diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2024-04-04 11:49:48 +0200 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2024-04-04 11:49:48 +0200 |
| commit | c7eace426c340ca9137c6e48657d11561e536fd7 (patch) | |
| tree | 524a79881b2a1fd6586aab31a2aac6baf546c111 /test/results/flow-info | |
| parent | 33560d64d2f77b7ef181ea6c02d22f21fbe4e91f (diff) | |
bump libnDPI to 9185c2ccc402d3368fc28ac90ab281b4f951719e
* incorporated API changes from 41eef9246c6a3055e3876e3dd7aeaadecb4b76c0
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/flow-info')
50 files changed, 609 insertions, 2850 deletions
diff --git a/test/results/flow-info/caches_cfg/teams.pcap.out b/test/results/flow-info/caches_cfg/teams.pcap.out index 3afcf07a3..0f51670c4 100644 --- a/test/results/flow-info/caches_cfg/teams.pcap.out +++ b/test/results/flow-info/caches_cfg/teams.pcap.out @@ -503,7 +503,7 @@ RISK: TLS (probably) Not Carrying HTTPS idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] + guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] RISK: Unidirectional Traffic end: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] idle: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/caches_global/teams.pcap.out b/test/results/flow-info/caches_global/teams.pcap.out index 3afcf07a3..0f51670c4 100644 --- a/test/results/flow-info/caches_global/teams.pcap.out +++ b/test/results/flow-info/caches_global/teams.pcap.out @@ -503,7 +503,7 @@ RISK: TLS (probably) Not Carrying HTTPS idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] + guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] RISK: Unidirectional Traffic end: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] idle: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/WebattackRCE.pcap.out b/test/results/flow-info/default/WebattackRCE.pcap.out index 633f9311f..95fdbded9 100644 --- a/test/results/flow-info/default/WebattackRCE.pcap.out +++ b/test/results/flow-info/default/WebattackRCE.pcap.out @@ -15,7 +15,7 @@ RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI new: [.....5] [ip4][..tcp] [......127.0.0.1][49552] -> [......127.0.0.1][.8080] [MIDSTREAM] detected: [.....5] [ip4][..tcp] [......127.0.0.1][49552] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable][127.0.0.1] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt new: [.....6] [ip4][..tcp] [......127.0.0.1][49554] -> [......127.0.0.1][.8080] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [......127.0.0.1][49554] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable][127.0.0.1] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI @@ -1500,7 +1500,7 @@ RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI new: [...500] [ip4][..tcp] [......127.0.0.1][50562] -> [......127.0.0.1][.8080] [MIDSTREAM] detected: [...500] [ip4][..tcp] [......127.0.0.1][50562] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable][127.0.0.1] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt new: [...501] [ip4][..tcp] [......127.0.0.1][50564] -> [......127.0.0.1][.8080] [MIDSTREAM] detected: [...501] [ip4][..tcp] [......127.0.0.1][50564] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable][127.0.0.1] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI @@ -2507,7 +2507,7 @@ idle: [.....4] [ip4][..tcp] [......127.0.0.1][49550] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [.....5] [ip4][..tcp] [......127.0.0.1][49552] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt idle: [.....6] [ip4][..tcp] [......127.0.0.1][49554] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [.....7] [ip4][..tcp] [......127.0.0.1][49556] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] @@ -3497,7 +3497,7 @@ idle: [...499] [ip4][..tcp] [......127.0.0.1][50560] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [...500] [ip4][..tcp] [......127.0.0.1][50562] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Possible Exploit Attempt idle: [...501] [ip4][..tcp] [......127.0.0.1][50564] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [...502] [ip4][..tcp] [......127.0.0.1][50566] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] diff --git a/test/results/flow-info/default/anyconnect-vpn.pcap.out b/test/results/flow-info/default/anyconnect-vpn.pcap.out index 3fa8eb17c..acae7bfe8 100644 --- a/test/results/flow-info/default/anyconnect-vpn.pcap.out +++ b/test/results/flow-info/default/anyconnect-vpn.pcap.out @@ -174,9 +174,9 @@ RISK: Known Proto on Non Std Port detection-update: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][24-courier.push.apple.com] new: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] - detected: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][apple.com] + detected: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][apple.com] new: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] [MIDSTREAM] - detection-update: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][apple.com] + detection-update: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][apple.com] detection-update: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][mail.viasat.com] new: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] detected: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS.Outlook][Unknown][Network][Acceptable][www.outlook.com] @@ -299,7 +299,7 @@ idle: [....62] [ip4][..tcp] [.....10.0.0.227][56954] -> [.....10.0.0.149][.8008] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] + idle: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe] end: [....63] [ip4][..tcp] [.....10.0.0.227][56955] -> [.....10.0.0.151][.8060] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI not-detected: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] [Unknown][Unknown][Unrated] diff --git a/test/results/flow-info/default/bfd.pcap.out b/test/results/flow-info/default/bfd.pcap.out new file mode 100644 index 000000000..df172f5c6 --- /dev/null +++ b/test/results/flow-info/default/bfd.pcap.out @@ -0,0 +1,16 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.3][.3784] + detected: [.....1] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.3][.3784] [BFD][Unknown][Network][Acceptable] + new: [.....2] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.1][.3784] + detected: [.....2] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.1][.3784] [BFD][Unknown][Network][Acceptable] + new: [.....3] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.1][.3785] + detected: [.....3] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.1][.3785] [BFD][Unknown][Network][Acceptable] + new: [.....4] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.3][.3785] + detected: [.....4] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.3][.3785] [BFD][Unknown][Network][Acceptable] + idle: [.....2] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.1][.3784] [BFD][Unknown][Network][Acceptable] + idle: [.....1] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.3][.3784] [BFD][Unknown][Network][Acceptable] + idle: [.....4] [ip4][..udp] [.....155.1.13.3][49152] -> [.....155.1.13.3][.3785] [BFD][Unknown][Network][Acceptable] + idle: [.....3] [ip4][..udp] [.....155.1.13.1][49152] -> [.....155.1.13.1][.3785] [BFD][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/c1222.pcapng.out b/test/results/flow-info/default/c1222.pcapng.out new file mode 100644 index 000000000..1d639dd28 --- /dev/null +++ b/test/results/flow-info/default/c1222.pcapng.out @@ -0,0 +1,10 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.....10.9.3.124][55092] -> [.....10.208.0.9][.1153] + detected: [.....1] [ip4][..udp] [.....10.9.3.124][55092] -> [.....10.208.0.9][.1153] [ANSI_C1222][Unknown][IoT-Scada][Acceptable] + new: [.....2] [ip4][..tcp] [..192.168.1.101][.1577] -> [192.168.100.124][.1153] [MIDSTREAM] + detected: [.....2] [ip4][..tcp] [..192.168.1.101][.1577] -> [192.168.100.124][.1153] [ANSI_C1222][Unknown][IoT-Scada][Acceptable] + idle: [.....2] [ip4][..tcp] [..192.168.1.101][.1577] -> [192.168.100.124][.1153] [ANSI_C1222][Unknown][IoT-Scada][Acceptable] + idle: [.....1] [ip4][..udp] [.....10.9.3.124][55092] -> [.....10.208.0.9][.1153] [ANSI_C1222][Unknown][IoT-Scada][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/cachefly.pcapng.out b/test/results/flow-info/default/cachefly.pcapng.out index f3ee48ab7..3f71ef62a 100644 --- a/test/results/flow-info/default/cachefly.pcapng.out +++ b/test/results/flow-info/default/cachefly.pcapng.out @@ -2,8 +2,8 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] - detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Unknown][Web][Safe][apptv.cachefly.net] - detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Unknown][Web][Safe][apptv.cachefly.net] + detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable][apptv.cachefly.net] + detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable][apptv.cachefly.net] detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable][apptv.cachefly.net] idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dlep.pcapng.out b/test/results/flow-info/default/dlep.pcapng.out new file mode 100644 index 000000000..fea31c9a6 --- /dev/null +++ b/test/results/flow-info/default/dlep.pcapng.out @@ -0,0 +1,13 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.......10.0.0.1][57060] -> [....224.0.0.117][..854] + detected: [.....1] [ip4][..udp] [.......10.0.0.1][57060] -> [....224.0.0.117][..854] [DLEP][Unknown][Network][Acceptable] + new: [.....2] [ip4][..udp] [.......10.0.0.2][44515] -> [.......10.0.0.1][..854] + detected: [.....2] [ip4][..udp] [.......10.0.0.2][44515] -> [.......10.0.0.1][..854] [DLEP][Unknown][Network][Acceptable] + new: [.....3] [ip4][..tcp] [.......10.0.0.1][51762] -> [.......10.0.0.2][..854] [MIDSTREAM] + detected: [.....3] [ip4][..tcp] [.......10.0.0.1][51762] -> [.......10.0.0.2][..854] [DLEP][Unknown][Network][Acceptable] + idle: [.....2] [ip4][..udp] [.......10.0.0.2][44515] -> [.......10.0.0.1][..854] [DLEP][Unknown][Network][Acceptable] + idle: [.....1] [ip4][..udp] [.......10.0.0.1][57060] -> [....224.0.0.117][..854] [DLEP][Unknown][Network][Acceptable] + idle: [.....3] [ip4][..tcp] [.......10.0.0.1][51762] -> [.......10.0.0.2][..854] [DLEP][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dotenv.pcap.out b/test/results/flow-info/default/dotenv.pcap.out new file mode 100644 index 000000000..40f476f3e --- /dev/null +++ b/test/results/flow-info/default/dotenv.pcap.out @@ -0,0 +1,11 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.2.198][51327] -> [....89.31.76.10][...80] + detected: [.....1] [ip4][..tcp] [..192.168.2.198][51327] -> [....89.31.76.10][...80] [HTTP][Unknown][Web][Acceptable][sevenpitaly.com] + RISK: Possible Exploit Attempt + detection-update: [.....1] [ip4][..tcp] [..192.168.2.198][51327] -> [....89.31.76.10][...80] [HTTP][Unknown][Download][Acceptable][sevenpitaly.com] + RISK: Possible Exploit Attempt, Error Code, Binary Data Transfer Attemot + end: [.....1] [ip4][..tcp] [..192.168.2.198][51327] -> [....89.31.76.10][...80] [HTTP][Unknown][Download][Acceptable] + RISK: Possible Exploit Attempt, Error Code, Binary Data Transfer Attemot + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/flute.pcapng.out b/test/results/flow-info/default/flute.pcapng.out new file mode 100644 index 000000000..8c32f4490 --- /dev/null +++ b/test/results/flow-info/default/flute.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.88.231][40717] -> [.....238.1.1.95][40085] + detected: [.....1] [ip4][..udp] [.192.168.88.231][40717] -> [.....238.1.1.95][40085] [FLUTE][Unknown][Download][Acceptable] + idle: [.....1] [ip4][..udp] [.192.168.88.231][40717] -> [.....238.1.1.95][40085] [FLUTE][Unknown][Download][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ftp-start-tls.pcap.out b/test/results/flow-info/default/ftp-start-tls.pcap.out index 7057706ae..d396d4ed2 100644 --- a/test/results/flow-info/default/ftp-start-tls.pcap.out +++ b/test/results/flow-info/default/ftp-start-tls.pcap.out @@ -8,9 +8,9 @@ RISK: TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn detection-update: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn - detection-update: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] + detection-update: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS.Huawei][Unknown][Web][Acceptable] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn - analyse: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] + analyse: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS.Huawei][Unknown][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.040| 0.005| 0.010| 91.331| 3.200] [PKTLEN......: 46.000| 552.000| 160.900| 164.200| 26956.400| 4.400] @@ -20,6 +20,6 @@ [IATS(ms)....: 0.4,0.1,1.3,15.0,0.1,17.8,3.9,0.1,0.8,0.0,4.3,3.3,0.1,1.0,0.0,0.0,0.0,0.1,0.0,2.6,8.5,40.4,0.1,34.7,4.5,0.7,2.2,1.8,0.3,2.7,2.2] [PKTLENS.....: 46,46,46,46,113,113,50,46,46,71,71,190,46,46,552,552,255,552,552,255,46,370,91,91,77,122,122,77,122,122,85,130] [ENTROPIES...: 4.2,4.8,4.8,4.4,5.4,5.4,5.0,4.3,4.3,5.3,5.3,5.2,4.4,4.4,6.8,7.2,7.0,6.8,7.2,7.0,4.5,7.2,5.9,5.9,5.7,6.2,6.2,5.8,6.3,6.3,6.0,6.3] - idle: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] + idle: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS.Huawei][Unknown][Web][Acceptable] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gaijin_mobile_mixed.pcap.out b/test/results/flow-info/default/gaijin_mobile_mixed.pcap.out new file mode 100644 index 000000000..1cac9fa34 --- /dev/null +++ b/test/results/flow-info/default/gaijin_mobile_mixed.pcap.out @@ -0,0 +1,20 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...10.215.173.1][47666] -> [..54.75.230.133][..443] + detected: [.....1] [ip4][..tcp] [...10.215.173.1][47666] -> [..54.75.230.133][..443] [TLS.GaijinEntertainment][AmazonAWS][Game][Fun][yupmaster.gaijinent.com] + detection-update: [.....1] [ip4][..tcp] [...10.215.173.1][47666] -> [..54.75.230.133][..443] [TLS.GaijinEntertainment][AmazonAWS][Game][Fun][yupmaster.gaijinent.com] + DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + new: [.....2] [ip4][..tcp] [...10.215.173.1][39314] -> [...81.171.31.37][..443] + detected: [.....2] [ip4][..tcp] [...10.215.173.1][39314] -> [...81.171.31.37][..443] [TLS.GaijinEntertainment][Unknown][Game][Fun][ta-receiver-balancer-xom.crossout.net] + RISK: TLS (probably) Not Carrying HTTPS + detection-update: [.....2] [ip4][..tcp] [...10.215.173.1][39314] -> [...81.171.31.37][..443] [TLS.GaijinEntertainment][Unknown][Game][Fun][ta-receiver-balancer-xom.crossout.net] + RISK: TLS (probably) Not Carrying HTTPS + new: [.....3] [ip4][..udp] [...10.215.173.1][42424] -> [.95.211.246.178][20011] + detected: [.....3] [ip4][..udp] [...10.215.173.1][42424] -> [.95.211.246.178][20011] [GaijinEntertainment][Unknown][Game][Fun] + idle: [.....2] [ip4][..tcp] [...10.215.173.1][39314] -> [...81.171.31.37][..443] [TLS.GaijinEntertainment][Unknown][Game][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [.....1] [ip4][..tcp] [...10.215.173.1][47666] -> [..54.75.230.133][..443] [TLS.GaijinEntertainment][AmazonAWS][Game][Fun] + idle: [.....3] [ip4][..udp] [...10.215.173.1][42424] -> [.95.211.246.178][20011] [GaijinEntertainment][Unknown][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gaijin_warthunder.pcap.out b/test/results/flow-info/default/gaijin_warthunder.pcap.out new file mode 100644 index 000000000..6e136f95a --- /dev/null +++ b/test/results/flow-info/default/gaijin_warthunder.pcap.out @@ -0,0 +1,12 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.88.231][36929] -> [.185.253.20.249][20021] + detected: [.....1] [ip4][..udp] [.192.168.88.231][36929] -> [.185.253.20.249][20021] [GaijinEntertainment][Unknown][Game][Fun] + RISK: Known Proto on Non Std Port + new: [.....2] [ip4][..udp] [.192.168.88.231][37333] -> [.95.211.246.178][20011] + detected: [.....2] [ip4][..udp] [.192.168.88.231][37333] -> [.95.211.246.178][20011] [GaijinEntertainment][Unknown][Game][Fun] + idle: [.....2] [ip4][..udp] [.192.168.88.231][37333] -> [.95.211.246.178][20011] [GaijinEntertainment][Unknown][Game][Fun] + idle: [.....1] [ip4][..udp] [.192.168.88.231][36929] -> [.185.253.20.249][20021] [GaijinEntertainment][Unknown][Game][Fun] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/geforcenow.pcapng.out b/test/results/flow-info/default/geforcenow.pcapng.out index 14a494319..7a0d71585 100644 --- a/test/results/flow-info/default/geforcenow.pcapng.out +++ b/test/results/flow-info/default/geforcenow.pcapng.out @@ -25,10 +25,9 @@ RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS][Nvidia][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS][Nvidia][Network][Safe] detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS.GeForceNow][Nvidia][Game][Fun] - RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, TLS Cert Validity Too Long + RISK: Self-signed Cert, TLS Cert Validity Too Long analyse: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS.GeForceNow][Nvidia][Game][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.690| 0.065| 0.136| 18500.616| 3.200] @@ -40,7 +39,7 @@ [PKTLENS.....: 124,124,124,92,185,185,185,185,689,568,119,358,164,107,53,95,101,101,141,137,105,109,73,113,113,113,73,85,89,105,85,105] [ENTROPIES...: 5.8,5.8,5.8,5.7,5.0,5.0,5.0,5.0,6.5,6.7,4.8,6.6,6.2,4.4,3.8,5.3,6.0,5.8,6.4,6.3,5.9,6.0,5.4,6.0,6.2,6.1,5.4,5.6,5.8,6.1,5.7,6.1] idle: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS.GeForceNow][Nvidia][Game][Fun] - RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, TLS Cert Validity Too Long + RISK: Self-signed Cert, TLS Cert Validity Too Long idle: [.....1] [ip4][..tcp] [..192.168.1.245][57490] -> [..80.84.167.206][49100] [TLS.GeForceNow][Nvidia][Game][Fun] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gre.pcapng.out b/test/results/flow-info/default/gre.pcapng.out new file mode 100644 index 000000000..86fe894a6 --- /dev/null +++ b/test/results/flow-info/default/gre.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][...47] [109.105.228.253] -> [...10.177.98.84] + detected: [.....1] [ip4][...47] [109.105.228.253] -> [...10.177.98.84] [GRE][Unknown][Network][Acceptable] + idle: [.....1] [ip4][...47] [109.105.228.253] -> [...10.177.98.84] [GRE][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/log4j-webapp-exploit.pcap.out b/test/results/flow-info/default/log4j-webapp-exploit.pcap.out index f43a9009a..b5f515b83 100644 --- a/test/results/flow-info/default/log4j-webapp-exploit.pcap.out +++ b/test/results/flow-info/default/log4j-webapp-exploit.pcap.out @@ -3,7 +3,7 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...172.16.238.1][.1984] -> [..172.16.238.10][.8080] detected: [.....1] [ip4][..tcp] [...172.16.238.1][.1984] -> [..172.16.238.10][.8080] [HTTP][Unknown][Web][Acceptable][192.168.13.31] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp Header, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp Header, Possible Exploit Attempt ERROR-EVENT: Unknown L3 protocol [1/16] ERROR-EVENT: Unknown L3 protocol [2/16] new: [.....2] [ip4][..tcp] [..172.16.238.10][57650] -> [..172.16.238.11][.1389] @@ -13,7 +13,7 @@ detected: [.....3] [ip4][..tcp] [..172.16.238.10][48444] -> [..172.16.238.11][...80] [HTTP][Unknown][Web][Acceptable][172.16.238.11] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI detection-update: [.....3] [ip4][..tcp] [..172.16.238.10][48444] -> [..172.16.238.11][...80] [HTTP][Unknown][Download][Acceptable][172.16.238.11] - RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt new: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] ERROR-EVENT: Unknown L3 protocol [3/16] ERROR-EVENT: Unknown L3 protocol [4/16] @@ -34,21 +34,21 @@ detected: [.....6] [ip4][..tcp] [..172.16.238.10][48534] -> [..172.16.238.11][...80] [HTTP][Unknown][Web][Acceptable][172.16.238.11] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI detection-update: [.....6] [ip4][..tcp] [..172.16.238.10][48534] -> [..172.16.238.11][...80] [HTTP][Unknown][Download][Acceptable][172.16.238.11] - RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt new: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] end: [.....5] [ip4][..tcp] [..172.16.238.10][57742] -> [..172.16.238.11][.1389] [LDAP][Unknown][System][Acceptable] RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..tcp] [...172.16.238.1][.1984] -> [..172.16.238.10][.8080] [HTTP][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp Header, Possible Exploit + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp Header, Possible Exploit Attempt not-detected: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unrated] end: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] not-detected: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unrated] RISK: TCP Connection Issues end: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] end: [.....3] [ip4][..tcp] [..172.16.238.10][48444] -> [..172.16.238.11][...80] [HTTP][Unknown][Download][Acceptable] - RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt end: [.....6] [ip4][..tcp] [..172.16.238.10][48534] -> [..172.16.238.11][...80] [HTTP][Unknown][Download][Acceptable] - RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit + RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit Attempt end: [.....2] [ip4][..tcp] [..172.16.238.10][57650] -> [..172.16.238.11][.1389] [LDAP][Unknown][System][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/lol_wild_rift_udp.pcap.out b/test/results/flow-info/default/lol_wild_rift_udp.pcap.out new file mode 100644 index 000000000..ed46af4e8 --- /dev/null +++ b/test/results/flow-info/default/lol_wild_rift_udp.pcap.out @@ -0,0 +1,27 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [...10.215.173.1][47462] -> [..51.20.230.207][15004] + detected: [.....1] [ip4][..udp] [...10.215.173.1][47462] -> [..51.20.230.207][15004] [LoLWildRift][AmazonAWS][Game][Fun] + DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....2] [ip4][..udp] [...10.215.173.1][43686] -> [..13.51.213.131][15007] + detected: [.....2] [ip4][..udp] [...10.215.173.1][43686] -> [..13.51.213.131][15007] [LoLWildRift][AmazonAWS][Game][Fun] + idle: [.....1] [ip4][..udp] [...10.215.173.1][47462] -> [..51.20.230.207][15004] [LoLWildRift][AmazonAWS][Game][Fun] + DAEMON-EVENT: [Processed: 4 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....3] [ip4][..udp] [...10.215.173.1][46702] -> [..51.20.230.207][15007] + detected: [.....3] [ip4][..udp] [...10.215.173.1][46702] -> [..51.20.230.207][15007] [LoLWildRift][AmazonAWS][Game][Fun] + idle: [.....2] [ip4][..udp] [...10.215.173.1][43686] -> [..13.51.213.131][15007] [LoLWildRift][AmazonAWS][Game][Fun] + DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....4] [ip4][..udp] [...10.215.173.1][44513] -> [....13.53.58.18][18001] + detected: [.....4] [ip4][..udp] [...10.215.173.1][44513] -> [....13.53.58.18][18001] [LoLWildRift][AmazonAWS][Game][Fun] + idle: [.....3] [ip4][..udp] [...10.215.173.1][46702] -> [..51.20.230.207][15007] [LoLWildRift][AmazonAWS][Game][Fun] + DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....5] [ip4][..udp] [...10.215.173.1][41440] -> [....13.53.58.18][18001] + detected: [.....5] [ip4][..udp] [...10.215.173.1][41440] -> [....13.53.58.18][18001] [LoLWildRift][AmazonAWS][Game][Fun] + idle: [.....4] [ip4][..udp] [...10.215.173.1][44513] -> [....13.53.58.18][18001] [LoLWildRift][AmazonAWS][Game][Fun] + idle: [.....5] [ip4][..udp] [...10.215.173.1][41440] -> [....13.53.58.18][18001] [LoLWildRift][AmazonAWS][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/netease_games.pcapng.out b/test/results/flow-info/default/netease_games.pcapng.out new file mode 100644 index 000000000..73484d443 --- /dev/null +++ b/test/results/flow-info/default/netease_games.pcapng.out @@ -0,0 +1,30 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] + detected: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS.NetEaseGames][Unknown][Network][Fun][data-detect.nie.easebar.com] + detection-update: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS.NetEaseGames][Unknown][Network][Fun][data-detect.nie.easebar.com] + RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS.NetEaseGames][Unknown][Network][Fun][data-detect.nie.easebar.com] + new: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] + detected: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] [TLS.NetEaseGames][AmazonAWS][Game][Fun][data-detect.nie.easebar.com] + RISK: TLS (probably) Not Carrying HTTPS + detection-update: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] [TLS.NetEaseGames][AmazonAWS][Game][Fun][data-detect.nie.easebar.com] + RISK: TLS (probably) Not Carrying HTTPS + DAEMON-EVENT: [Processed: 10 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + new: [.....3] [ip4][..udp] [.192.168.88.231][56588] -> [..35.246.207.19][.4513] + detected: [.....3] [ip4][..udp] [.192.168.88.231][56588] -> [..35.246.207.19][.4513] [NetEaseGames][GoogleCloud][Game][Fun] + idle: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS.NetEaseGames][Unknown][Network][Fun] + DAEMON-EVENT: [Processed: 13 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + new: [.....4] [ip4][..udp] [.192.168.88.231][41040] -> [..35.228.32.209][.4170] + detected: [.....4] [ip4][..udp] [.192.168.88.231][41040] -> [..35.228.32.209][.4170] [NetEaseGames][GoogleCloud][Game][Fun] + new: [.....5] [ip4][..udp] [.192.168.88.231][58951] -> [...34.141.75.90][28203] + detected: [.....5] [ip4][..udp] [.192.168.88.231][58951] -> [...34.141.75.90][28203] [NetEaseGames][GoogleCloud][Game][Fun] + idle: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] [TLS.NetEaseGames][AmazonAWS][Game][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [.....5] [ip4][..udp] [.192.168.88.231][58951] -> [...34.141.75.90][28203] [NetEaseGames][GoogleCloud][Game][Fun] + idle: [.....4] [ip4][..udp] [.192.168.88.231][41040] -> [..35.228.32.209][.4170] [NetEaseGames][GoogleCloud][Game][Fun] + idle: [.....3] [ip4][..udp] [.192.168.88.231][56588] -> [..35.246.207.19][.4513] [NetEaseGames][GoogleCloud][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out index 4bd60d0eb..c0597b9b8 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_2.pcapng.out @@ -33,6 +33,14 @@ detected: [.....6] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] [PostgreSQL][Unknown][Database][Acceptable] guessed: [.....4] [ip4][..udp] [..10.147.205.42][43462] -> [..10.45.123.132][51820] [WireGuard][Unknown][VPN][Acceptable] idle: [.....4] [ip4][..udp] [..10.147.205.42][43462] -> [..10.45.123.132][51820] - end: [.....6] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] [PostgreSQL][Unknown][Database][Acceptable] idle: [.....5] [ip4][..udp] [.......10.9.0.1][43462] -> [.......10.9.0.2][51820] [WireGuard][Unknown][VPN][Acceptable] + DAEMON-EVENT: [Processed: 85 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] + new: [.....7] [ip4][..tcp] [......127.0.0.1][54898] -> [......127.0.0.1][.1299] + detected: [.....7] [ip4][..tcp] [......127.0.0.1][54898] -> [......127.0.0.1][.1299] [TruPhone][Unknown][VoIP][Acceptable] + end: [.....6] [ip4][..tcp] [..172.16.20.244][59038] -> [...172.16.20.75][.5432] [PostgreSQL][Unknown][Database][Acceptable] + new: [.....8] [ip4][..tcp] [......127.0.0.1][55536] -> [......127.0.0.1][.1299] + detected: [.....8] [ip4][..tcp] [......127.0.0.1][55536] -> [......127.0.0.1][.1299] [TruPhone][Unknown][VoIP][Acceptable] + end: [.....7] [ip4][..tcp] [......127.0.0.1][54898] -> [......127.0.0.1][.1299] [TruPhone][Unknown][VoIP][Acceptable] + end: [.....8] [ip4][..tcp] [......127.0.0.1][55536] -> [......127.0.0.1][.1299] [TruPhone][Unknown][VoIP][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/path_of_exile.pcapng.out b/test/results/flow-info/default/path_of_exile.pcapng.out new file mode 100644 index 000000000..11333fef6 --- /dev/null +++ b/test/results/flow-info/default/path_of_exile.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [.192.168.88.231][36262] -> [.198.50.120.150][.6112] + detected: [.....1] [ip4][..tcp] [.192.168.88.231][36262] -> [.198.50.120.150][.6112] [PathofExile][Unknown][Game][Fun] + idle: [.....1] [ip4][..tcp] [.192.168.88.231][36262] -> [.198.50.120.150][.6112] [PathofExile][Unknown][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pfcp.pcapng.out b/test/results/flow-info/default/pfcp.pcapng.out new file mode 100644 index 000000000..b8d86ad8a --- /dev/null +++ b/test/results/flow-info/default/pfcp.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [......127.0.0.1][.8805] -> [......127.0.0.2][.8805] + detected: [.....1] [ip4][..udp] [......127.0.0.1][.8805] -> [......127.0.0.2][.8805] [PFCP][Unknown][Network][Acceptable] + idle: [.....1] [ip4][..udp] [......127.0.0.1][.8805] -> [......127.0.0.2][.8805] [PFCP][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pps.pcap.out b/test/results/flow-info/default/pps.pcap.out index 327cca8f9..70ebd04c1 100644 --- a/test/results/flow-info/default/pps.pcap.out +++ b/test/results/flow-info/default/pps.pcap.out @@ -162,7 +162,7 @@ new: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] detected: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] detection-update: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][AVAST][Download][Safe][bcu.ff.avast.com] - RISK: Binary App Transfer, HTTP Susp User-Agent, HTTP Obsolete Server + RISK: HTTP Susp User-Agent, HTTP Obsolete Server new: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] new: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [MIDSTREAM] @@ -379,7 +379,7 @@ RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133] idle: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][AVAST][Download][Safe] - RISK: Binary App Transfer, HTTP Susp User-Agent, HTTP Obsolete Server + RISK: HTTP Susp User-Agent, HTTP Obsolete Server not-detected: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [..192.168.115.8][22793] -> [.115.157.62.243][29006] diff --git a/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out b/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out index 7866ffc31..b0f8a6069 100644 --- a/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out +++ b/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out @@ -331,7 +331,7 @@ new: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] detected: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][fonts.gstatic.com] new: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] - detected: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable][adservice.google.com] + detected: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][adservice.google.com] new: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] detected: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][fonts.gstatic.com] new: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] @@ -345,7 +345,7 @@ update: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] + update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] new: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] detected: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gcp.gvt2.com] @@ -360,7 +360,7 @@ update: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] + update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] update: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] new: [....83] [ip4][..udp] [...168.144.64.5][49926] -> [.103.179.40.184][..443] @@ -376,7 +376,7 @@ update: [....80] [ip4][..udp] [...168.144.64.5][59785] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] update: [....81] [ip4][..udp] [...168.144.64.5][59327] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] + update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] update: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] update: [....82] [ip4][..udp] [...168.144.64.5][63925] -> [...39.227.72.32][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] @@ -386,7 +386,7 @@ idle: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] idle: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] idle: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - idle: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] + idle: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] idle: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] new: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] detected: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][googleads.g.doubleclick.net] @@ -495,14 +495,14 @@ new: [...110] [ip4][..udp] [...168.144.64.5][57319] -> [....7.71.118.27][..443] detected: [...110] [ip4][..udp] [...168.144.64.5][57319] -> [....7.71.118.27][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe][android.clients.google.com] new: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] - detected: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] [QUIC.Google][Unknown][Web][Acceptable][adservice.google.com] + detected: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][adservice.google.com] new: [...112] [ip4][..udp] [...168.144.64.5][50423] -> [.144.237.113.58][..443] detected: [...112] [ip4][..udp] [...168.144.64.5][50423] -> [.144.237.113.58][..443] [QUIC.Google][Unknown][Web][Acceptable][www.google.com] idle: [...110] [ip4][..udp] [...168.144.64.5][57319] -> [....7.71.118.27][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] idle: [...107] [ip4][..udp] [...168.144.64.5][50224] -> [....126.3.93.89][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] idle: [...108] [ip4][..udp] [...168.144.64.5][62719] -> [..31.219.210.96][..443] [QUIC.Google][Unknown][Web][Acceptable] idle: [...109] [ip4][..udp] [...168.144.64.5][58351] -> [.193.68.169.100][..443] [QUIC.Google][Unknown][Web][Acceptable] - idle: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] [QUIC.Google][Unknown][Web][Acceptable] + idle: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] DAEMON-EVENT: [Processed: 178 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 112|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 123] new: [...113] [ip4][..udp] [...168.144.64.5][59206] -> [..76.231.104.92][..443] diff --git a/test/results/flow-info/default/reddit.pcap.out b/test/results/flow-info/default/reddit.pcap.out index 6944b206f..47ed22b7f 100644 --- a/test/results/flow-info/default/reddit.pcap.out +++ b/test/results/flow-info/default/reddit.pcap.out @@ -289,17 +289,17 @@ new: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] new: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] detected: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] [TLS.Google][Google][Web][Acceptable][adservice.google.fr] - detected: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Web][Acceptable][adservice.google.com] + detected: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable][adservice.google.com] new: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] new: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] detected: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] detection-update: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] [TLS.Google][Google][Web][Acceptable][adservice.google.fr] - detection-update: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Web][Acceptable][adservice.google.com] + detection-update: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable][adservice.google.com] detected: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] [TLS.Google][Google][Advertisement][Acceptable][8a755a3fef0b189d8ab5b0d10758f68a.safeframe.googlesyndication.com] detection-update: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] [TLS.Google][Google][Advertisement][Acceptable][8a755a3fef0b189d8ab5b0d10758f68a.safeframe.googlesyndication.com] detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] - analyse: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Web][Acceptable] + analyse: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.046| 0.008| 0.012| 155.374| 3.400] [PKTLEN......: 72.000| 1280.000| 280.100| 371.700| 138197.800| 4.100] @@ -375,7 +375,7 @@ detection-update: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] [TLS][Unknown][Web][Safe][d9.flashtalking.com] detection-update: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] [TLS][Unknown][Web][Safe][d9.flashtalking.com] idle: [....39] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57282] -> [...............2a00:1450:4007:805::2004][..443] [TLS.Google][Google][Web][Acceptable] - idle: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Web][Acceptable] + idle: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable] idle: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun] idle: [....55] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36964] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] end: [....56] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36966] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] diff --git a/test/results/flow-info/default/sites.pcapng.out b/test/results/flow-info/default/sites.pcapng.out index 5061a294a..5227150a6 100644 --- a/test/results/flow-info/default/sites.pcapng.out +++ b/test/results/flow-info/default/sites.pcapng.out @@ -93,8 +93,8 @@ detected: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443] [TLS.SoundCloud][AmazonAWS][Music][Fun][soundcloud.com] detection-update: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443] [TLS.SoundCloud][AmazonAWS][Music][Fun][soundcloud.com] new: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] - detected: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS][Unknown][Web][Safe][vevo.com] - detection-update: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS][Unknown][Web][Safe][vevo.com] + detected: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS.Vevo][Unknown][Music][Fun][vevo.com] + detection-update: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS.Vevo][Unknown][Music][Fun][vevo.com] detection-update: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS.Vevo][Unknown][Music][Fun][vevo.com] new: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443] detected: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443] [TLS.CNN][Unknown][Web][Safe][cdn.cnn.com] @@ -106,8 +106,8 @@ detected: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com] detection-update: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com] new: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] - detected: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS][Unknown][Web][Safe][tuenti.com] - detection-update: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS][Unknown][Web][Safe][tuenti.com] + detected: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable][tuenti.com] + detection-update: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable][tuenti.com] detection-update: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable][tuenti.com] new: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443] detected: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable][static.tuenti.com] @@ -249,8 +249,42 @@ detection-update: [....49] [ip4][..tcp] [.192.168.88.231][49950] -> [159.153.191.240][..443] [TLS.ElectronicArts][Unknown][Game][Fun][accounts.ea.com] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS idle: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun] + DAEMON-EVENT: [Processed: 536 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 49|skipped: 0|!detected: 0|guessed: 4|detection-updates: 51|updates: 1] + new: [....50] [ip4][..tcp] [..192.168.1.245][54690] -> [.160.44.196.198][..443] + detected: [....50] [ip4][..tcp] [..192.168.1.245][54690] -> [.160.44.196.198][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable][cloud.huawei.com] + detection-update: [....50] [ip4][..tcp] [..192.168.1.245][54690] -> [.160.44.196.198][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable][cloud.huawei.com] + new: [....51] [ip4][..tcp] [..192.168.1.245][49558] -> [..80.158.42.215][..443] + detected: [....51] [ip4][..tcp] [..192.168.1.245][49558] -> [..80.158.42.215][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable][id7.cloud.huawei.com] + detection-update: [....51] [ip4][..tcp] [..192.168.1.245][49558] -> [..80.158.42.215][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable][id7.cloud.huawei.com] + new: [....52] [ip6][..tcp] [...2001:b07:a3d:c112:c044:a6d4:80d:5d55][39970] -> [...2600:9000:25ea:1200:1:12d8:5a00:93a1][..443] + detected: [....52] [ip6][..tcp] [...2001:b07:a3d:c112:c044:a6d4:80d:5d55][39970] -> [...2600:9000:25ea:1200:1:12d8:5a00:93a1][..443] [TLS.HuaweiCloud][AmazonAWS][Cloud][Acceptable][contentcenter-dre.dbankcdn.com] + detection-update: [....52] [ip6][..tcp] [...2001:b07:a3d:c112:c044:a6d4:80d:5d55][39970] -> [...2600:9000:25ea:1200:1:12d8:5a00:93a1][..443] [TLS.HuaweiCloud][AmazonAWS][Cloud][Acceptable][contentcenter-dre.dbankcdn.com] idle: [....48] [ip4][..tcp] [.192.168.88.231][33920] -> [..185.5.161.203][..443] [TLS.ElectronicArts][Unknown][Game][Fun] RISK: TLS (probably) Not Carrying HTTPS idle: [....49] [ip4][..tcp] [.192.168.88.231][49950] -> [159.153.191.240][..443] [TLS.ElectronicArts][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS + DAEMON-EVENT: [Processed: 586 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 52|skipped: 0|!detected: 0|guessed: 4|detection-updates: 54|updates: 1] + new: [....53] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] + detected: [....53] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][web.telegram.org] + detection-update: [....53] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][web.telegram.org] + new: [....54] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] + new: [....55] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] + detected: [....54] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][t.me] + detected: [....55] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][telegram.me] + detection-update: [....54] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][t.me] + detection-update: [....55] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable][telegram.me] + end: [....51] [ip4][..tcp] [..192.168.1.245][49558] -> [..80.158.42.215][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable] + idle: [....50] [ip4][..tcp] [..192.168.1.245][54690] -> [.160.44.196.198][..443] [TLS.HuaweiCloud][Unknown][Cloud][Acceptable] + idle: [....52] [ip6][..tcp] [...2001:b07:a3d:c112:c044:a6d4:80d:5d55][39970] -> [...2600:9000:25ea:1200:1:12d8:5a00:93a1][..443] [TLS.HuaweiCloud][AmazonAWS][Cloud][Acceptable] + DAEMON-EVENT: [Processed: 608 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 3 / 55|skipped: 0|!detected: 0|guessed: 4|detection-updates: 57|updates: 1] + new: [....56] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] + detected: [....56] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru] + detection-update: [....56] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru] + idle: [....53] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] + idle: [....54] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] + idle: [....55] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] + end: [....56] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype.pcap.out b/test/results/flow-info/default/skype.pcap.out deleted file mode 100644 index cf6645056..000000000 --- a/test/results/flow-info/default/skype.pcap.out +++ /dev/null @@ -1,1572 +0,0 @@ - DAEMON-EVENT: init - DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] - detected: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] - detected: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] - detected: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - new: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] - detected: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - new: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] - detected: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - new: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] - detected: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - new: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] - detected: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e7768.b.akamaiedge.net] - new: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] - detected: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][db3msgr5011709.gateway.messenger.live.com] - new: [.....9] [ip4][..tcp] [...192.168.1.34][50026] -> [...65.55.223.33][40002] - new: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] - detected: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn4.d.skype.net] - new: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] - detected: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn4.d.skype.net] - detection-update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e7768.b.akamaiedge.net] - new: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] - new: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] - detected: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst6.r.skype.net] - new: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] - detected: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst6.r.skype.net] - detection-update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][db3msgr5011709.gateway.messenger.live.com] - detected: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][apps.skypeassets.com] - RISK: TLS (probably) Not Carrying HTTPS - new: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] - detected: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS][Unknown][Web][Safe][] - RISK: Obsolete TLS (v1.1 or older) - detection-update: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][] - RISK: Obsolete TLS (v1.1 or older) - new: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] - detected: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - new: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] - detected: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - detection-update: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - detection-update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - new: [....18] [ip4][..tcp] [...192.168.1.34][50029] -> [..23.206.33.166][..443] - detected: [....18] [ip4][..tcp] [...192.168.1.34][50029] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][apps.skype.com] - RISK: TLS (probably) Not Carrying HTTPS - detection-update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - RISK: Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn4.d.skype.net] - RISK: Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn4.d.skype.net] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst6.r.skype.net] - RISK: Unidirectional Traffic - detection-update: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst6.r.skype.net] - RISK: Unidirectional Traffic - analyse: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 0.301| 0.083| 0.084| 7113.901| 4.200] - [PKTLEN......: 52.000| 1492.000| 357.800| 468.900| 219872.600| 4.000] - [BINS(c->s)..: 10,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0] - [BINS(s->c)..: 4,1,0,1,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] - [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,1,0,0,0,1,0,1,1,0] - [IATS(ms)....: 75.2,75.2,28.8,111.2,0.2,82.6,77.2,0.2,77.4,12.7,300.9,288.2,83.4,83.5,0.3,86.7,86.3,3.1,96.5,93.4,0.3,253.9,0.0,253.6,0.0,0.4,87.2,86.8,115.8,0.0,115.7] - [PKTLENS.....: 64,56,52,146,1492,72,52,1492,850,52,159,52,111,111,52,281,233,52,681,233,52,249,745,265,52,52,617,153,1369,1492,57,52] - [ENTROPIES...: 4.6,5.4,5.2,5.8,7.0,5.6,5.2,7.5,7.7,5.2,6.7,5.2,6.0,6.1,5.1,7.2,7.1,5.2,7.7,7.0,5.2,7.0,7.7,7.2,5.2,5.1,7.7,6.7,7.9,7.9,5.3,5.1] - new: [....19] [ip4][..tcp] [...192.168.1.34][50030] -> [...65.55.223.33][..443] - new: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] - detected: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] - detected: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - detection-update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - RISK: Unidirectional Traffic - detection-update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - detection-update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - new: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] - detected: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [MIDSTREAM] - detected: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [TLS][Dropbox][Web][Safe] - new: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] - detected: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] - detected: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] - detected: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] - detected: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] - detected: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] - detected: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] - detected: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] - detected: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] - detected: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] - detected: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] - detected: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] - detected: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] - detected: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] - detected: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] - detected: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] - detected: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] - detected: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] - detected: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] - detected: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] - detected: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] - detected: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] - detected: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] - detected: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] - detected: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] - detected: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] - new: [....50] [ip4][..tcp] [...192.168.1.34][50033] -> [..157.55.56.170][40015] - new: [....51] [ip4][..tcp] [...192.168.1.34][50034] -> [.157.55.130.140][40033] - new: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] - detected: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] - detected: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] - detected: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] - detected: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] - detected: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....57] [ip4][..tcp] [...192.168.1.34][50035] -> [213.199.179.175][40021] - new: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] - detected: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] - detected: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] - detected: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] - detected: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] - detected: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....63] [ip4][..tcp] [...192.168.1.34][50036] -> [...157.56.52.44][..443] - new: [....64] [ip4][..tcp] [...192.168.1.34][50037] -> [..157.55.56.170][..443] - new: [....65] [ip4][..tcp] [...192.168.1.34][50038] -> [.157.55.130.140][..443] - new: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] - detected: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] - detected: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] - detected: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] - detected: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] - detected: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....71] [ip4][..tcp] [...192.168.1.34][50039] -> [213.199.179.175][..443] - new: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] - detected: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] - detected: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] - detected: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] - detected: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] - detected: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] - detected: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] - detected: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] - detected: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] - detected: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] - detected: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] - detected: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] - detected: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] - detected: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] - detected: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] - detected: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....87] [ip4][..tcp] [...192.168.1.34][50044] -> [.157.55.130.167][40031] - new: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] - detected: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] - detected: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] - detected: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] - detected: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] - detected: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....93] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] - detected: [....93] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - new: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] - detected: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] - detected: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] - detected: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] - detected: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] - detected: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....99] [ip4][..tcp] [...192.168.1.34][50045] -> [.157.55.130.167][..443] - new: [...100] [ip4][....2] [...192.168.1.92] -> [....224.0.0.251] - detected: [...100] [ip4][....2] [...192.168.1.92] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - new: [...101] [ip4][..tcp] [...192.168.1.34][50046] -> [.157.55.130.150][40011] - new: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] - detected: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] - detected: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] - detected: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] - detected: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] - detected: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] - detected: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] - detected: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] - detected: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] - detected: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] - detected: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...112] [ip4][..tcp] [...192.168.1.34][50048] -> [.157.55.130.150][..443] - new: [...113] [ip4][..tcp] [...192.168.1.34][50049] -> [.157.55.130.166][40021] - new: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] - detected: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] - detected: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] - detected: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] - detected: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] - detected: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] - detected: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] - detected: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] - detected: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] - new: [...122] [ip4][..tcp] [...192.168.1.34][50051] -> [.157.55.130.166][..443] - new: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] - detected: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] - detected: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] - detected: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] - detected: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] - detected: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] - detected: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] - detected: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] - detected: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] - detected: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] - detected: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...133] [ip4][..tcp] [...192.168.1.34][50053] -> [..157.55.56.146][40030] - new: [...134] [ip4][..tcp] [...192.168.1.34][50054] -> [.157.55.130.153][40005] - new: [...135] [ip4][..tcp] [...192.168.1.34][50055] -> [..111.221.74.47][40030] - new: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] - detected: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] - detected: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] - detected: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] - detected: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] - detected: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...141] [ip4][..tcp] [...192.168.1.34][50056] -> [..157.55.56.146][..443] - new: [...142] [ip4][..tcp] [...192.168.1.34][50057] -> [.157.55.130.153][..443] - new: [...143] [ip4][..tcp] [...192.168.1.34][50058] -> [..111.221.74.47][..443] - new: [...144] [ip4][..tcp] [...192.168.1.34][50059] -> [..111.221.74.38][40015] - new: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] - detected: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] - detected: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] - detected: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...148] [ip4][..tcp] [...192.168.1.34][50024] -> [..17.172.100.36][..443] [MIDSTREAM] - new: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] - detected: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][a.config.skype.trafficmanager.net] - new: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] - detected: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][a.config.skype.trafficmanager.net] - new: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] - detected: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] - detected: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...153] [ip4][..tcp] [...192.168.1.34][50063] -> [..111.221.74.38][..443] - detection-update: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][a.config.skype.trafficmanager.net] - RISK: Unidirectional Traffic - detection-update: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][a.config.skype.trafficmanager.net] - RISK: Unidirectional Traffic - new: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] - detected: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] - detected: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] - detected: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] - detected: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] - detected: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] - detected: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] - detected: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - detection-update: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - detection-update: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - new: [...161] [ip4][..tcp] [...192.168.1.34][50065] -> [...65.55.223.12][40031] - new: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] - detected: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] - detected: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] - detected: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] - detected: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] - detected: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...167] [ip4][..tcp] [...192.168.1.34][50066] -> [...65.55.223.12][..443] - new: [...168] [ip4][..tcp] [...192.168.1.34][50067] -> [..157.55.56.160][40027] - new: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] - detected: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] - detected: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] - detected: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] - detected: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] - detected: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...174] [ip4][..tcp] [...192.168.1.34][50069] -> [..157.55.56.160][..443] - new: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] - detected: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst13.r.skype.net] - new: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] - detected: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst13.r.skype.net] - new: [...177] [ip4][..tcp] [...192.168.1.34][50070] -> [.157.55.130.170][40018] - new: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] - detected: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] - detected: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] - detected: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] - detected: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] - detected: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - detection-update: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst13.r.skype.net] - RISK: Unidirectional Traffic - detection-update: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst13.r.skype.net] - RISK: Unidirectional Traffic - new: [...183] [ip4][..tcp] [...192.168.1.34][50072] -> [.157.55.130.170][..443] - new: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] - detected: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] - detected: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] - detected: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] - detected: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] - detected: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] - detected: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] - detected: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] - detected: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] - detected: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] - detected: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...194] [ip4][..tcp] [...192.168.1.34][50074] -> [.157.55.130.173][40003] - new: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] - new: [...196] [ip4][..tcp] [...192.168.1.34][50076] -> [.157.55.235.156][40014] - new: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] - detected: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] - detected: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] - detected: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - new: [...200] [ip4][..tcp] [...192.168.1.34][50077] -> [.157.55.130.176][40022] - new: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] - detected: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] - detected: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...203] [ip4][..tcp] [...192.168.1.34][50078] -> [.157.55.130.173][..443] - new: [...204] [ip4][..tcp] [...192.168.1.34][50079] -> [213.199.179.142][..443] - new: [...205] [ip4][..tcp] [...192.168.1.34][50080] -> [.157.55.235.156][..443] - new: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] - detected: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] - detected: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] - detected: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...209] [ip4][..tcp] [...192.168.1.34][50081] -> [.157.55.130.176][..443] - new: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] - detected: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...211] [ip4][..tcp] [...192.168.1.34][50086] -> [.111.221.77.142][40023] - new: [...212] [ip4][..tcp] [...192.168.1.34][50087] -> [.111.221.77.142][..443] - new: [...213] [ip4][..tcp] [...192.168.1.34][50088] -> [.157.55.235.146][33033] - new: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] - detected: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - detection-update: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - new: [...215] [ip4][..tcp] [...192.168.1.34][50090] -> [..23.206.33.166][..443] - detected: [...215] [ip4][..tcp] [...192.168.1.34][50090] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][apps.skype.com] - RISK: Obsolete TLS (v1.1 or older) - new: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] - new: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] - update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...218] [ip4][..tcp] [...192.168.1.34][50094] -> [.157.55.130.155][..443] - new: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] - new: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] - new: [...221] [ip4][..tcp] [...192.168.1.34][50098] -> [...65.55.223.15][40026] - new: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] - new: [...223] [ip4][..tcp] [...192.168.1.34][50100] -> [..111.221.74.46][..443] - new: [...224] [ip4][..tcp] [...192.168.1.34][50101] -> [.157.55.235.176][..443] - new: [...225] [ip4][..tcp] [...192.168.1.34][50102] -> [...65.55.223.15][..443] - new: [...226] [ip4][..tcp] [...192.168.1.34][50103] -> [....64.4.23.166][..443] - analyse: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.015| 19.851| 1.938| 5.863| 34377878.733| 1.700] - [PKTLEN......: 313.000| 391.000| 358.000| 29.200| 851.500| 5.000] - [BINS(c->s)..: 0,0,0,0,0,0,0,0,3,10,6,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [IATS(ms)....: 15.9,16.7,17.0,17.1,15.8,17.0,16.6,16.4,16.8,19850.7,15.7,18.8,14.7,83.2,16.8,19850.7,16.1,16.6,16.9,16.9,16.2,17.0,16.5,16.5,16.9,19850.6,16.3,16.4,16.7,16.7,16.5] - [PKTLENS.....: 319,337,391,383,313,355,387,333,385,379,319,337,391,383,385,379,319,337,391,383,313,355,387,333,385,379,319,337,391,383,313,355] - [ENTROPIES...: 5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.8,5.7,5.7] - update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] - new: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] - detected: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] - detected: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] - detected: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - new: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] - detected: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - new: [...232] [ip4][..tcp] [...192.168.1.34][50109] -> [.91.190.216.125][12350] - detection-update: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - analyse: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 0.965| 0.176| 0.204| 41803.604| 4.200] - [PKTLEN......: 52.000| 1492.000| 164.600| 286.000| 81813.500| 3.900] - [BINS(c->s)..: 10,3,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 11,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] - [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0,1] - [IATS(ms)....: 244.0,244.1,0.5,204.3,761.0,964.7,0.5,202.0,201.5,40.2,40.2,162.2,162.2,40.2,40.2,200.9,0.0,201.0,204.1,204.1,0.1,240.8,240.6,207.5,0.0,207.6,3.0,4.5,199.6,198.0,41.6] - [PKTLENS.....: 64,60,52,124,52,109,52,60,60,52,52,88,120,52,52,91,52,55,52,196,52,56,52,661,52,56,52,1492,106,605,535,52] - [ENTROPIES...: 4.7,5.2,5.1,6.4,5.1,6.1,5.1,5.5,5.4,5.2,5.1,6.1,6.4,5.1,5.2,6.0,5.1,5.1,5.2,6.8,5.1,5.3,5.1,7.7,5.1,5.2,5.1,7.9,6.3,7.7,7.6,5.0] - new: [...233] [ip4][..tcp] [...192.168.1.34][50110] -> [.91.190.216.125][12350] - new: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] - detected: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] - detected: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] - detected: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] - detected: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] - detected: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_afpovertcp._tcp.local] - new: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] - detected: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_afpovertcp._tcp.local] - new: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] - detected: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] - detected: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...242] [ip4][..tcp] [...192.168.1.34][50111] -> [.91.190.216.125][..443] - new: [...243] [ip4][..tcp] [...192.168.1.34][50112] -> [...76.167.161.6][20274] - new: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] - new: [...245] [ip4][..tcp] [...192.168.1.34][50114] -> [..5.248.186.221][31010] - new: [...246] [ip4][..tcp] [...192.168.1.34][50115] -> [....86.31.35.30][59621] - new: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] - new: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] - new: [...249] [ip4][..tcp] [...192.168.1.34][50118] -> [..5.248.186.221][31010] - new: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] - new: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] - new: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] - analyse: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 0.200| 0.063| 0.061| 3703.968| 4.200] - [PKTLEN......: 52.000| 1235.000| 159.800| 252.000| 63524.500| 4.000] - [BINS(c->s)..: 14,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 7,1,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,1,0,1,0,0,1,0,0,0,0,1,1,1,0,0,0,1,1,0,0] - [IATS(ms)....: 83.4,83.5,0.1,64.1,64.0,0.4,68.5,68.1,2.9,71.2,68.2,199.8,199.7,154.2,154.1,2.6,133.8,131.2,0.2,0.1,0.1,64.3,8.4,55.5,127.9,0.2,0.2,70.5,0.0,70.1,0.2] - [PKTLENS.....: 64,60,52,112,99,52,69,66,52,806,66,52,52,56,1235,52,609,152,130,80,119,109,52,52,132,52,80,73,347,52,52,79] - [ENTROPIES...: 4.7,5.3,5.2,6.3,6.2,5.2,5.5,5.4,5.1,7.7,5.5,5.1,5.1,5.3,7.9,5.1,7.6,6.6,6.4,5.7,6.4,6.3,5.2,5.2,6.4,5.2,5.9,5.7,7.3,5.2,5.1,5.7] - new: [...253] [ip4][..tcp] [...192.168.1.34][50123] -> [...80.14.46.121][.4415] - new: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] - new: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [MIDSTREAM] - detected: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [TLS][Apple][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] - new: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] - new: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] - new: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] - detected: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p05-keyvalueservice.icloud.com.akadns.net] - detection-update: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p05-keyvalueservice.icloud.com.akadns.net] - new: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] - detected: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p05-keyvalueservice.icloud.com] - RISK: TLS (probably) Not Carrying HTTPS - detection-update: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p05-keyvalueservice.icloud.com] - RISK: TLS (probably) Not Carrying HTTPS - new: [...261] [ip4][..tcp] [...192.168.1.34][50129] -> [.91.190.218.125][12350] - analyse: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 0.605| 0.068| 0.136| 18472.737| 3.000] - [PKTLEN......: 40.000| 1480.000| 234.900| 350.900| 123149.100| 3.900] - [BINS(c->s)..: 9,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 9,3,1,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,0,0] - [DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,1,0,0,1,1,1,0,0,0,0,1,1,1,1] - [IATS(ms)....: 148.7,148.8,0.8,151.6,0.0,0.0,150.8,0.0,0.2,0.0,31.5,0.1,153.3,0.7,32.6,5.2,16.8,0.0,176.7,0.1,2.1,1.5,0.0,3.5,0.0,449.5,0.1,604.7,5.5,16.5,0.0] - [PKTLENS.....: 64,46,40,273,46,132,77,40,40,46,77,666,606,46,46,46,46,373,76,40,40,1480,1207,66,40,40,659,618,46,46,373,76] - [ENTROPIES...: 4.6,5.0,4.8,6.0,4.6,6.1,5.8,4.8,4.8,4.8,5.7,7.7,7.7,4.6,4.6,4.7,4.5,7.4,5.7,4.7,4.8,7.9,7.8,5.5,4.8,4.8,7.7,7.6,4.6,4.6,7.4,5.8] - update: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] - update: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] - detected: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst5.r.skype.net] - new: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] - detected: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst5.r.skype.net] - analyse: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 1.782| 0.325| 0.510| 259840.393| 3.600] - [PKTLEN......: 52.000| 1176.000| 143.300| 243.100| 59118.200| 3.900] - [BINS(c->s)..: 14,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 7,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,0,1,1,0,1,0] - [IATS(ms)....: 60.8,60.9,0.1,60.1,60.0,0.4,72.4,72.0,2.9,63.2,60.3,262.3,262.3,157.4,157.5,3.6,187.8,184.1,1.9,62.9,110.0,171.0,0.2,63.7,63.5,1468.1,1782.0,746.1,1060.0,1410.3,1410.3] - [PKTLENS.....: 64,60,52,97,113,52,68,66,52,805,66,52,52,56,1176,52,609,97,88,72,52,95,52,81,80,52,89,52,90,52,91,52] - [ENTROPIES...: 4.7,5.3,5.2,6.0,6.4,5.2,5.6,5.5,5.2,7.8,5.6,5.2,5.2,5.3,7.8,5.2,7.6,6.1,5.9,5.6,5.2,5.9,5.2,5.7,5.8,5.2,5.9,5.2,6.0,5.1,6.0,5.2] - detection-update: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst5.r.skype.net] - RISK: Unidirectional Traffic - detection-update: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst5.r.skype.net] - RISK: Unidirectional Traffic - new: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] - detected: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] - detected: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] - detection-update: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - detection-update: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - new: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] - detected: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] - detected: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...269] [ip4][..tcp] [...192.168.1.34][50131] -> [...212.161.8.36][13392] - detected: [...269] [ip4][..tcp] [...192.168.1.34][50131] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - detection-update: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - detection-update: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - new: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] - detected: [...242] [ip4][..tcp] [...192.168.1.34][50111] -> [.91.190.216.125][..443] [TLS][Unknown][Web][Safe] - new: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] - detected: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] - detected: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - update: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - update: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - update: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] - detected: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - analyse: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 25.524| 1.927| 6.197| 38401982.071| 2.000] - [PKTLEN......: 52.000| 1076.000| 142.500| 232.300| 53983.100| 4.000] - [BINS(c->s)..: 14,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 8,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,0,1,1,0] - [IATS(ms)....: 228.1,228.2,0.1,219.6,219.5,0.4,214.5,214.2,209.7,209.7,0.1,381.8,2061.0,2011.7,148.2,480.5,212.1,212.2,3.6,275.2,271.5,0.2,220.2,0.0,220.1,0.1,216.1,216.0,136.2,25387.6,25523.8] - [PKTLENS.....: 64,64,52,109,87,52,69,66,52,66,52,56,52,829,52,1076,52,142,52,609,94,120,79,52,98,52,81,108,52,52,67,52] - [ENTROPIES...: 4.6,4.7,4.9,6.2,5.9,5.3,5.7,5.6,5.3,5.7,5.3,5.3,5.2,7.8,5.1,7.8,5.2,6.5,5.1,7.7,5.9,6.4,5.9,5.2,6.1,5.2,5.9,6.1,5.3,5.3,5.8,5.3] - new: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] - detected: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] - detected: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] - detected: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - detection-update: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - new: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] - update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] - detected: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - new: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] - detected: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] [NTP][Apple][System][Acceptable] - update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - update: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] - new: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] - new: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] - update: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] - update: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] - update: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] - new: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] - new: [...285] [ip4][..tcp] [...192.168.1.34][50140] -> [...76.167.161.6][20274] - update: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - update: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - update: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - update: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] - new: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] - new: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] - new: [...289] [ip4][..tcp] [...192.168.1.34][50144] -> [.78.202.226.115][29059] - new: [...290] [ip4][....2] [...192.168.1.34] -> [....224.0.0.251] - detected: [...290] [ip4][....2] [...192.168.1.34] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - new: [...291] [ip4][..tcp] [...192.168.1.34][50145] -> [...157.56.53.51][12350] - guessed: [....19] [ip4][..tcp] [...192.168.1.34][50030] -> [...65.55.223.33][..443] [TLS][Unknown][Web][Safe] - end: [....19] [ip4][..tcp] [...192.168.1.34][50030] -> [...65.55.223.33][..443] - not-detected: [.....9] [ip4][..tcp] [...192.168.1.34][50026] -> [...65.55.223.33][40002] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [.....9] [ip4][..tcp] [...192.168.1.34][50026] -> [...65.55.223.33][40002] - update: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - new: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] - new: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] - detected: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - detection-update: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - RISK: Unidirectional Traffic - not-detected: [....50] [ip4][..tcp] [...192.168.1.34][50033] -> [..157.55.56.170][40015] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....50] [ip4][..tcp] [...192.168.1.34][50033] -> [..157.55.56.170][40015] - not-detected: [....51] [ip4][..tcp] [...192.168.1.34][50034] -> [.157.55.130.140][40033] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....51] [ip4][..tcp] [...192.168.1.34][50034] -> [.157.55.130.140][40033] - guessed: [...148] [ip4][..tcp] [...192.168.1.34][50024] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - end: [...148] [ip4][..tcp] [...192.168.1.34][50024] -> [..17.172.100.36][..443] - guessed: [....65] [ip4][..tcp] [...192.168.1.34][50038] -> [.157.55.130.140][..443] [TLS][Unknown][Web][Safe] - end: [....65] [ip4][..tcp] [...192.168.1.34][50038] -> [.157.55.130.140][..443] - guessed: [....63] [ip4][..tcp] [...192.168.1.34][50036] -> [...157.56.52.44][..443] [TLS][Unknown][Web][Safe] - end: [....63] [ip4][..tcp] [...192.168.1.34][50036] -> [...157.56.52.44][..443] - update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - analyse: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 30.126| 1.349| 5.301| 28102044.418| 1.900] - [PKTLEN......: 52.000| 1076.000| 141.400| 232.500| 54056.900| 4.000] - [BINS(c->s)..: 15,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 7,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,1,0,0] - [IATS(ms)....: 214.7,214.8,0.1,223.5,223.4,0.4,217.5,217.2,213.6,213.7,0.1,315.3,2988.5,3022.2,145.3,494.2,215.9,215.9,3.6,275.6,272.1,0.2,291.4,291.1,0.2,75.0,137.0,211.9,164.3,30125.6,821.1] - [PKTLENS.....: 64,64,52,92,87,52,69,66,52,66,52,56,52,828,52,1076,52,142,52,608,87,132,81,97,52,81,52,100,52,52,52,52] - [ENTROPIES...: 4.7,4.7,4.9,6.0,6.0,5.3,5.7,5.7,5.3,5.7,5.3,5.3,5.3,7.7,5.4,7.8,5.1,6.6,5.2,7.6,6.1,6.5,5.9,6.2,5.2,5.8,5.2,6.2,5.2,5.3,5.2,5.3] - not-detected: [...221] [ip4][..tcp] [...192.168.1.34][50098] -> [...65.55.223.15][40026] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...221] [ip4][..tcp] [...192.168.1.34][50098] -> [...65.55.223.15][40026] - not-detected: [...101] [ip4][..tcp] [...192.168.1.34][50046] -> [.157.55.130.150][40011] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...101] [ip4][..tcp] [...192.168.1.34][50046] -> [.157.55.130.150][40011] - not-detected: [...134] [ip4][..tcp] [...192.168.1.34][50054] -> [.157.55.130.153][40005] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...134] [ip4][..tcp] [...192.168.1.34][50054] -> [.157.55.130.153][40005] - idle: [.....4] [ip4][..udp] [...192.168.1.34][52850] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...113] [ip4][..tcp] [...192.168.1.34][50049] -> [.157.55.130.166][40021] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...113] [ip4][..tcp] [...192.168.1.34][50049] -> [.157.55.130.166][40021] - not-detected: [....87] [ip4][..tcp] [...192.168.1.34][50044] -> [.157.55.130.167][40031] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....87] [ip4][..tcp] [...192.168.1.34][50044] -> [.157.55.130.167][40031] - not-detected: [...194] [ip4][..tcp] [...192.168.1.34][50074] -> [.157.55.130.173][40003] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...194] [ip4][..tcp] [...192.168.1.34][50074] -> [.157.55.130.173][40003] - not-detected: [...133] [ip4][..tcp] [...192.168.1.34][50053] -> [..157.55.56.146][40030] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...133] [ip4][..tcp] [...192.168.1.34][50053] -> [..157.55.56.146][40030] - idle: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - not-detected: [...177] [ip4][..tcp] [...192.168.1.34][50070] -> [.157.55.130.170][40018] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...177] [ip4][..tcp] [...192.168.1.34][50070] -> [.157.55.130.170][40018] - not-detected: [...196] [ip4][..tcp] [...192.168.1.34][50076] -> [.157.55.235.156][40014] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...196] [ip4][..tcp] [...192.168.1.34][50076] -> [.157.55.235.156][40014] - not-detected: [...168] [ip4][..tcp] [...192.168.1.34][50067] -> [..157.55.56.160][40027] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...168] [ip4][..tcp] [...192.168.1.34][50067] -> [..157.55.56.160][40027] - not-detected: [...200] [ip4][..tcp] [...192.168.1.34][50077] -> [.157.55.130.176][40022] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...200] [ip4][..tcp] [...192.168.1.34][50077] -> [.157.55.130.176][40022] - not-detected: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] - not-detected: [....57] [ip4][..tcp] [...192.168.1.34][50035] -> [213.199.179.175][40021] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....57] [ip4][..tcp] [...192.168.1.34][50035] -> [213.199.179.175][40021] - not-detected: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] - not-detected: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] - not-detected: [...289] [ip4][..tcp] [...192.168.1.34][50144] -> [.78.202.226.115][29059] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...289] [ip4][..tcp] [...192.168.1.34][50144] -> [.78.202.226.115][29059] - not-detected: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] - idle: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - not-detected: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] - idle: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - RISK: Unidirectional Traffic - idle: [.....6] [ip4][..udp] [...192.168.1.34][65426] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] - idle: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - idle: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....14] [ip4][..udp] [...192.168.1.34][57288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...290] [ip4][....2] [...192.168.1.34] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - idle: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - idle: [...100] [ip4][....2] [...192.168.1.92] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - idle: [....93] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - idle: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] - RISK: TLS (probably) Not Carrying HTTPS - guessed: [...226] [ip4][..tcp] [...192.168.1.34][50103] -> [....64.4.23.166][..443] [TLS][Unknown][Web][Safe] - end: [...226] [ip4][..tcp] [...192.168.1.34][50103] -> [....64.4.23.166][..443] - idle: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - not-detected: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] - end: [...269] [ip4][..tcp] [...192.168.1.34][50131] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - not-detected: [...243] [ip4][..tcp] [...192.168.1.34][50112] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...243] [ip4][..tcp] [...192.168.1.34][50112] -> [...76.167.161.6][20274] - not-detected: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] - not-detected: [...232] [ip4][..tcp] [...192.168.1.34][50109] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...232] [ip4][..tcp] [...192.168.1.34][50109] -> [.91.190.216.125][12350] - not-detected: [...233] [ip4][..tcp] [...192.168.1.34][50110] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] - end: [...233] [ip4][..tcp] [...192.168.1.34][50110] -> [.91.190.216.125][12350] - not-detected: [...285] [ip4][..tcp] [...192.168.1.34][50140] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] - RISK: TCP Connection Issues - end: [...285] [ip4][..tcp] [...192.168.1.34][50140] -> [...76.167.161.6][20274] - idle: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] - not-detected: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] - not-detected: [...261] [ip4][..tcp] [...192.168.1.34][50129] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] - end: [...261] [ip4][..tcp] [...192.168.1.34][50129] -> [.91.190.218.125][12350] - idle: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - guessed: [...143] [ip4][..tcp] [...192.168.1.34][50058] -> [..111.221.74.47][..443] [TLS][Unknown][Web][Safe] - end: [...143] [ip4][..tcp] [...192.168.1.34][50058] -> [..111.221.74.47][..443] - guessed: [...153] [ip4][..tcp] [...192.168.1.34][50063] -> [..111.221.74.38][..443] [TLS][Unknown][Web][Safe] - end: [...153] [ip4][..tcp] [...192.168.1.34][50063] -> [..111.221.74.38][..443] - idle: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - guessed: [...212] [ip4][..tcp] [...192.168.1.34][50087] -> [.111.221.77.142][..443] [TLS][Unknown][Web][Safe] - end: [...212] [ip4][..tcp] [...192.168.1.34][50087] -> [.111.221.77.142][..443] - guessed: [...223] [ip4][..tcp] [...192.168.1.34][50100] -> [..111.221.74.46][..443] [TLS][Unknown][Web][Safe] - end: [...223] [ip4][..tcp] [...192.168.1.34][50100] -> [..111.221.74.46][..443] - idle: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] - idle: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - end: [....18] [ip4][..tcp] [...192.168.1.34][50029] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: TLS (probably) Not Carrying HTTPS - idle: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [TLS][Dropbox][Web][Safe] - idle: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - not-detected: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] - idle: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...253] [ip4][..tcp] [...192.168.1.34][50123] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...253] [ip4][..tcp] [...192.168.1.34][50123] -> [...80.14.46.121][.4415] - not-detected: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] - not-detected: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] - idle: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] - idle: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] - not-detected: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] - idle: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] - idle: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - end: [...215] [ip4][..tcp] [...192.168.1.34][50090] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: Obsolete TLS (v1.1 or older) - idle: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - idle: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - end: [...242] [ip4][..tcp] [...192.168.1.34][50111] -> [.91.190.216.125][..443] [TLS][Unknown][Web][Safe] - idle: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] - not-detected: [...246] [ip4][..tcp] [...192.168.1.34][50115] -> [....86.31.35.30][59621] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...246] [ip4][..tcp] [...192.168.1.34][50115] -> [....86.31.35.30][59621] - not-detected: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...251] [ip4][..tcp] [...192.168.1.34][50121] -> [...81.83.77.141][17639] - not-detected: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] - end: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: TLS (probably) Not Carrying HTTPS - idle: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] - not-detected: [...213] [ip4][..tcp] [...192.168.1.34][50088] -> [.157.55.235.146][33033] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...213] [ip4][..tcp] [...192.168.1.34][50088] -> [.157.55.235.146][33033] - idle: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - guessed: [...167] [ip4][..tcp] [...192.168.1.34][50066] -> [...65.55.223.12][..443] [TLS][Unknown][Web][Safe] - end: [...167] [ip4][..tcp] [...192.168.1.34][50066] -> [...65.55.223.12][..443] - idle: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [TLS][Apple][Web][Safe] - RISK: Known Proto on Non Std Port - idle: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] - idle: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - guessed: [...225] [ip4][..tcp] [...192.168.1.34][50102] -> [...65.55.223.15][..443] [TLS][Unknown][Web][Safe] - end: [...225] [ip4][..tcp] [...192.168.1.34][50102] -> [...65.55.223.15][..443] - idle: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...291] [ip4][..tcp] [...192.168.1.34][50145] -> [...157.56.53.51][12350] [Unknown][Unknown][Unrated] - RISK: Unidirectional Traffic - idle: [...291] [ip4][..tcp] [...192.168.1.34][50145] -> [...157.56.53.51][12350] - guessed: [....64] [ip4][..tcp] [...192.168.1.34][50037] -> [..157.55.56.170][..443] [TLS][Unknown][Web][Safe] - end: [....64] [ip4][..tcp] [...192.168.1.34][50037] -> [..157.55.56.170][..443] - guessed: [....99] [ip4][..tcp] [...192.168.1.34][50045] -> [.157.55.130.167][..443] [TLS][Unknown][Web][Safe] - end: [....99] [ip4][..tcp] [...192.168.1.34][50045] -> [.157.55.130.167][..443] - guessed: [...112] [ip4][..tcp] [...192.168.1.34][50048] -> [.157.55.130.150][..443] [TLS][Unknown][Web][Safe] - end: [...112] [ip4][..tcp] [...192.168.1.34][50048] -> [.157.55.130.150][..443] - guessed: [...122] [ip4][..tcp] [...192.168.1.34][50051] -> [.157.55.130.166][..443] [TLS][Unknown][Web][Safe] - end: [...122] [ip4][..tcp] [...192.168.1.34][50051] -> [.157.55.130.166][..443] - guessed: [...141] [ip4][..tcp] [...192.168.1.34][50056] -> [..157.55.56.146][..443] [TLS][Unknown][Web][Safe] - end: [...141] [ip4][..tcp] [...192.168.1.34][50056] -> [..157.55.56.146][..443] - guessed: [...142] [ip4][..tcp] [...192.168.1.34][50057] -> [.157.55.130.153][..443] [TLS][Unknown][Web][Safe] - end: [...142] [ip4][..tcp] [...192.168.1.34][50057] -> [.157.55.130.153][..443] - not-detected: [...245] [ip4][..tcp] [...192.168.1.34][50114] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...245] [ip4][..tcp] [...192.168.1.34][50114] -> [..5.248.186.221][31010] - not-detected: [...249] [ip4][..tcp] [...192.168.1.34][50118] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - end: [...249] [ip4][..tcp] [...192.168.1.34][50118] -> [..5.248.186.221][31010] - guessed: [...174] [ip4][..tcp] [...192.168.1.34][50069] -> [..157.55.56.160][..443] [TLS][Unknown][Web][Safe] - end: [...174] [ip4][..tcp] [...192.168.1.34][50069] -> [..157.55.56.160][..443] - guessed: [...183] [ip4][..tcp] [...192.168.1.34][50072] -> [.157.55.130.170][..443] [TLS][Unknown][Web][Safe] - end: [...183] [ip4][..tcp] [...192.168.1.34][50072] -> [.157.55.130.170][..443] - idle: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] - guessed: [...203] [ip4][..tcp] [...192.168.1.34][50078] -> [.157.55.130.173][..443] [TLS][Unknown][Web][Safe] - end: [...203] [ip4][..tcp] [...192.168.1.34][50078] -> [.157.55.130.173][..443] - guessed: [...205] [ip4][..tcp] [...192.168.1.34][50080] -> [.157.55.235.156][..443] [TLS][Unknown][Web][Safe] - end: [...205] [ip4][..tcp] [...192.168.1.34][50080] -> [.157.55.235.156][..443] - guessed: [...209] [ip4][..tcp] [...192.168.1.34][50081] -> [.157.55.130.176][..443] [TLS][Unknown][Web][Safe] - end: [...209] [ip4][..tcp] [...192.168.1.34][50081] -> [.157.55.130.176][..443] - not-detected: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] - idle: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] - guessed: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] [TLS][Unknown][Web][Safe] - end: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] - guessed: [...218] [ip4][..tcp] [...192.168.1.34][50094] -> [.157.55.130.155][..443] [TLS][Unknown][Web][Safe] - end: [...218] [ip4][..tcp] [...192.168.1.34][50094] -> [.157.55.130.155][..443] - guessed: [....71] [ip4][..tcp] [...192.168.1.34][50039] -> [213.199.179.175][..443] [TLS][Unknown][Web][Safe] - end: [....71] [ip4][..tcp] [...192.168.1.34][50039] -> [213.199.179.175][..443] - guessed: [...224] [ip4][..tcp] [...192.168.1.34][50101] -> [.157.55.235.176][..443] [TLS][Unknown][Web][Safe] - end: [...224] [ip4][..tcp] [...192.168.1.34][50101] -> [.157.55.235.176][..443] - guessed: [...204] [ip4][..tcp] [...192.168.1.34][50079] -> [213.199.179.142][..443] [TLS][Unknown][Web][Safe] - end: [...204] [ip4][..tcp] [...192.168.1.34][50079] -> [213.199.179.142][..443] - idle: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...144] [ip4][..tcp] [...192.168.1.34][50059] -> [..111.221.74.38][40015] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...144] [ip4][..tcp] [...192.168.1.34][50059] -> [..111.221.74.38][40015] - not-detected: [...135] [ip4][..tcp] [...192.168.1.34][50055] -> [..111.221.74.47][40030] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...135] [ip4][..tcp] [...192.168.1.34][50055] -> [..111.221.74.47][40030] - idle: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...211] [ip4][..tcp] [...192.168.1.34][50086] -> [.111.221.77.142][40023] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...211] [ip4][..tcp] [...192.168.1.34][50086] -> [.111.221.77.142][40023] - not-detected: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] - idle: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - not-detected: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] - end: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - idle: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: Obsolete TLS (v1.1 or older) - idle: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] [NTP][Apple][System][Acceptable] - idle: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - guessed: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - idle: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] - idle: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] - not-detected: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] - idle: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...161] [ip4][..tcp] [...192.168.1.34][50065] -> [...65.55.223.12][40031] [Unknown][Unknown][Unrated] - end: [...161] [ip4][..tcp] [...192.168.1.34][50065] -> [...65.55.223.12][40031] - DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype_no_unknown.pcap.out b/test/results/flow-info/default/skype_no_unknown.pcap.out deleted file mode 100644 index 07b6342b5..000000000 --- a/test/results/flow-info/default/skype_no_unknown.pcap.out +++ /dev/null @@ -1,1098 +0,0 @@ - DAEMON-EVENT: init - DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....1] [ip4][....2] [..192.168.1.219] -> [.....224.0.0.22] - detected: [.....1] [ip4][....2] [..192.168.1.219] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] - new: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] - detected: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][a.config.skype.com] - new: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] - detected: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][a.config.skype.com] - new: [.....4] [ip4][..udp] [...192.168.1.34][60688] -> [....192.168.1.1][...53] - detected: [.....4] [ip4][..udp] [...192.168.1.34][60688] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - new: [.....5] [ip4][..udp] [...192.168.1.34][58631] -> [....192.168.1.1][...53] - detected: [.....5] [ip4][..udp] [...192.168.1.34][58631] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - new: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] - detected: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - new: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] - detected: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - new: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] - detected: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][apps.skypeassets.com] - new: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] - detected: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][db3msgr5011709.gateway.messenger.live.com] - detection-update: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][db3msgr5011709.gateway.messenger.live.com] - new: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] - new: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] - detected: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn13.d.skype.net] - new: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] - detected: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn13.d.skype.net] - new: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] - new: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] - detected: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst11.r.skype.net] - new: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] - detected: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst11.r.skype.net] - detected: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS][Unknown][Web][Safe][] - RISK: Obsolete TLS (v1.1 or older) - detection-update: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][] - RISK: Obsolete TLS (v1.1 or older) - new: [....16] [ip4][..udp] [...192.168.1.34][63514] -> [....192.168.1.1][...53] - detected: [....16] [ip4][..udp] [...192.168.1.34][63514] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - detection-update: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][a.config.skype.com] - RISK: Unidirectional Traffic - detection-update: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][a.config.skype.com] - RISK: Unidirectional Traffic - new: [....17] [ip4][..udp] [...192.168.1.34][63661] -> [....192.168.1.1][...53] - detected: [....17] [ip4][..udp] [...192.168.1.34][63661] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - detection-update: [....17] [ip4][..udp] [...192.168.1.34][63661] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - new: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] - detection-update: [.....5] [ip4][..udp] [...192.168.1.34][58631] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [...192.168.1.34][60688] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][conn.skype.akadns.net] - RISK: Unidirectional Traffic - detected: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][apps.skype.com] - RISK: TLS (probably) Not Carrying HTTPS - detection-update: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - RISK: Unidirectional Traffic - detection-update: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][api.skype.com] - RISK: Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn13.d.skype.net] - RISK: Unidirectional Traffic - detection-update: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][dsn13.d.skype.net] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst11.r.skype.net] - RISK: Unidirectional Traffic - detection-update: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst11.r.skype.net] - RISK: Unidirectional Traffic - new: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [MIDSTREAM] - detected: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] - RISK: Known Proto on Non Std Port - analyse: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 0.302| 0.085| 0.091| 8331.101| 4.100] - [PKTLEN......: 52.000| 1492.000| 357.800| 468.900| 219872.600| 4.000] - [BINS(c->s)..: 9,1,1,1,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0] - [BINS(s->c)..: 5,1,0,1,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0] - [DIRECTIONS..: 0,1,0,0,1,1,0,1,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,1,1] - [IATS(ms)....: 75.6,75.7,27.5,108.8,0.2,81.5,75.6,0.8,76.4,15.4,302.2,286.8,74.7,74.7,0.5,91.1,90.5,1.7,83.6,81.9,0.3,247.1,246.9,0.3,0.2,0.3,92.3,92.0,289.8,38.7,0.0] - [PKTLENS.....: 64,56,52,146,1492,72,52,1492,850,52,159,52,111,111,52,281,233,52,681,233,52,249,745,52,265,52,617,153,1369,52,1492,57] - [ENTROPIES...: 4.6,5.2,5.2,5.7,7.0,5.6,5.1,7.5,7.7,5.1,6.7,5.2,6.0,6.1,5.1,7.3,7.0,5.1,7.7,7.0,5.1,7.2,7.7,5.2,7.2,5.2,7.7,6.6,7.9,5.2,7.9,5.3] - new: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] - detected: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] - detected: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [....22] [ip4][..tcp] [...192.168.1.34][51232] -> [...157.56.52.28][..443] - detection-update: [....16] [ip4][..udp] [...192.168.1.34][63514] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] - RISK: Unidirectional Traffic - new: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [MIDSTREAM] - detected: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - detection-update: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - detection-update: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - detection-update: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - analyse: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - min| max| avg| stddev| variance| entropy - [IAT.........: 0.000| 1.077| 0.148| 0.323| 104108.532| 2.700] - [PKTLEN......: 40.000| 666.000| 224.900| 252.700| 63877.700| 4.200] - [BINS(c->s)..: 10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 8,3,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,0,1,1,1,1,0,0,1,1,0,0,0,0,1,1,1,1,0,0,1,1,0,0,0,0,1,1,1,0,1,0] - [IATS(ms)....: 0.1,141.8,4.6,11.8,0.0,158.2,0.0,1.4,0.0,1.4,0.0,933.1,0.1,1077.4,3.9,16.1,0.0,164.2,0.0,1.9,0.0,1.8,0.0,866.4,0.1,1010.6,5.0,11.8,160.8,0.2,0.1] - [PKTLENS.....: 666,608,46,46,373,76,40,40,642,66,40,40,659,616,46,46,373,76,40,40,647,66,40,40,663,542,46,46,373,40,76,40] - [ENTROPIES...: 7.7,7.7,4.7,4.5,7.4,5.7,4.8,4.9,7.6,5.6,4.8,4.8,7.7,7.7,4.6,4.6,7.5,5.7,4.8,4.8,7.7,5.6,4.8,4.9,7.7,7.6,4.6,4.5,7.4,4.8,5.8,4.8] - new: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] - detected: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][__msbrowse__] - new: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] - detected: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable][__msbrowse__] - new: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] - detected: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][lucasmacbookpro] - RISK: Unsafe Protocol - new: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] - detected: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][alicegate] - RISK: Unsafe Protocol - new: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] - detected: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] - new: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] - detected: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][lucas-imac] - RISK: Unsafe Protocol - new: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] - detected: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][lucas-imac] - new: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] - detected: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] - new: [....32] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] - detected: [....32] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] - detection-update: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] - new: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] - detected: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] - detected: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] - detected: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] - detected: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] - detected: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] - detected: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] - detected: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] - detected: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] - detected: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] - detected: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] - detected: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] - detected: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] - detected: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] - detected: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] - detected: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] - detected: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] - detected: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] - detected: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] - detected: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] - detected: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] - detected: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] - detected: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] - detected: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] - detected: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] - detected: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] - detected: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - new: [....59] [ip4][..tcp] [...192.168.1.34][51234] -> [.157.55.235.147][40001] - new: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] - new: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] - new: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] - detected: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] - detected: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] - detected: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] - detected: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] - detected: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....67] [ip4][..tcp] [...192.168.1.34][51237] -> [.157.55.130.176][40022] - new: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] - detected: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] - detected: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] - detected: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] - detected: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] - detected: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] - new: [....74] [ip4][..tcp] [...192.168.1.34][51239] -> [...65.55.223.45][..443] - new: [....75] [ip4][..tcp] [...192.168.1.34][51240] -> [..111.221.74.45][..443] - new: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] - detected: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] - detected: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] - detected: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] - detected: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] - detected: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....81] [ip4][..tcp] [...192.168.1.34][51241] -> [.157.55.130.176][..443] - new: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] - detected: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] - detected: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] - detected: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] - detected: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] - detected: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] - detected: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] - detected: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] - detected: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] - detected: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] - detected: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] - detected: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] - detected: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] - detected: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] - detected: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] - detected: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....97] [ip4][..tcp] [...192.168.1.34][51246] -> [...157.56.52.44][40020] - new: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] - detected: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] - detected: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] - detected: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] - detected: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] - detected: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] - detected: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] - detected: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] - detected: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] - detected: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] - detected: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...108] [ip4][..tcp] [...192.168.1.34][51247] -> [...157.56.52.44][..443] - new: [...109] [ip4][..tcp] [...192.168.1.34][51248] -> [.111.221.77.175][40030] - new: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.13][40021] - detected: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.13][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.27][40027] - detected: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...112] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] - detected: [...112] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...113] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40008] - detected: [...113] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.42][40005] - detected: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.42][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.16][40032] - detected: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40018] - detected: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40031] - detected: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40032] - detected: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.20][40033] - detected: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...120] [ip4][..tcp] [...192.168.1.34][51250] -> [.111.221.77.175][..443] - new: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] - new: [...122] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40016] - detected: [...122] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.20][40033] - detected: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.144][40032] - detected: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.144][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40004] - detected: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40033] - detected: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [MIDSTREAM] - detected: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [TLS][Dropbox][Web][Safe] - new: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] - detected: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40016] - detected: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...130] [ip4][..tcp] [...192.168.1.34][51253] -> [....64.4.23.166][..443] - new: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40026] - detected: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] - detected: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...133] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.152][40022] - detected: [...133] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.152][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...134] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.172][40011] - detected: [...134] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.172][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...135] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] - detected: [...135] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.176][40001] - detected: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.176][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] - detected: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40027] - detected: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...139] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] - detected: [...139] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - new: [...140] [ip4][....2] [..192.168.1.229] -> [....224.0.0.251] - detected: [...140] [ip4][....2] [..192.168.1.229] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - new: [...141] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] - detected: [...141] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...142] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.149][40030] - detected: [...142] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...143] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.171][40030] - detected: [...143] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.171][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...144] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40031] - detected: [...144] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.148][40033] - detected: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.148][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - ERROR-EVENT: Unknown packet type [1/16] - new: [...146] [ip4][..tcp] [...192.168.1.34][51255] -> [.157.55.130.142][40005] - new: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] - new: [...148] [ip4][..tcp] [...192.168.1.34][51257] -> [.157.55.235.170][40032] - new: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] - new: [...150] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40016] - detected: [...150] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] - detected: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.140][40011] - detected: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.140][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...153] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.167][40031] - detected: [...153] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.167][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] - detected: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] - detected: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [...156] [ip4][..udp] [...192.168.1.34][64258] -> [....192.168.1.1][...53] - detected: [...156] [ip4][..udp] [...192.168.1.34][64258] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - new: [...157] [ip4][..tcp] [...192.168.1.34][51259] -> [.111.221.77.142][..443] - new: [...158] [ip4][..tcp] [...192.168.1.34][51260] -> [.157.55.130.142][..443] - new: [...159] [ip4][..tcp] [...192.168.1.34][51261] -> [.157.55.235.170][..443] - new: [...160] [ip4][..tcp] [...192.168.1.34][51262] -> [213.199.179.176][..443] - new: [...161] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] - detected: [...161] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40024] - detected: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.42][40024] - detected: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - detection-update: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - detection-update: [...156] [ip4][..udp] [...192.168.1.34][64258] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][b.config.skype.com] - RISK: Unidirectional Traffic - new: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] - detected: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.38][40015] - detected: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...166] [ip4][..udp] [...192.168.1.34][61095] -> [....192.168.1.1][...53] - detected: [...166] [ip4][..udp] [...192.168.1.34][61095] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...167] [ip4][..udp] [...192.168.1.34][55866] -> [....192.168.1.1][...53] - detected: [...167] [ip4][..udp] [...192.168.1.34][55866] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - new: [...168] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.38][40015] - detected: [...168] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.40][40017] - detected: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.40][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - detection-update: [...167] [ip4][..udp] [...192.168.1.34][55866] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - detection-update: [...166] [ip4][..udp] [...192.168.1.34][61095] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][pipe.prd.skypedata.akadns.net] - RISK: Unidirectional Traffic - new: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] - new: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.171][40031] - detected: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.171][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] - detected: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40023] - detected: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...174] [ip4][....2] [..192.168.1.219] -> [...233.89.188.1] - detected: [...174] [ip4][....2] [..192.168.1.219] -> [...233.89.188.1] [IGMP][Unknown][Network][Acceptable] - new: [...175] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40003] - detected: [...175] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...176] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.158][40021] - detected: [...176] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.158][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...177] [ip4][..tcp] [...192.168.1.34][51268] -> [..111.221.74.18][..443] - new: [...178] [ip4][..tcp] [...192.168.1.34][51269] -> [213.199.179.175][40029] - new: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.171][40006] - detected: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.171][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.173][40003] - detected: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.173][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.143][40018] - detected: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] - detected: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...183] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40006] - detected: [...183] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.150][40014] - detected: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.150][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...185] [ip4][..tcp] [...192.168.1.34][51271] -> [213.199.179.175][..443] - new: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] - new: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.147][40014] - detected: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.147][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][40025] - detected: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40022] - detected: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][40030] - detected: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...191] [ip4][..tcp] [...192.168.1.34][51274] -> [.157.55.235.152][..443] - new: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.170][40018] - detected: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.170][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.159][40016] - detected: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.159][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...194] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.170][40021] - detected: [...194] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.170][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...195] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40029] - detected: [...195] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...196] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40027] - detected: [...196] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.16][40032] - detected: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] - detected: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst0.r.skype.net] - new: [...199] [ip4][..udp] [...192.168.1.34][64364] -> [....192.168.1.1][...53] - detected: [...199] [ip4][..udp] [...192.168.1.34][64364] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst0.r.skype.net] - new: [...200] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.149][40030] - detected: [...200] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.29][40010] - detected: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - detection-update: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst0.r.skype.net] - RISK: Unidirectional Traffic - detection-update: [...199] [ip4][..udp] [...192.168.1.34][64364] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst0.r.skype.net] - RISK: Unidirectional Traffic - new: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.43][40006] - detected: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...203] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] - detected: [...203] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...204] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40030] - detected: [...204] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...205] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.144][40009] - detected: [...205] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.144][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] - detected: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....16] [ip4][..udp] [...192.168.1.34][63514] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....17] [ip4][..udp] [...192.168.1.34][63661] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - update: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....5] [ip4][..udp] [...192.168.1.34][58631] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....4] [ip4][..udp] [...192.168.1.34][60688] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - new: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] - new: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] - new: [...209] [ip4][..tcp] [...192.168.1.34][51278] -> [....64.4.23.159][40009] - new: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] - new: [...211] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] - detected: [...211] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...212] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.173][40012] - detected: [...212] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...213] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40023] - detected: [...213] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...214] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] - detected: [...214] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...215] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] - detected: [...215] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...216] [ip4][..tcp] [...192.168.1.34][51280] -> [.157.55.235.146][..443] - new: [...217] [ip4][..tcp] [...192.168.1.34][51281] -> [.157.55.235.156][..443] - new: [...218] [ip4][..tcp] [...192.168.1.34][51282] -> [....64.4.23.159][..443] - new: [...219] [ip4][..tcp] [...192.168.1.34][51283] -> [..111.221.74.48][..443] - new: [...220] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] - detected: [...220] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...221] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] - detected: [...221] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...222] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] - detected: [...222] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...223] [ip4][..udp] [...192.168.1.34][59237] -> [239.255.255.250][.1900] - detected: [...223] [ip4][..udp] [...192.168.1.34][59237] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...224] [ip4][..udp] [...192.168.1.34][58061] -> [239.255.255.250][.1900] - detected: [...224] [ip4][..udp] [...192.168.1.34][58061] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] - new: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] - detected: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - new: [...226] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] - detected: [...226] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - new: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] - detection-update: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - new: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] - analyse: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 1.297| 0.245| 0.278| 77244.252| 4.100] - [PKTLEN......: 52.000| 1492.000| 166.600| 288.600| 83264.900| 3.900] - [BINS(c->s)..: 11,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 11,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] - [DIRECTIONS..: 0,0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0] - [IATS(ms)....: 1006.2,1296.9,290.8,0.6,292.8,2.2,294.3,0.5,293.3,292.8,39.6,39.6,253.3,253.3,40.1,40.1,350.4,0.0,350.4,293.9,293.9,0.1,334.3,334.2,300.0,0.0,300.0,2.1,4.2,292.4,290.3] - [PKTLENS.....: 64,64,60,52,102,52,155,52,60,60,52,52,98,81,52,52,91,52,55,52,196,52,56,52,661,52,56,52,1492,106,603,595] - [ENTROPIES...: 4.6,4.7,5.4,5.2,6.1,5.3,6.7,5.2,5.4,5.4,5.2,5.2,6.3,6.0,5.2,5.1,6.2,5.3,5.2,5.3,6.9,5.2,5.3,5.2,7.7,5.2,5.3,5.2,7.9,6.2,7.7,7.6] - new: [...229] [ip4][..tcp] [...192.168.1.34][51286] -> [.91.190.218.125][..443] - new: [...230] [ip4][..udp] [...192.168.1.34][13021] -> [.174.49.171.224][32011] - detected: [...230] [ip4][..udp] [...192.168.1.34][13021] -> [.174.49.171.224][32011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...231] [ip4][..udp] [...192.168.1.34][13021] -> [...83.31.12.173][23939] - detected: [...231] [ip4][..udp] [...192.168.1.34][13021] -> [...83.31.12.173][23939] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...232] [ip4][..udp] [...192.168.1.34][13021] -> [.189.138.161.88][19521] - detected: [...232] [ip4][..udp] [...192.168.1.34][13021] -> [.189.138.161.88][19521] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...233] [ip4][..udp] [...192.168.1.34][13021] -> [189.188.134.174][22436] - detected: [...233] [ip4][..udp] [...192.168.1.34][13021] -> [189.188.134.174][22436] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] - new: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] - new: [...236] [ip4][..tcp] [...192.168.1.34][51290] -> [..5.248.186.221][31010] - new: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.14][..443] - detected: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.14][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...238] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.141][..443] - detected: [...238] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.141][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...239] [ip4][..tcp] [...192.168.1.34][51291] -> [...81.83.77.141][17639] - new: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] - new: [...241] [ip4][..tcp] [...192.168.1.34][51293] -> [..5.248.186.221][31010] - new: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] - new: [...243] [ip4][..udp] [...192.168.1.34][59788] -> [....192.168.1.1][...53] - detected: [...243] [ip4][..udp] [...192.168.1.34][59788] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - detection-update: [...243] [ip4][..udp] [...192.168.1.34][59788] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][e4593.g.akamaiedge.net] - new: [...244] [ip4][..tcp] [...192.168.1.34][51295] -> [..23.206.33.166][..443] - detected: [...244] [ip4][..tcp] [...192.168.1.34][51295] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable][apps.skype.com] - RISK: Obsolete TLS (v1.1 or older) - new: [...245] [ip4][..tcp] [...192.168.1.34][51296] -> [.91.190.216.125][12350] - new: [...246] [ip4][..tcp] [...192.168.1.34][51297] -> [..91.190.216.24][12350] - new: [...247] [ip4][..tcp] [...192.168.1.34][51298] -> [.82.224.110.241][38895] - new: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] - new: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] - update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable] - update: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - update: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - update: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - update: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - update: [....32] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] - new: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] - new: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] - analyse: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 2.004| 0.281| 0.501| 251090.993| 3.500] - [PKTLEN......: 52.000| 1176.000| 143.200| 243.000| 59065.600| 3.900] - [BINS(c->s)..: 13,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 9,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,1,0,0,1,0,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1] - [IATS(ms)....: 69.8,69.9,0.1,64.1,63.9,0.4,65.4,65.0,2.0,66.7,64.9,268.0,267.9,126.5,126.5,3.7,173.4,169.7,0.2,68.9,95.7,164.4,0.2,67.0,66.9,198.4,1936.2,2004.1,795.9,1062.3,592.6] - [PKTLENS.....: 64,60,52,117,80,52,68,66,52,804,66,52,52,56,1176,52,608,95,96,78,52,95,52,79,73,52,52,90,52,91,52,97] - [ENTROPIES...: 4.6,5.3,5.2,6.3,5.7,5.2,5.6,5.6,5.2,7.7,5.6,5.2,5.2,5.3,7.8,5.2,7.7,6.1,6.2,5.7,5.1,6.0,5.1,5.9,5.7,5.2,5.2,6.0,5.2,6.0,5.2,6.1] - new: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] - new: [...254] [ip4][..tcp] [...192.168.1.34][51306] -> [...80.121.84.93][62381] - new: [...255] [ip4][..tcp] [...192.168.1.34][51307] -> [...149.13.32.15][13392] - new: [...256] [ip4][..tcp] [...192.168.1.34][51308] -> [...80.121.84.93][..443] - detected: [...255] [ip4][..tcp] [...192.168.1.34][51307] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...257] [ip4][..tcp] [...192.168.1.34][51309] -> [...149.13.32.15][13392] - new: [...258] [ip4][..tcp] [...192.168.1.34][51311] -> [..93.79.224.176][14506] - new: [...259] [ip4][..tcp] [...192.168.1.34][51312] -> [...149.13.32.15][13392] - detected: [...259] [ip4][..tcp] [...192.168.1.34][51312] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] - new: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] - update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - update: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - new: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] - detected: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] - new: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] - detected: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - new: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] - new: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] - detected: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - analyse: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - min| max| avg| stddev| variance| entropy - [IAT.........: < 0.001| 19.857| 1.935| 5.865| 34398418.239| 1.700] - [PKTLEN......: 313.000| 391.000| 356.700| 29.100| 844.300| 5.000] - [BINS(c->s)..: 0,0,0,0,0,0,0,0,4,9,7,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] - [IATS(ms)....: 0.6,0.6,0.5,0.5,0.5,99.7,0.6,0.6,0.6,19856.6,16.2,17.0,16.6,16.5,16.7,19850.6,16.2,16.5,16.7,16.7,16.6,17.0,16.6,16.7,16.6,19850.6,16.0,16.7,16.8,16.7,16.6] - [PKTLENS.....: 319,337,391,383,313,355,387,333,385,379,313,355,387,333,385,379,319,337,391,383,313,355,387,333,385,379,319,337,391,383,313,355] - [ENTROPIES...: 5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7] - new: [...267] [ip4][..tcp] [...192.168.1.34][51319] -> [...212.161.8.36][13392] - idle: [...233] [ip4][..udp] [...192.168.1.34][13021] -> [189.188.134.174][22436] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - guessed: [....75] [ip4][..tcp] [...192.168.1.34][51240] -> [..111.221.74.45][..443] [TLS][Unknown][Web][Safe] - end: [....75] [ip4][..tcp] [...192.168.1.34][51240] -> [..111.221.74.45][..443] - idle: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - guessed: [...120] [ip4][..tcp] [...192.168.1.34][51250] -> [.111.221.77.175][..443] [TLS][Unknown][Web][Safe] - end: [...120] [ip4][..tcp] [...192.168.1.34][51250] -> [.111.221.77.175][..443] - guessed: [...157] [ip4][..tcp] [...192.168.1.34][51259] -> [.111.221.77.142][..443] [TLS][Unknown][Web][Safe] - end: [...157] [ip4][..tcp] [...192.168.1.34][51259] -> [.111.221.77.142][..443] - guessed: [...177] [ip4][..tcp] [...192.168.1.34][51268] -> [..111.221.74.18][..443] [TLS][Unknown][Web][Safe] - end: [...177] [ip4][..tcp] [...192.168.1.34][51268] -> [..111.221.74.18][..443] - guessed: [...219] [ip4][..tcp] [...192.168.1.34][51283] -> [..111.221.74.48][..443] [TLS][Unknown][Web][Safe] - RISK: TCP Connection Issues - end: [...219] [ip4][..tcp] [...192.168.1.34][51283] -> [..111.221.74.48][..443] - idle: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...166] [ip4][..udp] [...192.168.1.34][61095] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...231] [ip4][..udp] [...192.168.1.34][13021] -> [...83.31.12.173][23939] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.42][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...214] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.40][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.13][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] - end: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: TLS (probably) Not Carrying HTTPS - not-detected: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] - idle: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - end: [...244] [ip4][..tcp] [...192.168.1.34][51295] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: Obsolete TLS (v1.1 or older) - idle: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] - RISK: Known Proto on Non Std Port - guessed: [...229] [ip4][..tcp] [...192.168.1.34][51286] -> [.91.190.218.125][..443] [TLS][Unknown][Web][Safe] - end: [...229] [ip4][..tcp] [...192.168.1.34][51286] -> [.91.190.218.125][..443] - idle: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...258] [ip4][..tcp] [...192.168.1.34][51311] -> [..93.79.224.176][14506] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...258] [ip4][..tcp] [...192.168.1.34][51311] -> [..93.79.224.176][14506] - not-detected: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] - guessed: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] [TLS][Unknown][Web][Safe] - end: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] - not-detected: [...239] [ip4][..tcp] [...192.168.1.34][51291] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...239] [ip4][..tcp] [...192.168.1.34][51291] -> [...81.83.77.141][17639] - not-detected: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...242] [ip4][..tcp] [...192.168.1.34][51294] -> [...81.83.77.141][17639] - not-detected: [...247] [ip4][..tcp] [...192.168.1.34][51298] -> [.82.224.110.241][38895] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...247] [ip4][..tcp] [...192.168.1.34][51298] -> [.82.224.110.241][38895] - not-detected: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] - idle: [...226] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - idle: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - not-detected: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] - not-detected: [...209] [ip4][..tcp] [...192.168.1.34][51278] -> [....64.4.23.159][40009] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...209] [ip4][..tcp] [...192.168.1.34][51278] -> [....64.4.23.159][40009] - idle: [...139] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - idle: [...140] [ip4][....2] [..192.168.1.229] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] - idle: [.....1] [ip4][....2] [..192.168.1.219] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] - idle: [....16] [ip4][..udp] [...192.168.1.34][63514] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - guessed: [....74] [ip4][..tcp] [...192.168.1.34][51239] -> [...65.55.223.45][..443] [TLS][Unknown][Web][Safe] - end: [....74] [ip4][..tcp] [...192.168.1.34][51239] -> [...65.55.223.45][..443] - idle: [...203] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - guessed: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] [TLS][Unknown][Web][Safe] - end: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] - not-detected: [...236] [ip4][..tcp] [...192.168.1.34][51290] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...236] [ip4][..tcp] [...192.168.1.34][51290] -> [..5.248.186.221][31010] - guessed: [....81] [ip4][..tcp] [...192.168.1.34][51241] -> [.157.55.130.176][..443] [TLS][Unknown][Web][Safe] - end: [....81] [ip4][..tcp] [...192.168.1.34][51241] -> [.157.55.130.176][..443] - idle: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - not-detected: [...241] [ip4][..tcp] [...192.168.1.34][51293] -> [..5.248.186.221][31010] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...241] [ip4][..tcp] [...192.168.1.34][51293] -> [..5.248.186.221][31010] - guessed: [...158] [ip4][..tcp] [...192.168.1.34][51260] -> [.157.55.130.142][..443] [TLS][Unknown][Web][Safe] - end: [...158] [ip4][..tcp] [...192.168.1.34][51260] -> [.157.55.130.142][..443] - guessed: [...159] [ip4][..tcp] [...192.168.1.34][51261] -> [.157.55.235.170][..443] [TLS][Unknown][Web][Safe] - end: [...159] [ip4][..tcp] [...192.168.1.34][51261] -> [.157.55.235.170][..443] - idle: [...230] [ip4][..udp] [...192.168.1.34][13021] -> [.174.49.171.224][32011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - guessed: [...191] [ip4][..tcp] [...192.168.1.34][51274] -> [.157.55.235.152][..443] [TLS][Unknown][Web][Safe] - end: [...191] [ip4][..tcp] [...192.168.1.34][51274] -> [.157.55.235.152][..443] - guessed: [...216] [ip4][..tcp] [...192.168.1.34][51280] -> [.157.55.235.146][..443] [TLS][Unknown][Web][Safe] - end: [...216] [ip4][..tcp] [...192.168.1.34][51280] -> [.157.55.235.146][..443] - guessed: [...217] [ip4][..tcp] [...192.168.1.34][51281] -> [.157.55.235.156][..443] [TLS][Unknown][Web][Safe] - end: [...217] [ip4][..tcp] [...192.168.1.34][51281] -> [.157.55.235.156][..443] - idle: [....17] [ip4][..udp] [...192.168.1.34][63661] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - guessed: [...160] [ip4][..tcp] [...192.168.1.34][51262] -> [213.199.179.176][..443] [TLS][Unknown][Web][Safe] - end: [...160] [ip4][..tcp] [...192.168.1.34][51262] -> [213.199.179.176][..443] - guessed: [...185] [ip4][..tcp] [...192.168.1.34][51271] -> [213.199.179.175][..443] [TLS][Unknown][Web][Safe] - end: [...185] [ip4][..tcp] [...192.168.1.34][51271] -> [213.199.179.175][..443] - not-detected: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] - idle: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - idle: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - idle: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol - idle: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [...174] [ip4][....2] [..192.168.1.219] -> [...233.89.188.1] [IGMP][Unknown][Network][Acceptable] - idle: [...232] [ip4][..udp] [...192.168.1.34][13021] -> [.189.138.161.88][19521] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] - idle: [....14] [ip4][..udp] [...192.168.1.34][57592] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...109] [ip4][..tcp] [...192.168.1.34][51248] -> [.111.221.77.175][40030] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...109] [ip4][..tcp] [...192.168.1.34][51248] -> [.111.221.77.175][40030] - not-detected: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...210] [ip4][..tcp] [...192.168.1.34][51279] -> [..111.221.74.48][40008] - not-detected: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] - idle: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.14][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...224] [ip4][..udp] [...192.168.1.34][58061] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [TLS][Dropbox][Web][Safe] - not-detected: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] - end: [...255] [ip4][..tcp] [...192.168.1.34][51307] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - not-detected: [...257] [ip4][..tcp] [...192.168.1.34][51309] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...257] [ip4][..tcp] [...192.168.1.34][51309] -> [...149.13.32.15][13392] - end: [...259] [ip4][..tcp] [...192.168.1.34][51312] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - not-detected: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] - end: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - idle: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] - RISK: Obsolete TLS (v1.1 or older) - guessed: [....22] [ip4][..tcp] [...192.168.1.34][51232] -> [...157.56.52.28][..443] [TLS][Unknown][Web][Safe] - end: [....22] [ip4][..tcp] [...192.168.1.34][51232] -> [...157.56.52.28][..443] - guessed: [...108] [ip4][..tcp] [...192.168.1.34][51247] -> [...157.56.52.44][..443] [TLS][Unknown][Web][Safe] - end: [...108] [ip4][..tcp] [...192.168.1.34][51247] -> [...157.56.52.44][..443] - idle: [...243] [ip4][..udp] [...192.168.1.34][59788] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - idle: [....32] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...167] [ip4][..udp] [...192.168.1.34][55866] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.176][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...175] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...221] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...215] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - guessed: [...256] [ip4][..tcp] [...192.168.1.34][51308] -> [...80.121.84.93][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - idle: [...256] [ip4][..tcp] [...192.168.1.34][51308] -> [...80.121.84.93][..443] - idle: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...176] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.158][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...135] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...142] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.171][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...112] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - not-detected: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] - idle: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [....59] [ip4][..tcp] [...192.168.1.34][51234] -> [.157.55.235.147][40001] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....59] [ip4][..tcp] [...192.168.1.34][51234] -> [.157.55.235.147][40001] - idle: [...156] [ip4][..udp] [...192.168.1.34][64258] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [....67] [ip4][..tcp] [...192.168.1.34][51237] -> [.157.55.130.176][40022] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....67] [ip4][..tcp] [...192.168.1.34][51237] -> [.157.55.130.176][40022] - not-detected: [...146] [ip4][..tcp] [...192.168.1.34][51255] -> [.157.55.130.142][40005] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...146] [ip4][..tcp] [...192.168.1.34][51255] -> [.157.55.130.142][40005] - not-detected: [...148] [ip4][..tcp] [...192.168.1.34][51257] -> [.157.55.235.170][40032] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...148] [ip4][..tcp] [...192.168.1.34][51257] -> [.157.55.235.170][40032] - not-detected: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] - idle: [...238] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.141][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] - not-detected: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] - idle: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] - idle: [...199] [ip4][..udp] [...192.168.1.34][64364] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...178] [ip4][..tcp] [...192.168.1.34][51269] -> [213.199.179.175][40029] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...178] [ip4][..tcp] [...192.168.1.34][51269] -> [213.199.179.175][40029] - idle: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...212] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...168] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...150] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...141] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...194] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.170][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...143] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.171][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] - not-detected: [....97] [ip4][..tcp] [...192.168.1.34][51246] -> [...157.56.52.44][40020] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [....97] [ip4][..tcp] [...192.168.1.34][51246] -> [...157.56.52.44][40020] - not-detected: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] [Unknown][Unknown][Unrated] - RISK: Unidirectional Traffic - idle: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] - not-detected: [...254] [ip4][..tcp] [...192.168.1.34][51306] -> [...80.121.84.93][62381] [Unknown][Unknown][Unrated] - RISK: Unidirectional Traffic - idle: [...254] [ip4][..tcp] [...192.168.1.34][51306] -> [...80.121.84.93][62381] - end: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] - idle: [.....5] [ip4][..udp] [...192.168.1.34][58631] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....4] [ip4][..udp] [...192.168.1.34][60688] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - guessed: [...130] [ip4][..tcp] [...192.168.1.34][51253] -> [....64.4.23.166][..443] [TLS][Unknown][Web][Safe] - end: [...130] [ip4][..tcp] [...192.168.1.34][51253] -> [....64.4.23.166][..443] - guessed: [...218] [ip4][..tcp] [...192.168.1.34][51282] -> [....64.4.23.159][..443] [TLS][Unknown][Web][Safe] - end: [...218] [ip4][..tcp] [...192.168.1.34][51282] -> [....64.4.23.159][..443] - idle: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...183] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...195] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...204] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] - end: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] - RISK: Known Proto on Non Std Port - not-detected: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] - not-detected: [...267] [ip4][..tcp] [...192.168.1.34][51319] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] - RISK: Unidirectional Traffic - idle: [...267] [ip4][..tcp] [...192.168.1.34][51319] -> [...212.161.8.36][13392] - idle: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.173][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...211] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.171][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...223] [ip4][..udp] [...192.168.1.34][59237] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...113] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.140][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...220] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.147][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.150][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...161] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.159][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...122] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] - idle: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.170][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...133] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.152][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...213] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...196] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] - RISK: TCP Connection Issues - end: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] - idle: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...153] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.167][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...144] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.144][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.148][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - not-detected: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] - not-detected: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] - end: [...228] [ip4][..tcp] [...192.168.1.34][51285] -> [.91.190.218.125][12350] - not-detected: [...245] [ip4][..tcp] [...192.168.1.34][51296] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - end: [...245] [ip4][..tcp] [...192.168.1.34][51296] -> [.91.190.216.125][12350] - not-detected: [...246] [ip4][..tcp] [...192.168.1.34][51297] -> [..91.190.216.24][12350] [Unknown][Unknown][Unrated] - RISK: Fully encrypted flow - idle: [...246] [ip4][..tcp] [...192.168.1.34][51297] -> [..91.190.216.24][12350] - not-detected: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] - end: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] - idle: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...205] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.144][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...134] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.172][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...222] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...200] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - idle: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype_udp.pcap.out b/test/results/flow-info/default/skype_udp.pcap.out deleted file mode 100644 index 15b7c5edc..000000000 --- a/test/results/flow-info/default/skype_udp.pcap.out +++ /dev/null @@ -1,9 +0,0 @@ - DAEMON-EVENT: init - DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....1] [ip4][..udp] [....192.168.1.2][35990] -> [.24.224.190.149][39262] - detected: [.....1] [ip4][..udp] [....192.168.1.2][35990] -> [.24.224.190.149][39262] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - idle: [.....1] [ip4][..udp] [....192.168.1.2][35990] -> [.24.224.190.149][39262] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun.pcap.out b/test/results/flow-info/default/stun.pcap.out index 9b081b1b5..273c8fc9c 100644 --- a/test/results/flow-info/default/stun.pcap.out +++ b/test/results/flow-info/default/stun.pcap.out @@ -10,7 +10,7 @@ detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable][turn.l.google.com] + detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com] new: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] detected: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] end: [.....1] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] @@ -18,7 +18,7 @@ DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] new: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] detected: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][] - idle: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] + idle: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] idle: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] @@ -61,8 +61,8 @@ DAEMON-EVENT: [Processed: 161 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 3] new: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] - detected: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable][] - analyse: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] + detected: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][] + analyse: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.836| 0.131| 0.227| 51553.292| 3.400] [PKTLEN......: 62.000| 1226.000| 179.200| 221.300| 48965.100| 4.400] @@ -81,9 +81,15 @@ detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Unidirectional Traffic detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Safe] - RISK: Missing SNI TLS Extn - idle: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] - idle: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Safe] - RISK: Missing SNI TLS Extn + detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] + idle: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] + DAEMON-EVENT: [Processed: 198 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 8|updates: 3] + new: [.....9] [ip6][..udp] [..............2600:1900:4160:5999::19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] + detected: [.....9] [ip6][..udp] [..............2600:1900:4160:5999::19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] + detection-update: [.....9] [ip6][..udp] [..............2600:1900:4160:5999::19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] + RISK: Unidirectional Traffic + idle: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] + idle: [.....9] [ip6][..udp] [..............2600:1900:4160:5999::19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_dtls_rtp.pcapng.out b/test/results/flow-info/default/stun_dtls_rtp.pcapng.out index a38b4961c..9a4573458 100644 --- a/test/results/flow-info/default/stun_dtls_rtp.pcapng.out +++ b/test/results/flow-info/default/stun_dtls_rtp.pcapng.out @@ -2,9 +2,9 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] - detected: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable][] + detected: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - analyse: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + analyse: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.258| 0.044| 0.058| 3387.402| 4.000] [PKTLEN......: 68.000| 1231.000| 221.200| 244.400| 59721.800| 4.400] @@ -14,6 +14,6 @@ [IATS(ms)....: 23.5,57.2,58.6,110.3,0.4,107.9,0.1,0.0,31.9,33.2,42.6,42.8,84.1,83.2,24.8,0.6,0.4,2.5,24.8,0.1,0.1,34.2,28.1,7.9,22.9,203.2,6.7,19.6,19.9,258.1,19.4] [PKTLENS.....: 144,128,185,1231,148,573,128,109,598,573,598,109,149,117,141,93,125,121,97,93,97,113,93,68,93,93,127,112,112,128,469,112] [ENTROPIES...: 6.0,5.8,5.0,7.4,5.9,6.8,5.9,5.7,7.4,6.7,7.4,5.7,6.3,5.9,6.3,5.5,6.0,5.9,5.7,5.4,5.4,5.8,5.5,5.5,5.5,5.5,6.1,6.2,6.3,6.0,7.5,6.2] - idle: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + idle: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out b/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out index 01966b217..d36a9ca46 100644 --- a/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out +++ b/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out @@ -6,10 +6,8 @@ RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [DTLS][Unknown][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [DTLS][Unknown][Network][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic + RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [DTLS][Unknown][Network][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out b/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out index a3bd46999..075026f10 100644 --- a/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out +++ b/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out @@ -6,8 +6,6 @@ RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [DTLS][Unknown][Safe] - RISK: Self-signed Cert, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [DTLS][Unknown][Network][Safe] RISK: Self-signed Cert, Unidirectional Traffic idle: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [DTLS][Unknown][Network][Safe] diff --git a/test/results/flow-info/default/stun_google_meet.pcapng.out b/test/results/flow-info/default/stun_google_meet.pcapng.out index 79c143ba4..536f4fc6c 100644 --- a/test/results/flow-info/default/stun_google_meet.pcapng.out +++ b/test/results/flow-info/default/stun_google_meet.pcapng.out @@ -8,12 +8,12 @@ detected: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN][Google][Network][Acceptable][] RISK: Known Proto on Non Std Port new: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] - detected: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable][] + detected: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port new: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] - detected: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable][] + detected: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - analyse: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + analyse: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.164| 0.015| 0.039| 1549.851| 2.400] [PKTLEN......: 65.000| 1231.000| 290.000| 203.200| 41279.000| 4.700] @@ -24,10 +24,10 @@ [PKTLENS.....: 152,92,148,185,92,1231,573,598,65,288,288,288,288,288,288,288,288,288,288,288,288,288,109,109,288,288,288,165,288,288,288,288] [ENTROPIES...: 5.9,5.7,5.9,5.0,5.7,7.3,6.8,7.4,4.6,7.1,7.1,7.2,7.1,7.0,7.0,7.1,7.1,7.0,7.1,7.1,7.1,7.1,5.7,5.7,7.0,7.1,7.0,6.4,7.2,7.1,7.1,7.1] new: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] - detected: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable][] + detected: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][] new: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] - detected: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable][] - analyse: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] + detected: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][] + analyse: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.000| 0.179| 0.232| 53990.769| 4.000] [PKTLEN......: 68.000| 565.000| 110.700| 85.700| 7337.900| 4.800] @@ -37,11 +37,11 @@ [IATS(ms)....: 28.7,31.6,20.7,57.3,57.1,114.9,326.7,7.6,0.3,359.3,399.5,20.9,399.5,20.8,60.3,761.6,238.3,310.5,33.1,16.7,106.5,1.4,298.5,11.7,401.0,18.9,1000.0,80.4,40.3,278.6,42.3] [PKTLENS.....: 152,92,148,92,148,92,565,91,73,93,68,107,73,91,73,148,92,68,80,91,73,80,80,107,73,91,73,68,148,92,128,91] [ENTROPIES...: 6.0,5.6,6.0,5.7,6.0,5.7,7.6,6.0,5.5,5.6,5.5,5.7,5.7,5.9,5.5,6.0,5.6,5.3,5.8,6.1,5.6,5.7,5.8,5.8,5.5,5.9,5.6,5.3,5.9,5.6,6.3,6.0] - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable][] + detection-update: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable][] + detection-update: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - analyse: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] + analyse: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.030| 8.438| 2.374| 2.514| 6318722.646| 4.300] [PKTLEN......: 92.000| 152.000| 118.200| 26.300| 690.900| 5.000] @@ -51,22 +51,22 @@ [IATS(ms)....: 30.2,90.8,78.2,1745.7,1745.6,749.7,749.8,2799.7,2799.8,3108.6,3108.4,997.5,997.5,1610.3,1610.3,582.5,582.8,6554.8,6554.5,8437.5,8437.6,882.4,882.5,6551.7,6551.4,792.4,792.6,993.0,993.0,897.1,896.9] [PKTLENS.....: 152,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92] [ENTROPIES...: 6.0,5.6,6.1,5.6,6.0,5.5,6.0,5.6,6.1,5.7,5.9,5.8,6.1,5.6,6.0,5.6,6.1,5.6,6.0,5.6,6.0,5.6,6.0,5.6,6.1,5.6,6.0,5.7,6.0,5.7,6.0,5.7] - update: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + update: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - update: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] - update: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable] + update: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] + update: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - update: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + update: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - update: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] - update: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable] + update: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] + update: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 214 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 6] new: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] - detected: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable][] + detected: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleCall][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - analyse: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + analyse: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.082| 0.009| 0.020| 398.613| 2.800] [PKTLEN......: 85.000| 1251.000| 300.000| 206.900| 42788.400| 4.700] @@ -76,16 +76,16 @@ [IATS(ms)....: 26.9,81.6,0.7,74.4,3.0,28.0,16.5,24.8,0.3,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,11.5,16.0,2.8,0.0,0.0,0.0,0.0,0.0,0.0] [PKTLENS.....: 172,124,168,205,124,1251,594,168,618,85,308,308,308,308,308,308,308,308,308,308,308,308,129,129,124,308,308,308,308,165,308,308] [ENTROPIES...: 6.0,5.7,5.8,5.0,5.9,7.3,6.7,5.9,7.4,4.7,7.0,7.1,7.1,7.1,7.0,7.0,7.1,7.1,7.0,7.1,7.0,7.1,5.7,5.7,5.7,7.1,7.1,7.0,7.0,6.1,7.0,7.0] - idle: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + idle: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + idle: [.....7] [ip6][..udp] [..2001:b07:a3d:c112:48a1:1094:1227:281e][45572] -> [...................2001:4860:4864:6::81][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] - idle: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable] + idle: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] + idle: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleMeet][Google][VoIP][Acceptable] + idle: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleMeet][Google][VoIP][Acceptable] - idle: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleMeet][Google][Network][Acceptable] + idle: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable] + idle: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleCall][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_signal.pcapng.out b/test/results/flow-info/default/stun_signal.pcapng.out index c8d3ea1fa..03a937b31 100644 --- a/test/results/flow-info/default/stun_signal.pcapng.out +++ b/test/results/flow-info/default/stun_signal.pcapng.out @@ -24,14 +24,14 @@ detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN][AmazonAWS][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][Network][Acceptable][] - detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable][] + detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable][] + detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable][] + detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable][] + detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] @@ -50,9 +50,9 @@ new: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] detected: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] new: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] - detected: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable][] + detected: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - analyse: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] + analyse: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.679| 0.149| 0.201| 40331.911| 3.900] [PKTLEN......: 56.000| 132.000| 91.900| 24.900| 621.500| 4.900] @@ -73,15 +73,15 @@ [IATS(ms)....: 4.1,63.0,0.0,180.8,3.5,1499.2,2002.8,0.0,4842.0,0.1,17079.4,30.0,28.1,10.0,178.6,30.7,1472.4,2000.5,31.0,3968.8,29.9,37.3,7.8,7927.3,28.5,35.4,6.5,7931.2,29.2,34.6,5.1] [PKTLENS.....: 76,76,84,84,76,76,76,76,76,124,124,76,76,84,84,76,76,76,76,76,76,76,84,84,76,76,84,84,76,76,84,84] [ENTROPIES...: 5.0,5.2,5.1,5.0,5.1,5.1,5.0,5.0,5.1,5.5,5.7,5.0,5.0,5.0,5.0,4.9,5.0,5.0,5.0,5.0,5.0,5.0,5.0,5.0,5.0,5.1,5.1,5.0,5.0,5.0,5.0,5.1] - update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] + update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] + update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] new: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] detected: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] @@ -122,7 +122,7 @@ RISK: Known Proto on Non Std Port update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - update: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] + update: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port @@ -134,28 +134,28 @@ idle: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] idle: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + idle: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] + idle: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] + idle: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + idle: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] + idle: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - idle: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] + idle: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] idle: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] diff --git a/test/results/flow-info/default/stun_wa_call.pcapng.out b/test/results/flow-info/default/stun_wa_call.pcapng.out index f845edbc3..373cf7725 100644 --- a/test/results/flow-info/default/stun_wa_call.pcapng.out +++ b/test/results/flow-info/default/stun_wa_call.pcapng.out @@ -3,14 +3,29 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] detected: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] detected: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] detected: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] detected: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.505| 0.249| 0.601| 361608.839| 2.900] @@ -23,14 +38,29 @@ [ENTROPIES...: 7.0,7.0,5.8,5.8,5.8,7.0,7.0,7.0,7.0,5.7,5.8,5.7,5.7,5.7,5.2,5.2,5.8,7.0,7.0,5.7,5.8,5.8,4.9,6.0,6.1,5.0,5.5,5.7,6.6,5.5,6.9,7.2] new: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] detected: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] detected: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] detected: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.025| 0.011| 0.005| 24.788| 4.800] diff --git a/test/results/flow-info/default/stun_zoom.pcapng.out b/test/results/flow-info/default/stun_zoom.pcapng.out index 694a74d6d..1c370f3c4 100644 --- a/test/results/flow-info/default/stun_zoom.pcapng.out +++ b/test/results/flow-info/default/stun_zoom.pcapng.out @@ -8,19 +8,14 @@ RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Safe] - RISK: Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] - RISK: Missing SNI TLS Extn new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] detected: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] - RISK: Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] - RISK: Missing SNI TLS Extn detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable] @@ -34,7 +29,6 @@ [PKTLENS.....: 184,184,184,184,92,184,217,217,184,184,217,92,92,92,184,192,78,92,1080,1080,1080,1080,399,186,92,92,186,92,186,95,101,42] [ENTROPIES...: 5.8,5.8,5.8,5.8,5.6,5.8,5.2,5.2,5.9,5.8,5.2,5.7,5.6,5.7,5.9,5.3,4.1,5.7,7.0,7.3,7.3,7.4,7.2,6.1,5.7,5.7,6.1,5.7,6.1,5.4,6.0,4.3] idle: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] - RISK: Missing SNI TLS Extn idle: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/teams.pcap.out b/test/results/flow-info/default/teams.pcap.out index 3afcf07a3..0f51670c4 100644 --- a/test/results/flow-info/default/teams.pcap.out +++ b/test/results/flow-info/default/teams.pcap.out @@ -503,7 +503,7 @@ RISK: TLS (probably) Not Carrying HTTPS idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] + guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] RISK: Unidirectional Traffic end: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] idle: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/telegram_videocall.pcapng.out b/test/results/flow-info/default/telegram_videocall.pcapng.out index a226ced83..b51a9755a 100644 --- a/test/results/flow-info/default/telegram_videocall.pcapng.out +++ b/test/results/flow-info/default/telegram_videocall.pcapng.out @@ -9,7 +9,10 @@ new: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] new: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] new: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] - analyse: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] + detected: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] + detected: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] [Telegram][Telegram][Chat][Acceptable] + detected: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] [Telegram][Telegram][Chat][Acceptable] + analyse: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.127| 0.025| 0.031| 963.939| 3.900] [PKTLEN......: 52.000| 1280.000| 541.900| 516.100| 266324.800| 4.300] @@ -21,8 +24,11 @@ [ENTROPIES...: 4.8,5.2,5.2,7.3,6.7,5.1,7.8,7.7,7.7,6.6,6.6,5.1,7.7,6.9,7.2,5.2,7.4,7.3,5.3,6.7,5.3,7.9,7.8,7.9,7.8,5.2,5.2,7.8,7.8,7.9,7.9,7.8] new: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] new: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] + detected: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] + detected: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] new: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] - analyse: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] + detected: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] + analyse: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.047| 0.009| 0.015| 220.392| 3.200] [PKTLEN......: 52.000| 1280.000| 644.300| 571.900| 327061.800| 4.300] @@ -33,6 +39,7 @@ [PKTLENS.....: 60,60,52,630,221,52,157,262,52,52,333,221,1280,1280,1280,1280,1280,1280,1280,1280,1280,52,52,52,52,52,285,1280,1280,1280,1280,1280] [ENTROPIES...: 4.8,5.2,5.2,7.7,7.0,5.2,6.8,7.1,5.2,5.2,7.4,7.1,7.9,7.9,7.8,7.9,7.8,7.8,7.8,7.8,7.8,5.1,5.2,5.1,5.1,5.2,7.1,7.9,7.8,7.9,7.8,7.8] new: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] + detected: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] new: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] detected: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] new: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] @@ -84,20 +91,24 @@ detection-update: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port new: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] - detected: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + detected: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port new: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] - detected: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + detected: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port new: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] - detected: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + detected: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port new: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] - detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port + detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] detected: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] + analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.475| 0.052| 0.095| 9109.989| 3.600] [PKTLEN......: 49.000| 265.000| 106.200| 48.900| 2396.000| 4.900] @@ -110,20 +121,20 @@ new: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] detected: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] new: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [MIDSTREAM] - detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][] + detection-update: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port update: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - analyse: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] + analyse: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 25.078| 1.818| 6.147| 37780767.900| 1.500] [PKTLEN......: 52.000| 1280.000| 482.700| 530.000| 280877.200| 4.100] @@ -141,52 +152,38 @@ detected: [....33] [ip4][.icmp] [.192.168.12.169] -> [....91.108.17.2] [ICMP][Telegram][Network][Acceptable] new: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [MIDSTREAM] detected: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [TLS][AmazonAWS][Web][Safe] - guessed: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] + guessed: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] RISK: TCP Connection Issues end: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443] - guessed: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - idle: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] - guessed: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - idle: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] + idle: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] + idle: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] [Telegram][Telegram][Chat][Acceptable] idle: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + idle: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + idle: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] - RISK: Known Proto on Non Std Port - idle: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] + idle: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port + idle: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] idle: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - guessed: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - end: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] - guessed: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - end: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] - guessed: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - end: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] - guessed: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - end: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] - guessed: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe] - RISK: Fully encrypted flow - idle: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] + end: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] [Telegram][Telegram][Chat][Acceptable] + end: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] [Telegram][Telegram][Chat][Acceptable] + end: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] + end: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] + idle: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] [Telegram][Telegram][Chat][Acceptable] idle: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port + idle: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] + idle: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN][Unknown][Network][Acceptable] RISK: Known Proto on Non Std Port idle: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port @@ -200,12 +197,12 @@ idle: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] idle: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] + idle: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN][Unknown][Network][Acceptable] RISK: Known Proto on Non Std Port - idle: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + idle: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + idle: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port - idle: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + idle: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tencent_games.pcap.out b/test/results/flow-info/default/tencent_games.pcap.out new file mode 100644 index 000000000..c4fe7eba2 --- /dev/null +++ b/test/results/flow-info/default/tencent_games.pcap.out @@ -0,0 +1,20 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...10.215.173.1][43300] -> [..43.130.19.227][65010] + detected: [.....1] [ip4][..tcp] [...10.215.173.1][43300] -> [..43.130.19.227][65010] [TencentGames][Tencent][Game][Fun] + DAEMON-EVENT: [Processed: 10 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....2] [ip4][..tcp] [...10.215.173.1][46658] -> [..162.62.97.166][.8085] + detected: [.....2] [ip4][..tcp] [...10.215.173.1][46658] -> [..162.62.97.166][.8085] [TencentGames][Tencent][Game][Fun] + idle: [.....1] [ip4][..tcp] [...10.215.173.1][43300] -> [..43.130.19.227][65010] [TencentGames][Tencent][Game][Fun] + new: [.....3] [ip4][..tcp] [...10.215.173.1][42864] -> [.162.62.116.201][20731] + detected: [.....3] [ip4][..tcp] [...10.215.173.1][42864] -> [.162.62.116.201][20731] [TencentGames][Tencent][Game][Fun] + DAEMON-EVENT: [Processed: 22 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....4] [ip4][..tcp] [...10.215.173.1][47046] -> [.129.226.103.74][31003] + detected: [.....4] [ip4][..tcp] [...10.215.173.1][47046] -> [.129.226.103.74][31003] [TencentGames][Tencent][Game][Fun] + end: [.....4] [ip4][..tcp] [...10.215.173.1][47046] -> [.129.226.103.74][31003] [TencentGames][Tencent][Game][Fun] + idle: [.....2] [ip4][..tcp] [...10.215.173.1][46658] -> [..162.62.97.166][.8085] [TencentGames][Tencent][Game][Fun] + idle: [.....3] [ip4][..tcp] [...10.215.173.1][42864] -> [.162.62.116.201][20731] [TencentGames][Tencent][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_torrent.pcapng.out b/test/results/flow-info/default/tls_torrent.pcapng.out index ede0e5668..a7388d2db 100644 --- a/test/results/flow-info/default/tls_torrent.pcapng.out +++ b/test/results/flow-info/default/tls_torrent.pcapng.out @@ -2,9 +2,9 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] - detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS][Unknown][Web][Safe][web.utorrent.com] + detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS.BitTorrent][Unknown][Download][Acceptable][web.utorrent.com] RISK: TLS (probably) Not Carrying HTTPS - detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS][Unknown][Web][Safe][web.utorrent.com] + detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS.BitTorrent][Unknown][Download][Acceptable][web.utorrent.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS.BitTorrent][Unknown][Download][Acceptable][web.utorrent.com] RISK: TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/default/wa_video.pcap.out b/test/results/flow-info/default/wa_video.pcap.out index 739d9683b..ad11e60f8 100644 --- a/test/results/flow-info/default/wa_video.pcap.out +++ b/test/results/flow-info/default/wa_video.pcap.out @@ -6,14 +6,29 @@ new: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [MIDSTREAM] new: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] detected: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] detected: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] detected: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] detected: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] detected: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] detected: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] analyse: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] diff --git a/test/results/flow-info/default/wa_voice.pcap.out b/test/results/flow-info/default/wa_voice.pcap.out index d014bfd75..3c65b278b 100644 --- a/test/results/flow-info/default/wa_voice.pcap.out +++ b/test/results/flow-info/default/wa_voice.pcap.out @@ -53,14 +53,29 @@ detected: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_raop._tcp.local] new: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] detected: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] detected: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] detected: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] detected: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] detected: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] detected: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] diff --git a/test/results/flow-info/default/weibo.pcap.out b/test/results/flow-info/default/weibo.pcap.out index c25cf10dc..1bfa784db 100644 --- a/test/results/flow-info/default/weibo.pcap.out +++ b/test/results/flow-info/default/weibo.pcap.out @@ -6,13 +6,13 @@ new: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] [MIDSTREAM] new: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] new: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] - detected: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][weibo.com] - detection-update: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][weibo.com] + detected: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun][weibo.com] + detection-update: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun][weibo.com] new: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] new: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] new: [.....8] [ip4][..tcp] [..192.168.1.105][59121] -> [.114.134.80.162][...80] new: [.....9] [ip4][..tcp] [..192.168.1.105][35154] -> [.216.58.210.206][..443] [MIDSTREAM] - detected: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP][Unknown][Web][Acceptable][weibo.com] + detected: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP.SinaWeibo][Unknown][SocialNetwork][Fun][weibo.com] new: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] detected: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun][www.weibo.com] detection-update: [....10] [ip4][..udp] [..192.168.1.105][.7148] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun][www.weibo.com] @@ -145,7 +145,7 @@ RISK: Unidirectional Traffic idle: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] idle: [....20] [ip4][..udp] [..192.168.1.105][18035] -> [....192.168.1.1][...53] [DNS.Sina][Unknown][Network][Fun] - idle: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + idle: [.....5] [ip4][..udp] [..192.168.1.105][54988] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun] guessed: [....12] [ip4][..tcp] [..192.168.1.105][37802] -> [..216.58.212.69][..443] [TLS][Google][Web][Safe] idle: [....12] [ip4][..tcp] [..192.168.1.105][37802] -> [..216.58.212.69][..443] idle: [....16] [ip4][..tcp] [..192.168.1.105][35803] -> [.93.188.134.246][...80] [HTTP.Sina][Unknown][SocialNetwork][Fun] @@ -202,7 +202,7 @@ idle: [....24] [ip4][..udp] [..192.168.1.105][33822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] guessed: [.....1] [ip4][..udp] [..216.58.210.14][..443] -> [..192.168.1.105][49361] [QUIC][Google][Web][Acceptable] idle: [.....1] [ip4][..udp] [..216.58.210.14][..443] -> [..192.168.1.105][49361] - end: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP][Unknown][Web][Acceptable] + end: [.....6] [ip4][..tcp] [..192.168.1.105][59119] -> [.114.134.80.162][...80] [HTTP.SinaWeibo][Unknown][SocialNetwork][Fun] guessed: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] [HTTP][Unknown][Web][Acceptable][] idle: [.....7] [ip4][..tcp] [..192.168.1.105][59120] -> [.114.134.80.162][...80] guessed: [.....8] [ip4][..tcp] [..192.168.1.105][59121] -> [.114.134.80.162][...80] [HTTP][Unknown][Web][Acceptable][] diff --git a/test/results/flow-info/default/whatsapp_login_call.pcap.out b/test/results/flow-info/default/whatsapp_login_call.pcap.out index f58bc5b27..afae754b5 100644 --- a/test/results/flow-info/default/whatsapp_login_call.pcap.out +++ b/test/results/flow-info/default/whatsapp_login_call.pcap.out @@ -73,20 +73,44 @@ new: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [MIDSTREAM] new: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] detected: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] detected: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] detected: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] detected: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] detected: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] detected: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] detected: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] detected: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [MIDSTREAM] new: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [MIDSTREAM] new: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] @@ -140,20 +164,44 @@ update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] new: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] detected: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] detected: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] detected: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] detected: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] detected: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] detected: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] detected: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic new: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] detected: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + RISK: Unidirectional Traffic + detection-update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] + detection-update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] new: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] diff --git a/test/results/flow-info/default/zoom.pcap.out b/test/results/flow-info/default/zoom.pcap.out index 5dbe1628f..f9af59cca 100644 --- a/test/results/flow-info/default/zoom.pcap.out +++ b/test/results/flow-info/default/zoom.pcap.out @@ -56,9 +56,9 @@ detected: [....20] [ip4][..udp] [..192.168.1.117][62988] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable][www3.zoom.us] detection-update: [....20] [ip4][..udp] [..192.168.1.117][62988] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable][www3.zoom.us] new: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] - detected: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS][Zoom][Web][Safe][zoom.us] + detected: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS.Zoom][Zoom][Video][Acceptable][zoom.us] detected: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable][www3.zoom.us] - detection-update: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS][Zoom][Web][Safe][zoom.us] + detection-update: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS.Zoom][Zoom][Video][Acceptable][zoom.us] detection-update: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS.Zoom][Zoom][Video][Acceptable][zoom.us] detection-update: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable][www3.zoom.us] detection-update: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable][www3.zoom.us] @@ -135,7 +135,7 @@ ERROR-EVENT: Unknown packet type [3/16] new: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] detected: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] - analyse: [....31] [ip4][..udp] [..192.168.1.117][58327] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] + analyse: [....31] [ip4][..udp] [..192.168.1.117][58327] -> [..109.94.160.99][.8801] [SRTP.Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.036| 0.010| 0.009| 72.691| 4.500] [PKTLEN......: 41.000| 1057.000| 872.800| 383.700| 147246.200| 4.800] @@ -193,7 +193,7 @@ idle: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] + idle: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [SRTP.Zoom][Unknown][Video][Acceptable] guessed: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] [HTTP][Google][Web][Acceptable][] idle: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] idle: [.....8] [ip4][..tcp] [..192.168.1.117][54864] -> [..52.202.62.238][..443] [TLS.Zoom][Zoom][Video][Acceptable] @@ -213,7 +213,7 @@ end: [....26] [ip4][..tcp] [..192.168.1.117][54868] -> [.213.19.144.104][..443] [TLS.Zoom][Zoom][Video][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....7] [ip4][..udp] [..192.168.1.117][64352] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] - idle: [....31] [ip4][..udp] [..192.168.1.117][58327] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] + idle: [....31] [ip4][..udp] [..192.168.1.117][58327] -> [..109.94.160.99][.8801] [SRTP.Zoom][Unknown][Video][Acceptable] end: [....27] [ip4][..tcp] [..192.168.1.117][54869] -> [.213.244.140.85][..443] [TLS.Zoom][Zoom][Video][Acceptable] RISK: TLS (probably) Not Carrying HTTPS end: [....28] [ip4][..tcp] [..192.168.1.117][54870] -> [.213.244.140.84][..443] [TLS.Zoom][Zoom][Video][Acceptable] @@ -221,7 +221,7 @@ idle: [....23] [ip4][..udp] [..192.168.1.117][62563] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] idle: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] RISK: Unidirectional Traffic - idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] + idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [SRTP.Zoom][Unknown][Video][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] idle: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable] diff --git a/test/results/flow-info/stun_extra_dissection/stun_dtls_rtp_unidir.pcapng.out b/test/results/flow-info/stun_extra_dissection/stun_dtls_rtp_unidir.pcapng.out new file mode 100644 index 000000000..4bbb511f2 --- /dev/null +++ b/test/results/flow-info/stun_extra_dissection/stun_dtls_rtp_unidir.pcapng.out @@ -0,0 +1,18 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [......10.10.0.1][65226] -> [.......10.1.0.3][57730] + detected: [.....1] [ip4][..udp] [......10.10.0.1][65226] -> [.......10.1.0.3][57730] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port + new: [.....2] [ip4][..udp] [.......10.1.0.3][.5853] -> [......10.10.0.1][.2808] + detected: [.....2] [ip4][..udp] [.......10.1.0.3][.5853] -> [......10.10.0.1][.2808] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....1] [ip4][..udp] [......10.10.0.1][65226] -> [.......10.1.0.3][57730] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....2] [ip4][..udp] [.......10.1.0.3][.5853] -> [......10.10.0.1][.2808] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [.....1] [ip4][..udp] [......10.10.0.1][65226] -> [.......10.1.0.3][57730] [STUN][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [.....2] [ip4][..udp] [.......10.1.0.3][.5853] -> [......10.10.0.1][.2808] [STUN][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out b/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out new file mode 100644 index 000000000..1c370f3c4 --- /dev/null +++ b/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out @@ -0,0 +1,34 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] + detected: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] + new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] + detected: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] + detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port + analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.194| 0.048| 0.051| 2615.352| 4.100] + [PKTLEN......: 42.000| 1080.000| 270.100| 313.100| 98043.500| 4.300] + [BINS(c->s)..: 0,1,1,0,11,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 1,0,9,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,0,0,0,1,0,0,0,0,0,0,1,1,1,0,0,0,1,1,1,1,1,1,0,1,1,0,1,0,1,0,1] + [IATS(ms)....: 20.2,79.9,20.3,193.8,73.6,0.2,50.4,49.7,26.4,24.4,170.2,80.6,11.0,149.6,50.7,0.0,93.6,0.0,0.0,0.0,0.0,0.0,8.3,29.7,4.8,50.2,80.8,100.2,42.2,3.7,58.5] + [PKTLENS.....: 184,184,184,184,92,184,217,217,184,184,217,92,92,92,184,192,78,92,1080,1080,1080,1080,399,186,92,92,186,92,186,95,101,42] + [ENTROPIES...: 5.8,5.8,5.8,5.8,5.6,5.8,5.2,5.2,5.9,5.8,5.2,5.7,5.6,5.7,5.9,5.3,4.1,5.7,7.0,7.3,7.3,7.4,7.2,6.1,5.7,5.7,6.1,5.7,6.1,5.4,6.0,4.3] + idle: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] + idle: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/tls_ja3c_disabled/tls_verylong_certificate.pcap.out b/test/results/flow-info/tls_ja3c_disabled/tls_verylong_certificate.pcap.out new file mode 100644 index 000000000..2cfc0bcb4 --- /dev/null +++ b/test/results/flow-info/tls_ja3c_disabled/tls_verylong_certificate.pcap.out @@ -0,0 +1,19 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] + detected: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + analyse: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.022| 0.005| 0.007| 43.853| 3.500] + [PKTLEN......: 52.000| 1420.000| 518.600| 615.300| 378610.900| 4.000] + [BINS(c->s)..: 12,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 2,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,0,0,1,1,1,0,0,0,1,1,1,0,0,1,0,1,1] + [IATS(ms)....: 11.6,11.7,5.7,17.7,3.1,0.2,15.2,0.1,0.1,0.1,0.0,0.1,10.6,21.7,11.2,0.3,14.9,0.0,0.0,14.6,0.0,0.0,0.3,0.3,0.0,0.6,0.0,0.5,0.5,0.1,0.0] + [PKTLENS.....: 64,60,52,569,52,1420,1420,52,1420,52,1420,262,52,178,103,52,222,1420,1420,104,52,52,52,1420,1420,104,52,52,1420,52,1420,104] + [ENTROPIES...: 4.4,5.1,4.9,4.4,5.0,6.8,4.9,5.0,6.6,4.9,7.4,7.0,5.0,6.3,6.0,5.0,6.9,7.9,7.9,6.1,4.9,4.8,4.7,7.9,7.9,6.0,4.9,4.9,7.9,4.8,7.9,6.2] + end: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/tls_ja3s_disabled/tls_verylong_certificate.pcap.out b/test/results/flow-info/tls_ja3s_disabled/tls_verylong_certificate.pcap.out new file mode 100644 index 000000000..2cfc0bcb4 --- /dev/null +++ b/test/results/flow-info/tls_ja3s_disabled/tls_verylong_certificate.pcap.out @@ -0,0 +1,19 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] + detected: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + analyse: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.022| 0.005| 0.007| 43.853| 3.500] + [PKTLEN......: 52.000| 1420.000| 518.600| 615.300| 378610.900| 4.000] + [BINS(c->s)..: 12,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 2,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,0,0,1,1,1,0,0,0,1,1,1,0,0,1,0,1,1] + [IATS(ms)....: 11.6,11.7,5.7,17.7,3.1,0.2,15.2,0.1,0.1,0.1,0.0,0.1,10.6,21.7,11.2,0.3,14.9,0.0,0.0,14.6,0.0,0.0,0.3,0.3,0.0,0.6,0.0,0.5,0.5,0.1,0.0] + [PKTLENS.....: 64,60,52,569,52,1420,1420,52,1420,52,1420,262,52,178,103,52,222,1420,1420,104,52,52,52,1420,1420,104,52,52,1420,52,1420,104] + [ENTROPIES...: 4.4,5.1,4.9,4.4,5.0,6.8,4.9,5.0,6.6,4.9,7.4,7.0,5.0,6.3,6.0,5.0,6.9,7.9,7.9,6.1,4.9,4.8,4.7,7.9,7.9,6.0,4.9,4.9,7.9,4.8,7.9,6.2] + end: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/tls_ja4c_disabled/tls_verylong_certificate.pcap.out b/test/results/flow-info/tls_ja4c_disabled/tls_verylong_certificate.pcap.out new file mode 100644 index 000000000..2cfc0bcb4 --- /dev/null +++ b/test/results/flow-info/tls_ja4c_disabled/tls_verylong_certificate.pcap.out @@ -0,0 +1,19 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] + detected: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] + analyse: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.022| 0.005| 0.007| 43.853| 3.500] + [PKTLEN......: 52.000| 1420.000| 518.600| 615.300| 378610.900| 4.000] + [BINS(c->s)..: 12,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 2,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,0,0,1,1,1,0,0,0,1,1,1,0,0,1,0,1,1] + [IATS(ms)....: 11.6,11.7,5.7,17.7,3.1,0.2,15.2,0.1,0.1,0.1,0.0,0.1,10.6,21.7,11.2,0.3,14.9,0.0,0.0,14.6,0.0,0.0,0.3,0.3,0.0,0.6,0.0,0.5,0.5,0.1,0.0] + [PKTLENS.....: 64,60,52,569,52,1420,1420,52,1420,52,1420,262,52,178,103,52,222,1420,1420,104,52,52,52,1420,1420,104,52,52,1420,52,1420,104] + [ENTROPIES...: 4.4,5.1,4.9,4.4,5.0,6.8,4.9,5.0,6.6,4.9,7.4,7.0,5.0,6.3,6.0,5.0,6.9,7.9,7.9,6.1,4.9,4.8,4.7,7.9,7.9,6.0,4.9,4.9,7.9,4.8,7.9,6.2] + end: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] + DAEMON-EVENT: shutdown |