diff options
| author | lns <matzeton@googlemail.com> | 2022-10-01 22:37:25 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2022-10-01 22:37:25 +0200 |
| commit | 49ea4f847427846e668054704d6e997757805c0b (patch) | |
| tree | 67e2026ee10f9a572d109ebed24fae7744238d83 /test/results/flow-info/gnutella.pcap.out | |
| parent | b6060b897e629d3bf16a50842cd9da89ea172621 (diff) | |
Small fixes.
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info/gnutella.pcap.out')
| -rw-r--r-- | test/results/flow-info/gnutella.pcap.out | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/test/results/flow-info/gnutella.pcap.out b/test/results/flow-info/gnutella.pcap.out index b3f592cc9..2091c43d9 100644 --- a/test/results/flow-info/gnutella.pcap.out +++ b/test/results/flow-info/gnutella.pcap.out @@ -9,42 +9,42 @@ new: [.....4] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [................................ff02::1] detected: [.....4] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [................................ff02::1] [ICMPV6][Network][Acceptable] new: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] - detected: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + detected: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable][msedgewin10] new: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] - detected: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Network][Acceptable] + detected: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Network][Acceptable][] new: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] detected: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable] new: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] detected: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] [IGMP][Network][Acceptable] new: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] - detected: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + detected: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable][msedgewin10.local] new: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] - detected: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + detected: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable][msedgewin10.local] new: [....11] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63717] -> [..............................ff02::1:3][.5355] detected: [....11] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63717] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable] - detection-update: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + detection-update: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable][msedgewin10.local] new: [....12] [ip4][..udp] [......10.0.2.15][63717] -> [....224.0.0.252][.5355] detected: [....12] [ip4][..udp] [......10.0.2.15][63717] -> [....224.0.0.252][.5355] [LLMNR][Network][Acceptable] - detection-update: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + detection-update: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable][msedgewin10.local] new: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] - detected: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][System][Acceptable] + detected: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][System][Acceptable][msedgewin10] new: [....14] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] detected: [....14] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Network][Acceptable] new: [....15] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] detected: [....15] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] [WSD][Network][Acceptable] new: [....16] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] - detected: [....16] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [....16] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] new: [....17] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63960] -> [................................ff02::c][.1900] - detected: [....17] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63960] -> [................................ff02::c][.1900] [SSDP][System][Acceptable] + detected: [....17] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63960] -> [................................ff02::c][.1900] [SSDP][System][Acceptable][[ff02::c]:1900] new: [....18] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63965] -> [................................ff02::c][.3702] detected: [....18] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63965] -> [................................ff02::c][.3702] [WSD][Network][Acceptable] new: [....19] [ip4][..udp] [......10.0.2.15][63964] -> [239.255.255.250][.3702] detected: [....19] [ip4][..udp] [......10.0.2.15][63964] -> [239.255.255.250][.3702] [WSD][Network][Acceptable] new: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] - detected: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][System][Dangerous] + detected: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][System][Dangerous][msedgewin10] RISK: Unsafe Protocol new: [....21] [ip4][..udp] [......10.0.2.15][55708] -> [239.255.255.250][.1900] - detected: [....21] [ip4][..udp] [......10.0.2.15][55708] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [....21] [ip4][..udp] [......10.0.2.15][55708] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] new: [....22] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][62539] -> [..............................ff02::1:3][.5355] detected: [....22] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][62539] -> [..............................ff02::1:3][.5355] [LLMNR][Network][Acceptable] new: [....23] [ip4][..udp] [......10.0.2.15][62539] -> [....224.0.0.252][.5355] @@ -96,7 +96,7 @@ new: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] new: [....53] [ip4][..tcp] [......10.0.2.15][50213] -> [...85.117.153.7][50138] new: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] - detected: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] detected: [....51] [ip4][..tcp] [......10.0.2.15][50211] -> [...14.199.10.60][23458] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol new: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] @@ -465,7 +465,7 @@ RISK: Unsafe Protocol detected: [...277] [ip4][..tcp] [......10.0.2.15][50301] -> [..87.123.54.234][54130] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol - detected: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] [TLS][Web][Safe] + detected: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] [TLS][Web][Safe][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detected: [...274] [ip4][..tcp] [......10.0.2.15][50298] -> [.46.128.114.107][.6578] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol @@ -477,7 +477,7 @@ new: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] detected: [...271] [ip4][..tcp] [......10.0.2.15][50295] -> [.38.142.119.234][49732] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol - detection-update: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] [TLS][Web][Safe] + detection-update: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] [TLS][Web][Safe][] RISK: Known Proto on Non Std Port, Self-signed Cert, TLS Cert Expired, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn new: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] new: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] @@ -633,14 +633,14 @@ update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] new: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] new: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] - detected: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Download][Potentially Dangerous] + detected: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Download][Potentially Dangerous][69.118.162.229] RISK: Known Proto on Non Std Port, HTTP Numeric IP Address, Unsafe Protocol - detected: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Download][Potentially Dangerous] + detected: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Download][Potentially Dangerous][189.147.72.83] RISK: Known Proto on Non Std Port, HTTP Numeric IP Address, Unsafe Protocol new: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] - detection-update: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Media][Potentially Dangerous] + detection-update: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Media][Potentially Dangerous][69.118.162.229] RISK: Known Proto on Non Std Port, HTTP Numeric IP Address, Unsafe Protocol - detection-update: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Media][Potentially Dangerous] + detection-update: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Media][Potentially Dangerous][189.147.72.83] RISK: Known Proto on Non Std Port, HTTP Numeric IP Address, Unsafe Protocol new: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] detected: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Download][Potentially Dangerous] @@ -761,7 +761,7 @@ [PKTLENS.....: 52,44,40,578,40,846,1500,326,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132,40,1500,1132] [ENTROPIES...: 4.6,4.8,4.7,5.9,4.6,5.9,7.8,7.3,4.7,7.8,7.8,4.8,7.8,7.8,4.8,7.9,7.8,4.7,7.9,7.8,4.8,7.8,7.8,4.7,7.9,7.8,4.8,7.9,7.8,4.8,7.8,7.8] new: [...345] [ip4][..tcp] [......10.0.2.15][50330] -> [.69.118.162.229][46906] - detected: [...345] [ip4][..tcp] [......10.0.2.15][50330] -> [.69.118.162.229][46906] [HTTP.Gnutella][Download][Potentially Dangerous] + detected: [...345] [ip4][..tcp] [......10.0.2.15][50330] -> [.69.118.162.229][46906] [HTTP.Gnutella][Download][Potentially Dangerous][69.118.162.229] RISK: Known Proto on Non Std Port, HTTP Numeric IP Address, Unsafe Protocol new: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] detected: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] [Gnutella][Download][Potentially Dangerous] @@ -982,7 +982,7 @@ update: [...326] [ip4][..udp] [......10.0.2.15][28681] -> [..100.1.231.138][56558] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol new: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] - detected: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] update: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...349] [ip4][.icmp] [...84.197.97.94] -> [......10.0.2.15] [ICMP][Network][Acceptable] @@ -2033,7 +2033,7 @@ RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] new: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] - detected: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] idle: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...325] [ip4][..udp] [......10.0.2.15][28681] -> [..83.160.143.48][37036] [Gnutella][Download][Potentially Dangerous] @@ -3617,7 +3617,7 @@ detected: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol new: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] - detected: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] new: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] detected: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol @@ -3809,7 +3809,7 @@ RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] new: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] - detected: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][System][Dangerous] + detected: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][System][Dangerous][msedgewin10] RISK: Unsafe Protocol new: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] new: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] @@ -5135,7 +5135,7 @@ update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] new: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] - detected: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] update: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] @@ -5338,7 +5338,7 @@ update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Download][Potentially Dangerous] RISK: Unsafe Protocol new: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] - detected: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + detected: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][System][Acceptable][239.255.255.250:1900] new: [...799] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] detected: [...799] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Network][Acceptable] new: [...800] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] |