libnDPI helper build script
* updated JSON schema
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/default/waze.pcap.out')
| -rw-r--r-- | test/results/flow-info/default/waze.pcap.out | 222 |
1 files changed, 222 insertions, 0 deletions
diff --git a/test/results/flow-info/default/waze.pcap.out b/test/results/flow-info/default/waze.pcap.out new file mode 100644 index 000000000..efcbd7325 --- /dev/null +++ b/test/results/flow-info/default/waze.pcap.out @@ -0,0 +1,222 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [MIDSTREAM] + new: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] + detected: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] [NTP][Unknown][System][Acceptable] + RISK: Unidirectional Traffic + new: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] + detected: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Web][Acceptable][xtra1.gpsonextra.net] + new: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80] + new: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] + new: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] + detected: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com] + new: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] + detected: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + new: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80] + detected: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com] + detection-update: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + detection-update: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + detection-update: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + detection-update: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable][xtra1.gpsonextra.net] + RISK: Binary App Transfer + new: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80] + new: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80] + detected: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com] + detected: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com] + new: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] + new: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] + new: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] + new: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] + new: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80] + detected: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com] + new: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80] + detected: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com] + detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + new: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80] + detected: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com] + analyse: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.002| 3.681| 0.340| 0.885| 782653.260| 2.800] + [PKTLEN......: 40.000|11819.000| 1952.700| 3090.500| 9551440.000| 3.500] + [BINS(c->s)..: 15,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,10] + [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] + [IATS(ms)....: 3.7,3.9,21.8,22.4,3678.0,3680.6,286.1,284.3,338.9,393.5,330.3,329.4,54.6,2.0,179.3,179.5,2.6,51.2,50.7,3.1,28.5,76.3,51.1,51.3,122.7,73.5,10.2,59.1,52.6,58.3,56.5] + [PKTLENS.....: 60,40,40,303,40,1408,40,2776,40,5512,40,8248,40,2673,40,1408,40,1408,40,9616,40,2776,40,5512,40,5512,40,2776,40,11819,40,40] + [ENTROPIES...: 4.4,4.7,4.7,5.5,4.6,7.0,4.6,6.9,4.6,5.6,4.7,6.8,4.7,7.0,4.6,3.0,4.6,7.0,4.7,6.2,4.7,6.6,4.7,1.7,4.7,1.7,4.7,1.4,4.6,1.7,4.7,4.7] + analyse: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.000| 1.659| 0.289| 0.505| 255075.107| 3.300] + [PKTLEN......: 40.000| 5501.000| 553.800| 1270.800| 1615041.000| 3.000] + [BINS(c->s)..: 5,2,0,0,3,1,0,0,0,0,1,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 12,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3] + [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,1,0,0,1] + [IATS(ms)....: 1.2,10.9,357.2,367.1,474.4,475.3,8.1,9.0,265.9,317.7,52.0,0.9,0.6,0.3,0.3,1430.1,1483.3,119.5,172.8,51.4,51.9,1.4,0.9,0.5,0.4,0.3,0.4,1601.9,1658.8,0.2,57.1] + [PKTLENS.....: 60,40,40,222,40,3187,40,366,40,274,189,40,576,40,101,40,5501,40,189,40,576,40,576,40,576,40,101,40,4397,40,189,40] + [ENTROPIES...: 4.3,4.7,4.7,5.2,4.7,7.4,4.6,7.3,4.7,7.0,6.9,4.6,7.6,4.7,6.1,4.6,8.0,4.7,6.8,4.6,7.6,4.6,7.7,4.6,7.6,4.7,6.2,4.7,8.0,4.6,6.8,4.6] + detection-update: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + detection-update: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + new: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] + detected: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + new: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] + detection-update: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + new: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] + detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + new: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] + detection-update: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + detected: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + new: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] [MIDSTREAM] + new: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] [MIDSTREAM] + new: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] [MIDSTREAM] + new: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80] [MIDSTREAM] + new: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80] [MIDSTREAM] + new: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] [MIDSTREAM] + new: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80] [MIDSTREAM] + new: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] [MIDSTREAM] + new: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] [MIDSTREAM] + analyse: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.000| 0.416| 0.170| 0.135| 18249.146| 4.400] + [PKTLEN......: 40.000|21928.000| 1824.800| 4660.800| 21723256.000| 2.600] + [BINS(c->s)..: 12,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,5] + [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,0,1,1] + [IATS(ms)....: 1.3,1.6,226.9,227.5,336.5,387.2,51.3,1.2,297.2,297.8,252.5,309.4,358.7,415.9,0.8,0.5,0.5,0.6,254.3,305.5,51.8,52.5,211.3,161.3,248.0,249.1,81.3,79.5,208.7,209.7,0.6] + [PKTLENS.....: 60,40,40,222,40,1408,40,2163,40,174,40,274,40,189,40,576,40,63,40,1408,40,12352,40,5512,40,21928,40,11345,40,40,40,40] + [ENTROPIES...: 4.4,4.8,4.7,5.3,4.7,7.2,4.7,7.6,4.7,6.5,4.8,7.1,4.7,6.9,4.8,7.6,4.7,5.6,4.7,7.9,4.7,8.0,4.7,8.0,4.6,8.0,4.7,8.0,4.7,4.7,4.7,4.7] + analyse: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.000| 1.449| 0.192| 0.280| 78147.936| 3.800] + [PKTLEN......: 40.000|11172.000| 1380.300| 2994.000| 8963944.000| 2.900] + [BINS(c->s)..: 12,1,0,0,1,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 6,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5] + [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,0] + [IATS(ms)....: 2.4,2.8,291.8,292.5,279.8,332.4,52.7,50.7,425.1,475.7,259.9,310.7,0.7,51.4,0.6,0.7,0.5,0.3,293.9,546.0,252.8,1.5,20.2,21.2,56.9,56.8,156.2,205.9,52.7,4.2,1449.2] + [PKTLENS.....: 60,40,40,222,40,1052,40,2519,40,174,40,274,40,576,40,389,40,77,40,10160,40,8136,40,1052,40,11172,40,1052,40,6576,40,40] + [ENTROPIES...: 4.4,4.8,4.8,5.2,4.7,7.0,4.8,7.6,4.6,6.6,4.7,7.0,4.7,7.6,4.8,7.4,4.7,5.7,4.7,8.0,4.8,8.0,4.7,7.8,4.7,8.0,4.8,7.8,4.8,8.0,4.7,4.8] + detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older) + analyse: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.000| 5.891| 1.026| 1.779| 3164212.036| 3.400] + [PKTLEN......: 40.000| 3646.000| 352.100| 731.900| 535720.000| 3.400] + [BINS(c->s)..: 10,0,0,0,1,2,0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2] + [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1] + [IATS(ms)....: 9.1,9.5,461.2,462.1,319.2,370.8,51.5,0.6,58.7,59.3,267.3,318.5,5838.7,5890.9,1.9,3.1,232.7,285.9,1892.6,1892.4,50.9,52.2,293.0,345.1,0.6,0.4,1258.6,1310.0,5014.8,5014.5,51.5] + [PKTLENS.....: 60,40,40,222,40,1052,40,2175,40,366,40,274,40,221,40,541,40,93,40,1052,40,3646,40,189,40,301,40,317,40,77,40,40] + [ENTROPIES...: 4.3,4.7,4.7,5.2,4.6,7.0,4.7,7.5,4.6,7.3,4.7,7.0,4.7,7.0,4.7,7.5,4.7,6.1,4.7,7.8,4.7,7.9,4.7,6.8,4.7,7.2,4.7,7.3,4.7,5.7,4.6,4.7] + new: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] + detected: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + new: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443] + detected: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443] [WhatsApp][Unknown][Chat][Acceptable] + new: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] + detected: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + detection-update: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + guessed: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80] + end: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + end: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable] + idle: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443] [WhatsApp][Unknown][Chat][Acceptable] + guessed: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80] + end: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] + end: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] + end: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) + end: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] + end: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] + guessed: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] [TLS][Unknown][Web][Safe] + end: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] + end: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] + idle: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) + end: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] + end: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] + end: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] + guessed: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] + guessed: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] + guessed: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80] + end: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable] + RISK: Binary App Transfer + guessed: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] + guessed: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] [TLS][Unknown][Web][Safe] + end: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] + idle: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] [NTP][Unknown][System][Acceptable] + RISK: Unidirectional Traffic + guessed: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] + end: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] + not-detected: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [Unknown][Unknown][Unrated] + end: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] + DAEMON-EVENT: shutdown |