diff options
| author | lns <matzeton@googlemail.com> | 2023-05-26 11:17:38 +0200 |
|---|---|---|
| committer | lns <matzeton@googlemail.com> | 2023-05-26 11:17:38 +0200 |
| commit | 8a936a507271b727f7b0907a20fbddbe85bb725e (patch) | |
| tree | fc5d940c747ea965884e60275eafda32ae5823b5 /test/results/flow-info | |
| parent | c9514136b7c4246a57b85474d1a8e376a9009d4a (diff) | |
Fixed integer overflow for tcp timeout (>INT_MAX).
Signed-off-by: lns <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info')
| -rw-r--r-- | test/results/flow-info/default/avast.pcap.out | 14 | ||||
| -rw-r--r-- | test/results/flow-info/default/dnp3.pcap.out | 17 | ||||
| -rw-r--r-- | test/results/flow-info/default/hpvirtgrp.pcap.out | 7 | ||||
| -rw-r--r-- | test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out | 16 | ||||
| -rw-r--r-- | test/results/flow-info/default/threema.pcap.out | 6 | ||||
| -rw-r--r-- | test/results/flow-info/default/wechat.pcap.out | 16 | ||||
| -rw-r--r-- | test/results/flow-info/default/whatsapp.pcap.out | 358 |
7 files changed, 216 insertions, 218 deletions
diff --git a/test/results/flow-info/default/avast.pcap.out b/test/results/flow-info/default/avast.pcap.out index 33954e2e5..a61d7bd4a 100644 --- a/test/results/flow-info/default/avast.pcap.out +++ b/test/results/flow-info/default/avast.pcap.out @@ -9,22 +9,22 @@ DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] detected: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] [AVAST][AVAST][Network][Safe] - idle: [.....1] [ip4][..tcp] [..192.168.2.100][64357] -> [.....5.62.54.29][...80] [AVAST][AVAST][Network][Safe] DAEMON-EVENT: [Processed: 28 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] detected: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] [AVAST][AVAST][Network][Safe] - idle: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] [AVAST][AVAST][Network][Safe] + idle: [.....1] [ip4][..tcp] [..192.168.2.100][64357] -> [.....5.62.54.29][...80] [AVAST][AVAST][Network][Safe] DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..tcp] [..192.168.2.100][58030] -> [.....5.62.54.89][...80] detected: [.....4] [ip4][..tcp] [..192.168.2.100][58030] -> [.....5.62.54.89][...80] [AVAST][AVAST][Network][Safe] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][64701] -> [.....5.62.53.53][...80] [AVAST][AVAST][Network][Safe] idle: [.....3] [ip4][..tcp] [..192.168.2.100][64903] -> [.....5.62.53.53][...80] [AVAST][AVAST][Network][Safe] DAEMON-EVENT: [Processed: 56 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] diff --git a/test/results/flow-info/default/dnp3.pcap.out b/test/results/flow-info/default/dnp3.pcap.out index ed2f7b69b..3c88505cd 100644 --- a/test/results/flow-info/default/dnp3.pcap.out +++ b/test/results/flow-info/default/dnp3.pcap.out @@ -45,7 +45,6 @@ DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] - idle: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] detected: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] analyse: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] min| max| avg| stddev| variance| entropy @@ -58,7 +57,7 @@ [PKTLENS.....: 48,48,48,48,48,48,46,46,46,55,55,55,57,57,57,57,57,57,46,46,46,63,63,63,46,46,46,58,58,58,57,57] [ENTROPIES...: 4.2,4.2,4.2,4.7,4.7,4.7,4.2,4.2,4.2,4.9,4.9,4.9,4.7,4.7,4.7,4.8,4.8,4.8,4.2,4.2,4.2,4.9,4.9,4.9,4.2,4.2,4.2,4.9,4.9,4.9,4.7,4.7] DAEMON-EVENT: [Processed: 351 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] detected: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] analyse: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] @@ -71,18 +70,16 @@ [IATS(ms)....: 0.0,0.0,0.1,0.0,0.0,0.3,0.0,0.0,1.3,0.0,0.0,168.6,0.0,0.0,2471.1,0.0,0.0,0.8,0.0,0.0,2639.4,0.0,0.0,99.8,0.0,0.0,232.2,0.0,0.0,15.3,0.0] [PKTLENS.....: 48,48,48,48,48,48,46,46,46,57,57,57,46,46,46,55,55,55,64,64,64,46,46,46,57,57,57,46,46,46,65,65] [ENTROPIES...: 4.2,4.2,4.2,4.7,4.7,4.7,4.1,4.1,4.1,4.9,4.9,4.9,4.2,4.2,4.2,4.8,4.8,4.8,4.9,4.9,4.9,4.1,4.1,4.1,4.8,4.8,4.8,4.2,4.2,4.2,5.1,5.1] - idle: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] DAEMON-EVENT: [Processed: 444 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] detected: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] - idle: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] - update: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] + idle: [.....1] [ip4][..tcp] [.......10.0.0.8][.2789] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] DAEMON-EVENT: [Processed: 471 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] detected: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] - idle: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] + idle: [.....3] [ip4][..tcp] [.......10.0.0.8][.2828] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] analyse: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 9.488| 0.797| 2.345| 5497481.069| 1.900] @@ -94,7 +91,7 @@ [PKTLENS.....: 48,48,48,48,48,48,46,46,46,57,57,57,46,46,46,64,64,64,57,57,57,46,46,46,64,64,64,57,57,57,46,46] [ENTROPIES...: 4.2,4.2,4.2,4.6,4.6,4.6,4.0,4.0,4.0,4.8,4.8,4.8,4.1,4.1,4.1,4.9,4.9,4.9,4.9,4.9,4.9,4.1,4.1,4.1,4.9,4.9,4.9,4.9,4.9,4.9,4.1,4.1] DAEMON-EVENT: [Processed: 504 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + DAEMON-EVENT: [Flows][active: 4 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] detected: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] analyse: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] @@ -107,7 +104,9 @@ [IATS(ms)....: 0.0,0.0,0.2,0.0,0.0,0.4,0.0,0.0,1.5,0.0,0.0,125.3,0.0,0.0,3672.1,0.0,0.0,3963.2,0.0,0.0,1744.3,0.0,0.0,1702.4,0.0,0.0,2163.8,0.0,0.0,2038.6,0.0] [PKTLENS.....: 48,48,48,48,48,48,46,46,46,57,57,57,46,46,46,64,64,64,46,46,46,64,64,64,46,46,46,46,46,46,46,46] [ENTROPIES...: 4.2,4.2,4.2,4.6,4.6,4.6,4.1,4.1,4.1,4.9,4.9,4.9,4.1,4.1,4.1,4.9,4.9,4.9,4.2,4.2,4.2,5.0,5.0,5.0,4.1,4.1,4.1,4.1,4.1,4.1,4.2,4.2] + idle: [.....4] [ip4][..tcp] [.......10.0.0.9][.1080] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] end: [.....8] [ip4][..tcp] [.......10.0.0.9][.1084] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] + idle: [.....5] [ip4][..tcp] [.......10.0.0.8][.1086] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] idle: [.....6] [ip4][..tcp] [.......10.0.0.8][.1159] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] idle: [.....7] [ip4][..tcp] [.......10.0.0.8][.1184] -> [.......10.0.0.3][20000] [DNP3][Unknown][IoT-Scada][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/hpvirtgrp.pcap.out b/test/results/flow-info/default/hpvirtgrp.pcap.out index ea658686e..68c92e2a8 100644 --- a/test/results/flow-info/default/hpvirtgrp.pcap.out +++ b/test/results/flow-info/default/hpvirtgrp.pcap.out @@ -24,11 +24,11 @@ DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..tcp] [..192.168.2.100][35634] -> [..160.44.194.66][.5223] detected: [.....6] [ip4][..tcp] [..192.168.2.100][35634] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] - idle: [.....4] [ip4][..tcp] [..192.168.2.100][59920] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..tcp] [..192.168.2.100][49838] -> [..160.44.194.66][.5223] detected: [.....7] [ip4][..tcp] [..192.168.2.100][49838] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] + idle: [.....4] [ip4][..tcp] [..192.168.2.100][59920] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] idle: [.....6] [ip4][..tcp] [..192.168.2.100][35634] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] idle: [.....5] [ip4][..tcp] [..192.168.2.100][40152] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -39,8 +39,7 @@ DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..tcp] [..192.168.2.100][42764] -> [..160.44.194.66][.5223] detected: [.....9] [ip4][..tcp] [..192.168.2.100][42764] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] - idle: [.....7] [ip4][..tcp] [..192.168.2.100][49838] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] - update: [.....8] [ip4][..tcp] [..192.168.2.100][42552] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] idle: [.....8] [ip4][..tcp] [..192.168.2.100][42552] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] idle: [.....9] [ip4][..tcp] [..192.168.2.100][42764] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] + idle: [.....7] [ip4][..tcp] [..192.168.2.100][49838] -> [..160.44.194.66][.5223] [HP_VIRTGRP][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out index 28c187ad6..b2a3cdccd 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out @@ -30,6 +30,14 @@ DAEMON-EVENT: [Processed: 14 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] + detected: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] + update: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] + DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 5 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] + new: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] + detected: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] [PPStream][Unknown][Streaming][Fun] + RISK: Unidirectional Traffic + idle: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] idle: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [Starcraft][Unknown][Game][Fun] RISK: Unidirectional Traffic, TCP Connection Issues idle: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [Starcraft][Unknown][Game][Fun] @@ -38,14 +46,6 @@ RISK: Unidirectional Traffic, TCP Connection Issues idle: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [Starcraft][Unknown][Game][Fun] RISK: Unidirectional Traffic, TCP Connection Issues - detected: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] - update: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] - DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] - new: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] - detected: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic - idle: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [.....9] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...10] [MIDSTREAM] diff --git a/test/results/flow-info/default/threema.pcap.out b/test/results/flow-info/default/threema.pcap.out index 477eff209..0ce2bd42f 100644 --- a/test/results/flow-info/default/threema.pcap.out +++ b/test/results/flow-info/default/threema.pcap.out @@ -15,14 +15,14 @@ DAEMON-EVENT: [Processed: 57 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] - idle: [.....1] [ip4][..tcp] [..192.168.2.100][50298] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] - idle: [.....2] [ip4][..tcp] [..192.168.2.100][50484] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] end: [.....4] [ip4][..tcp] [..192.168.2.100][50618] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] guessed: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] end: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] + idle: [.....1] [ip4][..tcp] [..192.168.2.100][50298] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][50484] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] guessed: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] end: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wechat.pcap.out b/test/results/flow-info/default/wechat.pcap.out index 9f6b7fed3..5ca3cd489 100644 --- a/test/results/flow-info/default/wechat.pcap.out +++ b/test/results/flow-info/default/wechat.pcap.out @@ -549,13 +549,7 @@ end: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] end: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] end: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] - guessed: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] - idle: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] - guessed: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [Google][Google][Web][Acceptable] - idle: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] - idle: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable] idle: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] - idle: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] idle: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] @@ -564,8 +558,6 @@ idle: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] - guessed: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] [TLS][Google][Web][Safe] - idle: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] new: [....78] [ip4][..tcp] [..192.168.1.103][39207] -> [...95.101.34.34][...80] [MIDSTREAM] new: [....79] [ip4][..tcp] [..192.168.1.103][34996] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....80] [ip4][..tcp] [..192.168.1.103][34999] -> [...95.101.34.33][...80] [MIDSTREAM] @@ -669,6 +661,12 @@ idle: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] idle: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] idle: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] + guessed: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] + idle: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] + guessed: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [Google][Google][Web][Acceptable] + idle: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] + idle: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable] + idle: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] idle: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] guessed: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] RISK: Unidirectional Traffic @@ -706,4 +704,6 @@ guessed: [....82] [ip4][..tcp] [..192.168.1.103][39231] -> [...95.101.34.34][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....82] [ip4][..tcp] [..192.168.1.103][39231] -> [...95.101.34.34][...80] + guessed: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] [TLS][Google][Web][Safe] + idle: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/whatsapp.pcap.out b/test/results/flow-info/default/whatsapp.pcap.out index 7efedb2aa..467cdd1db 100644 --- a/test/results/flow-info/default/whatsapp.pcap.out +++ b/test/results/flow-info/default/whatsapp.pcap.out @@ -33,254 +33,244 @@ new: [.....8] [ip4][..tcp] [..192.168.2.100][45932] -> [..179.60.195.49][.5222] detected: [.....8] [ip4][..tcp] [..192.168.2.100][45932] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [..192.168.2.100][44804] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 65 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..tcp] [..192.168.2.100][40954] -> [..179.60.195.49][.5222] detected: [.....9] [ip4][..tcp] [..192.168.2.100][40954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [.....2] [ip4][..tcp] [..192.168.2.100][40084] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [.....5] [ip4][..tcp] [..192.168.2.100][40178] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [.....3] [ip4][..tcp] [..192.168.2.100][42272] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [.....4] [ip4][..tcp] [..192.168.2.100][42436] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 9 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....10] [ip4][..tcp] [..192.168.2.100][41214] -> [..179.60.195.49][.5222] detected: [....10] [ip4][..tcp] [..192.168.2.100][41214] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [.....6] [ip4][..tcp] [..192.168.2.100][42646] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [.....8] [ip4][..tcp] [..192.168.2.100][45932] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [.....7] [ip4][..tcp] [..192.168.2.100][40204] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....11] [ip4][..tcp] [..192.168.2.100][49026] -> [..179.60.195.33][.5222] detected: [....11] [ip4][..tcp] [..192.168.2.100][49026] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 89 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....12] [ip4][..tcp] [..192.168.2.100][41288] -> [..179.60.195.49][.5222] detected: [....12] [ip4][..tcp] [..192.168.2.100][41288] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [.....1] [ip4][..tcp] [..192.168.2.100][44804] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 97 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....13] [ip4][..tcp] [..192.168.2.100][41610] -> [..179.60.195.49][.5222] detected: [....13] [ip4][..tcp] [..192.168.2.100][41610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....11] [ip4][..tcp] [..192.168.2.100][49026] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [.....6] [ip4][..tcp] [..192.168.2.100][42646] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [.....9] [ip4][..tcp] [..192.168.2.100][40954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][40084] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....10] [ip4][..tcp] [..192.168.2.100][41214] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [.....5] [ip4][..tcp] [..192.168.2.100][40178] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [.....7] [ip4][..tcp] [..192.168.2.100][40204] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [..192.168.2.100][42272] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [.....4] [ip4][..tcp] [..192.168.2.100][42436] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....14] [ip4][..tcp] [..192.168.2.100][41808] -> [..179.60.195.49][.5222] detected: [....14] [ip4][..tcp] [..192.168.2.100][41808] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....12] [ip4][..tcp] [..192.168.2.100][41288] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [.....8] [ip4][..tcp] [..192.168.2.100][45932] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 113 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....15] [ip4][..tcp] [..192.168.2.100][37482] -> [..179.60.195.33][.5222] detected: [....15] [ip4][..tcp] [..192.168.2.100][37482] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 121 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....16] [ip4][..tcp] [..192.168.2.100][37582] -> [..179.60.195.33][.5222] detected: [....16] [ip4][..tcp] [..192.168.2.100][37582] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 129 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....17] [ip4][..tcp] [..192.168.2.100][45754] -> [..179.60.195.49][.5222] detected: [....17] [ip4][..tcp] [..192.168.2.100][45754] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....13] [ip4][..tcp] [..192.168.2.100][41610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [.....9] [ip4][..tcp] [..192.168.2.100][40954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 137 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 17|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 17|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....18] [ip4][..tcp] [..192.168.2.100][45824] -> [..179.60.195.49][.5222] detected: [....18] [ip4][..tcp] [..192.168.2.100][45824] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....11] [ip4][..tcp] [..192.168.2.100][49026] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....10] [ip4][..tcp] [..192.168.2.100][41214] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 145 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....19] [ip4][..tcp] [..192.168.2.100][46406] -> [..179.60.195.49][.5222] detected: [....19] [ip4][..tcp] [..192.168.2.100][46406] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....15] [ip4][..tcp] [..192.168.2.100][37482] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....17] [ip4][..tcp] [..192.168.2.100][45754] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....16] [ip4][..tcp] [..192.168.2.100][37582] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....18] [ip4][..tcp] [..192.168.2.100][45824] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....12] [ip4][..tcp] [..192.168.2.100][41288] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....14] [ip4][..tcp] [..192.168.2.100][41808] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....13] [ip4][..tcp] [..192.168.2.100][41610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 153 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 19|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 19|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....20] [ip4][..tcp] [..192.168.2.100][40224] -> [....31.13.83.49][.5222] detected: [....20] [ip4][..tcp] [..192.168.2.100][40224] -> [....31.13.83.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....14] [ip4][..tcp] [..192.168.2.100][41808] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic new: [....21] [ip4][..tcp] [..192.168.2.100][45470] -> [..179.60.195.33][.5222] detected: [....21] [ip4][..tcp] [..192.168.2.100][45470] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....15] [ip4][..tcp] [..192.168.2.100][37482] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 169 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 21|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 21|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....22] [ip4][..tcp] [..192.168.2.100][43084] -> [..179.60.195.49][.5222] detected: [....22] [ip4][..tcp] [..192.168.2.100][43084] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....23] [ip4][..tcp] [..192.168.2.100][45602] -> [..179.60.195.33][.5222] detected: [....23] [ip4][..tcp] [..192.168.2.100][45602] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....16] [ip4][..tcp] [..192.168.2.100][37582] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 184 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 23|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 23|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....24] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.49][.5222] detected: [....24] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....25] [ip4][..tcp] [..192.168.2.100][46042] -> [..179.60.195.33][.5222] detected: [....25] [ip4][..tcp] [..192.168.2.100][46042] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....17] [ip4][..tcp] [..192.168.2.100][45754] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 200 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 25|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 25|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....26] [ip4][..tcp] [..192.168.2.100][43206] -> [..179.60.195.49][.5222] detected: [....26] [ip4][..tcp] [..192.168.2.100][43206] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....19] [ip4][..tcp] [..192.168.2.100][46406] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 208 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 9 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....27] [ip4][..tcp] [..192.168.2.100][43230] -> [..179.60.195.49][.5222] detected: [....27] [ip4][..tcp] [..192.168.2.100][43230] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....18] [ip4][..tcp] [..192.168.2.100][45824] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 8 / 27|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 9 / 27|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....28] [ip4][..tcp] [..192.168.2.100][46468] -> [..179.60.195.33][.5222] detected: [....28] [ip4][..tcp] [..192.168.2.100][46468] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....21] [ip4][..tcp] [..192.168.2.100][45470] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....20] [ip4][..tcp] [..192.168.2.100][40224] -> [....31.13.83.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 224 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 28|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 10 / 28|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....29] [ip4][..tcp] [..192.168.2.100][47360] -> [..179.60.195.33][.5222] detected: [....29] [ip4][..tcp] [..192.168.2.100][47360] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....22] [ip4][..tcp] [..192.168.2.100][43084] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + DAEMON-EVENT: [Processed: 232 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 11 / 29|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] + detected: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....24] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....22] [ip4][..tcp] [..192.168.2.100][43084] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....26] [ip4][..tcp] [..192.168.2.100][43206] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....21] [ip4][..tcp] [..192.168.2.100][45470] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....23] [ip4][..tcp] [..192.168.2.100][45602] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....25] [ip4][..tcp] [..192.168.2.100][46042] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - DAEMON-EVENT: [Processed: 232 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 29|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] - detected: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....27] [ip4][..tcp] [..192.168.2.100][43230] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....19] [ip4][..tcp] [..192.168.2.100][46406] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....28] [ip4][..tcp] [..192.168.2.100][46468] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....20] [ip4][..tcp] [..192.168.2.100][40224] -> [....31.13.83.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 240 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 30|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 30|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....31] [ip4][..tcp] [..192.168.2.100][40108] -> [..179.60.195.33][.5222] detected: [....31] [ip4][..tcp] [..192.168.2.100][40108] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....29] [ip4][..tcp] [..192.168.2.100][47360] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....24] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....26] [ip4][..tcp] [..192.168.2.100][43206] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....25] [ip4][..tcp] [..192.168.2.100][46042] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 249 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 5 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....32] [ip4][..tcp] [..192.168.2.100][43954] -> [..179.60.195.49][.5222] detected: [....32] [ip4][..tcp] [..192.168.2.100][43954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....27] [ip4][..tcp] [..192.168.2.100][43230] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic new: [....33] [ip4][..tcp] [..192.168.2.100][49096] -> [....31.13.93.54][.5222] detected: [....33] [ip4][..tcp] [..192.168.2.100][49096] -> [....31.13.93.54][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 265 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....34] [ip4][..tcp] [..192.168.2.100][43978] -> [..179.60.195.49][.5222] detected: [....34] [ip4][..tcp] [..192.168.2.100][43978] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....28] [ip4][..tcp] [..192.168.2.100][46468] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 273 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 34|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 34|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....35] [ip4][..tcp] [..192.168.2.100][40990] -> [..179.60.195.33][.5222] detected: [....35] [ip4][..tcp] [..192.168.2.100][40990] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....31] [ip4][..tcp] [..192.168.2.100][40108] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 281 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 35|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 35|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....36] [ip4][..tcp] [..192.168.2.100][45290] -> [..179.60.195.49][.5222] detected: [....36] [ip4][..tcp] [..192.168.2.100][45290] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....29] [ip4][..tcp] [..192.168.2.100][47360] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 289 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 36|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 36|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....37] [ip4][..tcp] [..192.168.2.100][51544] -> [..179.60.195.49][.5222] detected: [....37] [ip4][..tcp] [..192.168.2.100][51544] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....33] [ip4][..tcp] [..192.168.2.100][49096] -> [....31.13.93.54][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....32] [ip4][..tcp] [..192.168.2.100][43954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 297 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 37|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 37|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....38] [ip4][..tcp] [..192.168.2.100][47948] -> [..179.60.195.49][.5222] detected: [....38] [ip4][..tcp] [..192.168.2.100][47948] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....39] [ip4][..tcp] [..192.168.2.100][51724] -> [..179.60.195.49][.5222] detected: [....39] [ip4][..tcp] [..192.168.2.100][51724] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....34] [ip4][..tcp] [..192.168.2.100][43978] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 312 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 39|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 10 / 39|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....40] [ip4][..tcp] [..192.168.2.100][45334] -> [..179.60.195.49][.5222] detected: [....40] [ip4][..tcp] [..192.168.2.100][45334] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....35] [ip4][..tcp] [..192.168.2.100][40990] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....30] [ip4][..tcp] [..192.168.2.100][39828] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic new: [....41] [ip4][..tcp] [..192.168.2.100][52152] -> [..179.60.195.49][.5222] detected: [....41] [ip4][..tcp] [..192.168.2.100][52152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....36] [ip4][..tcp] [..192.168.2.100][45290] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....31] [ip4][..tcp] [..192.168.2.100][40108] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 328 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 41|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 10 / 41|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....42] [ip4][..tcp] [..192.168.2.100][41664] -> [..179.60.195.33][.5222] detected: [....42] [ip4][..tcp] [..192.168.2.100][41664] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic new: [....43] [ip4][..tcp] [..192.168.2.100][52294] -> [..179.60.195.49][.5222] detected: [....43] [ip4][..tcp] [..192.168.2.100][52294] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....37] [ip4][..tcp] [..192.168.2.100][51544] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 344 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 6 / 43|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 12 / 43|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....44] [ip4][..tcp] [..192.168.2.100][41722] -> [..179.60.195.33][.5222] detected: [....44] [ip4][..tcp] [..192.168.2.100][41722] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....39] [ip4][..tcp] [..192.168.2.100][51724] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....33] [ip4][..tcp] [..192.168.2.100][49096] -> [....31.13.93.54][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....38] [ip4][..tcp] [..192.168.2.100][47948] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....32] [ip4][..tcp] [..192.168.2.100][43954] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 352 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 44|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 44|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....45] [ip4][..tcp] [..192.168.2.100][48234] -> [..179.60.195.49][.5222] detected: [....45] [ip4][..tcp] [..192.168.2.100][48234] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....40] [ip4][..tcp] [..192.168.2.100][45334] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....35] [ip4][..tcp] [..192.168.2.100][40990] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....34] [ip4][..tcp] [..192.168.2.100][43978] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....46] [ip4][..tcp] [..192.168.2.100][55038] -> [..179.60.195.49][.5222] detected: [....46] [ip4][..tcp] [..192.168.2.100][55038] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] @@ -289,47 +279,47 @@ detected: [....47] [ip4][..tcp] [..192.168.2.100][55476] -> [....31.13.70.50][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 373 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 47|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 12 / 47|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....48] [ip4][..tcp] [..192.168.2.100][48538] -> [..179.60.195.49][.5222] detected: [....48] [ip4][..tcp] [..192.168.2.100][48538] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....42] [ip4][..tcp] [..192.168.2.100][41664] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....36] [ip4][..tcp] [..192.168.2.100][45290] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....44] [ip4][..tcp] [..192.168.2.100][41722] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....37] [ip4][..tcp] [..192.168.2.100][51544] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....41] [ip4][..tcp] [..192.168.2.100][52152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....39] [ip4][..tcp] [..192.168.2.100][51724] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....43] [ip4][..tcp] [..192.168.2.100][52294] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....38] [ip4][..tcp] [..192.168.2.100][47948] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 381 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 48|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 9 / 48|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....49] [ip4][..tcp] [..192.168.2.100][45850] -> [..179.60.195.49][.5222] detected: [....49] [ip4][..tcp] [..192.168.2.100][45850] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....50] [ip4][..tcp] [..192.168.2.100][42622] -> [..179.60.195.33][.5222] detected: [....50] [ip4][..tcp] [..192.168.2.100][42622] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....46] [ip4][..tcp] [..192.168.2.100][55038] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....47] [ip4][..tcp] [..192.168.2.100][55476] -> [....31.13.70.50][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....45] [ip4][..tcp] [..192.168.2.100][48234] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....51] [ip4][..tcp] [..192.168.2.100][58198] -> [..179.60.195.49][.5222] detected: [....51] [ip4][..tcp] [..192.168.2.100][58198] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 405 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 51|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 12 / 51|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....52] [ip4][..tcp] [..192.168.2.100][42796] -> [..179.60.195.33][.5222] detected: [....52] [ip4][..tcp] [..192.168.2.100][42796] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....40] [ip4][..tcp] [..192.168.2.100][45334] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 413 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 52|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 12 / 52|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....53] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.33][.5222] detected: [....53] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....42] [ip4][..tcp] [..192.168.2.100][41664] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....41] [ip4][..tcp] [..192.168.2.100][52152] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 421 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 6 / 53|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 53|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....54] [ip4][..tcp] [..192.168.2.100][46732] -> [..179.60.195.49][.5222] detected: [....54] [ip4][..tcp] [..192.168.2.100][46732] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic @@ -339,164 +329,162 @@ new: [....56] [ip4][..tcp] [..192.168.2.100][46598] -> [..179.60.195.49][.5222] detected: [....56] [ip4][..tcp] [..192.168.2.100][46598] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....50] [ip4][..tcp] [..192.168.2.100][42622] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....52] [ip4][..tcp] [..192.168.2.100][42796] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....49] [ip4][..tcp] [..192.168.2.100][45850] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....51] [ip4][..tcp] [..192.168.2.100][58198] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....44] [ip4][..tcp] [..192.168.2.100][41722] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....48] [ip4][..tcp] [..192.168.2.100][48538] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....43] [ip4][..tcp] [..192.168.2.100][52294] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 441 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 56|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 12 / 56|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....57] [ip4][..tcp] [..192.168.2.100][46768] -> [..179.60.195.49][.5222] detected: [....57] [ip4][..tcp] [..192.168.2.100][46768] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....53] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....46] [ip4][..tcp] [..192.168.2.100][55038] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....47] [ip4][..tcp] [..192.168.2.100][55476] -> [....31.13.70.50][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....45] [ip4][..tcp] [..192.168.2.100][48234] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....58] [ip4][..tcp] [..192.168.2.100][45130] -> [..179.60.195.33][.5222] detected: [....58] [ip4][..tcp] [..192.168.2.100][45130] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 457 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 58|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 58|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....59] [ip4][..tcp] [..192.168.2.100][60328] -> [..179.60.195.49][.5222] detected: [....59] [ip4][..tcp] [..192.168.2.100][60328] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....54] [ip4][..tcp] [..192.168.2.100][46732] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....50] [ip4][..tcp] [..192.168.2.100][42622] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....57] [ip4][..tcp] [..192.168.2.100][46768] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....52] [ip4][..tcp] [..192.168.2.100][42796] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....58] [ip4][..tcp] [..192.168.2.100][45130] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....53] [ip4][..tcp] [..192.168.2.100][43152] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....55] [ip4][..tcp] [..192.168.2.100][58882] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....49] [ip4][..tcp] [..192.168.2.100][45850] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....56] [ip4][..tcp] [..192.168.2.100][46598] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....51] [ip4][..tcp] [..192.168.2.100][58198] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....48] [ip4][..tcp] [..192.168.2.100][48538] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 465 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 59|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 59|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....60] [ip4][..tcp] [..192.168.2.100][32798] -> [..179.60.195.49][.5222] detected: [....60] [ip4][..tcp] [..192.168.2.100][32798] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....59] [ip4][..tcp] [..192.168.2.100][60328] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....54] [ip4][..tcp] [..192.168.2.100][46732] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....57] [ip4][..tcp] [..192.168.2.100][46768] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....58] [ip4][..tcp] [..192.168.2.100][45130] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....55] [ip4][..tcp] [..192.168.2.100][58882] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....56] [ip4][..tcp] [..192.168.2.100][46598] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 473 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 60|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 60|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....61] [ip4][..tcp] [..192.168.2.100][47086] -> [..179.60.195.49][.5222] detected: [....61] [ip4][..tcp] [..192.168.2.100][47086] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 481 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 61|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 61|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....62] [ip4][..tcp] [..192.168.2.100][49182] -> [..179.60.195.49][.5222] detected: [....62] [ip4][..tcp] [..192.168.2.100][49182] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 488 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 62|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 62|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....63] [ip4][..tcp] [..192.168.2.100][49232] -> [..179.60.195.49][.5222] detected: [....63] [ip4][..tcp] [..192.168.2.100][49232] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....61] [ip4][..tcp] [..192.168.2.100][47086] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....62] [ip4][..tcp] [..192.168.2.100][49182] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....60] [ip4][..tcp] [..192.168.2.100][32798] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....59] [ip4][..tcp] [..192.168.2.100][60328] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 496 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 63|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 63|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....64] [ip4][..tcp] [..192.168.2.100][47350] -> [..179.60.195.49][.5222] detected: [....64] [ip4][..tcp] [..192.168.2.100][47350] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....61] [ip4][..tcp] [..192.168.2.100][47086] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....60] [ip4][..tcp] [..192.168.2.100][32798] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 504 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 64|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 64|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....65] [ip4][..tcp] [..192.168.2.100][49238] -> [..179.60.195.49][.5222] detected: [....65] [ip4][..tcp] [..192.168.2.100][49238] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....63] [ip4][..tcp] [..192.168.2.100][49232] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....62] [ip4][..tcp] [..192.168.2.100][49182] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 512 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 65|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 3 / 65|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....66] [ip4][..tcp] [..192.168.2.100][49250] -> [..179.60.195.49][.5222] detected: [....66] [ip4][..tcp] [..192.168.2.100][49250] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 520 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 66|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 66|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....67] [ip4][..tcp] [..192.168.2.100][47296] -> [..179.60.195.49][.5222] detected: [....67] [ip4][..tcp] [..192.168.2.100][47296] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....64] [ip4][..tcp] [..192.168.2.100][47350] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 528 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 67|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 5 / 67|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....68] [ip4][..tcp] [..192.168.2.100][47900] -> [..179.60.195.49][.5222] detected: [....68] [ip4][..tcp] [..192.168.2.100][47900] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....65] [ip4][..tcp] [..192.168.2.100][49238] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....66] [ip4][..tcp] [..192.168.2.100][49250] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....63] [ip4][..tcp] [..192.168.2.100][49232] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 536 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 68|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 5 / 68|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....69] [ip4][..tcp] [..192.168.2.100][47590] -> [..179.60.195.49][.5222] detected: [....69] [ip4][..tcp] [..192.168.2.100][47590] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....67] [ip4][..tcp] [..192.168.2.100][47296] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....70] [ip4][..tcp] [..192.168.2.100][49428] -> [..179.60.195.49][.5222] detected: [....70] [ip4][..tcp] [..192.168.2.100][49428] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....64] [ip4][..tcp] [..192.168.2.100][47350] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 552 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 70|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 6 / 70|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....71] [ip4][..tcp] [..192.168.2.100][47634] -> [..179.60.195.49][.5222] detected: [....71] [ip4][..tcp] [..192.168.2.100][47634] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 560 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 71|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 71|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....72] [ip4][..tcp] [..192.168.2.100][49610] -> [..179.60.195.49][.5222] detected: [....72] [ip4][..tcp] [..192.168.2.100][49610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....68] [ip4][..tcp] [..192.168.2.100][47900] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....65] [ip4][..tcp] [..192.168.2.100][49238] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....66] [ip4][..tcp] [..192.168.2.100][49250] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....73] [ip4][..tcp] [..192.168.2.100][37378] -> [..179.60.195.49][.5222] detected: [....73] [ip4][..tcp] [..192.168.2.100][37378] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....69] [ip4][..tcp] [..192.168.2.100][47590] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....74] [ip4][..tcp] [..192.168.2.100][47738] -> [..179.60.195.49][.5222] detected: [....74] [ip4][..tcp] [..192.168.2.100][47738] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 584 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 74|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 74|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....75] [ip4][..tcp] [..192.168.2.100][37404] -> [..179.60.195.49][.5222] detected: [....75] [ip4][..tcp] [..192.168.2.100][37404] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....70] [ip4][..tcp] [..192.168.2.100][49428] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....71] [ip4][..tcp] [..192.168.2.100][47634] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....67] [ip4][..tcp] [..192.168.2.100][47296] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 592 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 75|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 8 / 75|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....76] [ip4][..tcp] [..192.168.2.100][47776] -> [..179.60.195.49][.5222] detected: [....76] [ip4][..tcp] [..192.168.2.100][47776] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 600 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 76|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 9 / 76|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....77] [ip4][..tcp] [..192.168.2.100][37766] -> [..179.60.195.49][.5222] detected: [....77] [ip4][..tcp] [..192.168.2.100][37766] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....78] [ip4][..tcp] [..192.168.2.100][37674] -> [..179.60.195.49][.5222] detected: [....78] [ip4][..tcp] [..192.168.2.100][37674] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....72] [ip4][..tcp] [..192.168.2.100][49610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 616 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 6 / 78|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 78|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....79] [ip4][..tcp] [..192.168.2.100][47810] -> [..179.60.195.49][.5222] detected: [....79] [ip4][..tcp] [..192.168.2.100][47810] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....73] [ip4][..tcp] [..192.168.2.100][37378] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....74] [ip4][..tcp] [..192.168.2.100][47738] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....68] [ip4][..tcp] [..192.168.2.100][47900] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic new: [....80] [ip4][..tcp] [..192.168.2.100][46394] -> [..179.60.195.33][.5222] detected: [....80] [ip4][..tcp] [..192.168.2.100][46394] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] @@ -508,38 +496,34 @@ detected: [....82] [ip4][..tcp] [..192.168.2.100][46576] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 647 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 8 / 82|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 14 / 82|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....83] [ip4][..tcp] [..192.168.2.100][38234] -> [..179.60.195.49][.5222] detected: [....83] [ip4][..tcp] [..192.168.2.100][38234] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....75] [ip4][..tcp] [..192.168.2.100][37404] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....76] [ip4][..tcp] [..192.168.2.100][47776] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....69] [ip4][..tcp] [..192.168.2.100][47590] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 655 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 83|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 14 / 83|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....84] [ip4][..tcp] [..192.168.2.100][47284] -> [..179.60.195.33][.5222] detected: [....84] [ip4][..tcp] [..192.168.2.100][47284] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....78] [ip4][..tcp] [..192.168.2.100][37674] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....70] [ip4][..tcp] [..192.168.2.100][49428] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....77] [ip4][..tcp] [..192.168.2.100][37766] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....71] [ip4][..tcp] [..192.168.2.100][47634] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 663 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 6 / 84|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 13 / 84|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....85] [ip4][..tcp] [..192.168.2.100][39334] -> [..179.60.195.49][.5222] detected: [....85] [ip4][..tcp] [..192.168.2.100][39334] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....79] [ip4][..tcp] [..192.168.2.100][47810] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] - RISK: Unidirectional Traffic - idle: [....81] [ip4][..tcp] [..192.168.2.100][37822] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + idle: [....72] [ip4][..tcp] [..192.168.2.100][49610] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....80] [ip4][..tcp] [..192.168.2.100][46394] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....73] [ip4][..tcp] [..192.168.2.100][37378] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic - idle: [....82] [ip4][..tcp] [..192.168.2.100][46576] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + idle: [....74] [ip4][..tcp] [..192.168.2.100][47738] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 671 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 3 / 85|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 11 / 85|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....86] [ip4][..tcp] [..192.168.2.100][40006] -> [..179.60.195.49][.5222] detected: [....86] [ip4][..tcp] [..192.168.2.100][40006] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic @@ -547,8 +531,24 @@ RISK: Unidirectional Traffic idle: [....85] [ip4][..tcp] [..192.168.2.100][39334] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....75] [ip4][..tcp] [..192.168.2.100][37404] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....76] [ip4][..tcp] [..192.168.2.100][47776] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....79] [ip4][..tcp] [..192.168.2.100][47810] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....78] [ip4][..tcp] [..192.168.2.100][37674] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....77] [ip4][..tcp] [..192.168.2.100][37766] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic + idle: [....81] [ip4][..tcp] [..192.168.2.100][37822] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] + RISK: Unidirectional Traffic idle: [....86] [ip4][..tcp] [..192.168.2.100][40006] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....80] [ip4][..tcp] [..192.168.2.100][46394] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [..192.168.2.100][38234] -> [..179.60.195.49][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] RISK: Unidirectional Traffic + idle: [....82] [ip4][..tcp] [..192.168.2.100][46576] -> [..179.60.195.33][.5222] [WhatsApp][Facebook][Chat][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown |