summaryrefslogtreecommitdiff
path: root/test/results/default/tinc.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/default/tinc.pcap.out')
-rw-r--r--test/results/default/tinc.pcap.out8
1 files changed, 4 insertions, 4 deletions
diff --git a/test/results/default/tinc.pcap.out b/test/results/default/tinc.pcap.out
index 48ad281d4..329c0807c 100644
--- a/test/results/default/tinc.pcap.out
+++ b/test/results/default/tinc.pcap.out
@@ -28,11 +28,11 @@
01751{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":55,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":3,"flow_src_last_pkt_time":1495983428043295,"flow_dst_last_pkt_time":1495983428043218,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":958,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":958,"pkt_l4_len":924,"thread_ts_usec":1495983428043295,"pkt":"ACbGCvpSABcILL3nCABFCAOwAABAADERhuO5U9pwg3KoG9lo2WgDnO+CxkvMU5czu375VqRfqLEu7HGryDGh\/bfeaQJnEYyovrmntDxt74C8PKQJMHvY4MA1ZHuHhnLJLLc7h764zEbGLw\/vzqsaP4XOJmX3J5ZoXTmAMsXnjvJUPqVeWdg0PXJhqa6st9hNynxv5D0rpJqm0\/zV192qcE59jCUVvmB8PfyMGzNb8iu7j79YvIHCzFHzmycvx5sIdKuzv+9aaD2+9O1fWAuPwq8\/8DIg8DeQB7htbL3\/j6lwDGupSOVHCsI1+lYyNr8A5\/OFujJsJCBzKGXQVn+oJRoQMsFgr0giRTOfhVQb+GlZOLXTcVvxl6mNiWSoDQXoxAfPuixrlp8F\/MUrFtVqJYJIqlWUSZ0FHJzKiXJ5yQvwNmnsvYHqMQNW6ZCn++1tGEto8r5tq\/BDe0FvMAOQC\/Iq49d9xjtHRJaZkPSuUT0Ue8\/0Y0g7e7MLBCNRDp3pFvP\/SDROeSBv+1Hrsd3VgZ3eZsdET6SE7O+jiB1npy8XRuCERu\/h5FlX8FbvbKHJP4IXbapoGYosv9tEU2XONo65wz3MCF\/bVbrUPcOASb6j+c55C5rFZMKjA9llC2lki+5ox8NX3C0rsVb9ezbzAq4pvwBxx6yeMVlmBhRxjwXLWviN6bjb8+kKUMxdeqvtFZ90hWLG3av8x5N1D1shhjp\/Pkh3vfzESwJoedvps7xxuR16c9ku4Rlje1SzPbiXWLLd2ctB3NoWHVeTFrvLRU2yqM5LNXQpjLOWYVqndimokWzm3PvfsX2+ickLKvqhiNB8NMbCQKKllVtQtaf37M0W3hxij8fNqkfQ3Dwvv36xYQY6aA2cxZJ7cAJfgWt3+2IqzsbQ\/hOa1lDnl8uliASJ4hjXOWhi4prZ86H1uoSeDR53SAlBdMQQ3YoaLSv6kQQOXAUwHuZQi7+x\/RE5HfoAvVeNzG90OcOnL2uiCxjhyp3\/swc9NGfoqhpvTPlS\/HF6E4gzQu+uwm3Kmj7AsKixik3ciIBb6VqLoyiaQR35wKSQydm3qyc2A8RxVwJEHM9ChZNid+PGF9MC3cdjsTP6IG4AOw3VS8jLQznT38vyJvgWelWwQ+I9gJ2zh8MbfaLP+EWNQPI478wMYlCsuyg5uNNDg0lSF1epToqo6+lky+h2nAa21hKOviRtVRN8LV88QPWbYJx4n3gM4sg9yVPde6y+bdl\/hYGe1J5JIAW7OGyTqN+C43dvapKXMw=="}
01451{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":60,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":4,"flow_src_last_pkt_time":1495983428043295,"flow_dst_last_pkt_time":1495983428043812,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":734,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":734,"pkt_l4_len":700,"thread_ts_usec":1495983428043812,"pkt":"ABcILL3nACbGCvpSCABFAALQAABAAEAReMuDcqgbuVPacNlo2WgCvLJFpGxCWbaYG6l+mUk6eULb7Xsi0O9SFk0CT9Z\/9cuh4pCGkxTAyg7ERWnm6JsM+5ePuv73wnUhv7lasIZoCnRu7Qf8+1KnvbRT3dpK+E0tfTeTUltbCCrvbF1kGdHQVjjJBnjZZ\/UZhQZaZk2S9Yj+q4vjSqBkj2wHNyK15N21i+BrNLXcOIyt0bx8qdN490zGgOOOiYDoPzuHs6qQUOR5YNhkPPF8LBcc0L7UjctIrAFr6SKr0QOmlMlaPVvkOEYtg8yYJ46xPbBp4fI4ZfSEAjpj7nNz4qMRjX5SQI2\/KK104wF8KqPhchhT3yPIGWHYKPVKZW0xxFh\/yIln\/ZDrfQw4lU1VDByspd+Cu2GCPHlAcVz6vj3kpUjeqj5Ey7iaHwV1\/lD7VUjcSTFJ7Fr\/2V67UB1FMf6FT+IWSg\/vhhpJFw48COF\/xO+FbArr\/9eZuzwhDRG\/wAA2t50qaJmxcqQrAbD2DPjO83M3juJzbO6+0wj48OcbkCvjYY5qhibllOfibbZ3c0Q0Fot+l2+0MBzlMsAVIsL6UND+lNnfJRR6J6uuiZCu4yWaa7\/RtZxy8qwDPwGStQoGHFMBjdEzTocPqElOYyR+Y5\/wNC3lIiiLD5wq6cVCSwMA05CksXAwcxm+rtzGiuN+lOU6xbQmCxbJ3cF0XzWadHnluMrRAZdMUcGKXS4JdjbgNFxOSWkeWjTpkqphfZ5SkqAKkUagCeE6M1iE6v0m9Hm1\/evezNKlOvdmnyqlF76y3DwBA9tC\/cv8XjFKE0EQ+AS5Z4VLwKCZT8R605FTCfFdVJ9Rh+jBaUJVbw6rZT4DC1Qb6muYZeYHqlvkNaQSE8CE7YiQ6cORKNUoRF2pg1zFazIOqwroYxC5nhief\/ql0RM9A98\/S+VJVdJ6+GCrgrw26Bjc\/\/IGhj4="}
02169{"packet_event_id":2,"packet_event_name":"packet-flow","thread_id":0,"packet_id":61,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_packet_id":5,"flow_src_last_pkt_time":1495983428043295,"flow_dst_last_pkt_time":1495983428044294,"flow_idle_time":200000000,"pkt_datalink":1,"pkt_caplen":1270,"pkt_type":2048,"pkt_l3_offset":14,"pkt_l4_offset":34,"pkt_len":1270,"pkt_l4_len":1236,"thread_ts_usec":1495983428044294,"pkt":"ABcILL3nACbGCvpSCABFAAToAABAAEARdrODcqgbuVPacNlo2WgE1Ky0g6TtBObpsPGOGJJQW0suWMljVUPagRgTUahiB4IjMQW4Tg9f5cyshjm+p29iVNftVxe04dz+cfBMCVwhcjyEFkeou0ifCNhflHKECEASMlSPHygCv0jVCXv8ZCd4sw1DV4qkJHpNuqDzIOeMO5kigXd6Zr9\/kVGFNbYATiJ\/4\/d07Ys9tYVMMU9+GZLsw5TEeonc6JkgLf1Ag3YWp13STJFjkXmUQQEmCx7jMF2zuyFMW5l\/1l+DbcCnhmbrBjbCGgGFI5zBwsgztvAY5qYKZmeQM416lrSfO\/FAzqiwFmco4KFBkS27f0df+2LqiHW32UmxNTIO7nt7Lxv6feXMiqoigaWWhN1NpH+olHgBkDgRLRZR4izZRSb8NUu3oEYl7mity8XB29TfUHGUnr7zFV+ThMWXOU3y0zQ9o5ikDE7I+WgQ7I9UyX6BXcM9EDJAd1\/ntbLOCFZ73uP0F0pkt2EO0wYonWlaz4t\/h2ZlpNEogqERgZVlvsXJ3cypRCK7BJ2hkH0cxa7zmtpQWpxgzM1azMgu0Zgp5HWBZKU3HSw1WRpTgj3+b1F+M1u27lyVKPP+KJcO6xdB1JrsYND9NvH6gEBt8cFgwPuzeHo6wCDKovtGsN5fvYwZPB4Hh6PHHNRhCh3AasN9rEPpw8JY5BDOCRAAA3iiYGcBaPnZ0toysnHlF65SS7yd3NDlqep+WAUSHRxxU8yzD1fmlWf4vJglbKskZhPmmm3GZR4YD4PkDqxgwkla64kkcOD8ccSMwfZnv5Z28h9GnGF+kQBVOLMIb7nl3z3N+WVKF7N25EEZzkfhSx\/h6janHpbhx+CdQ4ITvm5cu4+8facY3f2FOR816OA\/QfBn0tfLB1974fZP1fYqUFGo7KoCBhYIQ2ACsS1WRnIV4NYdcX1uMmVf50b3HtIK4sV9yKgJdfmD+EV7ezZL2MeV0LYarWre0bgnjKAVFDY0UVHIc4kmK4sxUN5+iakUFgwhsrVeTwJsaXHUfixNVEmgrP3Jf5kqIPeitYRaU0E9kvujkfFBcX+w8r42EXbRrc61L5X1Rd01DEE+9On2z6e4vX+Equt5\/m2UdWD9O\/PpySdoiKsCe5pDggSnynFF+FOXuAnWEI0mpUVDmqumkpCDb8c2ERNo+A5Vxs9qjD6tLD0yLNOCE7qhLjU+bSCS1QOoJGuQs7qxOb0ZnBHAZHFaf0+B3HbB\/tXNawHGqfKAuiLM3txkOqXcIGBq0CVbdYOikKqUCQDWCB\/HeQEArr0ZW4yzfSrIPnpD1p0UVQ7wuqY9xXo4VLgsQR04gQLlJTUWVifMLbu3sAYHYrE6\/npTXS49H\/RY+ihrdGLN15Bwl7LkO6NlZm6aweckyA0cEuiwILQ7jWNd+fOXd3Ku1+dy2u25uV3Ez96JUM99NWNXBgebQa4mwBzMhR8Am75s\/KFEWAx1uA3jAG0Au+UTmHis+TKR59uUQJqHwgArWpwhKHyUFC4HHlXQKBnS9lutaV4lAOTGrmQVS0MDRQzqTtMhIAKY2b3DrwAXsov84LvryNSH009x5WiK1x6IzMLQpKSIgJCfUvBojuUi\/zAx7ICX+r2u1iKgemgZssbZF6IAXAyOQb8CxNvxnmB00hq83N\/933x+Cg=="}
-02453{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1495983428000367,"flow_src_last_pkt_time":1495983431160747,"flow_dst_last_pkt_time":1495983430158623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1468,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":19148,"flow_dst_tot_l4_payload_len":16284,"midstream":0,"thread_ts_usec":1495983431160747,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":55655,"dst_port":55655,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":23,"avg":171568.9,"max":1069532,"stddev":377387.1,"var":142420983808.0,"ent":2.5,"data": [157,27472,47,25,27522,244,68,237,181,126,15445,30,41839,33,23,1057953,304,258,1003680,53,1840,184,45315,102,25,1024085,82,1069532,137,1001358,279]},"pktlen": {"min":176,"avg":1135.2,"max":1496,"stddev":450.4,"var":202833.5,"ent":4.9,"data": [672,720,224,1472,768,216,1256,176,1296,1464,760,672,720,1264,176,1296,1344,1464,1360,1472,1488,1472,1480,1344,1472,1360,1488,1488,1488,1480,1496,1480]},"bins": {"c_to_s": [0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,2,6,0,0],"s_to_c": [0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,0,6,0,0]},"directions": [0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,0,0],"entropies": [7.665557861,7.732561588,7.082343578,7.846774578,7.752214432,6.906925201,7.855091572,6.755141735,7.856310368,7.846433163,7.747685909,7.710433006,7.733560562,7.868661880,6.790736675,7.858621597,7.869617462,7.873907566,7.874854565,7.877315998,7.870153904,7.874608040,7.878478050,7.845719337,7.883452892,7.855854511,7.886187077,7.874522686,7.870358467,7.871251106,7.874283314,7.868322849]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
-02454{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":20,"flow_first_seen":1495983428043218,"flow_src_last_pkt_time":1495983432571150,"flow_dst_last_pkt_time":1495983432526055,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1444,"flow_dst_max_l4_payload_len":1452,"flow_src_tot_l4_payload_len":10944,"flow_dst_tot_l4_payload_len":20512,"midstream":0,"thread_ts_usec":1495983432571150,"l3_proto":"ip4","src_ip":"185.83.218.112","dst_ip":"131.114.168.27","src_port":55656,"dst_port":55656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":24,"avg":290670.0,"max":2412459,"stddev":558680.6,"var":312123949056.0,"ent":2.9,"data": [50,27,594,482,207,142,1049148,39,24,1048033,86,239,119,120,91,44079,43,25,1044735,279,1021999,20586,1001463,275,241,363633,1001240,149,123,2412459,39]},"pktlen": {"min":104,"avg":1011.0,"max":1480,"stddev":450.3,"var":202783.0,"ent":4.8,"data": [752,1472,944,720,1256,1472,944,1056,656,320,1048,176,1296,512,656,320,176,1296,512,1464,1360,1360,1360,1472,1336,1304,104,1480,1464,1328,1376,1360]},"bins": {"c_to_s": [0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,2,1,0,0,1,0,0],"s_to_c": [0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,1,2,2,2,0,0,2,3,0,0]},"directions": [0,0,0,1,1,1,1,0,0,0,1,1,1,1,1,1,0,0,0,1,1,0,1,1,1,1,1,1,1,1,0,0],"entropies": [7.690577507,7.881368160,7.775002003,7.728326797,7.851398468,7.867018700,7.774654388,7.831391335,7.688314915,7.329430103,7.812694550,6.669548035,7.843146801,7.557564259,7.679370403,7.194211483,6.957363605,7.850227833,7.572175503,7.873534679,7.858608246,7.866045952,7.839975357,7.845044613,7.866905689,7.841031551,6.193184853,7.882274628,7.896846294,7.859506130,7.852632523,7.876025200]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+02343{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":104,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":17,"flow_dst_packets_processed":15,"flow_first_seen":1495983428000367,"flow_src_last_pkt_time":1495983431160747,"flow_dst_last_pkt_time":1495983430158623,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1468,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":19148,"flow_dst_tot_l4_payload_len":16284,"midstream":0,"thread_ts_usec":1495983431160747,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":55655,"dst_port":55655,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":23,"avg":171568.9,"max":1069532,"stddev":377387.1,"var":142420983808.0,"ent":2.5,"data": [157,27472,47,25,27522,244,68,237,181,126,15445,30,41839,33,23,1057953,304,258,1003680,53,1840,184,45315,102,25,1024085,82,1069532,137,1001358,279]},"pktlen": {"min":176,"avg":1135.2,"max":1496,"stddev":450.4,"var":202833.5,"ent":4.9,"data": [672,720,224,1472,768,216,1256,176,1296,1464,760,672,720,1264,176,1296,1344,1464,1360,1472,1488,1472,1480,1344,1472,1360,1488,1488,1488,1480,1496,1480]},"bins": {"c_to_s": [0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,2,6,0,0],"s_to_c": [0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,0,6,0,0]},"directions": [0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,0,0],"entropies": [7.665557861,7.732561588,7.082343578,7.846774578,7.752214432,6.906925201,7.855091572,6.755141735,7.856310368,7.846433163,7.747685909,7.710433006,7.733560562,7.868661880,6.790736675,7.858621597,7.869617462,7.873907566,7.874854565,7.877315998,7.870153904,7.874608040,7.878478050,7.845719337,7.883452892,7.855854511,7.886187077,7.874522686,7.870358467,7.871251106,7.874283314,7.868322849]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+02344{"flow_event_id":5,"flow_event_name":"analyse","thread_id":0,"packet_id":113,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":12,"flow_dst_packets_processed":20,"flow_first_seen":1495983428043218,"flow_src_last_pkt_time":1495983432571150,"flow_dst_last_pkt_time":1495983432526055,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":148,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1444,"flow_dst_max_l4_payload_len":1452,"flow_src_tot_l4_payload_len":10944,"flow_dst_tot_l4_payload_len":20512,"midstream":0,"thread_ts_usec":1495983432571150,"l3_proto":"ip4","src_ip":"185.83.218.112","dst_ip":"131.114.168.27","src_port":55656,"dst_port":55656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"data_analysis": {"iat": {"min":24,"avg":290670.0,"max":2412459,"stddev":558680.6,"var":312123949056.0,"ent":2.9,"data": [50,27,594,482,207,142,1049148,39,24,1048033,86,239,119,120,91,44079,43,25,1044735,279,1021999,20586,1001463,275,241,363633,1001240,149,123,2412459,39]},"pktlen": {"min":104,"avg":1011.0,"max":1480,"stddev":450.3,"var":202783.0,"ent":4.8,"data": [752,1472,944,720,1256,1472,944,1056,656,320,1048,176,1296,512,656,320,176,1296,512,1464,1360,1360,1360,1472,1336,1304,104,1480,1464,1328,1376,1360]},"bins": {"c_to_s": [0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,2,1,0,0,1,0,0],"s_to_c": [0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,1,2,2,2,0,0,2,3,0,0]},"directions": [0,0,0,1,1,1,1,0,0,0,1,1,1,1,1,1,0,0,0,1,1,0,1,1,1,1,1,1,1,1,0,0],"entropies": [7.690577507,7.881368160,7.775002003,7.728326797,7.851398468,7.867018700,7.774654388,7.831391335,7.688314915,7.329430103,7.812694550,6.669548035,7.843146801,7.557564259,7.679370403,7.194211483,6.957363605,7.850227833,7.572175503,7.873534679,7.858608246,7.866045952,7.839975357,7.845044613,7.866905689,7.841031551,6.193184853,7.882274628,7.896846294,7.859506130,7.852632523,7.876025200]},"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
01106{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":2,"flow_state":"finished","flow_src_packets_processed":14,"flow_dst_packets_processed":13,"flow_first_seen":1495983427744301,"flow_src_last_pkt_time":1495983475109122,"flow_dst_last_pkt_time":1495983475109062,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1039,"flow_dst_max_l4_payload_len":1037,"flow_src_tot_l4_payload_len":3036,"flow_dst_tot_l4_payload_len":2354,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":49290,"dst_port":55656,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
-01229{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":101,"flow_dst_packets_processed":29,"flow_first_seen":1495983428000367,"flow_src_last_pkt_time":1495983470930418,"flow_dst_last_pkt_time":1495983470973187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":76,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1468,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":132724,"flow_dst_tot_l4_payload_len":31332,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":55655,"dst_port":55655,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
-01230{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":29,"flow_dst_packets_processed":105,"flow_first_seen":1495983428043218,"flow_src_last_pkt_time":1495983463866065,"flow_dst_last_pkt_time":1495983463817214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":116,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1460,"flow_dst_max_l4_payload_len":1468,"flow_src_tot_l4_payload_len":28820,"flow_dst_tot_l4_payload_len":135316,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"185.83.218.112","dst_ip":"131.114.168.27","src_port":55656,"dst_port":55656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}},"46": {"risk":"Unidirectional Traffic","severity":"Low","risk_score": {"total":500,"client":430,"server":70}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+01119{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":3,"flow_state":"finished","flow_src_packets_processed":101,"flow_dst_packets_processed":29,"flow_first_seen":1495983428000367,"flow_src_last_pkt_time":1495983470930418,"flow_dst_last_pkt_time":1495983470973187,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":76,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1468,"flow_dst_max_l4_payload_len":1460,"flow_src_tot_l4_payload_len":132724,"flow_dst_tot_l4_payload_len":31332,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":55655,"dst_port":55655,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
+01120{"flow_event_id":3,"flow_event_name":"idle","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":4,"flow_state":"finished","flow_src_packets_processed":29,"flow_dst_packets_processed":105,"flow_first_seen":1495983428043218,"flow_src_last_pkt_time":1495983463866065,"flow_dst_last_pkt_time":1495983463817214,"flow_idle_time":200000000,"flow_src_min_l4_payload_len":116,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1460,"flow_dst_max_l4_payload_len":1468,"flow_src_tot_l4_payload_len":28820,"flow_dst_tot_l4_payload_len":135316,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"185.83.218.112","dst_ip":"131.114.168.27","src_port":55656,"dst_port":55656,"l4_proto":"udp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"5":"DPI (cache)"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
01106{"flow_event_id":2,"flow_event_name":"end","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","flow_id":1,"flow_state":"finished","flow_src_packets_processed":15,"flow_dst_packets_processed":11,"flow_first_seen":1495983427717971,"flow_src_last_pkt_time":1495983475073125,"flow_dst_last_pkt_time":1495983475073073,"flow_idle_time":7580000000,"flow_src_min_l4_payload_len":0,"flow_dst_min_l4_payload_len":0,"flow_src_max_l4_payload_len":1039,"flow_dst_max_l4_payload_len":1037,"flow_src_tot_l4_payload_len":2339,"flow_dst_tot_l4_payload_len":2308,"midstream":0,"thread_ts_usec":1495983475109122,"l3_proto":"ip4","src_ip":"131.114.168.27","dst_ip":"185.83.218.112","src_port":59244,"dst_port":55655,"l4_proto":"tcp","flow_datalink":1,"flow_max_packets":5,"ndpi": {"flow_risk": {"5": {"risk":"Known Proto on Non Std Port","severity":"Medium","risk_score": {"total":160,"client":140,"server":20}}},"confidence": {"6":"DPI"},"proto":"TINC","proto_id":"209","proto_by_ip":"Unknown","proto_by_ip_id":0,"encrypted":0,"breed":"Acceptable","category_id":2,"category":"VPN"}}
00637{"daemon_event_id":3,"daemon_event_name":"shutdown","thread_id":0,"packet_id":317,"source":"cfgs\/default\/pcap\/tinc.pcap","alias":"nDPId-test","version":"1.5.0","ndpi_version":"4.9.0-4361-0db12b13","packets-captured":317,"packets-processed":317,"total-skipped-flows":0,"total-l4-payload-len":338229,"total-not-detected-flows":0,"total-guessed-flows":0,"total-detected-flows":4,"total-detection-updates":0,"total-updates":0,"current-active-flows":0,"total-active-flows":4,"total-idle-flows":4,"total-compressions":0,"total-compression-diff":0,"current-compression-diff":0,"total-events-serialized":37,"global_ts_usec":1495983475109122}
~~~~~~~~~~~~~~~~~~~~ SUMMARY ~~~~~~~~~~~~~~~~~~~~
Powered by cgit, Themed by Ted Yin.