aboutsummaryrefslogtreecommitdiff
path: root/test/results/skype_no_unknown.pcap.out
diff options
context:
space:
mode:
authorToni Uhlig <matzeton@googlemail.com>2021-10-05 17:13:24 +0200
committerToni Uhlig <matzeton@googlemail.com>2021-10-05 23:39:11 +0200
commit37263112760c796cfa805d1cd2096da0a3407389 (patch)
tree95637cc529b8f3222361ab6340ebce383eb2fb77 /test/results/skype_no_unknown.pcap.out
parenta523c348f3580aaf59dd5f82ef8b26d4a0d2ac52 (diff)
bump libnDPI to 181a03c5ad41bda533fbfa307627939c2ff30b75
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
Diffstat (limited to 'test/results/skype_no_unknown.pcap.out')
-rw-r--r--test/results/skype_no_unknown.pcap.out12
1 files changed, 6 insertions, 6 deletions
diff --git a/test/results/skype_no_unknown.pcap.out b/test/results/skype_no_unknown.pcap.out
index bae4198d5..b7224522e 100644
--- a/test/results/skype_no_unknown.pcap.out
+++ b/test/results/skype_no_unknown.pcap.out
@@ -47,7 +47,7 @@
00441{"flow_id":13,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":19,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":805200,"pkt_caplen":70,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":70,"pkt_l4_len":36,"pkt":"PBXCt3IO0NQSxnP1CABFAAA4BUNAAHYGIaedOH7TwKgBIgG7yB4Nim5XMUkVNZASIABVdAAAAgQFrAQCCAoZLZ4CPjGHIQ=="}
00436{"flow_id":13,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":20,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":805262,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"0NQSxnP1PBXCt3IOCABFAAA0\/VlAAEAGX5TAqAEinTh+08geAbsxSRU1DYpuWIAQ\/\/+P3gAAAQEICj4xh20ZLZ4C"}
00566{"flow_id":13,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":21,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":832794,"pkt_caplen":160,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":160,"pkt_l4_len":126,"pkt":"0NQSxnP1PBXCt3IOCABFAACSvDJAAEAGoF3AqAEinTh+08geAbsxSRU1DYpuWIAY\/\/9YPAAAAQEICj4xh4gZLZ4CFgMBAFkBAABVAwF2gnUJnVCWWbyDtFIDg6B8bhQi3kG6KGexUdynVrU4nwAALsAKwAXACcAEwAfAAsAIwAPAFMAPwBPADsARwAzAEsANADkAMwA1AC8ABQAEAAoBAA=="}
-00743{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":4,"flow_first_seen":1431970634729,"flow_last_seen":1431970634832,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":94,"flow_tot_l4_payload_len":94,"flow_avg_l4_payload_len":23,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":51230,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (< 1.1)"},"proto":"TLS","breed":"Safe","category":"Web"},"tls": {"version":"TLSv1","client_requested_server_name":"","ja3":"06207a1730b5deeb207b0556e102ded2","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}
+00752{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":21,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":4,"flow_first_seen":1431970634729,"flow_last_seen":1431970634832,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":94,"flow_tot_l4_payload_len":94,"flow_avg_l4_payload_len":23,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":51230,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (older than 1.2)"},"proto":"TLS","breed":"Safe","category":"Web"},"tls": {"version":"TLSv1","client_requested_server_name":"","ja3":"06207a1730b5deeb207b0556e102ded2","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}
02369{"flow_id":13,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":22,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":914047,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"pkt":"PBXCt3IO0NQSxnP1CABFAAXUCBZAAHYGGTidOH7TwKgBIgG7yB4Nim5YMUkVk4AQ\/SANhgAAAQEIChktngw+MYeIFgMBDm0CAABGAwFVWiNKv+VQQ4f\/l6e8WrHKPk18QS4G4dXttQRK9+OHNCDFBwAAmPU\/uZfnwwRzzyScJ+oJXq5g50nbzRo6qyekQsAUAAsADLAADK0ABsIwgga+MIIEpqADAgECAhNaAABXr+G5kPxf1sjbAAEAAFevMA0GCSqGSIb3DQEBCwUAMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMRUwEwYDVQQLEwxNaWNyb3NvZnQgSVQxHjAcBgNVBAMTFU1pY3Jvc29mdCBJVCBTU0wgU0hBMjAeFw0xNDEwMjcyMjUxMDdaFw0xNjEwMjYyMjUxMDdaMCcxJTAjBgNVBAMMHCouZ2F0ZXdheS5tZXNzZW5nZXIubGl2ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyx0gXDtYT4FDgq1U\/QT4gIqh\/oOwWGgGWr1Rw1pQofkd5Appl7fbVIjBIuJ+PMiYpN1xCoV1HZbm8LArgeHDfsoutcr0hH5rsD6th+v+cZ\/Gp0zo8NL2R606iXfu6X64MlQlCO\/UFzzV4LPDfXvjmXPMa6j593FmA7o9xMkfCYTsoSVSUMNFAU2t8o01SWuCjZYIf4rKo8YKrN0XNh868VsKpWPOf0is1CGHYv+tscgp6dRsSNLEMuMqcjtY2hH3b+XSVViiIbU2Qv8fj9559K777if3lrsPegqawHj5lb\/SF0hqH55segyHJV40HOAoBBNKrXmDFC7xJBy2UTmWzAgMBAAGjggJ8MIICeDAdBgNVHQ4EFgQUUTD6bxEALx8wce+ldRcbVOgh+TAwCwYDVR0PBAQDAgSwMB8GA1UdIwQYMBaAFFGvJCac9GgiV4AmKztGYhV7HsylMH0GA1UdHwR2MHQwcqBwoG6GNmh0dHA6Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaXR3d3cyLmNybIY0aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL21zaXR3d3cyLmNybDBwBggrBgEFBQcBAQRkMGIwPAYIKwYBBQUHMAKGMGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL21zaXR3d3cyLmNydDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AubXNvY3NwLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwTgYDVR0gBEcwRTBDBgkrBgEEAYI3KgEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzADAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMBMAoGCCsGAQUFBwMCMIGfBgNVHREEgZcwgZSCHCouZ2F0ZXdheS5tZXNzZW5nZXIubGl2ZS5jb22CJiouYmV0YS5nYXRld2F5LmVkZ2UubWVzc2VuZ2VyLmxpdmUuY29tgiUqLmJ5Mi5nYXRld2F5LmVkZ2UubWVzc2VuZ2VyLmxpdmUuY29tgiUqLnNuMS5nYXRld2F5LmVkZ2UubWVzc2VuZ2VyLmxpdmUuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQCnsc3osHo0VQdHc5SuNwgNZJ8VsGz4eyw1SrNg9wtd7X8dgqG0DxuGBpdklYV1npJ69Mh9pxvTLkelzlqQDQ\/1JCGc1pEMYEeLbjuCppS3YkAcyqQNhIJN8hG7Ed1mdiul2eLg+teOctcRJaHvYA6AG90ICkMWVpiMmukLC+WmFcpurK\/Y"}
00463{"flow_id":13,"flow_packet_id":6,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":23,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":914209,"pkt_caplen":86,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":86,"pkt_l4_len":52,"pkt":"PBXCt3IO0NQSxnP1CABFAABICBdAAHYGHsOdOH7TwKgBIgG7yB4NinP4MUkVk4AY\/SDRYwAAAQEIChktngw+MYeIMUuJaVUXCwA66lzZMRkm0xM\/nV8="}
00435{"flow_id":13,"flow_packet_id":7,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":24,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":914256,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"0NQSxnP1PBXCt3IOCABFAAA0pUhAAEAGt6XAqAEinTh+08geAbsxSRWTDYp0DIAQ\/\/+JVgAAAQEICj4xh9kZLZ4M"}
@@ -56,7 +56,7 @@
00560{"flow_id":10,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":27,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":934601,"pkt_caplen":157,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":157,"pkt_l4_len":123,"pkt":"0NQSxnP1PBXCt3IOCABFAACPS55AAEAGW6zAqAEinTg0HMgdnEkK2QRZ7hN5uoAYECyExgAAAQEICj4xh+xMX+pXEDaxqNNs94bJX3MjOodsEDM88DACObmxILHLguZFB4dasZ4qWIC3URykkoTC6unHwssAce4HDA3aA9hphr9khfI7sGEed7z9CnOIWbYvFHUiq2BRTuds7TrjOA=="}
02383{"flow_id":13,"flow_packet_id":8,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":28,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":989841,"pkt_caplen":1506,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1506,"pkt_l4_len":1472,"pkt":"PBXCt3IO0NQSxnP1CABFAAXUCkVAAHYGFwmdOH7TwKgBIgG7yB4NinQMMUkVk4AQ\/SANZgAAAQEIChktnhQ+MYfZUYsZAArswT+sVYDe4\/s+octFa5f5NraUxxncYJ0H1DXox59A2Fq5VISuVN85wP2CCUyU9Jri0W12MS8UHhofDtCC\/aeGWq+l6J+nD16R4eDapUlNB52CJOmfvVeyYhEr\/aSkyh+x5qntiHPmxNL4oQ4t9q9cRGg37NGw4W3v7gKUqZA7GOEtfs7ndzQKvfITYRFhRXtB+Geyc8SVWiWlBbePlt40Z9Mwm7DPu0JToThROvr07EpvaNHsDj+sfl4\/ssqhJPAoVfz0wWGwi\/ByYUJT0t+8BVptm\/HAUYoi\/0PQFRMfymq9Y999sgymNr6YwPYzcm66fQL57hVd+E\/NpGuAwv\/j4I98bfIb7cS26RkUtr41mvTduUpwXz6HZnONvg3rFQ55MtL0jpv\/5T2PNTkmAFhF5Csuvsme4bvtShQRBEmXn48raUgx6y\/5XH7Pm2hyngLVzMnjf+Ej0KsCBNhIlshCh7AABeUwggXhMIIEyaADAgECAgQHJ6pHMA0GCSqGSIb3DQEBCwUAMFoxCzAJBgNVBAYTAklFMRIwEAYDVQQKEwlCYWx0aW1vcmUxEzARBgNVBAsTCkN5YmVyVHJ1c3QxIjAgBgNVBAMTGUJhbHRpbW9yZSBDeWJlclRydXN0IFJvb3QwHhcNMTQwNTA3MTcwNDA5WhcNMTgwNTA3MTcwMzMwWjCBizELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEVMBMGA1UECxMMTWljcm9zb2Z0IElUMR4wHAYDVQQDExVNaWNyb3NvZnQgSVQgU1NMIFNIQTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDR6DendopwSxnwIDcJJDd\/6vt45gW6aq1OJw38cmrZbCHEZBGVcxAKXCV7iGyUBP3H26573EoIsz4W8dCt2zBt1xoeUrU98EcZA+J9pr1XEz9U6jqjsXf8QvBjSWqRgC4wScCK6yuv\/jrrB10G9+n9hA6RvQkgKehuXQnOFdPn79tQ60TvGFerBB28Mfn3eyoTz9E9Ua8bxbV757D8U7ua52PeQTO2RyRpXbhGp\/+tq99PenglJyEmNMoCbjdR8O1YGmCU9sST2N0wJCXXHOsZlDVdk7KuqimDc8R0WQVSZ53aZ1E5BTo26vIedisUruw9+RSZiwduvOcMVt6svq7bdTKQnmO9dL\/gCsr4NJZnhM3RQjh4x5m2DM62D+kby\/RZvhEOyywyyPqDKWR5PItL8DJ0bPOTuJZrXVdaaMHMDHmKGd71SQJeCIABiQwyzdLWltVLoPPsv6v0fbOhuXzaTtflt6y58iVfAcuMlqgorsEzWvY\/CJDc6\/852CbIEp0cmqqpwBaOhu1nUpYAfw2SPT3ZcDbl6kJvH66V5Vtd+NA6x9Ted4bQ\/J5O4uK4qWg3CcQ544W4ifMfbrdtH0ovGAlv3koBjxTJt6bup2OfM6RUfEKDaLil37\/suRpdEzvZrWj9IApVkSFk+dcTAaAIXVmJG0SvpKzHBRD6QUqo+wIDAQABo4IBezCCAXcwEgYDVR0TAQH\/BAgwBgEB\/wIBADBgBgNVHSAEWTBXMEgGCSsGAQQBsT4BADA7MDkGCCsGAQUFBwIBFi1odHRwOi8vY3liZXJ0cnVzdC5vbW5pcm9vdC5jb20vcmVwb3NpdG9yeS5jZm0wCwYJKwYBBAGCNyoBMEIGCCsGAQUFBwEBBDYwNDAyBggrBgEFBQcwAYYmaHR0cDovL29jc3Aub21uaXJvb3QuY29tL2JhbHRpbW9yZXJvb3QwDgYDVR0PAQH\/BAQDAgGGMCcGA1UdJQQgMB4GCCsGAQUF"}
01516{"flow_id":13,"flow_packet_id":9,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":29,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":990634,"pkt_caplen":864,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":864,"pkt_l4_len":830,"pkt":"PBXCt3IO0NQSxnP1CABFAANSCkZAAHYGGYqdOH7TwKgBIgG7yB4NinmsMUkVk4AY\/SBQngAAAQEIChktnhQ+MYfZBwMBBggrBgEFBQcDAgYIKwYBBQUHAwkwHwYDVR0jBBgwFoAU5Z1ZMIJHWMys+ghUNoZ7OrUETfAwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NkcDEucHVibGljLXRydXN0LmNvbS9DUkwvT21uaXJvb3QyMDI1LmNybDAdBgNVHQ4EFgQUUa8kJpz0aCJXgCYrO0ZiFXsezKUwDQYJKoZIhvcNAQELBQADggEBAGli9oSRAMRvgnsk4UKipYuCXKfFRMvnUnZj03aeeOJpNbE4urCWxh+se8ayZXeLfY2uZLmljBfKWGXDrYL1xaL1AROTxn5E5cRh+gO2VsFy4cgoxWkhj6xu\/X9Dgza4wNagKP4aRb79k4yNpGR5HxTboZ8h3MBOexciF7G2PNOb4gqjfpmwwazY9IbfPNp9FJxAwXzSGG\/xTyZFCZWUXNrQmPj0TIKWEN6sMMsrrvmS6r95A\/weP6wJpD9l\/ZFPliSnzrROapYpF67AqN8XIvQX49wcOQZWEOrqtXQXPE7dfpEKqAt4B6cxRAgxqxiEDxKc596ELOltk0W\/qME\/NNwMAAFnAwAYYQTTN3+FNDwR9eQeYOtvGQZc+LyhevxS5+nlWdkwyQdoN8m1+2TrSW23TxxjbLbMZoXA+i+E6BgARpsJXZy4miOppb32qv9x1t203eD1ERk7k5Ne4\/vHdrClQby6SNFwJX8BAAl\/ijfHVX974KM6wxLtSAfJWttdJMe9phrgwFSWtGSLSkLj7JTk0LOh5eeCvEEKc4XyfO+z9QBr3NsQn+vRBXoi+ZRFdXLZuvlXGipZ\/ucfqfIHMXWjrHlXR\/LFLQ+XNzDn0xc5\/t+\/ZMdGuYxw0VImAhbjPejldJMh0hc4Qzp2SS0NTHC7fcQ2uR09eM6n6MWSLps2XhBpK1q\/8vPqNVAHTu5Iv6lpl++ND07Oxbi1BzAbCIjaCYOj1\/uDcOROeE+gjITbkOPynUa5ZqLz\/1LFziPCTlq8mC2+jxz2G855lLj0tgGab1j1m+m8pMnwqwxJ8XNN3IxLbO1GF2fXdkkOAAAA"}
-01212{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":29,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":9,"flow_first_seen":1431970634729,"flow_last_seen":1431970634990,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":3792,"flow_avg_l4_payload_len":421,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":51230,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (< 1.1)"},"proto":"TLS.Skype_Teams","breed":"Acceptable","category":"VoIP"},"tls": {"version":"TLSv1","client_requested_server_name":"","server_names":"*.gateway.messenger.live.com,*.beta.gateway.edge.messenger.live.com,*.by2.gateway.edge.messenger.live.com,*.sn1.gateway.edge.messenger.live.com","ja3":"06207a1730b5deeb207b0556e102ded2","ja3s":"5e4e5596180ebd0ac0317125ee490707","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","issuerDN":"C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA2","issuerDN":"CN=*.gateway.messenger.live.com","fingerprint":"95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51"}}
+01221{"flow_event_id":6,"flow_event_name":"detection-update","thread_id":0,"packet_id":29,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":13,"flow_packet_id":9,"flow_first_seen":1431970634729,"flow_last_seen":1431970634990,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":1440,"flow_tot_l4_payload_len":3792,"flow_avg_l4_payload_len":421,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"157.56.126.211","src_port":51230,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (older than 1.2)"},"proto":"TLS.Skype_Teams","breed":"Acceptable","category":"VoIP"},"tls": {"version":"TLSv1","client_requested_server_name":"","server_names":"*.gateway.messenger.live.com,*.beta.gateway.edge.messenger.live.com,*.by2.gateway.edge.messenger.live.com,*.sn1.gateway.edge.messenger.live.com","ja3":"06207a1730b5deeb207b0556e102ded2","ja3s":"5e4e5596180ebd0ac0317125ee490707","unsafe_cipher":0,"cipher":"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA","issuerDN":"C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, OU=Microsoft IT, CN=Microsoft IT SSL SHA2","issuerDN":"CN=*.gateway.messenger.live.com","fingerprint":"95:C4:07:41:85:D4:EF:AA:D9:1F:0F:1F:3C:08:BF:8E:8B:D0:90:51"}}
00436{"flow_id":13,"flow_packet_id":10,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":30,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970634,"pkt_ts_usec":990686,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"0NQSxnP1PBXCt3IOCABFAAA0tBlAAEAGqNTAqAEinTh+08geAbsxSRWTDYp8yoAQ\/\/+ARgAAAQEICj4xiCMZLZ4U"}
00581{"flow_id":13,"flow_packet_id":11,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":31,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970635,"pkt_ts_usec":6082,"pkt_caplen":173,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":173,"pkt_l4_len":139,"pkt":"0NQSxnP1PBXCt3IOCABFAACfFfJAAEAGRpHAqAEinTh+08geAbsxSRWTDYp8yoAY\/\/8YnwAAAQEICj4xiDMZLZ4UFgMBAGYQAABiYQSrq03YfHFl820bvS6W0Qg6ooFgejoxhjE8+5PigHKrLNmVczXJQCrkQ4zH0r4Tyq5CcJvbEQQ6XgJDw4iF3in7mO06MpCaUPpZUq2g8z5yNwkoaNsdB2jO9aO23OTlK6Y="}
00433{"flow_id":10,"flow_packet_id":5,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":32,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970635,"pkt_ts_usec":140069,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"PBXCt3IO0NQSxnP1CABFAAA0kzBAADMGIXWdODQcwKgBIpxJyB3uE3m6CtkEtIAQAB0KtwAAAQEICkxf6oo+MYfs"}
@@ -1619,7 +1619,7 @@
00448{"flow_id":249,"flow_packet_id":2,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1577,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":235132,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"pkt":"PBXCt3IO0NQSxnP1CABFAAA8AABAADkGRn4XziGmwKgBIgG7yF8ZBQnnTuLFqaASOJBGLgAAAgQFrAQCCArsPkNyPjJehwEDAwU="}
00436{"flow_id":249,"flow_packet_id":3,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1578,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":235236,"pkt_caplen":66,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":66,"pkt_l4_len":32,"pkt":"0NQSxnP1PBXCt3IOCABFAAA0z6tAAEAGb9rAqAEiF84hpshfAbtO4sWpGQUJ6IAQECydKQAAAQEICj4yXrLsPkNy"}
00666{"flow_id":249,"flow_packet_id":4,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1579,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":235915,"pkt_caplen":233,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":233,"pkt_l4_len":199,"pkt":"0NQSxnP1PBXCt3IOCABFAADbrhlAAEAGkMXAqAEiF84hpshfAbtO4sWpGQUJ6IAYECzJfgAAAQEICj4yXrLsPkNyFgMBAKIBAACeAwFVWiOCVbYrRciiFbDPyo4FvK6EfrMUp8GvYuL\/j8yxbgAATAD\/VgDAJMAjwArACcAIwCjAJ8AUwBPAEsAmwCXABcAEwAPAKsApwA\/ADsANAGsAZwA5ADMAFgA9ADwANQAvAArAB8ARwALADAAFAAQBAAApAAAAEwARAAAOYXBwcy5za3lwZS5jb20ACgAIAAYAFwAYABkACwACAQA="}
-00780{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1579,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":4,"flow_first_seen":1431970690191,"flow_last_seen":1431970690235,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":167,"flow_tot_l4_payload_len":167,"flow_avg_l4_payload_len":41,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.206.33.166","src_port":51295,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (< 1.1)"},"proto":"TLS.Skype_Teams","breed":"Acceptable","category":"VoIP"},"tls": {"version":"TLSv1","client_requested_server_name":"apps.skype.com","ja3":"3d49c0a7161d6636fcb6973f14e05046","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}
+00789{"flow_event_id":5,"flow_event_name":"detected","thread_id":0,"packet_id":1579,"source":"skype_no_unknown.pcap","alias":"nDPId-test","flow_id":249,"flow_packet_id":4,"flow_first_seen":1431970690191,"flow_last_seen":1431970690235,"flow_min_l4_payload_len":0,"flow_max_l4_payload_len":167,"flow_tot_l4_payload_len":167,"flow_avg_l4_payload_len":41,"midstream":0,"l3_proto":"ip4","src_ip":"192.168.1.34","dst_ip":"23.206.33.166","src_port":51295,"dst_port":443,"l4_proto":"tcp","ndpi": {"flow_risk": {"7":"Obsolete TLS version (older than 1.2)"},"proto":"TLS.Skype_Teams","breed":"Acceptable","category":"VoIP"},"tls": {"version":"TLSv1","client_requested_server_name":"apps.skype.com","ja3":"3d49c0a7161d6636fcb6973f14e05046","ja3s":"","unsafe_cipher":0,"cipher":"TLS_NULL_WITH_NULL_NULL"}}
01972{"flow_id":247,"flow_packet_id":15,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1580,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":333177,"pkt_caplen":1190,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1190,"pkt_l4_len":1156,"pkt":"PBXCt3IO0NQSxnP1CABFAASYCC9AAHQGmYZRU02NwKgBIkTnyF6euo+HZ6uFm4AYAP9vFQAAAQEICgC8FlY+Ml6WZA1g8kk3GRuW+KdN6BJiQG9J69exPkyGs0ohXWvcAnmDzlQx3ARJW5a\/NMvmkXHzZrnkSO+cYBxS+HHmrSjMf9WXi8xCwDYqSxEsxcOXx5vfgrn3i6sOTtn+VIggdKtv8l0YwS7cBkFvJuBhz1ZB03Yelzn+JZ\/EwEhl861pnKSOIj0SlnN6Ucn6o2kFZ8MvUPzVs5akmAtSdBkw5wGbhMiPlAsgmEROrUJq8QL7cUIs5VtRE38r+u7uOSviuIKzgV45OgzuEtzVzWiqeGlboSATHAFcolwRwCJsLJ56+T5pe2irWd6YTymhpmuEJHUoOrWdA15yfKX2\/LfLr5vuv6mdQuNSEDffkAHQZOmQj4pr2wxAVUEwi0iXuSuoggqgYSMVyL\/1+EsC8Gj58\/jy6zpzZa6jLRP0FlqYD\/kc\/c1Rz\/5M7ydbSzwHlpt4RInMaFzDO9QKjtCKqJwp417ZVPnvnGODc\/9BbXUPAkG0P9ABebCPKUHek9gSIv8FrGQqd5bGAEBO6qb8iVdU9gPCC4vtzmWduKwbsf\/fUENnbDWZlDUiLst6t5OH1UlwuLbGoan8+GykB\/V5yI3\/mo0YvFhY59jFrjPg0y6ZHrZ0X9mPiCc8bpC8a+OXbuOEtwvoCadGhesO6pdBVWvhqrDdfB9YrifFI6gnnI4zDOJG6AT3gn+brq7P6qvY\/aXN0MJeSHRTO8fi4UYACLQxefEBocbn6ph1l+zzY+OU\/XCYve0HNpisxsphLsjR2ybXm5Jws6kxpr0XUMLkJIuv5wk5AJl6dYTvXtHc4EcXaawHTY8qL4aNG58iheg6Iz6k8gYyKPYm12dYc0ZMNyRAxp+26L\/HaKuFDdZAxHxK\/V1LSG54qKeG3HtEI4JDGO2jO4HKX1M+\/7X6UdODTuC6cPSCTpseicKMqzdEQ+Y7itD+RR\/IVvbHGRiBDvIPsnJNmz0Nmh+xLOHnOWaDlTC3c7idHCWcSgEy9oZsR71JjHjnb+c6joR4MalTrmmjinxHJRgAZG37paIiBxqdVUJ8z+SUf0x0hUYH5S8aq4D3xRtsoFbSymyv3ZHr+ZhpN\/7ZLdq8jzl3DAH4\/ql8jU2zPJGuj3XZ4WId\/\/Eg75ZoN\/A7z036pB5QlVZWNVzSaMDMw+GI7MxklsSJ5D9IG\/r7XTMnDOjlR52fUn4cAeII0ypdoxOrqOtfZ\/eHNjj1E7LpV1vdL9emUQR7HsYjMc6Q6nmzn\/RA4ERci2vskCRr4GvqtPGgphmNH9boDKLkX3J0Jg966lJJnjyUaDpG8W8HKl5CidnLzMlhipj71z+4P43t\/IAjaSd5SzsEWoj6KCFHaJc3UyUSnHEydmWcXflIJTTREgfPpP3SDpgorfOHczhAo7b4n75SO+z9x3297AaYh5+btRw0SkKxPkqqk1k6CCcJG59y\/fr63wHObnGNYR1h47yWAx33eRhH3LAEnm04knA\/+hCxBGyaeUj5oavl2Rif+iRPaLk="}
00449{"flow_id":241,"flow_packet_id":11,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1581,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":333196,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"pkt":"0NQSxnP1PBXCt3IOCABFAAA8mLNAAEAGH2nAqAEiBfi63chaeSLm2Z7HnfKa24AZECiODwAAAQEICj4yXxMAAJTxinTTcj1jiGY="}
00449{"flow_id":213,"flow_packet_id":14,"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":1594,"source":"skype_no_unknown.pcap","alias":"nDPId-test","pkt_oversize":false,"pkt_ts_sec":1431970690,"pkt_ts_usec":556703,"pkt_caplen":74,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":74,"pkt_l4_len":40,"pkt":"0NQSxnP1PBXCt3IOCABFAAA8XFFAAEAGk8zAqAEinTfrnMhNnFpJkZ6byTsrQ4AZEChL2wAAAQEICj4yX+lMXOPPdjjDMntxC5I="}
@@ -2185,9 +2185,9 @@
~~ total detected protocols..: 198
~~ total active/idle flows...: 272/272
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-~~ total memory allocated....: 3058105 bytes
-~~ total memory freed........: 3058105 bytes
-~~ total allocations/frees...: 38323/38323
+~~ total memory allocated....: 2651201 bytes
+~~ total memory freed........: 2651201 bytes
+~~ total allocations/frees...: 38336/38336
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ json string min len.......: 143 chars
~~ json string max len.......: 2407 chars
Powered by cgit, Themed by Ted Yin.