diff options
Diffstat (limited to 'test/results/flow-info')
192 files changed, 4205 insertions, 4129 deletions
diff --git a/test/results/flow-info/caches_cfg/ookla.pcap.out b/test/results/flow-info/caches_cfg/ookla.pcap.out index 0df8a61e0..ce49b45dc 100644 --- a/test/results/flow-info/caches_cfg/ookla.pcap.out +++ b/test/results/flow-info/caches_cfg/ookla.pcap.out @@ -11,7 +11,7 @@ new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] - RISK: Fully Encrypted Flow + RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/caches_cfg/teams.pcap.out b/test/results/flow-info/caches_cfg/teams.pcap.out index 0560c494e..8e42406c4 100644 --- a/test/results/flow-info/caches_cfg/teams.pcap.out +++ b/test/results/flow-info/caches_cfg/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS][Azure][Web][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/caches_global/lru_ipv6_caches.pcapng.out b/test/results/flow-info/caches_global/lru_ipv6_caches.pcapng.out index c480d8027..34b2f59dd 100644 --- a/test/results/flow-info/caches_global/lru_ipv6_caches.pcapng.out +++ b/test/results/flow-info/caches_global/lru_ipv6_caches.pcapng.out @@ -16,11 +16,11 @@ detected: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port detected: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port new: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] detected: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] + detection-update: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] @@ -28,39 +28,25 @@ RISK: Unidirectional Traffic new: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] detected: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] detected: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] detected: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] detection-update: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Unidirectional Traffic idle: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] -> [20ed:470f:6f73:ce60:60be:8b4f:df37:b080][45658] [RTCP][Unknown][VoIP][Acceptable] idle: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -69,9 +55,9 @@ idle: [.....2] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [3024:e5ee:ac2f:cd76:5dd6:a7a1:f17f:5c27][60506] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/caches_global/ookla.pcap.out b/test/results/flow-info/caches_global/ookla.pcap.out index eeeabc4c9..5573435ae 100644 --- a/test/results/flow-info/caches_global/ookla.pcap.out +++ b/test/results/flow-info/caches_global/ookla.pcap.out @@ -11,6 +11,7 @@ new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [Ookla][Unknown][Network][Safe] + RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/caches_global/teams.pcap.out b/test/results/flow-info/caches_global/teams.pcap.out index 45e6ad626..73e35011c 100644 --- a/test/results/flow-info/caches_global/teams.pcap.out +++ b/test/results/flow-info/caches_global/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Teams][Azure][Collaborative][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/caches_global/zoom_p2p.pcapng.out b/test/results/flow-info/caches_global/zoom_p2p.pcapng.out index a18e8a561..013324721 100644 --- a/test/results/flow-info/caches_global/zoom_p2p.pcapng.out +++ b/test/results/flow-info/caches_global/zoom_p2p.pcapng.out @@ -93,10 +93,10 @@ RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] detected: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][.icmp] [.206.247.10.253] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] RISK: Susp Entropy + detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] + RISK: Unidirectional Traffic analyse: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] [Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.052| 0.013| 0.016| 253.890| 4.000] diff --git a/test/results/flow-info/classification_only/bittorrent_tcp_miss.pcapng.out b/test/results/flow-info/classification_only/bittorrent_tcp_miss.pcapng.out index 4eced6429..aa800e488 100644 --- a/test/results/flow-info/classification_only/bittorrent_tcp_miss.pcapng.out +++ b/test/results/flow-info/classification_only/bittorrent_tcp_miss.pcapng.out @@ -3,7 +3,7 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] detected: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port + RISK: Known Proto on Non Std Port, Susp Entropy analyse: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.065| 0.014| 0.017| 294.673| 3.800] @@ -15,5 +15,5 @@ [PKTLENS.....: 60,52,40,238,464,40,511,280,108,419,328,90,1480,1480,1480,1480,1480,1480,1480,1480,1480,1480,40,40,1480,1480,1480,1480,1480,40,40,40] [ENTROPIES...: 4.7,5.1,4.8,7.1,7.5,4.9,7.5,7.2,6.2,5.6,5.1,4.1,7.8,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,4.9,4.8,7.9,7.9,7.9,7.9,7.9,4.9,4.9,4.9] idle: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port + RISK: Known Proto on Non Std Port, Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/ookla.pcap.out b/test/results/flow-info/classification_only/ookla.pcap.out index eeeabc4c9..5573435ae 100644 --- a/test/results/flow-info/classification_only/ookla.pcap.out +++ b/test/results/flow-info/classification_only/ookla.pcap.out @@ -11,6 +11,7 @@ new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [Ookla][Unknown][Network][Safe] + RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/classification_only/sip.pcap.out b/test/results/flow-info/classification_only/sip.pcap.out index 6b99bbd05..fdc3e8fc6 100644 --- a/test/results/flow-info/classification_only/sip.pcap.out +++ b/test/results/flow-info/classification_only/sip.pcap.out @@ -49,7 +49,7 @@ update: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - not-detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] idle: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] diff --git a/test/results/flow-info/classification_only/teams.pcap.out b/test/results/flow-info/classification_only/teams.pcap.out index 45e6ad626..73e35011c 100644 --- a/test/results/flow-info/classification_only/teams.pcap.out +++ b/test/results/flow-info/classification_only/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Teams][Azure][Collaborative][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out b/test/results/flow-info/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out index 9b324cc4e..139e9d3ce 100644 --- a/test/results/flow-info/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.2_unidir_client_no_cert.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] [TLS][Cloudflare][Web][Safe][sb.adtidy.org] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out b/test/results/flow-info/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out index c54c75d01..b66d1226f 100644 --- a/test/results/flow-info/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.2_unidir_server_no_cert.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] detected: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/tls_1.2_unidirectional_client.pcapng.out b/test/results/flow-info/classification_only/tls_1.2_unidirectional_client.pcapng.out index 6e5b7a799..91ff26a82 100644 --- a/test/results/flow-info/classification_only/tls_1.2_unidirectional_client.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.2_unidirectional_client.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] [TLS.GoogleServices][Google][Web][Acceptable][notifications-pa.googleapis.com] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] [TLS.GoogleServices][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/tls_1.2_unidirectional_server.pcapng.out b/test/results/flow-info/classification_only/tls_1.2_unidirectional_server.pcapng.out index 1410a061a..42198a9a9 100644 --- a/test/results/flow-info/classification_only/tls_1.2_unidirectional_server.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.2_unidirectional_server.pcapng.out @@ -3,9 +3,6 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] detected: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/tls_1.3_unidirectional_client.pcapng.out b/test/results/flow-info/classification_only/tls_1.3_unidirectional_client.pcapng.out index be71565b2..a53dfdc23 100644 --- a/test/results/flow-info/classification_only/tls_1.3_unidirectional_client.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.3_unidirectional_client.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] [TLS.Google][Google][Web][Acceptable][www.google.com] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] [TLS.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/classification_only/tls_1.3_unidirectional_server.pcapng.out b/test/results/flow-info/classification_only/tls_1.3_unidirectional_server.pcapng.out index 60174db8b..ba126c5e1 100644 --- a/test/results/flow-info/classification_only/tls_1.3_unidirectional_server.pcapng.out +++ b/test/results/flow-info/classification_only/tls_1.3_unidirectional_server.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] detected: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/1kxun.pcap.out b/test/results/flow-info/default/1kxun.pcap.out index cc644d2aa..3e1a35e08 100644 --- a/test/results/flow-info/default/1kxun.pcap.out +++ b/test/results/flow-info/default/1kxun.pcap.out @@ -29,14 +29,10 @@ new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi] new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad] @@ -53,16 +49,12 @@ new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com] new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] @@ -155,8 +147,6 @@ new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] - RISK: Unidirectional Traffic - detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com] new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] @@ -306,9 +296,6 @@ new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -414,7 +401,7 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port @@ -454,7 +441,7 @@ idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] @@ -464,18 +451,18 @@ idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] - not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook] - not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] - not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] - not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected @@ -529,7 +516,7 @@ idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] @@ -547,7 +534,7 @@ idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] @@ -595,7 +582,7 @@ idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] @@ -603,8 +590,6 @@ detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic - detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] @@ -738,9 +723,6 @@ detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] @@ -762,22 +744,14 @@ new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - RISK: Unidirectional Traffic new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: Unidirectional Traffic new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] @@ -788,9 +762,6 @@ detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] diff --git a/test/results/flow-info/default/6in4tunnel.pcap.out b/test/results/flow-info/default/6in4tunnel.pcap.out index 8d6b80d9c..66594b152 100644 --- a/test/results/flow-info/default/6in4tunnel.pcap.out +++ b/test/results/flow-info/default/6in4tunnel.pcap.out @@ -12,8 +12,8 @@ [IATS(ms)....: 104.8,780.1,221.1,1000.5,1001.7,1001.1,1001.7,1005.1,1001.1,1000.8,1001.1,1001.1,1001.4,999.9,1001.9,1003.1,365.4,1.1,349.0,4.1,96.7,99.1,95.7,0.8,97.9,1.0,0.1,98.1,0.1,8.8,0.5] [PKTLENS.....: 124,124,186,124,124,124,124,124,124,124,124,124,124,124,124,124,124,119,119,259,247,100,100,92,296,92,1490,1897,92,92,254,145] [ENTROPIES...: 5.7,5.7,5.6,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.6,5.7,5.7,5.7,5.7,5.7,4.7,4.7,4.8,4.9,5.2,5.8,5.5,5.8,5.6,6.9,7.0,5.5,5.5,6.7,6.0] - not-detected: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy - idle: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unknown][Unrated] + idle: [.....1] [ip4][...41] [....174.3.73.24] -> [.184.105.255.26] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/6in6tunnel.pcap.out b/test/results/flow-info/default/6in6tunnel.pcap.out index cd8b3a097..4bc93210e 100644 --- a/test/results/flow-info/default/6in6tunnel.pcap.out +++ b/test/results/flow-info/default/6in6tunnel.pcap.out @@ -3,10 +3,10 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] new: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] - not-detected: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....1] [ip6][...41] [........2001:4f8:4:7:2e0:81ff:fe52:ffff] -> [........2001:4f8:4:7:2e0:81ff:fe52:9a6b] - not-detected: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....2] [ip6][...41] [.............................feed::beef] -> [.............................feed::cafe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out b/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out index 07aa8c41c..ed3249628 100644 --- a/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out +++ b/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out @@ -31,8 +31,6 @@ [IATS(ms)....: 20.8,19.1,39.5,1.4,20.0,20.0,19.3,20.5,19.6,19.9,21.0,20.3,18.5,20.4,19.7,19.9,20.4,20.2,19.7,20.4,19.3,20.5,20.1,20.0,19.6,20.0,19.9,20.3,20.2,19.8,20.0] [PKTLENS.....: 200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200] [ENTROPIES...: 1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,2.4,2.4,2.4,2.5,2.4,2.5,2.5,2.5,2.5,2.5,2.4,2.4,2.4,2.4,2.5,2.5,2.5,2.5,2.4,2.4,2.5] - detection-update: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] analyse: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy @@ -45,13 +43,11 @@ [PKTLENS.....: 905,905,290,290,474,474,811,811,438,438,880,880,411,411,779,779,479,479,446,446,558,558,832,832,350,350,461,461,438,438,909,909] [ENTROPIES...: 5.7,5.7,5.6,5.6,5.6,5.6,5.7,5.7,5.6,5.6,5.7,5.7,5.6,5.6,5.8,5.8,5.6,5.6,5.6,5.6,5.7,5.7,5.7,5.7,5.6,5.6,5.6,5.6,5.6,5.6,5.7,5.7] update: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][Unknown][VoIP][Acceptable] update: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][Unknown][VoIP][Acceptable] update: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] idle: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] idle: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] diff --git a/test/results/flow-info/default/KakaoTalk_chat.pcap.out b/test/results/flow-info/default/KakaoTalk_chat.pcap.out index be56e3338..764a5c9ce 100644 --- a/test/results/flow-info/default/KakaoTalk_chat.pcap.out +++ b/test/results/flow-info/default/KakaoTalk_chat.pcap.out @@ -156,15 +156,13 @@ [PKTLENS.....: 60,44,40,224,44,40,1320,1320,1027,40,40,40,162,40,87,40,562,40,69,40,199,312,40,40,78,40,69,40,67,116,40,40] [ENTROPIES...: 4.7,5.0,4.9,5.2,4.7,5.0,6.5,7.1,6.7,4.8,4.9,4.9,6.5,4.9,5.9,4.8,7.7,5.0,5.6,4.8,6.9,7.1,5.0,5.0,5.8,4.9,5.5,4.9,5.6,6.3,5.0,5.0] update: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable] - detection-update: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] detected: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe][] RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older) idle: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][up-m.talk.kakao.com] idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][2.97.252.173.in-addr.arpa] end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe] RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older) idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe] @@ -209,7 +207,6 @@ idle: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][auth.kakao.com] idle: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][up-p.talk.kakao.com] guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] - RISK: Fully Encrypted Flow idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe] RISK: Known Proto on Non Std Port diff --git a/test/results/flow-info/default/Oscar.pcap.out b/test/results/flow-info/default/Oscar.pcap.out index 7a41b82fc..797ee71a3 100644 --- a/test/results/flow-info/default/Oscar.pcap.out +++ b/test/results/flow-info/default/Oscar.pcap.out @@ -12,8 +12,6 @@ [IATS(ms)....: 28.7,28.8,8.9,42.4,33.5,0.5,0.5,0.1,33.5,33.4,0.3,33.6,0.8,34.1,0.2,44.6,44.3,32.8,32.8,0.2,0.1,0.3,31.3,31.1,58175.5,58215.2,0.0,39.6,1457.4,1490.1,502.6] [PKTLENS.....: 64,46,40,355,50,40,605,40,92,130,40,56,1400,337,40,66,46,152,497,40,270,40,252,46,335,76,46,78,40,78,46,76] [ENTROPIES...: 4.4,4.9,4.7,7.1,4.7,4.7,5.2,4.7,4.0,4.3,4.6,4.3,3.8,3.9,4.6,4.3,4.5,3.5,4.2,4.6,3.7,4.6,5.5,4.5,3.4,4.8,4.5,5.0,4.6,4.5,4.5,4.8] - guessed: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Unknown][Web][Safe] - RISK: Fully Encrypted Flow - idle: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][Unknown][Web][Safe] - RISK: Fully Encrypted Flow + guessed: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][VK][Web][Safe] + idle: [.....1] [ip4][..tcp] [.....10.30.29.3][63357] -> [.178.237.24.249][..443] [TLS][VK][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/alexa-app.pcapng.out b/test/results/flow-info/default/alexa-app.pcapng.out index 08d21f12c..79f3daf84 100644 --- a/test/results/flow-info/default/alexa-app.pcapng.out +++ b/test/results/flow-info/default/alexa-app.pcapng.out @@ -54,11 +54,11 @@ detected: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] detection-update: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] new: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] - detected: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] + detected: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.ADS_Analytic_Track][AmazonAWS][Advertisement][Tracker/Ads][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS - detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] + detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.ADS_Analytic_Track][AmazonAWS][Advertisement][Tracker/Ads][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS - detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][mads.amazon-adsystem.com] + detection-update: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.ADS_Analytic_Track][AmazonAWS][Advertisement][Tracker/Ads][mads.amazon-adsystem.com] RISK: TLS (probably) Not Carrying HTTPS new: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] detected: [....19] [ip4][..udp] [..172.16.42.216][.7358] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][firs-ta-g7g.amazon.com] @@ -91,18 +91,18 @@ detected: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] detection-update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] new: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] - detected: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] new: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] new: [....31] [ip4][..tcp] [..172.16.42.216][40200] -> [.10.201.126.241][.8080] new: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] - detected: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....33] [ip4][..tcp] [..172.16.42.216][40202] -> [.10.201.126.241][.8080] new: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] @@ -137,7 +137,7 @@ new: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] detected: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] ERROR-EVENT: Unknown packet type [1/16] - analyse: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.016| 0.161| 0.286| 81844.249| 3.400] [PKTLEN......: 40.000| 1500.000| 366.200| 485.100| 235358.500| 3.900] @@ -156,11 +156,11 @@ detection-update: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] new: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] new: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] - detected: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] new: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] @@ -168,17 +168,17 @@ new: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] new: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] detected: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] - detected: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] @@ -195,8 +195,8 @@ [PKTLENS.....: 60,48,40,245,46,245,245,46,1500,1500,1500,674,40,40,40,40,166,1500,91,468,46,46,466,40,1500,1196,46,343,40,40,46,40] [ENTROPIES...: 4.6,5.1,4.9,5.6,4.5,5.6,5.6,4.6,7.1,7.3,7.4,7.6,4.8,4.9,4.8,4.8,6.3,7.9,5.9,7.5,4.6,4.6,7.5,4.8,7.9,7.8,4.6,7.4,4.9,4.9,4.6,4.9] new: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] - detected: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] new: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] @@ -204,9 +204,9 @@ new: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] detected: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] - detected: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] detection-update: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] - detection-update: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] new: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] @@ -229,14 +229,14 @@ detection-update: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] ERROR-EVENT: Unknown packet type [2/16] new: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] - detected: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] detected: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] - detected: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] detected: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] @@ -292,32 +292,32 @@ detected: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detected: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] new: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] - detected: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] new: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] new: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] detection-update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] - detection-update: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detected: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detected: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - detection-update: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][] + detection-update: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn new: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] - detected: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][android-1c1335ec95a27318] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] @@ -353,35 +353,35 @@ new: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] new: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] new: [....85] [ip4][..tcp] [..172.16.42.216][38434] -> [...192.168.11.1][.8080] - detected: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detected: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] new: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] - detected: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] new: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] new: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] new: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] new: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] new: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] new: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] - detection-update: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detected: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] detected: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] - analyse: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.570| 0.289| 0.417| 173871.694| 3.700] [PKTLEN......: 40.000| 1500.000| 371.100| 516.000| 266233.000| 3.900] @@ -391,11 +391,11 @@ [IATS(ms)....: 325.4,332.9,0.3,247.7,0.2,241.3,0.3,0.3,23.8,0.3,429.9,0.1,1569.5,1485.9,353.0,706.9,73.8,0.3,358.8,0.4,256.6,3.7,0.2,956.2,948.6,95.3,235.6,1.1,0.1,275.4,23.7] [PKTLENS.....: 60,48,40,279,125,93,40,40,99,1500,174,46,46,174,46,717,40,1500,238,46,525,40,1500,206,525,40,1500,46,557,46,40,1500] [ENTROPIES...: 4.7,5.2,4.8,5.8,6.1,6.1,4.8,4.8,5.9,7.9,6.9,4.6,4.5,6.9,4.6,7.7,4.8,7.9,7.1,4.7,7.6,4.8,7.9,7.0,7.6,4.8,7.9,4.7,7.6,4.7,4.7,7.9] - detection-update: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher detection-update: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code @@ -408,7 +408,7 @@ new: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] new: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] detected: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] - analyse: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.192| 0.160| 0.282| 79548.359| 3.500] [PKTLEN......: 40.000| 1500.000| 343.000| 486.700| 236894.100| 3.900] @@ -420,7 +420,7 @@ [ENTROPIES...: 4.7,5.1,4.8,5.9,5.9,4.6,6.1,6.0,4.7,4.6,6.5,4.7,5.9,7.9,4.6,6.9,4.6,4.6,7.8,7.9,7.1,4.6,7.5,7.9,7.2,6.6,4.5,4.6,7.6,7.9,6.8,4.6] detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] detection-update: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][s3-external-2.amazonaws.com] - analyse: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.080| 0.209| 0.303| 92031.574| 3.700] [PKTLEN......: 40.000| 1500.000| 360.500| 516.500| 266795.300| 3.800] @@ -448,7 +448,7 @@ update: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - detection-update: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...100] [ip4][..tcp] [..172.16.42.216][34073] -> [..54.239.24.186][..443] new: [...101] [ip4][..tcp] [..172.16.42.216][34074] -> [..54.239.24.186][..443] @@ -495,7 +495,7 @@ [IATS(ms)....: 109.9,111.6,1.6,102.0,0.2,101.6,0.3,1.9,56.2,0.1,87.5,19.1,7.6,147.9,304.1,639.4,932.7,32.7,0.1,0.0,0.7,0.1,0.0,0.3,0.6,110.7,0.2,1.8,0.2,0.1,0.1] [PKTLENS.....: 60,48,40,251,1500,1275,40,40,366,46,99,40,1500,254,46,1500,1500,46,1021,589,589,589,589,589,1469,77,40,40,40,40,40,40] [ENTROPIES...: 4.7,5.2,4.8,5.6,7.2,7.3,4.8,4.8,7.3,4.7,6.1,4.9,7.9,7.2,4.5,7.9,7.9,4.7,7.8,7.6,7.7,7.7,7.6,7.6,7.9,5.7,4.8,4.8,4.9,4.8,4.9,4.9] - analyse: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 9.247| 1.357| 2.197| 4827473.510| 3.500] [PKTLEN......: 40.000| 1500.000| 425.800| 556.200| 309356.400| 3.900] @@ -523,20 +523,20 @@ new: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] new: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] new: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] - detected: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] detected: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] @@ -652,8 +652,8 @@ detection-update: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][skills-store.amazon.com] RISK: Weak TLS Cipher new: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] - detected: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher idle: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] @@ -668,8 +668,8 @@ [PKTLENS.....: 60,60,52,273,52,1500,1500,626,52,52,52,178,294,52,1416,1416,52,1500,300,96,86,52,52,1500,1003,52,52,1315,86,52,83,52] [ENTROPIES...: 4.7,5.3,5.0,5.4,5.1,7.0,7.2,7.6,5.0,5.1,5.0,6.6,7.2,5.0,7.9,7.9,5.1,7.9,7.3,6.1,5.8,5.1,5.1,7.9,7.8,5.1,5.1,7.9,5.9,5.1,5.6,5.1] new: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] - detected: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher idle: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy @@ -688,33 +688,33 @@ detection-update: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] - detected: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] - end: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [....28] [ip4][..tcp] [..172.16.42.216][45661] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - end: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....29] [ip4][..tcp] [..172.16.42.216][45662] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....30] [ip4][..tcp] [..172.16.42.216][45663] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....43] [ip4][..tcp] [..172.16.42.216][45673] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....44] [ip4][..tcp] [..172.16.42.216][45674] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....46] [ip4][..tcp] [..172.16.42.216][45676] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....47] [ip4][..tcp] [..172.16.42.216][45677] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....48] [ip4][..tcp] [..172.16.42.216][45678] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....49] [ip4][..tcp] [..172.16.42.216][45679] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....50] [ip4][..tcp] [..172.16.42.216][45680] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher end: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] RISK: Error Code @@ -748,25 +748,25 @@ new: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] new: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] new: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] - detected: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detected: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detected: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] new: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] - detection-update: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detection-update: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detection-update: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - detected: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher end: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] - end: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....57] [ip4][..tcp] [..172.16.42.216][45687] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....59] [ip4][..tcp] [..172.16.42.216][45688] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher update: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][ecx.images-amazon.com] new: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] - detected: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] - detection-update: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + detected: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] + detection-update: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher new: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] detected: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] @@ -779,7 +779,7 @@ detected: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] detection-update: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] new: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] - analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 8.001| 0.664| 1.905| 3629965.115| 2.500] [PKTLEN......: 40.000| 1500.000| 424.700| 584.700| 341856.600| 3.800] @@ -791,7 +791,7 @@ [ENTROPIES...: 4.7,5.2,4.8,5.6,6.8,7.3,7.4,4.7,4.8,4.9,7.4,4.6,6.0,7.9,6.9,4.6,7.9,6.0,4.8,7.9,4.7,7.7,4.8,7.9,7.3,4.5,4.8,4.5,7.9,4.6,4.6,4.9] detected: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) - detection-update: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][] + detection-update: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] detected: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] @@ -840,17 +840,17 @@ RISK: Obsolete TLS (v1.1 or older) detection-update: [...156] [ip4][..tcp] [..172.16.42.216][58048] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher - end: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....72] [ip4][..tcp] [..172.16.42.216][45697] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....74] [ip4][..tcp] [..172.16.42.216][45698] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher end: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] end: [....63] [ip4][..tcp] [..172.16.42.216][54434] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] @@ -951,7 +951,7 @@ guessed: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [..172.16.42.216][40242] -> [.10.201.126.241][.8080] - idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] end: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] @@ -973,41 +973,41 @@ end: [...132] [ip4][..tcp] [..172.16.42.216][40878] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher idle: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] - end: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [....80] [ip4][..tcp] [..172.16.42.216][45703] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - end: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....81] [ip4][..tcp] [..172.16.42.216][45704] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....82] [ip4][..tcp] [..172.16.42.216][45705] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher guessed: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] end: [....84] [ip4][..tcp] [..172.16.42.216][45707] -> [..52.94.232.134][..443] - end: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....86] [ip4][..tcp] [..172.16.42.216][45709] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [....87] [ip4][..tcp] [..172.16.42.216][45710] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - end: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [....88] [ip4][..tcp] [..172.16.42.216][45711] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - end: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [....89] [ip4][..tcp] [..172.16.42.216][45712] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - end: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....92] [ip4][..tcp] [..172.16.42.216][45715] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...109] [ip4][..tcp] [..172.16.42.216][45728] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...110] [ip4][..tcp] [..172.16.42.216][45729] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...111] [ip4][..tcp] [..172.16.42.216][45730] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...112] [ip4][..tcp] [..172.16.42.216][45731] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - end: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [...137] [ip4][..tcp] [..172.16.42.216][45752] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher end: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][api.amazon.com] RISK: TLS (probably) Not Carrying HTTPS @@ -1042,15 +1042,15 @@ idle: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][alexa.amazon.com] idle: [...144] [ip4][..udp] [..172.16.42.216][.8669] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] idle: [....98] [ip4][..udp] [..172.16.42.216][41639] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][dp-gw-na-js.amazon.com] - idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher - idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher guessed: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe] end: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] - end: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] + end: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher - idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher idle: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.google.com] idle: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][fls-na.amazon.com] @@ -1058,7 +1058,7 @@ idle: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....8] [ip4][..tcp] [..172.16.42.216][60246] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] - end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn idle: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][skills-store.amazon.com] idle: [...148] [ip4][..udp] [..172.16.42.216][14934] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][www.amazon.com] @@ -1078,7 +1078,7 @@ idle: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mads.amazon-adsystem.com] idle: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mtalk.google.com] idle: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][pitangui.amazon.com] - end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.ADS_Analytic_Track][AmazonAWS][Advertisement][Tracker/Ads] RISK: TLS (probably) Not Carrying HTTPS idle: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS][Unknown][Network][Acceptable][mobileanalytics.us-east-1.amazonaws.com] idle: [....13] [ip4][..tcp] [..172.16.42.216][35540] -> [..172.217.9.142][...80] [HTTP.Google][Google][ConnCheck][Acceptable][connectivitycheck.android.com] diff --git a/test/results/flow-info/default/anyconnect-vpn.pcap.out b/test/results/flow-info/default/anyconnect-vpn.pcap.out index 08a489e7d..057d0b082 100644 --- a/test/results/flow-info/default/anyconnect-vpn.pcap.out +++ b/test/results/flow-info/default/anyconnect-vpn.pcap.out @@ -288,7 +288,7 @@ idle: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Unknown][Network][Acceptable] - not-detected: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] guessed: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [TLS][Google][Web][Safe] @@ -311,7 +311,7 @@ guessed: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] [AJP][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] - not-detected: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] [Unknown][Unknown][Unrated] + not-detected: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic end: [....40] [ip4][..tcp] [.....10.0.0.227][56866] -> [.....10.0.0.151][.8060] idle: [....62] [ip4][..tcp] [.....10.0.0.227][56954] -> [.....10.0.0.149][.8008] [HTTP][Unknown][Web][Acceptable][10.0.0.149] diff --git a/test/results/flow-info/default/armagetron.pcapng.out b/test/results/flow-info/default/armagetron.pcapng.out new file mode 100644 index 000000000..273435d7a --- /dev/null +++ b/test/results/flow-info/default/armagetron.pcapng.out @@ -0,0 +1,204 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [..192.168.1.183][56325] -> [150.136.145.224][.4533] + detected: [.....1] [ip4][..udp] [..192.168.1.183][56325] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + analyse: [.....1] [ip4][..udp] [..192.168.1.183][56325] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 0.122| 0.062| 0.041| 1678.540| 4.600] + [PKTLEN......: 38.000| 320.000| 66.800| 50.800| 2580.700| 4.700] + [BINS(c->s)..: 16,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,0,1,0,0,1,0,1,0,0,1,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,1] + [IATS(ms)....: 31.2,96.5,76.5,22.1,107.4,74.5,21.9,21.8,11.6,74.1,62.4,33.9,34.1,14.8,111.4,96.7,10.2,106.8,99.1,23.3,122.2,96.5,13.4,109.8,96.3,11.3,107.7,96.4,13.9,110.1,0.0] + [PKTLENS.....: 72,72,166,56,78,74,62,86,44,58,48,38,56,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,50,46,320] + [ENTROPIES...: 4.7,4.7,4.7,4.2,3.6,4.0,4.1,3.9,4.4,3.8,4.1,4.3,3.8,4.3,3.8,3.9,4.4,3.8,3.9,4.3,3.9,3.9,4.4,3.9,3.9,4.4,3.9,3.9,4.4,4.3,4.2,4.7] + new: [.....2] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4535] + detected: [.....2] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4535] [Armagetron][Unknown][Game][Fun] + new: [.....3] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4535] + detected: [.....3] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4535] [Armagetron][Unknown][Game][Fun] + new: [.....4] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4536] + detected: [.....4] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4536] [Armagetron][Unknown][Game][Fun] + new: [.....5] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4534] + detected: [.....5] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4534] [Armagetron][Unknown][Game][Fun] + new: [.....6] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4544] + detected: [.....6] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4544] [Armagetron][Unknown][Game][Fun] + new: [.....7] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4540] + detected: [.....7] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4540] [Armagetron][Unknown][Game][Fun] + new: [.....8] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4538] + detected: [.....8] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4538] [Armagetron][Unknown][Game][Fun] + new: [.....9] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4538] + detected: [.....9] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4538] [Armagetron][Unknown][Game][Fun] + new: [....10] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4537] + detected: [....10] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4537] [Armagetron][Unknown][Game][Fun] + new: [....11] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4536] + detected: [....11] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4536] [Armagetron][Unknown][Game][Fun] + new: [....12] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4534] + detected: [....12] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4534] [Armagetron][Unknown][Game][Fun] + new: [....13] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4534] + detected: [....13] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4534] [Armagetron][Unknown][Game][Fun] + new: [....14] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4536] + detected: [....14] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4536] [Armagetron][Unknown][Game][Fun] + new: [....15] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4538] + detected: [....15] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4538] [Armagetron][Unknown][Game][Fun] + new: [....16] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4540] + detected: [....16] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4540] [Armagetron][Unknown][Game][Fun] + new: [....17] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4534] + detected: [....17] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4534] [Armagetron][Unknown][Game][Fun] + new: [....18] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4539] + detected: [....18] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4539] [Armagetron][Unknown][Game][Fun] + new: [....19] [ip4][..udp] [..192.168.1.183][44877] -> [...89.58.36.126][.4534] + detected: [....19] [ip4][..udp] [..192.168.1.183][44877] -> [...89.58.36.126][.4534] [Armagetron][Unknown][Game][Fun] + new: [....20] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4540] + detected: [....20] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4540] [Armagetron][Unknown][Game][Fun] + new: [....21] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4534] + detected: [....21] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4534] [Armagetron][Unknown][Game][Fun] + new: [....22] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4537] + detected: [....22] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4537] [Armagetron][Unknown][Game][Fun] + new: [....23] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4535] + detected: [....23] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4535] [Armagetron][Unknown][Game][Fun] + new: [....24] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4535] + detected: [....24] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4535] [Armagetron][Unknown][Game][Fun] + new: [....25] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4535] + detected: [....25] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4535] [Armagetron][Unknown][Game][Fun] + new: [....26] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4541] + detected: [....26] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4541] [Armagetron][Unknown][Game][Fun] + new: [....27] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4541] + detected: [....27] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4541] [Armagetron][Unknown][Game][Fun] + new: [....28] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4534] + detected: [....28] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4534] [Armagetron][Unknown][Game][Fun] + new: [....29] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4539] + detected: [....29] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4539] [Armagetron][Unknown][Game][Fun] + new: [....30] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4539] + detected: [....30] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4539] [Armagetron][Unknown][Game][Fun] + new: [....31] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4536] + detected: [....31] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4536] [Armagetron][Unknown][Game][Fun] + new: [....32] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4540] + detected: [....32] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4540] [Armagetron][Unknown][Game][Fun] + new: [....33] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4537] + detected: [....33] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4537] [Armagetron][Unknown][Game][Fun] + new: [....34] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4535] + detected: [....34] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4535] [Armagetron][Unknown][Game][Fun] + new: [....35] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4534] + detected: [....35] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4534] [Armagetron][Unknown][Game][Fun] + new: [....36] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4535] + detected: [....36] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4535] [Armagetron][Unknown][Game][Fun] + new: [....37] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4539] + detected: [....37] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4539] [Armagetron][Unknown][Game][Fun] + new: [....38] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4534] + detected: [....38] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4534] [Armagetron][Unknown][Game][Fun] + new: [....39] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4546] + detected: [....39] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4546] [Armagetron][Unknown][Game][Fun] + new: [....40] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4540] + detected: [....40] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4540] [Armagetron][Unknown][Game][Fun] + new: [....41] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4552] + detected: [....41] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4552] [Armagetron][Unknown][Game][Fun] + new: [....42] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4545] + detected: [....42] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4545] [Armagetron][Unknown][Game][Fun] + new: [....43] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4548] + detected: [....43] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4548] [Armagetron][Unknown][Game][Fun] + new: [....44] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4551] + detected: [....44] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4551] [Armagetron][Unknown][Game][Fun] + new: [....45] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4544] + detected: [....45] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4544] [Armagetron][Unknown][Game][Fun] + new: [....46] [ip4][..udp] [..192.168.1.183][.4534] -> [150.136.145.224][.4533] + detected: [....46] [ip4][..udp] [..192.168.1.183][.4534] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + analyse: [....46] [ip4][..udp] [..192.168.1.183][.4534] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.002| 1.366| 0.195| 0.330| 108892.758| 3.700] + [PKTLEN......: 38.000| 166.000| 56.800| 22.200| 494.700| 4.900] + [BINS(c->s)..: 17,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,0,1,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0] + [IATS(ms)....: 42.4,97.2,72.3,114.2,661.2,1000.7,1026.9,1366.3,96.7,13.7,110.6,96.9,10.6,107.3,96.6,10.1,106.6,96.6,26.5,122.8,96.4,11.5,108.1,96.5,11.8,108.7,96.8,12.1,108.7,122.4,1.8] + [PKTLENS.....: 72,72,166,56,74,54,46,70,60,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,62,46,38,38] + [ENTROPIES...: 4.7,4.7,4.7,4.1,4.0,4.0,4.2,3.6,3.8,4.2,3.8,3.8,4.2,3.7,3.8,4.2,3.8,3.8,4.2,3.9,3.8,4.2,3.8,3.8,4.2,3.8,3.8,4.2,3.6,4.0,4.2,4.2] + new: [....47] [ip4][..udp] [..192.168.1.183][.4534] -> [..95.111.241.79][.4533] + detected: [....47] [ip4][..udp] [..192.168.1.183][.4534] -> [..95.111.241.79][.4533] [Armagetron][Unknown][Game][Fun] + analyse: [....47] [ip4][..udp] [..192.168.1.183][.4534] -> [..95.111.241.79][.4533] [Armagetron][Unknown][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.001| 1.417| 0.158| 0.345| 118905.111| 3.100] + [PKTLEN......: 38.000| 166.000| 56.800| 22.200| 494.700| 4.900] + [BINS(c->s)..: 17,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,0,1,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0] + [IATS(ms)....: 30.2,31.5,10.4,39.8,607.6,1000.3,1023.6,1416.5,31.0,15.5,46.0,30.5,16.2,46.9,30.8,16.3,47.1,30.7,27.1,57.8,30.7,16.3,46.9,30.6,10.6,41.8,31.2,15.4,48.6,56.0,1.1] + [PKTLENS.....: 72,72,166,56,74,54,46,70,60,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,62,46,38,38] + [ENTROPIES...: 4.6,4.6,4.7,4.2,4.0,4.1,4.4,3.6,3.8,4.3,3.8,3.9,4.3,3.7,3.9,4.3,3.7,3.9,4.3,3.9,3.9,4.3,3.9,3.9,4.3,3.8,3.9,4.3,3.6,4.1,4.1,4.1] + new: [....48] [ip4][..udp] [..192.168.1.183][.4534] -> [139.162.192.121][.4533] + detected: [....48] [ip4][..udp] [..192.168.1.183][.4534] -> [139.162.192.121][.4533] [Armagetron][Unknown][Game][Fun] + analyse: [....48] [ip4][..udp] [..192.168.1.183][.4534] -> [139.162.192.121][.4533] [Armagetron][Unknown][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.001| 1.433| 0.152| 0.349| 122084.024| 2.900] + [PKTLEN......: 38.000| 166.000| 55.800| 22.300| 497.400| 4.900] + [BINS(c->s)..: 18,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,0] + [IATS(ms)....: 22.7,31.1,30.3,601.6,1001.8,1032.4,1432.6,22.0,13.6,35.5,21.9,10.7,32.8,22.2,14.6,36.9,22.5,27.8,50.1,22.0,10.5,32.2,21.7,17.0,39.1,22.1,12.5,35.0,41.6,1.4,1.3] + [PKTLENS.....: 72,166,56,74,54,46,70,60,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,62,46,38,38,38] + [ENTROPIES...: 4.6,4.7,4.1,3.9,4.1,4.3,3.6,3.9,4.3,3.8,3.8,4.3,3.7,3.8,4.3,3.8,3.9,4.3,3.9,3.9,4.3,3.9,3.9,4.2,3.8,3.8,4.3,3.5,4.1,4.2,4.2,4.2] + new: [....49] [ip4][..udp] [..192.168.1.183][.4534] -> [.150.230.127.67][.4533] + detected: [....49] [ip4][..udp] [..192.168.1.183][.4534] -> [.150.230.127.67][.4533] [Armagetron][Unknown][Game][Fun] + analyse: [....49] [ip4][..udp] [..192.168.1.183][.4534] -> [.150.230.127.67][.4533] [Armagetron][Unknown][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.001| 1.334| 0.155| 0.342| 116929.028| 3.000] + [PKTLEN......: 38.000| 166.000| 55.800| 22.300| 497.400| 4.900] + [BINS(c->s)..: 18,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 8,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,1,0,0,0] + [IATS(ms)....: 26.7,34.7,33.7,701.6,1006.3,1028.9,1333.8,26.2,13.8,39.7,25.8,11.4,37.5,26.1,11.7,37.4,25.7,26.0,51.9,25.8,16.8,43.0,26.2,10.2,35.4,25.3,13.1,39.3,62.6,1.2,1.2] + [PKTLENS.....: 72,166,56,74,54,46,70,60,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,58,56,40,62,46,38,38,38] + [ENTROPIES...: 4.7,4.7,4.1,4.0,4.1,4.3,3.6,3.7,4.3,3.7,3.7,4.3,3.7,3.7,4.3,3.7,3.7,4.3,3.8,3.6,4.2,3.8,3.7,4.3,3.8,3.7,4.3,3.5,3.9,4.1,4.1,4.1] + new: [....50] [ip4][..udp] [..192.168.1.183][50827] -> [.23.245.233.233][.4550] + detected: [....50] [ip4][..udp] [..192.168.1.183][50827] -> [.23.245.233.233][.4550] [Armagetron][Unknown][Game][Fun] + idle: [....17] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....23] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4535] [Armagetron][Unknown][Game][Fun] + idle: [....14] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4536] [Armagetron][Unknown][Game][Fun] + idle: [....22] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4537] [Armagetron][Unknown][Game][Fun] + idle: [....15] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4538] [Armagetron][Unknown][Game][Fun] + idle: [....18] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4539] [Armagetron][Unknown][Game][Fun] + idle: [....16] [ip4][..udp] [..192.168.1.183][44877] -> [..143.47.233.39][.4540] [Armagetron][Unknown][Game][Fun] + idle: [.....1] [ip4][..udp] [..192.168.1.183][56325] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + idle: [....19] [ip4][..udp] [..192.168.1.183][44877] -> [...89.58.36.126][.4534] [Armagetron][Unknown][Game][Fun] + idle: [.....5] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4534] [Armagetron][Unknown][Game][Fun] + idle: [.....2] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4535] [Armagetron][Unknown][Game][Fun] + idle: [.....4] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4536] [Armagetron][Unknown][Game][Fun] + idle: [.....9] [ip4][..udp] [..192.168.1.183][44877] -> [.176.194.189.50][.4538] [Armagetron][Unknown][Game][Fun] + idle: [....49] [ip4][..udp] [..192.168.1.183][.4534] -> [.150.230.127.67][.4533] [Armagetron][Unknown][Game][Fun] + idle: [....12] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....25] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4535] [Armagetron][Unknown][Game][Fun] + idle: [....31] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4536] [Armagetron][Unknown][Game][Fun] + idle: [....10] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4537] [Armagetron][Unknown][Game][Fun] + idle: [.....8] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4538] [Armagetron][Unknown][Game][Fun] + idle: [....29] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4539] [Armagetron][Unknown][Game][Fun] + idle: [....32] [ip4][..udp] [..192.168.1.183][44877] -> [...129.80.54.65][.4540] [Armagetron][Unknown][Game][Fun] + idle: [....47] [ip4][..udp] [..192.168.1.183][.4534] -> [..95.111.241.79][.4533] [Armagetron][Unknown][Game][Fun] + idle: [....13] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....34] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4535] [Armagetron][Unknown][Game][Fun] + idle: [....11] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4536] [Armagetron][Unknown][Game][Fun] + idle: [.....6] [ip4][..udp] [..192.168.1.183][44877] -> [205.209.104.214][.4544] [Armagetron][Unknown][Game][Fun] + idle: [....35] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....36] [ip4][..udp] [..192.168.1.183][44877] -> [..137.220.60.37][.4535] [Armagetron][Unknown][Game][Fun] + idle: [....38] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....37] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4539] [Armagetron][Unknown][Game][Fun] + idle: [....40] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4540] [Armagetron][Unknown][Game][Fun] + idle: [....45] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4544] [Armagetron][Unknown][Game][Fun] + idle: [....42] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4545] [Armagetron][Unknown][Game][Fun] + idle: [....39] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4546] [Armagetron][Unknown][Game][Fun] + idle: [....43] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4548] [Armagetron][Unknown][Game][Fun] + idle: [....44] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4551] [Armagetron][Unknown][Game][Fun] + idle: [....41] [ip4][..udp] [..192.168.1.183][44877] -> [108.227.141.189][.4552] [Armagetron][Unknown][Game][Fun] + idle: [....46] [ip4][..udp] [..192.168.1.183][.4534] -> [150.136.145.224][.4533] [Armagetron][Unknown][Game][Fun] + idle: [....28] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4534] [Armagetron][Unknown][Game][Fun] + idle: [....20] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4540] [Armagetron][Unknown][Game][Fun] + idle: [....27] [ip4][..udp] [..192.168.1.183][44877] -> [.207.246.89.194][.4541] [Armagetron][Unknown][Game][Fun] + idle: [....48] [ip4][..udp] [..192.168.1.183][.4534] -> [139.162.192.121][.4533] [Armagetron][Unknown][Game][Fun] + idle: [....24] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4535] [Armagetron][Unknown][Game][Fun] + idle: [....33] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4537] [Armagetron][Unknown][Game][Fun] + idle: [....30] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4539] [Armagetron][Unknown][Game][Fun] + idle: [.....7] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4540] [Armagetron][Unknown][Game][Fun] + idle: [....26] [ip4][..udp] [..192.168.1.183][44877] -> [150.136.145.224][.4541] [Armagetron][Unknown][Game][Fun] + idle: [....50] [ip4][..udp] [..192.168.1.183][50827] -> [.23.245.233.233][.4550] [Armagetron][Unknown][Game][Fun] + idle: [....21] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4534] [Armagetron][Unknown][Game][Fun] + idle: [.....3] [ip4][..udp] [..192.168.1.183][44877] -> [..178.16.102.71][.4535] [Armagetron][Unknown][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bad-dns-traffic.pcap.out b/test/results/flow-info/default/bad-dns-traffic.pcap.out index 629e1723a..bbd3e08e8 100644 --- a/test/results/flow-info/default/bad-dns-traffic.pcap.out +++ b/test/results/flow-info/default/bad-dns-traffic.pcap.out @@ -5,20 +5,20 @@ detected: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][05e100a621c3620001636f6e736f6c65202873697276696d65732900.skullseclabs.org] RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][958700a621c3620001636f6e736f6c65202873697276696d65732900.skullseclabs.org] - RISK: Susp DGA Domain name, Susp DNS Traffic, Unidirectional Traffic + RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....1] [ip4][..udp] [..192.168.43.91][35966] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][958700a621c3620001636f6e736f6c65202873697276696d65732900.skullseclabs.org] RISK: Susp DGA Domain name, Susp DNS Traffic, Risky Domain Name new: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] detected: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][244300fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][6b5000fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] - RISK: Susp DGA Domain name, Susp DNS Traffic, Unidirectional Traffic + RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][e18f00fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] - RISK: Susp DGA Domain name, Susp DNS Traffic, Unidirectional Traffic + RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][46b100fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] - RISK: Susp DGA Domain name, Susp DNS Traffic, Unidirectional Traffic + RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][c75900fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] - RISK: Susp DGA Domain name, Susp DNS Traffic, Unidirectional Traffic + RISK: Susp DGA Domain name, Susp DNS Traffic detection-update: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][c75900fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] RISK: Susp DGA Domain name, Susp DNS Traffic, Risky Domain Name analyse: [.....2] [ip4][..udp] [..192.168.43.91][56354] -> [........4.2.2.4][...53] [DNS][Unknown][Network][Acceptable][c75900fdf525320021636f6d6d616e64202873697276696d65732900.skullseclabs.org] diff --git a/test/results/flow-info/default/bittorrent_tcp_miss.pcapng.out b/test/results/flow-info/default/bittorrent_tcp_miss.pcapng.out index 4eced6429..aa800e488 100644 --- a/test/results/flow-info/default/bittorrent_tcp_miss.pcapng.out +++ b/test/results/flow-info/default/bittorrent_tcp_miss.pcapng.out @@ -3,7 +3,7 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] detected: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port + RISK: Known Proto on Non Std Port, Susp Entropy analyse: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.065| 0.014| 0.017| 294.673| 3.800] @@ -15,5 +15,5 @@ [PKTLENS.....: 60,52,40,238,464,40,511,280,108,419,328,90,1480,1480,1480,1480,1480,1480,1480,1480,1480,1480,40,40,1480,1480,1480,1480,1480,40,40,40] [ENTROPIES...: 4.7,5.1,4.8,7.1,7.5,4.9,7.5,7.2,6.2,5.6,5.1,4.1,7.8,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,4.9,4.8,7.9,7.9,7.9,7.9,7.9,4.9,4.9,4.9] idle: [.....1] [ip4][..tcp] [.192.168.122.34][48987] -> [...178.71.206.1][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port + RISK: Known Proto on Non Std Port, Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bittorrent_utp.pcap.out b/test/results/flow-info/default/bittorrent_utp.pcap.out index ac48b9ebc..59beea48e 100644 --- a/test/results/flow-info/default/bittorrent_utp.pcap.out +++ b/test/results/flow-info/default/bittorrent_utp.pcap.out @@ -4,10 +4,6 @@ new: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] detected: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port analyse: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 5.430| 0.412| 1.202| 1445669.503| 2.400] @@ -19,7 +15,7 @@ [PKTLENS.....: 132,132,48,58,238,505,48,48,103,257,48,48,132,1500,54,1500,54,1500,54,1500,54,82,1500,54,1500,54,1500,48,48,1037,1037,1037] [ENTROPIES...: 5.8,5.9,4.5,4.2,4.4,5.3,4.7,5.3,3.9,5.4,5.3,4.8,5.8,7.8,4.5,7.8,4.6,7.8,4.6,7.8,4.6,4.1,7.8,4.7,7.6,4.7,7.8,4.9,4.8,7.8,7.8,7.7] DAEMON-EVENT: [Processed: 86 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [......127.0.0.1][49861] -> [......127.0.0.1][33333] detected: [.....2] [ip4][..udp] [......127.0.0.1][49861] -> [......127.0.0.1][33333] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port diff --git a/test/results/flow-info/default/blizzard.pcap.out b/test/results/flow-info/default/blizzard.pcap.out new file mode 100644 index 000000000..b13762dd7 --- /dev/null +++ b/test/results/flow-info/default/blizzard.pcap.out @@ -0,0 +1,51 @@ + DAEMON-EVENT: init + new: [.....1] [ip4][..tcp] [..192.168.1.205][50082] -> [..37.244.28.101][.1119] + detected: [.....1] [ip4][..tcp] [..192.168.1.205][50082] -> [..37.244.28.101][.1119] [Blizzard][Blizzard][Game][Fun] + new: [.....2] [ip4][..tcp] [..192.168.1.205][50056] -> [.137.221.106.59][.1119] + detected: [.....2] [ip4][..tcp] [..192.168.1.205][50056] -> [.137.221.106.59][.1119] [Blizzard][Blizzard][Game][Fun] + DAEMON-EVENT: [Processed: 44 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....3] [ip4][..tcp] [..192.168.12.67][42710] -> [137.221.107.220][.3724] + detected: [.....3] [ip4][..tcp] [..192.168.12.67][42710] -> [137.221.107.220][.3724] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....2] [ip4][..tcp] [..192.168.1.205][50056] -> [.137.221.106.59][.1119] [Blizzard][Blizzard][Game][Fun] + idle: [.....1] [ip4][..tcp] [..192.168.1.205][50082] -> [..37.244.28.101][.1119] [Blizzard][Blizzard][Game][Fun] + DAEMON-EVENT: [Processed: 65 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....4] [ip4][..udp] [..192.168.12.67][.1120] -> [...34.171.17.90][50000] + detected: [.....4] [ip4][..udp] [..192.168.12.67][.1120] -> [...34.171.17.90][50000] [Blizzard][GoogleCloud][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....3] [ip4][..tcp] [..192.168.12.67][42710] -> [137.221.107.220][.3724] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + new: [.....5] [ip4][..udp] [..192.168.12.67][44282] -> [...34.22.163.26][.7521] + detected: [.....5] [ip4][..udp] [..192.168.12.67][44282] -> [...34.22.163.26][.7521] [Blizzard][GoogleCloud][Game][Fun] + RISK: Known Proto on Non Std Port + update: [.....4] [ip4][..udp] [..192.168.12.67][.1120] -> [...34.171.17.90][50000] [Blizzard][GoogleCloud][Game][Fun] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: [Processed: 109 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + new: [.....6] [ip4][..tcp] [..192.168.1.117][50015] -> [..66.40.180.215][.3724] + detected: [.....6] [ip4][..tcp] [..192.168.1.117][50015] -> [..66.40.180.215][.3724] [WorldOfWarcraft][Blizzard][Game][Fun] + idle: [.....5] [ip4][..udp] [..192.168.12.67][44282] -> [...34.22.163.26][.7521] [Blizzard][GoogleCloud][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....4] [ip4][..udp] [..192.168.12.67][.1120] -> [...34.171.17.90][50000] [Blizzard][GoogleCloud][Game][Fun] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: [Processed: 140 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + new: [.....7] [ip4][..tcp] [..192.168.1.117][60378] -> [..66.40.191.253][.3724] + detected: [.....7] [ip4][..tcp] [..192.168.1.117][60378] -> [..66.40.191.253][.3724] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + new: [.....8] [ip4][..udp] [..192.168.1.117][63711] -> [..137.221.72.99][29523] + detected: [.....8] [ip4][..udp] [..192.168.1.117][63711] -> [..137.221.72.99][29523] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + end: [.....6] [ip4][..tcp] [..192.168.1.117][50015] -> [..66.40.180.215][.3724] [WorldOfWarcraft][Blizzard][Game][Fun] + new: [.....9] [ip4][..udp] [..192.168.1.117][58787] -> [.137.221.82.101][29503] + detected: [.....9] [ip4][..udp] [..192.168.1.117][58787] -> [.137.221.82.101][29503] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....7] [ip4][..tcp] [..192.168.1.117][60378] -> [..66.40.191.253][.3724] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....9] [ip4][..udp] [..192.168.1.117][58787] -> [.137.221.82.101][29503] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + idle: [.....8] [ip4][..udp] [..192.168.1.117][63711] -> [..137.221.72.99][29523] [Blizzard][Blizzard][Game][Fun] + RISK: Known Proto on Non Std Port + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/cloudflare-warp.pcap.out b/test/results/flow-info/default/cloudflare-warp.pcap.out index 3e8ece335..b5d5f02af 100644 --- a/test/results/flow-info/default/cloudflare-warp.pcap.out +++ b/test/results/flow-info/default/cloudflare-warp.pcap.out @@ -4,6 +4,7 @@ new: [.....1] [ip4][..tcp] [..10.158.134.93][55512] -> [.142.251.42.106][..443] [MIDSTREAM] new: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] detected: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy new: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] detected: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] [TLS.FacebookMessenger][Facebook][Chat][Acceptable][mqtt-mini.facebook.com] RISK: TLS (probably) Not Carrying HTTPS @@ -29,6 +30,7 @@ idle: [.....8] [ip4][..tcp] [.......10.8.0.1][43600] -> [172.217.194.188][.5228] idle: [.....9] [ip4][..udp] [...192.168.1.84][60555] -> [..162.159.192.7][.2408] [CloudflareWarp][CloudflareWarp][VPN][Acceptable] idle: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy idle: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] [TLS.GoogleServices][Google][Web][Acceptable] idle: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][Cloudflare][VPN][Acceptable] idle: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][Cloudflare][VPN][Acceptable] diff --git a/test/results/flow-info/default/custom_rules_ipv6.pcapng.out b/test/results/flow-info/default/custom_rules_ipv6.pcapng.out index ba275aea8..7d20f9d00 100644 --- a/test/results/flow-info/default/custom_rules_ipv6.pcapng.out +++ b/test/results/flow-info/default/custom_rules_ipv6.pcapng.out @@ -8,7 +8,7 @@ detected: [.....2] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][..100] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][.1991] [DTLS][Unknown][Web][Safe] new: [.....3] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][36098] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][50621] detected: [.....3] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][36098] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][50621] [DTLS][Unknown][Web][Safe] - not-detected: [.....1] [ip6][..udp] [.........3ffe:507::1:200:86ff:fe05:80da][21554] -> [......................3ffe:501:4819::42][.5333] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip6][..udp] [.........3ffe:507::1:200:86ff:fe05:80da][21554] -> [......................3ffe:501:4819::42][.5333] [Unknown][Unknown][Unspecified][Unrated] idle: [.....1] [ip6][..udp] [.........3ffe:507::1:200:86ff:fe05:80da][21554] -> [......................3ffe:501:4819::42][.5333] DAEMON-EVENT: [Processed: 4 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 0] @@ -17,13 +17,13 @@ new: [.....6] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] new: [.....7] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] idle: [.....2] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][..100] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][.1991] [DTLS][Unknown][Web][Safe] - not-detected: [.....6] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] [Unknown][Unknown][Unrated] + not-detected: [.....6] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] [Unknown][Unknown][Unspecified][Unrated] idle: [.....6] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] - not-detected: [.....5] [ip6][..udp] [..............fe80::76ac:b9ff:fedd:a1e2][12719] -> [................................ff02::1][26993] [Unknown][Unknown][Unrated] + not-detected: [.....5] [ip6][..udp] [..............fe80::76ac:b9ff:fedd:a1e2][12719] -> [................................ff02::1][26993] [Unknown][Unknown][Unspecified][Unrated] idle: [.....5] [ip6][..udp] [..............fe80::76ac:b9ff:fedd:a1e2][12719] -> [................................ff02::1][26993] - not-detected: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12719] -> [................................ff02::1][26993] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12719] -> [................................ff02::1][26993] [Unknown][Unknown][Unspecified][Unrated] idle: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12719] -> [................................ff02::1][26993] - not-detected: [.....7] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] [Unknown][Unknown][Unrated] + not-detected: [.....7] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] [Unknown][Unknown][Unspecified][Unrated] idle: [.....7] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] idle: [.....3] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][36098] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][50621] [DTLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out b/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out index 5950bc3a0..d56a87a2e 100644 --- a/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out +++ b/test/results/flow-info/default/custom_rules_same-ip_multiple_ports.pcapng.out @@ -9,10 +9,10 @@ guessed: [.....1] [ip4][..tcp] [..192.168.1.245][56866] -> [........3.3.3.3][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.1.245][56866] -> [........3.3.3.3][..443] - not-detected: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] [Unknown][Unknown][Unrated] + not-detected: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [..192.168.1.245][58288] -> [........3.3.3.3][..446] - not-detected: [.....2] [ip4][..tcp] [..192.168.1.245][59682] -> [........3.3.3.3][..444] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip4][..tcp] [..192.168.1.245][59682] -> [........3.3.3.3][..444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..192.168.1.245][59682] -> [........3.3.3.3][..444] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dns2.pcap.out b/test/results/flow-info/default/dns2.pcap.out index ab5c61670..f7fe1474c 100644 --- a/test/results/flow-info/default/dns2.pcap.out +++ b/test/results/flow-info/default/dns2.pcap.out @@ -4,7 +4,6 @@ new: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] detected: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] detection-update: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] - RISK: Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] idle: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dns_fragmented.pcap.out b/test/results/flow-info/default/dns_fragmented.pcap.out index 683b88256..50aa17bc6 100644 --- a/test/results/flow-info/default/dns_fragmented.pcap.out +++ b/test/results/flow-info/default/dns_fragmented.pcap.out @@ -80,8 +80,6 @@ new: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] detected: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Unknown][Network][Acceptable][weberlab.de] detection-update: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Unknown][Network][Acceptable][weberlab.de] - RISK: Unidirectional Traffic - detection-update: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Unknown][Network][Acceptable][weberlab.de] RISK: Large DNS Packet (512+ bytes), Fragmented DNS Message ERROR-EVENT: nDPI IPv6/L4 payload detection failed [1/16] new: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] diff --git a/test/results/flow-info/default/dns_retransmissions.pcap.out b/test/results/flow-info/default/dns_retransmissions.pcap.out index 00c4910b5..1dfda7640 100644 --- a/test/results/flow-info/default/dns_retransmissions.pcap.out +++ b/test/results/flow-info/default/dns_retransmissions.pcap.out @@ -4,7 +4,5 @@ new: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] detected: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] detection-update: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] - RISK: Unidirectional Traffic - detection-update: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] idle: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dropbox.pcap.out b/test/results/flow-info/default/dropbox.pcap.out index c4711778a..8d2793d4f 100644 --- a/test/results/flow-info/default/dropbox.pcap.out +++ b/test/results/flow-info/default/dropbox.pcap.out @@ -54,16 +54,10 @@ new: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] detected: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client.dropbox.com] detection-update: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client.dropbox.com] - RISK: Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client.dropbox.com] new: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] detected: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client-cf.dropbox.com] - detection-update: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client-cf.dropbox.com] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] detected: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][d.dropbox.com] - detection-update: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][d.dropbox.com] - RISK: Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][client-cf.dropbox.com] detection-update: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][d.dropbox.com] idle: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] @@ -73,9 +67,6 @@ new: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] detected: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][log.getdropbox.com] detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][log.getdropbox.com] - RISK: Unidirectional Traffic - detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][log.getdropbox.com] - RISK: Unidirectional Traffic detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][log.getdropbox.com] new: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] detected: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] @@ -84,10 +75,8 @@ new: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] detected: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][notify.dropbox.com] detection-update: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][notify.dropbox.com] - RISK: Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][notify.dropbox.com] DAEMON-EVENT: [Processed: 836 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 7 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 11|updates: 0] + DAEMON-EVENT: [Flows][active: 7 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 0] new: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] detected: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] diff --git a/test/results/flow-info/default/dtls.pcap.out b/test/results/flow-info/default/dtls.pcap.out index cc3a903be..b9805feea 100644 --- a/test/results/flow-info/default/dtls.pcap.out +++ b/test/results/flow-info/default/dtls.pcap.out @@ -5,7 +5,7 @@ detected: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Unknown][Web][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] ERROR-EVENT: Unknown packet type [1/16] @@ -22,5 +22,5 @@ idle: [.....2] [ip4][..udp] [......127.0.0.1][40983] -> [......127.0.0.1][11111] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn idle: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Unknown][Web][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dtls2.pcap.out b/test/results/flow-info/default/dtls2.pcap.out index 3f36e919f..6f2a19214 100644 --- a/test/results/flow-info/default/dtls2.pcap.out +++ b/test/results/flow-info/default/dtls2.pcap.out @@ -4,18 +4,18 @@ new: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] detected: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - detection-update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + detection-update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - idle: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + idle: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS.RockstarGames][Unknown][Game][Fun] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dtls_certificate_fragments.pcap.out b/test/results/flow-info/default/dtls_certificate_fragments.pcap.out index 760275d80..2c54e99b3 100644 --- a/test/results/flow-info/default/dtls_certificate_fragments.pcap.out +++ b/test/results/flow-info/default/dtls_certificate_fragments.pcap.out @@ -14,7 +14,7 @@ detected: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] [DTLS][Discord][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] [DTLS][Discord][Web][Safe] - RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] [DTLS][Discord][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] [DTLS.Discord][Discord][Collaborative][Fun] diff --git a/test/results/flow-info/default/dtls_old_version.pcapng.out b/test/results/flow-info/default/dtls_old_version.pcapng.out index 26349b553..9e3c8548f 100644 --- a/test/results/flow-info/default/dtls_old_version.pcapng.out +++ b/test/results/flow-info/default/dtls_old_version.pcapng.out @@ -5,10 +5,6 @@ detected: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] - RISK: Obsolete TLS (v1.1 or older) - detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher diff --git a/test/results/flow-info/default/elf.pcap.out b/test/results/flow-info/default/elf.pcap.out index 98eb41eb7..c6c91e305 100644 --- a/test/results/flow-info/default/elf.pcap.out +++ b/test/results/flow-info/default/elf.pcap.out @@ -3,10 +3,10 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [......127.0.0.1][60150] -> [......127.0.0.1][33333] new: [.....2] [ip4][..tcp] [......127.0.0.1][41150] -> [......127.0.0.1][33333] - not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][41150] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][41150] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Binary App Transfer end: [.....2] [ip4][..tcp] [......127.0.0.1][41150] -> [......127.0.0.1][33333] - not-detected: [.....1] [ip4][..udp] [......127.0.0.1][60150] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..udp] [......127.0.0.1][60150] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Binary App Transfer, Unidirectional Traffic idle: [.....1] [ip4][..udp] [......127.0.0.1][60150] -> [......127.0.0.1][33333] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/encrypted_sni.pcap.out b/test/results/flow-info/default/encrypted_sni.pcap.out index fdd145143..8777061ea 100644 --- a/test/results/flow-info/default/encrypted_sni.pcap.out +++ b/test/results/flow-info/default/encrypted_sni.pcap.out @@ -3,17 +3,17 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch new: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch new: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/false_positives.pcapng.out b/test/results/flow-info/default/false_positives.pcapng.out index 67348709b..5f0d30d9b 100644 --- a/test/results/flow-info/default/false_positives.pcapng.out +++ b/test/results/flow-info/default/false_positives.pcapng.out @@ -47,7 +47,16 @@ DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [.192.168.12.156][37649] -> [..57.128.172.97][.9981] idle: [.....1][.107] [ip4][..udp] [...10.126.70.67][23784] -> [...10.236.7.225][50160] [RTP][Unknown][Media][Acceptable] - not-detected: [.....2] [ip4][..udp] [.192.168.12.156][37649] -> [..57.128.172.97][.9981] [Unknown][Unknown][Unrated] + DAEMON-EVENT: [Processed: 36 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....3][..77] [ip4][..tcp] [..91.238.181.21][35888] -> [....89.31.79.12][.3389] + detected: [.....3][..77] [ip4][..tcp] [..91.238.181.21][35888] -> [....89.31.79.12][.3389] [RDP][Unknown][RemoteAccess][Acceptable] + RISK: Desktop/File Sharing + detection-update: [.....3][..77] [ip4][..tcp] [..91.238.181.21][35888] -> [....89.31.79.12][.3389] [TLS.RDP][Unknown][RemoteAccess][Acceptable][] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing, TLS Susp Extn, Non-Printable/Invalid Chars Detected, Possible Exploit Attempt + idle: [.....3][..77] [ip4][..tcp] [..91.238.181.21][35888] -> [....89.31.79.12][.3389] [TLS.RDP][Unknown][RemoteAccess][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing, TLS Susp Extn, Non-Printable/Invalid Chars Detected, Possible Exploit Attempt + not-detected: [.....2] [ip4][..udp] [.192.168.12.156][37649] -> [..57.128.172.97][.9981] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [.....2] [ip4][..udp] [.192.168.12.156][37649] -> [..57.128.172.97][.9981] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ftp.pcap.out b/test/results/flow-info/default/ftp.pcap.out index 7c206dee2..e39c8c2b9 100644 --- a/test/results/flow-info/default/ftp.pcap.out +++ b/test/results/flow-info/default/ftp.pcap.out @@ -27,8 +27,8 @@ [IATS(ms)....: 28.8,28.8,29.6,29.6,0.3,0.3,0.6,0.6,0.3,0.5,0.8,0.4,0.4,0.1,0.3,0.0,0.4,0.0,0.3,27.5,27.8,0.2,0.2,1.7,0.1,0.0,1.8,1.9,1.9,0.2,1.8] [PKTLENS.....: 64,60,52,1492,64,1492,52,1492,52,1492,1492,52,1492,52,1492,1492,1492,52,52,1492,1492,52,1492,52,1492,1492,52,52,1492,52,1492,1492] [ENTROPIES...: 4.3,5.3,4.9,0.4,5.0,0.4,5.0,0.4,4.8,0.4,0.4,4.9,0.4,4.8,0.4,0.4,0.4,4.9,4.8,0.4,0.4,4.9,0.4,4.8,0.4,0.4,5.2,5.0,0.4,4.8,0.4,0.4] - not-detected: [.....3] [ip4][..tcp] [..192.168.1.212][50696] -> [...90.130.70.73][24523] [Unknown][Unknown][Unrated] - idle: [.....3] [ip4][..tcp] [..192.168.1.212][50696] -> [...90.130.70.73][24523] [Unknown][Unknown][Unrated] + not-detected: [.....3] [ip4][..tcp] [..192.168.1.212][50696] -> [...90.130.70.73][24523] [Unknown][Unknown][Unspecified][Unrated] + idle: [.....3] [ip4][..tcp] [..192.168.1.212][50696] -> [...90.130.70.73][24523] [Unknown][Unknown][Unspecified][Unrated] end: [.....2] [ip4][..tcp] [..192.168.1.212][50695] -> [...90.130.70.73][25685] [FTP_DATA][Unknown][Download][Acceptable] end: [.....1] [ip4][..tcp] [..192.168.1.212][50694] -> [...90.130.70.73][...21] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Clear-Text Credentials diff --git a/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out b/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out index 3cc19b520..596013478 100644 --- a/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out +++ b/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out @@ -19,7 +19,6 @@ ERROR-EVENT: Unknown packet type [1/16] new: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] detection-update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] detected: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] detection-update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -29,11 +28,9 @@ detected: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] new: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] detected: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] detection-update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyber?ity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] new: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] detected: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -57,12 +54,11 @@ update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] detected: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ftp.ecite?e.com] RISK: Non-Printable/Invalid Chars Detected @@ -104,8 +100,6 @@ detected: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] detected: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] update: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] update: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -119,14 +113,12 @@ update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] - RISK: Unidirectional Traffic new: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] detected: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] new: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] @@ -134,7 +126,7 @@ detected: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp._s?.cybercity.dk] RISK: Non-Printable/Invalid Chars Detected detection-update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] new: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] detected: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable][_zip._udp.sip.cybercity.dk] @@ -167,30 +159,28 @@ RISK: Unsafe Protocol update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] - not-detected: [....41] [ip4][..tcp] [....192.168.1.2][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unrated] + not-detected: [....41] [ip4][..tcp] [....192.168.1.2][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic end: [....41] [ip4][..tcp] [....192.168.1.2][.2721] -> [..147.234.1.253][58999] guessed: [....23] [ip4][..tcp] [....192.168.1.2][.2720] -> [..147.234.1.253][...21] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol end: [....23] [ip4][..tcp] [....192.168.1.2][.2720] -> [..147.234.1.253][...21] - not-detected: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] [Unknown][Unknown][Unrated] + not-detected: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] idle: [....16] [ip4][..udp] [..208.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - not-detected: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] [Unknown][Unknown][Unrated] + not-detected: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] idle: [....17] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.251][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] @@ -199,12 +189,11 @@ idle: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - not-detected: [....15] [ip4][..udp] [....192.168.1.1][.9587] -> [....192.168.1.2][..156] [Unknown][Unknown][Unrated] + not-detected: [....15] [ip4][..udp] [....192.168.1.1][.9587] -> [....192.168.1.2][..156] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [....192.168.1.1][.9587] -> [....192.168.1.2][..156] update: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] @@ -217,10 +206,9 @@ update: [....22] [ip4][..udp] [....192.168.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] update: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] @@ -230,8 +218,6 @@ new: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] detected: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] - detection-update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected idle: [....22] [ip4][..udp] [....192.168.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -243,10 +229,9 @@ update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] update: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] @@ -262,31 +247,27 @@ detected: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable][_sip._udp.sip.cybercity.dk] idle: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable] detection-update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberxity.dk] - RISK: Unidirectional Traffic detection-update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic detection-update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] detected: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] new: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] detected: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] - not-detected: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] [Unknown][Unknown][Unrated] + not-detected: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] guessed: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] [NetBIOS][Unknown][System][Acceptable][] + RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] idle: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-adds.arpa] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] idle: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_dom] update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] detected: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] @@ -295,9 +276,7 @@ new: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] detected: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic - detection-update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] @@ -307,11 +286,9 @@ update: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] update: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] @@ -323,8 +300,6 @@ detected: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercitu.dk] new: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] detected: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] detected: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] @@ -334,10 +309,10 @@ detected: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberci_s] RISK: Non-Printable/Invalid Chars Detected detection-update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [1/16] detection-update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] new: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] detected: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -345,13 +320,11 @@ detected: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] new: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] detected: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] - detection-update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] update: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -362,15 +335,12 @@ update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] update: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] ERROR-EVENT: Unknown packet type [1/16] @@ -380,22 +350,19 @@ update: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] detected: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] detected: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] - not-detected: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] idle: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_dom] idle: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -409,13 +376,10 @@ new: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] detected: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp._s?p.brvjula.net] RISK: Non-Printable/Invalid Chars Detected - detection-update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.voip.brujula.net] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] idle: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] update: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -425,9 +389,7 @@ update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] @@ -439,19 +401,17 @@ new: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] detected: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] - detection-update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic detected: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic detection-update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected guessed: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] [NetBIOS][Unknown][System][Acceptable][] idle: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] idle: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] detected: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -461,23 +421,20 @@ ERROR-EVENT: Unknown packet type [1/16] new: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] detected: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.voip.brujula.net] - detection-update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.voip.brujula.net] - RISK: Unidirectional Traffic new: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] detected: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.voip.brujula.net] detection-update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.voip.brujula.net] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet detection-update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.vo_s] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] new: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] detected: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -487,8 +444,6 @@ RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] detected: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] detected: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] new: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] @@ -508,12 +463,9 @@ update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected new: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] @@ -528,23 +480,23 @@ update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [1/16] new: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] new: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] idle: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] idle: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] new: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] detected: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -555,32 +507,30 @@ update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] new: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] detected: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] detection-update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 241 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 63 / 109|skipped: 0|!detected: 6|guessed: 4|detection-updates: 32|updates: 178] + DAEMON-EVENT: [Flows][active: 63 / 109|skipped: 0|!detected: 6|guessed: 4|detection-updates: 21|updates: 178] new: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] detected: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_?ip._udp.sip.cybercit?.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected guessed: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] [NetBIOS][Unknown][System][Acceptable][] + RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] update: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -598,15 +548,13 @@ update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.527.in-addr.arpa] update: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port @@ -632,7 +580,7 @@ update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] new: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] @@ -644,22 +592,18 @@ new: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] detected: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.gybercity.dk] - RISK: Unidirectional Traffic - not-detected: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] [Unknown][Unknown][Unrated] + not-detected: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] idle: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] detected: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.sn-addr.arpa] @@ -667,7 +611,7 @@ idle: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] new: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] @@ -676,10 +620,8 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] ERROR-EVENT: Unknown packet type [4/16] detection-update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] idle: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] update: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -696,16 +638,15 @@ update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.527.in-addr.arpa] update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -717,12 +658,12 @@ new: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] detected: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet detection-update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.sk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown L3 protocol [2/16] - not-detected: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] idle: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -738,32 +679,27 @@ new: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] detected: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] ERROR-EVENT: Unknown packet type [5/16] - detection-update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic new: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] detection-update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.s?p.cibercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.s?p.cibercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] idle: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] new: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] detected: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -775,7 +711,6 @@ new: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] detected: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybe0city.dk] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] new: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] detected: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -783,7 +718,7 @@ idle: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -801,7 +736,6 @@ update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port new: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] @@ -814,7 +748,7 @@ detected: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] detection-update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -824,7 +758,6 @@ idle: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -832,7 +765,7 @@ update: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] new: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] @@ -846,7 +779,7 @@ update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] new: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] @@ -857,8 +790,6 @@ new: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] detected: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_doma] ERROR-EVENT: Unknown packet type [4/16] - detection-update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Unidirectional Traffic idle: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -872,20 +803,17 @@ update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] detected: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] new: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] @@ -897,20 +825,18 @@ update: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet new: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] detected: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - detection-update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic detection-update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] detected: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -918,10 +844,10 @@ update: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -942,38 +868,34 @@ update: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet new: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] detected: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet detection-update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet detection-update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] detected: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] detection-update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected guessed: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] idle: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d002465] update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] @@ -983,27 +905,26 @@ RISK: Non-Printable/Invalid Chars Detected idle: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] detected: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [1/16] detection-update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected guessed: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] idle: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1020,7 +941,7 @@ guessed: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] idle: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] idle: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] update: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_doma] @@ -1030,36 +951,33 @@ RISK: Malformed Packet update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] detected: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] new: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] detected: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic - not-detected: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + RISK: Malformed Packet + not-detected: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] guessed: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] idle: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d002465] update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected @@ -1074,14 +992,13 @@ RISK: Malformed Packet idle: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] @@ -1091,7 +1008,7 @@ new: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] new: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] detected: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybevcity.dk] - not-detected: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] [Unknown][Unknown][Unrated] + not-detected: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] idle: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1100,9 +1017,9 @@ update: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_doma] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1116,27 +1033,25 @@ new: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] detected: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Non-Printable/Invalid Chars Detected - detection-update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic detection-update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.?ip.kybermity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic - not-detected: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] [Unknown][Unknown][Unrated] + RISK: Non-Printable/Invalid Chars Detected + not-detected: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] idle: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - not-detected: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] [Unknown][Unknown][Unrated] + not-detected: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] update: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet new: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] detected: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] @@ -1155,14 +1070,14 @@ new: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] detected: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet detection-update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d002465] update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected @@ -1187,7 +1102,7 @@ idle: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_doma] idle: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d002465] idle: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -1195,9 +1110,9 @@ update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1219,9 +1134,9 @@ RISK: Non-Printable/Invalid Chars Detected update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1232,23 +1147,23 @@ update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.aspa] update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1264,11 +1179,11 @@ RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] idle: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected idle: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet @@ -1280,7 +1195,7 @@ update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.aspa] @@ -1289,10 +1204,10 @@ RISK: Non-Printable/Invalid Chars Detected update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1306,15 +1221,15 @@ update: [...172] [ip4][..udp] [....192.168.1.2][..137] -> [..192.194.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] - not-detected: [...162] [ip4][..udp] [..212.242.33.35][.9587] -> [....192.168.1.2][..196] [Unknown][Unknown][Unrated] + not-detected: [...162] [ip4][..udp] [..212.242.33.35][.9587] -> [....192.168.1.2][..196] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...162] [ip4][..udp] [..212.242.33.35][.9587] -> [....192.168.1.2][..196] - not-detected: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unrated] + not-detected: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] idle: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.aspa] idle: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet @@ -1324,6 +1239,7 @@ idle: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] guessed: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] [NetBIOS][Unknown][System][Acceptable][] + RISK: Unidirectional Traffic idle: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] update: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] update: [...179] [ip4][..udp] [....192.136.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][5ci_dombin] @@ -1336,10 +1252,10 @@ update: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1361,10 +1277,10 @@ detected: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] idle: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] new: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] detected: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] @@ -1375,7 +1291,7 @@ new: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] new: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] detected: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] - not-detected: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] idle: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1396,7 +1312,7 @@ guessed: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] - not-detected: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] [Unknown][Unknown][Unrated] + not-detected: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] update: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] @@ -1411,11 +1327,11 @@ update: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] update: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] DAEMON-EVENT: [Processed: 409 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 40 / 189|skipped: 0|!detected: 16|guessed: 14|detection-updates: 62|updates: 489] + DAEMON-EVENT: [Flows][active: 40 / 189|skipped: 0|!detected: 16|guessed: 14|detection-updates: 46|updates: 489] new: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] detected: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][re-.sippstar.com] detection-update: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][reg.sip?star.com] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] detection-update: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][reg.sippstar.com] RISK: Non-Printable/Invalid Chars Detected @@ -1437,21 +1353,16 @@ new: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] detected: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] detection-update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] - RISK: Unidirectional Traffic - detection-update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] - RISK: Unidirectional Traffic - detection-update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] detection-update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] detection-update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] new: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] detected: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.ak] detection-update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] detection-update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] update: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] @@ -1473,8 +1384,6 @@ update: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] update: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] - detection-update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [2/16] new: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] detected: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1484,7 +1393,7 @@ detected: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_s?p._udp.sip.cybercity.dk] RISK: Non-Printable/Invalid Chars Detected detection-update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] ERROR-EVENT: Unknown packet type [1/16] update: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] @@ -1510,8 +1419,6 @@ detected: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] detected: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyhercity.dk] - detection-update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic update: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] update: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] @@ -1519,7 +1426,7 @@ update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet new: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] @@ -1529,7 +1436,7 @@ detected: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] ERROR-EVENT: Unknown L3 protocol [1/16] detection-update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberc?ty.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] idle: [...183] [ip4][..udp] [...192.168.1.41][..137] -> [..107.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] idle: [...180] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][lab111] @@ -1538,9 +1445,8 @@ update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic detection-update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] idle: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] @@ -1551,14 +1457,14 @@ detected: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sim._udp.sip.c_ber_itm.dk] RISK: Non-Printable/Invalid Chars Detected detection-update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.c4bercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cxbercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected detection-update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.qk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic - not-detected: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] [Unknown][Unknown][Unrated] + RISK: Non-Printable/Invalid Chars Detected + not-detected: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] idle: [...182] [ip4][..udp] [...192.168.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] @@ -1572,7 +1478,7 @@ update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown packet type [1/16] new: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] detected: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable][] @@ -1580,8 +1486,6 @@ new: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] new: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] detected: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] @@ -1589,13 +1493,12 @@ update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [2/16] new: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] detected: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -1610,11 +1513,9 @@ new: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] detected: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udq.sip.mybercity.dk] detection-update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic detection-update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.nybercity.dk] - RISK: Unidirectional Traffic new: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] - not-detected: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unrated] + not-detected: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] idle: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] [DHCP][Unknown][Network][Acceptable][d002465] @@ -1624,10 +1525,9 @@ update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] detected: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet @@ -1644,17 +1544,15 @@ update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] detected: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyaercity.dk] detection-update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic detection-update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] idle: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][reg.sippstar.com] RISK: Non-Printable/Invalid Chars Detected @@ -1672,28 +1570,24 @@ update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] @@ -1713,8 +1607,8 @@ detected: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable][] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [6/16] detection-update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sib._udp.sip.cybercity.dk] - RISK: Malformed Packet, Unidirectional Traffic - not-detected: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + RISK: Malformed Packet + not-detected: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] idle: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] @@ -1722,18 +1616,18 @@ idle: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] update: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] update: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1745,23 +1639,21 @@ new: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] detected: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] detection-update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udq.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] new: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] new: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] detected: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] detection-update: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] new: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] ERROR-EVENT: Unknown packet type [2/16] detection-update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] idle: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected idle: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] new: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] detected: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.1?7.in-addr.arpa] @@ -1772,19 +1664,19 @@ new: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] detected: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] detection-update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - not-detected: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] [Unknown][Unknown][Unrated] + RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected + not-detected: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] [Unknown][Unknown][Unspecified][Unrated] idle: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] - not-detected: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] [Unknown][Unknown][Unrated] + not-detected: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] idle: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -1794,20 +1686,16 @@ update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] @@ -1819,30 +1707,29 @@ new: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] detected: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable] update: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet new: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] detected: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d00] RISK: Unsafe Protocol @@ -1853,17 +1740,16 @@ RISK: Non-Printable/Invalid Chars Detected idle: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] update: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] update: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] update: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] update: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] update: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected new: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] detected: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] new: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] @@ -1874,12 +1760,12 @@ detected: [...247] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.170.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberc?ty.dk] RISK: Non-Printable/Invalid Chars Detected ERROR-EVENT: Unknown L3 protocol [2/16] - not-detected: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unrated] + not-detected: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] - not-detected: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] [Unknown][Unknown][Unrated] + not-detected: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] [Unknown][Unknown][Unspecified][Unrated] idle: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] - not-detected: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] [Unknown][Unknown][Unrated] + not-detected: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] idle: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1887,7 +1773,7 @@ update: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected new: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] detected: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [...249] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2572] @@ -1898,12 +1784,11 @@ new: [...251] [ip4][..udp] [.....62.168.1.2][..137] -> [..192.168.1.255][..137] detected: [...251] [ip4][..udp] [.....62.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] idle: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] [Unknown][Unknown][Unrated] + not-detected: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -1913,19 +1798,15 @@ update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet update: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] new: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] detected: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - detection-update: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [...253] [ip4][..udp] [...192.168.54.2][.2829] -> [....192.168.1.1][...53] detected: [...253] [ip4][..udp] [...192.168.54.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -1933,17 +1814,15 @@ new: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] detected: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] detection-update: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] - RISK: Unidirectional Traffic new: [...255] [ip4][..udp] [....116.168.1.2][.2829] -> [....192.168.1.1][...53] detected: [...255] [ip4][..udp] [....116.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] idle: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - not-detected: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] [Unknown][Unknown][Unrated] + not-detected: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] idle: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet guessed: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] [SIP][Unknown][VoIP][Acceptable] @@ -1952,7 +1831,6 @@ update: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] update: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] update: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] update: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] update: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -1966,10 +1844,10 @@ update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected update: [...244] [ip4][..udp] [....192.168.1.2][.2826] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected detection-update: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] @@ -1985,13 +1863,13 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] detected: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] - not-detected: [....39] [ip4][..tcp] [....192.168.1.6][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unrated] + not-detected: [....39] [ip4][..tcp] [....192.168.1.6][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....39] [ip4][..tcp] [....192.168.1.6][.2721] -> [..147.234.1.253][58999] - not-detected: [....40] [ip4][..tcp] [...37.115.0.253][58999] -> [....192.168.1.2][.2721] [Unknown][Unknown][Unrated] + not-detected: [....40] [ip4][..tcp] [...37.115.0.253][58999] -> [....192.168.1.2][.2721] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....40] [ip4][..tcp] [...37.115.0.253][58999] -> [....192.168.1.2][.2721] - not-detected: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] [Unknown][Unknown][Unrated] + not-detected: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] guessed: [....31] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2208] [FTP_CONTROL][Unknown][Download][Unsafe] @@ -2012,33 +1890,32 @@ guessed: [....32] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2732] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....32] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2732] - not-detected: [....28] [ip4][..tcp] [..147.234.1.253][..120] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unrated] + not-detected: [....28] [ip4][..tcp] [..147.234.1.253][..120] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....28] [ip4][..tcp] [..147.234.1.253][..120] -> [....192.168.1.2][.2720] guessed: [....24] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.169.1.2][.2720] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....24] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.169.1.2][.2720] - not-detected: [....33] [ip4][..tcp] [..147.234.1.253][.1045] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unrated] + not-detected: [....33] [ip4][..tcp] [..147.234.1.253][.1045] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....33] [ip4][..tcp] [..147.234.1.253][.1045] -> [....192.168.1.2][.2720] - not-detected: [....30] [ip4][..tcp] [..147.234.1.249][.2069] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unrated] + not-detected: [....30] [ip4][..tcp] [..147.234.1.249][.2069] -> [....192.168.1.2][.2720] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....30] [ip4][..tcp] [..147.234.1.249][.2069] -> [....192.168.1.2][.2720] guessed: [....38] [ip4][..tcp] [....192.168.1.2][.2720] -> [..147.117.1.253][...21] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....38] [ip4][..tcp] [....192.168.1.2][.2720] -> [..147.117.1.253][...21] - not-detected: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] [Unknown][Unknown][Unrated] + not-detected: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] idle: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic - not-detected: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] [Unknown][Unknown][Unrated] + not-detected: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] - not-detected: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] [Unknown][Unknown][Unrated] + not-detected: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...236] [ip4][..udp] [....192.168.1.2][30000] -> [..214.242.33.36][40392] - not-detected: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] [Unknown][Unknown][Unrated] + not-detected: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] idle: [...239] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.234.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -2053,7 +1930,7 @@ idle: [....18] [ip4][..tcp] [....192.168.1.2][.2717] -> [..147.137.21.94][..445] idle: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - not-detected: [....42] [ip4][..tcp] [..147.234.1.253][58999] -> [....192.232.1.2][.2721] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..tcp] [..147.234.1.253][58999] -> [....192.232.1.2][.2721] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....42] [ip4][..tcp] [..147.234.1.253][58999] -> [....192.232.1.2][.2721] idle: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable] @@ -2064,7 +1941,7 @@ RISK: Unsafe Protocol guessed: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] [NetBIOS][Unknown][System][Acceptable][] idle: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] - not-detected: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unrated] + not-detected: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] idle: [...249] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2572] [DNS][Unknown][Network][Acceptable] @@ -2074,23 +1951,22 @@ idle: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet guessed: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] idle: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Non-Printable/Invalid Chars Detected idle: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected idle: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Fragmented DNS Message, Non-Printable/Invalid Chars Detected idle: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected idle: [...244] [ip4][..udp] [....192.168.1.2][.2826] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected idle: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -2100,7 +1976,6 @@ idle: [...253] [ip4][..udp] [...192.168.54.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet idle: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] idle: [...256] [ip4][..udp] [....192.168.1.2][.2831] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] idle: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -2112,7 +1987,7 @@ guessed: [....43] [ip4][..tcp] [.....37.115.0.2][.2639] -> [..147.234.1.253][...21] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....43] [ip4][..tcp] [.....37.115.0.2][.2639] -> [..147.234.1.253][...21] - not-detected: [....29] [ip4][..tcp] [..147.234.1.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....29] [ip4][..tcp] [..147.234.1.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....29] [ip4][..tcp] [..147.234.1.170][43690] -> [170.170.170.170][43690] guessed: [....26] [ip4][..tcp] [..147.234.1.253][...21] -> [......192.2.1.2][.2720] [FTP_CONTROL][Unknown][Download][Unsafe] diff --git a/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out index c9b8fb1cb..648247965 100644 --- a/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out +++ b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out @@ -64,9 +64,7 @@ new: [....33] [ip4][..tcp] [.....172.20.3.5][...80] -> [...172.20.35.13][53136] new: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [MIDSTREAM] detected: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5] - RISK: Unidirectional Traffic new: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [MIDSTREAM] - detection-update: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5] new: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80] [MIDSTREAM] ERROR-EVENT: Unknown packet type [2/16] new: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] @@ -80,10 +78,10 @@ guessed: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] - not-detected: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5] [Unknown][Unknown][Unrated] + not-detected: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5] - not-detected: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] idle: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690] guessed: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [HTTP][Cloudflare][Web][Acceptable][] RISK: Susp Entropy, Unidirectional Traffic @@ -107,7 +105,7 @@ end: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601] [HTTP][Unknown][Web][Acceptable] end: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13] RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI - not-detected: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] [Unknown][Unknown][Unrated] + not-detected: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] guessed: [....16] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.82.5][.2603] [HTTP][Unknown][Web][Acceptable][] @@ -151,7 +149,7 @@ guessed: [....26] [ip4][..tcp] [....172.52.3.13][...80] -> [.....172.20.3.5][.2093] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....26] [ip4][..tcp] [....172.52.3.13][...80] -> [.....172.20.3.5][.2093] - not-detected: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unrated] + not-detected: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170] guessed: [.....8] [ip4][..tcp] [......172.6.3.5][...80] -> [....172.20.3.13][53132] [HTTP][Unknown][Web][Acceptable][] diff --git a/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out b/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out index cf3a30060..7884ff8b3 100644 --- a/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out +++ b/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out @@ -37,7 +37,7 @@ new: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] - not-detected: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] update: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] @@ -46,7 +46,7 @@ update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] update: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29270] [Radius][Unknown][Network][Acceptable] - not-detected: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] [Unknown][Unknown][Unrated] + not-detected: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] update: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] @@ -59,11 +59,11 @@ new: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] detected: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] [Radius][Unknown][Network][Acceptable] ERROR-EVENT: Unknown packet type [1/16] - not-detected: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] [Unknown][Unknown][Unrated] + not-detected: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] idle: [.....8] [ip4][..udp] [.....10.4.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] idle: [.....9] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29270] [Radius][Unknown][Network][Acceptable] @@ -115,10 +115,10 @@ new: [....21] [ip4][..udp] [..198.157.25.53][.1812] -> [....10.12.64.30][29200] detected: [....21] [ip4][..udp] [..198.157.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] - not-detected: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] - not-detected: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] idle: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] [Radius][Unknown][Network][Acceptable] @@ -192,7 +192,7 @@ idle: [....27] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.56.64.30][.9472] [Radius][Unknown][Network][Acceptable] idle: [....24] [ip4][..udp] [..198.226.82.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] idle: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] idle: [....26] [ip4][..udp] [....10.12.64.30][30224] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] @@ -242,10 +242,10 @@ new: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] new: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] detected: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - not-detected: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] [Unknown][Unknown][Unrated] + not-detected: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] - not-detected: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] [Unknown][Unknown][Unrated] + not-detected: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] update: [....36] [ip4][..udp] [.....37.0.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] @@ -304,7 +304,7 @@ idle: [....35] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] idle: [....38] [ip4][..udp] [..198.226.25.62][.1812] -> [....10.12.64.30][29295] [Radius][Unknown][Network][Acceptable] idle: [....39] [ip4][..udp] [....10.12.64.30][29304] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] guessed: [....42] [ip4][..udp] [....10.12.64.30][29200] -> [..198.119.25.53][.1812] [Radius][Unknown][Network][Acceptable] @@ -316,11 +316,11 @@ ERROR-EVENT: Unknown packet type [2/16] idle: [....46] [ip4][..udp] [....10.76.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] idle: [....49] [ip4][..udp] [.....10.84.37.0][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [....47] [ip4][..udp] [..198.226.25.53][43690] -> [..10.12.170.170][43690] [Unknown][Unknown][Unrated] + not-detected: [....47] [ip4][..udp] [..198.226.25.53][43690] -> [..10.12.170.170][43690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [..198.226.25.53][43690] -> [..10.12.170.170][43690] idle: [....48] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.112.30][29200] [Radius][Unknown][Network][Acceptable] - not-detected: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] idle: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] @@ -406,7 +406,7 @@ update: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] new: [....72] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.21][.1812] detected: [....72] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.21][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] [Unknown][Unknown][Unrated] + not-detected: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] update: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] @@ -417,7 +417,7 @@ update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] update: [....66] [ip4][..udp] [....10.12.64.30][29232] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] ERROR-EVENT: Unknown L3 protocol [1/16] - not-detected: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] idle: [....65] [ip4][..udp] [.....198.7.9.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] @@ -436,7 +436,7 @@ idle: [....66] [ip4][..udp] [....10.12.64.30][29232] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [....88.12.80.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] idle: [....71] [ip4][..udp] [....10.12.64.30][29289] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - not-detected: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] update: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] @@ -455,7 +455,7 @@ detected: [....77] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] new: [....78] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][21008] detected: [....78] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][21008] [Radius][Unknown][Network][Acceptable] - not-detected: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unrated] + not-detected: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] @@ -464,16 +464,16 @@ ERROR-EVENT: Unknown packet type [2/16] idle: [....78] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][21008] [Radius][Unknown][Network][Acceptable] idle: [....76] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][22544] [Radius][Unknown][Network][Acceptable] - not-detected: [....75] [ip4][..udp] [....57.12.64.30][29200] -> [..198.226.25.53][28948] [Unknown][Unknown][Unrated] + not-detected: [....75] [ip4][..udp] [....57.12.64.30][29200] -> [..198.226.25.53][28948] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [....57.12.64.30][29200] -> [..198.226.25.53][28948] idle: [....73] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] idle: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] idle: [....77] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - not-detected: [....74] [ip4][..udp] [..198.226.25.53][.1814] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] + not-detected: [....74] [ip4][..udp] [..198.226.25.53][.1814] -> [....10.12.64.30][29200] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....74] [ip4][..udp] [..198.226.25.53][.1814] -> [....10.12.64.30][29200] - not-detected: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] [Unknown][Unknown][Unrated] + not-detected: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gearup_booster.pcap.out b/test/results/flow-info/default/gearup_booster.pcap.out new file mode 100644 index 000000000..0d155f226 --- /dev/null +++ b/test/results/flow-info/default/gearup_booster.pcap.out @@ -0,0 +1,589 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [...192.168.0.21][50374] -> [.129.227.37.102][.9999] + detected: [.....1] [ip4][..udp] [...192.168.0.21][50374] -> [.129.227.37.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [.....2] [ip4][..udp] [...192.168.0.21][59487] -> [.129.227.37.102][.9999] + detected: [.....2] [ip4][..udp] [...192.168.0.21][59487] -> [.129.227.37.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + update: [.....1] [ip4][..udp] [...192.168.0.21][50374] -> [.129.227.37.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + new: [.....3] [ip4][..tcp] [...192.168.3.23][37119] -> [.104.16.159.112][..443] + detected: [.....3] [ip4][..tcp] [...192.168.3.23][37119] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][mobile.booster.gearupportal.com] + detection-update: [.....3] [ip4][..tcp] [...192.168.3.23][37119] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][mobile.booster.gearupportal.com] + new: [.....4] [ip4][..tcp] [...192.168.3.23][42942] -> [..104.18.53.166][..443] + detected: [.....4] [ip4][..tcp] [...192.168.3.23][42942] -> [..104.18.53.166][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][abtest.sc.gearupportal.com] + detection-update: [.....4] [ip4][..tcp] [...192.168.3.23][42942] -> [..104.18.53.166][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][abtest.sc.gearupportal.com] + idle: [.....2] [ip4][..udp] [...192.168.0.21][59487] -> [.129.227.37.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [.....1] [ip4][..udp] [...192.168.0.21][50374] -> [.129.227.37.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [.....5] [ip4][..tcp] [...192.168.3.23][38726] -> [..104.18.50.182][..443] + detected: [.....5] [ip4][..tcp] [...192.168.3.23][38726] -> [..104.18.50.182][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][event.sc.gearupportal.com] + detection-update: [.....5] [ip4][..tcp] [...192.168.3.23][38726] -> [..104.18.50.182][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][event.sc.gearupportal.com] + new: [.....6] [ip4][..tcp] [...192.168.3.23][45668] -> [.104.16.159.112][..443] + detected: [.....6] [ip4][..tcp] [...192.168.3.23][45668] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][log.booster.gearupportal.com] + detection-update: [.....6] [ip4][..tcp] [...192.168.3.23][45668] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable][log.booster.gearupportal.com] + new: [.....7] [ip4][..tcp] [...192.168.3.23][43470] -> [...2.19.126.219][..443] + detected: [.....7] [ip4][..tcp] [...192.168.3.23][43470] -> [...2.19.126.219][..443] [TLS.GearUP_Booster][Unknown][VPN][Acceptable][file.booster.gearupportal.com] + detection-update: [.....7] [ip4][..tcp] [...192.168.3.23][43470] -> [...2.19.126.219][..443] [TLS.GearUP_Booster][Unknown][VPN][Acceptable][file.booster.gearupportal.com] + new: [.....8] [ip4][..udp] [...192.168.3.23][49183] -> [.18.162.179.244][.9999] + detected: [.....8] [ip4][..udp] [...192.168.3.23][49183] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [.....9] [ip4][..udp] [...192.168.3.23][45624] -> [.18.185.151.243][.9999] + detected: [.....9] [ip4][..udp] [...192.168.3.23][45624] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....10] [ip4][..udp] [...192.168.3.23][41825] -> [.20.237.164.226][.9999] + detected: [....10] [ip4][..udp] [...192.168.3.23][41825] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....11] [ip4][..udp] [...192.168.3.23][42089] -> [..23.90.141.118][.9999] + detected: [....11] [ip4][..udp] [...192.168.3.23][42089] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....12] [ip4][..udp] [...192.168.3.23][49987] -> [....98.98.151.3][.9999] + detected: [....12] [ip4][..udp] [...192.168.3.23][49987] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....13] [ip4][..udp] [...192.168.3.23][49995] -> [.18.185.151.243][.9999] + detected: [....13] [ip4][..udp] [...192.168.3.23][49995] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....14] [ip4][..udp] [...192.168.3.23][37686] -> [.34.176.100.180][.9999] + detected: [....14] [ip4][..udp] [...192.168.3.23][37686] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....15] [ip4][..udp] [...192.168.3.23][44547] -> [..23.90.172.130][.9999] + detected: [....15] [ip4][..udp] [...192.168.3.23][44547] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....16] [ip4][..udp] [...192.168.3.23][44799] -> [...34.88.73.160][.9999] + detected: [....16] [ip4][..udp] [...192.168.3.23][44799] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....17] [ip4][..udp] [...192.168.3.23][46763] -> [...52.77.92.200][.9999] + detected: [....17] [ip4][..udp] [...192.168.3.23][46763] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....18] [ip4][..udp] [...192.168.3.23][40390] -> [.18.162.179.244][.9999] + detected: [....18] [ip4][..udp] [...192.168.3.23][40390] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....19] [ip4][..udp] [...192.168.3.23][40581] -> [..3.114.197.210][.9999] + detected: [....19] [ip4][..udp] [...192.168.3.23][40581] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....20] [ip4][..udp] [...192.168.3.23][39478] -> [.129.227.244.38][.9999] + detected: [....20] [ip4][..udp] [...192.168.3.23][39478] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....21] [ip4][..udp] [...192.168.3.23][42921] -> [.18.162.179.244][.9999] + detected: [....21] [ip4][..udp] [...192.168.3.23][42921] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....22] [ip4][..udp] [...192.168.3.23][45553] -> [...3.24.157.167][.9999] + detected: [....22] [ip4][..udp] [...192.168.3.23][45553] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....23] [ip4][..udp] [...192.168.3.23][49487] -> [.194.110.134.13][.9999] + detected: [....23] [ip4][..udp] [...192.168.3.23][49487] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....24] [ip4][..udp] [...192.168.3.23][46317] -> [..34.155.128.54][.9999] + detected: [....24] [ip4][..udp] [...192.168.3.23][46317] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....25] [ip4][..udp] [...192.168.3.23][48039] -> [...34.88.73.160][.9999] + detected: [....25] [ip4][..udp] [...192.168.3.23][48039] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....26] [ip4][..udp] [...192.168.3.23][44605] -> [....98.98.151.3][.9999] + detected: [....26] [ip4][..udp] [...192.168.3.23][44605] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....27] [ip4][..udp] [...192.168.3.23][47189] -> [.15.181.194.202][.9999] + detected: [....27] [ip4][..udp] [...192.168.3.23][47189] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....28] [ip4][..udp] [...192.168.3.23][42764] -> [...101.46.59.21][.9999] + detected: [....28] [ip4][..udp] [...192.168.3.23][42764] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....29] [ip4][..udp] [...192.168.3.23][41680] -> [.34.176.100.180][.9999] + detected: [....29] [ip4][..udp] [...192.168.3.23][41680] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....30] [ip4][..udp] [...192.168.3.23][45941] -> [...52.77.92.200][.9999] + detected: [....30] [ip4][..udp] [...192.168.3.23][45941] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....31] [ip4][..udp] [...192.168.3.23][45045] -> [..34.100.183.43][.9999] + detected: [....31] [ip4][..udp] [...192.168.3.23][45045] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....32] [ip4][..udp] [...192.168.3.23][38961] -> [.176.97.192.194][.9999] + detected: [....32] [ip4][..udp] [...192.168.3.23][38961] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....33] [ip4][..udp] [...192.168.3.23][37783] -> [.15.181.194.202][.9999] + detected: [....33] [ip4][..udp] [...192.168.3.23][37783] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....34] [ip4][..udp] [...192.168.3.23][46392] -> [.35.201.213.182][.9999] + detected: [....34] [ip4][..udp] [...192.168.3.23][46392] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....35] [ip4][..udp] [...192.168.3.23][47617] -> [.40.115.242.242][.9999] + detected: [....35] [ip4][..udp] [...192.168.3.23][47617] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....36] [ip4][..udp] [...192.168.3.23][42726] -> [...52.77.92.200][.9999] + detected: [....36] [ip4][..udp] [...192.168.3.23][42726] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....37] [ip4][..udp] [...192.168.3.23][39220] -> [.35.201.213.182][.9999] + detected: [....37] [ip4][..udp] [...192.168.3.23][39220] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....38] [ip4][..udp] [...192.168.3.23][41692] -> [.20.195.224.215][.9999] + detected: [....38] [ip4][..udp] [...192.168.3.23][41692] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....39] [ip4][..udp] [...192.168.3.23][48743] -> [195.181.163.225][.9999] + detected: [....39] [ip4][..udp] [...192.168.3.23][48743] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....40] [ip4][..udp] [...192.168.3.23][43864] -> [..65.52.182.211][.9999] + detected: [....40] [ip4][..udp] [...192.168.3.23][43864] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....41] [ip4][..udp] [...192.168.3.23][48015] -> [.20.237.164.226][.9999] + detected: [....41] [ip4][..udp] [...192.168.3.23][48015] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....42] [ip4][..udp] [...192.168.3.23][37131] -> [..80.238.226.80][.9999] + detected: [....42] [ip4][..udp] [...192.168.3.23][37131] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....43] [ip4][..udp] [...192.168.3.23][44205] -> [..13.124.213.54][.9999] + detected: [....43] [ip4][..udp] [...192.168.3.23][44205] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....44] [ip4][..udp] [...192.168.3.23][37008] -> [.15.181.194.202][.9999] + detected: [....44] [ip4][..udp] [...192.168.3.23][37008] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....45] [ip4][..udp] [...192.168.3.23][49429] -> [..103.198.202.8][.9999] + detected: [....45] [ip4][..udp] [...192.168.3.23][49429] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....46] [ip4][..udp] [...192.168.3.23][44470] -> [.138.199.41.102][.9999] + detected: [....46] [ip4][..udp] [...192.168.3.23][44470] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....47] [ip4][..udp] [...192.168.3.23][39515] -> [..23.90.172.130][.9999] + detected: [....47] [ip4][..udp] [...192.168.3.23][39515] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....48] [ip4][..udp] [...192.168.3.23][43033] -> [.121.127.42.118][.9999] + detected: [....48] [ip4][..udp] [...192.168.3.23][43033] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....49] [ip4][..udp] [...192.168.3.23][48276] -> [...45.33.103.81][.9999] + detected: [....49] [ip4][..udp] [...192.168.3.23][48276] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....50] [ip4][..udp] [...192.168.3.23][48846] -> [...154.93.36.41][.9999] + detected: [....50] [ip4][..udp] [...192.168.3.23][48846] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....51] [ip4][..udp] [...192.168.3.23][39583] -> [.121.127.42.118][.9999] + detected: [....51] [ip4][..udp] [...192.168.3.23][39583] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....52] [ip4][..udp] [...192.168.3.23][47203] -> [..98.96.251.186][.9999] + detected: [....52] [ip4][..udp] [...192.168.3.23][47203] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....53] [ip4][..udp] [...192.168.3.23][38459] -> [.18.162.179.244][.9999] + detected: [....53] [ip4][..udp] [...192.168.3.23][38459] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....54] [ip4][..udp] [...192.168.3.23][43552] -> [.18.185.151.243][.9999] + detected: [....54] [ip4][..udp] [...192.168.3.23][43552] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....55] [ip4][..udp] [...192.168.3.23][42232] -> [.20.237.164.226][.9999] + detected: [....55] [ip4][..udp] [...192.168.3.23][42232] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....56] [ip4][..udp] [...192.168.3.23][40048] -> [..23.90.141.118][.9999] + detected: [....56] [ip4][..udp] [...192.168.3.23][40048] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....57] [ip4][..udp] [...192.168.3.23][43608] -> [....98.98.151.3][.9999] + detected: [....57] [ip4][..udp] [...192.168.3.23][43608] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....58] [ip4][..udp] [...192.168.3.23][49704] -> [.34.176.100.180][.9999] + detected: [....58] [ip4][..udp] [...192.168.3.23][49704] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....59] [ip4][..udp] [...192.168.3.23][46385] -> [.18.185.151.243][.9999] + detected: [....59] [ip4][..udp] [...192.168.3.23][46385] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....60] [ip4][..udp] [...192.168.3.23][37678] -> [..23.90.172.130][.9999] + detected: [....60] [ip4][..udp] [...192.168.3.23][37678] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....61] [ip4][..udp] [...192.168.3.23][48031] -> [...52.77.92.200][.9999] + detected: [....61] [ip4][..udp] [...192.168.3.23][48031] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....62] [ip4][..udp] [...192.168.3.23][38633] -> [...34.88.73.160][.9999] + detected: [....62] [ip4][..udp] [...192.168.3.23][38633] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....63] [ip4][..udp] [...192.168.3.23][38761] -> [.18.162.179.244][.9999] + detected: [....63] [ip4][..udp] [...192.168.3.23][38761] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....64] [ip4][..udp] [...192.168.3.23][39858] -> [..3.114.197.210][.9999] + detected: [....64] [ip4][..udp] [...192.168.3.23][39858] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....65] [ip4][..udp] [...192.168.3.23][46109] -> [.129.227.244.38][.9999] + detected: [....65] [ip4][..udp] [...192.168.3.23][46109] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....66] [ip4][..udp] [...192.168.3.23][38313] -> [.18.162.179.244][.9999] + detected: [....66] [ip4][..udp] [...192.168.3.23][38313] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....67] [ip4][..udp] [...192.168.3.23][43478] -> [...3.24.157.167][.9999] + detected: [....67] [ip4][..udp] [...192.168.3.23][43478] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....68] [ip4][..udp] [...192.168.3.23][39502] -> [.194.110.134.13][.9999] + detected: [....68] [ip4][..udp] [...192.168.3.23][39502] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....69] [ip4][..udp] [...192.168.3.23][39470] -> [..34.155.128.54][.9999] + detected: [....69] [ip4][..udp] [...192.168.3.23][39470] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....70] [ip4][..udp] [...192.168.3.23][40513] -> [...34.88.73.160][.9999] + detected: [....70] [ip4][..udp] [...192.168.3.23][40513] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....71] [ip4][..udp] [...192.168.3.23][40959] -> [.15.181.194.202][.9999] + detected: [....71] [ip4][..udp] [...192.168.3.23][40959] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....72] [ip4][..udp] [...192.168.3.23][49407] -> [...101.46.59.21][.9999] + detected: [....72] [ip4][..udp] [...192.168.3.23][49407] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....73] [ip4][..udp] [...192.168.3.23][41578] -> [...52.77.92.200][.9999] + detected: [....73] [ip4][..udp] [...192.168.3.23][41578] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....74] [ip4][..udp] [...192.168.3.23][43653] -> [..98.96.251.186][.9999] + detected: [....74] [ip4][..udp] [...192.168.3.23][43653] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....75] [ip4][..udp] [...192.168.3.23][44138] -> [..34.100.183.43][.9999] + detected: [....75] [ip4][..udp] [...192.168.3.23][44138] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....76] [ip4][..udp] [...192.168.3.23][43425] -> [.176.97.192.194][.9999] + detected: [....76] [ip4][..udp] [...192.168.3.23][43425] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....77] [ip4][..udp] [...192.168.3.23][45458] -> [.40.115.242.242][.9999] + detected: [....77] [ip4][..udp] [...192.168.3.23][45458] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....78] [ip4][..udp] [...192.168.3.23][49819] -> [.15.181.194.202][.9999] + detected: [....78] [ip4][..udp] [...192.168.3.23][49819] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....79] [ip4][..udp] [...192.168.3.23][48217] -> [.35.201.213.182][.9999] + detected: [....79] [ip4][..udp] [...192.168.3.23][48217] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....80] [ip4][..udp] [...192.168.3.23][41387] -> [.34.176.100.180][.9999] + detected: [....80] [ip4][..udp] [...192.168.3.23][41387] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....81] [ip4][..udp] [...192.168.3.23][49500] -> [...52.77.92.200][.9999] + detected: [....81] [ip4][..udp] [...192.168.3.23][49500] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....82] [ip4][..udp] [...192.168.3.23][45530] -> [195.181.163.225][.9999] + detected: [....82] [ip4][..udp] [...192.168.3.23][45530] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....83] [ip4][..udp] [...192.168.3.23][45875] -> [.35.201.213.182][.9999] + detected: [....83] [ip4][..udp] [...192.168.3.23][45875] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [....84] [ip4][..udp] [...192.168.3.23][38070] -> [..65.52.182.211][.9999] + detected: [....84] [ip4][..udp] [...192.168.3.23][38070] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....85] [ip4][..udp] [...192.168.3.23][43221] -> [..80.238.226.80][.9999] + detected: [....85] [ip4][..udp] [...192.168.3.23][43221] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....86] [ip4][..udp] [...192.168.3.23][39046] -> [.20.237.164.226][.9999] + detected: [....86] [ip4][..udp] [...192.168.3.23][39046] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....87] [ip4][..udp] [...192.168.3.23][40074] -> [.20.195.224.215][.9999] + detected: [....87] [ip4][..udp] [...192.168.3.23][40074] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....88] [ip4][..udp] [...192.168.3.23][39588] -> [..13.124.213.54][.9999] + detected: [....88] [ip4][..udp] [...192.168.3.23][39588] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....89] [ip4][..udp] [...192.168.3.23][46825] -> [.15.181.194.202][.9999] + detected: [....89] [ip4][..udp] [...192.168.3.23][46825] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [....90] [ip4][..udp] [...192.168.3.23][38354] -> [.....20.249.1.0][.9999] + detected: [....90] [ip4][..udp] [...192.168.3.23][38354] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [....91] [ip4][..udp] [...192.168.3.23][39572] -> [.138.199.41.102][.9999] + detected: [....91] [ip4][..udp] [...192.168.3.23][39572] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....92] [ip4][..udp] [...192.168.3.23][48774] -> [..103.198.202.8][.9999] + detected: [....92] [ip4][..udp] [...192.168.3.23][48774] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....93] [ip4][..udp] [...192.168.3.23][49818] -> [..23.90.172.130][.9999] + detected: [....93] [ip4][..udp] [...192.168.3.23][49818] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....94] [ip4][..udp] [...192.168.3.23][43269] -> [.121.127.42.118][.9999] + detected: [....94] [ip4][..udp] [...192.168.3.23][43269] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....95] [ip4][..udp] [...192.168.3.23][42026] -> [...45.33.103.81][.9999] + detected: [....95] [ip4][..udp] [...192.168.3.23][42026] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....96] [ip4][..udp] [...192.168.3.23][40633] -> [...154.93.36.41][.9999] + detected: [....96] [ip4][..udp] [...192.168.3.23][40633] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....97] [ip4][..udp] [...192.168.3.23][41111] -> [.121.127.42.118][.9999] + detected: [....97] [ip4][..udp] [...192.168.3.23][41111] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....98] [ip4][..udp] [...192.168.3.23][49542] -> [..98.96.251.186][.9999] + detected: [....98] [ip4][..udp] [...192.168.3.23][49542] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [....99] [ip4][..udp] [...192.168.3.23][39859] -> [.18.162.179.244][.9999] + detected: [....99] [ip4][..udp] [...192.168.3.23][39859] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...100] [ip4][..udp] [...192.168.3.23][39236] -> [.18.185.151.243][.9999] + detected: [...100] [ip4][..udp] [...192.168.3.23][39236] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...101] [ip4][..udp] [...192.168.3.23][41423] -> [.20.237.164.226][.9999] + detected: [...101] [ip4][..udp] [...192.168.3.23][41423] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...102] [ip4][..udp] [...192.168.3.23][38514] -> [..23.90.141.118][.9999] + detected: [...102] [ip4][..udp] [...192.168.3.23][38514] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...103] [ip4][..udp] [...192.168.3.23][39779] -> [.18.185.151.243][.9999] + detected: [...103] [ip4][..udp] [...192.168.3.23][39779] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...104] [ip4][..udp] [...192.168.3.23][41897] -> [....98.98.151.3][.9999] + detected: [...104] [ip4][..udp] [...192.168.3.23][41897] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...105] [ip4][..udp] [...192.168.3.23][49942] -> [.34.176.100.180][.9999] + detected: [...105] [ip4][..udp] [...192.168.3.23][49942] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...106] [ip4][..udp] [...192.168.3.23][43718] -> [..23.90.172.130][.9999] + detected: [...106] [ip4][..udp] [...192.168.3.23][43718] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...107] [ip4][..udp] [...192.168.3.23][48516] -> [...34.88.73.160][.9999] + detected: [...107] [ip4][..udp] [...192.168.3.23][48516] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...108] [ip4][..udp] [...192.168.3.23][45904] -> [...52.77.92.200][.9999] + detected: [...108] [ip4][..udp] [...192.168.3.23][45904] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...109] [ip4][..udp] [...192.168.3.23][49078] -> [.18.162.179.244][.9999] + detected: [...109] [ip4][..udp] [...192.168.3.23][49078] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...110] [ip4][..udp] [...192.168.3.23][48164] -> [..3.114.197.210][.9999] + detected: [...110] [ip4][..udp] [...192.168.3.23][48164] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...111] [ip4][..udp] [...192.168.3.23][48710] -> [.129.227.244.38][.9999] + detected: [...111] [ip4][..udp] [...192.168.3.23][48710] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...112] [ip4][..udp] [...192.168.3.23][40431] -> [.18.162.179.244][.9999] + detected: [...112] [ip4][..udp] [...192.168.3.23][40431] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...113] [ip4][..udp] [...192.168.3.23][46332] -> [...3.24.157.167][.9999] + detected: [...113] [ip4][..udp] [...192.168.3.23][46332] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...114] [ip4][..udp] [...192.168.3.23][39432] -> [..34.155.128.54][.9999] + detected: [...114] [ip4][..udp] [...192.168.3.23][39432] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...115] [ip4][..udp] [...192.168.3.23][45946] -> [.194.110.134.13][.9999] + detected: [...115] [ip4][..udp] [...192.168.3.23][45946] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...116] [ip4][..udp] [...192.168.3.23][48995] -> [...34.88.73.160][.9999] + detected: [...116] [ip4][..udp] [...192.168.3.23][48995] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...117] [ip4][..udp] [...192.168.3.23][47302] -> [.142.251.143.54][..443] + new: [...118] [ip4][..udp] [...192.168.3.23][39141] -> [...101.46.59.21][.9999] + detected: [...118] [ip4][..udp] [...192.168.3.23][39141] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...119] [ip4][..udp] [...192.168.3.23][45088] -> [.15.181.194.202][.9999] + detected: [...119] [ip4][..udp] [...192.168.3.23][45088] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...120] [ip4][..udp] [...192.168.3.23][49928] -> [...52.77.92.200][.9999] + detected: [...120] [ip4][..udp] [...192.168.3.23][49928] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...121] [ip4][..udp] [...192.168.3.23][48544] -> [..98.96.251.186][.9999] + detected: [...121] [ip4][..udp] [...192.168.3.23][48544] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...122] [ip4][..udp] [...192.168.3.23][49563] -> [..34.100.183.43][.9999] + detected: [...122] [ip4][..udp] [...192.168.3.23][49563] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...123] [ip4][..udp] [...192.168.3.23][42131] -> [.176.97.192.194][.9999] + detected: [...123] [ip4][..udp] [...192.168.3.23][42131] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...124] [ip4][..udp] [...192.168.3.23][37942] -> [.40.115.242.242][.9999] + detected: [...124] [ip4][..udp] [...192.168.3.23][37942] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...125] [ip4][..udp] [...192.168.3.23][44684] -> [.15.181.194.202][.9999] + detected: [...125] [ip4][..udp] [...192.168.3.23][44684] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...126] [ip4][..udp] [...192.168.3.23][48644] -> [.35.201.213.182][.9999] + detected: [...126] [ip4][..udp] [...192.168.3.23][48644] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...127] [ip4][..udp] [...192.168.3.23][49395] -> [.34.176.100.180][.9999] + detected: [...127] [ip4][..udp] [...192.168.3.23][49395] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...128] [ip4][..udp] [...192.168.3.23][48575] -> [.35.201.213.182][.9999] + detected: [...128] [ip4][..udp] [...192.168.3.23][48575] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...129] [ip4][..udp] [...192.168.3.23][45104] -> [..65.52.182.211][.9999] + detected: [...129] [ip4][..udp] [...192.168.3.23][45104] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...130] [ip4][..udp] [...192.168.3.23][46201] -> [...52.77.92.200][.9999] + detected: [...130] [ip4][..udp] [...192.168.3.23][46201] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...131] [ip4][..udp] [...192.168.3.23][40665] -> [195.181.163.225][.9999] + detected: [...131] [ip4][..udp] [...192.168.3.23][40665] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...132] [ip4][..udp] [...192.168.3.23][40083] -> [..80.238.226.80][.9999] + detected: [...132] [ip4][..udp] [...192.168.3.23][40083] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...133] [ip4][..udp] [...192.168.3.23][46603] -> [.20.195.224.215][.9999] + detected: [...133] [ip4][..udp] [...192.168.3.23][46603] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...134] [ip4][..udp] [...192.168.3.23][49305] -> [.20.237.164.226][.9999] + detected: [...134] [ip4][..udp] [...192.168.3.23][49305] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...135] [ip4][..udp] [...192.168.3.23][38445] -> [..13.124.213.54][.9999] + detected: [...135] [ip4][..udp] [...192.168.3.23][38445] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...136] [ip4][..udp] [...192.168.3.23][39270] -> [.15.181.194.202][.9999] + detected: [...136] [ip4][..udp] [...192.168.3.23][39270] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...137] [ip4][..udp] [...192.168.3.23][44304] -> [.138.199.41.102][.9999] + detected: [...137] [ip4][..udp] [...192.168.3.23][44304] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...138] [ip4][..udp] [...192.168.3.23][44266] -> [.....20.249.1.0][.9999] + detected: [...138] [ip4][..udp] [...192.168.3.23][44266] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...139] [ip4][..udp] [...192.168.3.23][47410] -> [..103.198.202.8][.9999] + detected: [...139] [ip4][..udp] [...192.168.3.23][47410] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...140] [ip4][..udp] [...192.168.3.23][38800] -> [..23.90.172.130][.9999] + detected: [...140] [ip4][..udp] [...192.168.3.23][38800] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...141] [ip4][..udp] [...192.168.3.23][47274] -> [.121.127.42.118][.9999] + detected: [...141] [ip4][..udp] [...192.168.3.23][47274] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...142] [ip4][..udp] [...192.168.3.23][39220] -> [...154.93.36.41][.9999] + detected: [...142] [ip4][..udp] [...192.168.3.23][39220] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...143] [ip4][..udp] [...192.168.3.23][42677] -> [...45.33.103.81][.9999] + detected: [...143] [ip4][..udp] [...192.168.3.23][42677] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...144] [ip4][..udp] [...192.168.3.23][47921] -> [.121.127.42.118][.9999] + detected: [...144] [ip4][..udp] [...192.168.3.23][47921] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...145] [ip4][..udp] [...192.168.3.23][49873] -> [..98.96.251.186][.9999] + detected: [...145] [ip4][..udp] [...192.168.3.23][49873] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...146] [ip4][..udp] [...192.168.3.23][41580] -> [.18.162.179.244][.9999] + detected: [...146] [ip4][..udp] [...192.168.3.23][41580] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...147] [ip4][..udp] [...192.168.3.23][49992] -> [.18.185.151.243][.9999] + detected: [...147] [ip4][..udp] [...192.168.3.23][49992] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...148] [ip4][..udp] [...192.168.3.23][46619] -> [.20.237.164.226][.9999] + detected: [...148] [ip4][..udp] [...192.168.3.23][46619] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...149] [ip4][..udp] [...192.168.3.23][41457] -> [..23.90.141.118][.9999] + detected: [...149] [ip4][..udp] [...192.168.3.23][41457] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...150] [ip4][..udp] [...192.168.3.23][43795] -> [....98.98.151.3][.9999] + detected: [...150] [ip4][..udp] [...192.168.3.23][43795] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...151] [ip4][..udp] [...192.168.3.23][42012] -> [.34.176.100.180][.9999] + detected: [...151] [ip4][..udp] [...192.168.3.23][42012] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...152] [ip4][..udp] [...192.168.3.23][38821] -> [..23.90.172.130][.9999] + detected: [...152] [ip4][..udp] [...192.168.3.23][38821] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...153] [ip4][..udp] [...192.168.3.23][44962] -> [.18.185.151.243][.9999] + detected: [...153] [ip4][..udp] [...192.168.3.23][44962] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...154] [ip4][..udp] [...192.168.3.23][39070] -> [...52.77.92.200][.9999] + detected: [...154] [ip4][..udp] [...192.168.3.23][39070] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...155] [ip4][..udp] [...192.168.3.23][39075] -> [.18.162.179.244][.9999] + detected: [...155] [ip4][..udp] [...192.168.3.23][39075] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...156] [ip4][..udp] [...192.168.3.23][43680] -> [..3.114.197.210][.9999] + detected: [...156] [ip4][..udp] [...192.168.3.23][43680] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...157] [ip4][..udp] [...192.168.3.23][37742] -> [.129.227.244.38][.9999] + detected: [...157] [ip4][..udp] [...192.168.3.23][37742] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...158] [ip4][..udp] [...192.168.3.23][43812] -> [.18.162.179.244][.9999] + detected: [...158] [ip4][..udp] [...192.168.3.23][43812] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...159] [ip4][..udp] [...192.168.3.23][42845] -> [...34.88.73.160][.9999] + detected: [...159] [ip4][..udp] [...192.168.3.23][42845] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...160] [ip4][..udp] [...192.168.3.23][49989] -> [...3.24.157.167][.9999] + detected: [...160] [ip4][..udp] [...192.168.3.23][49989] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...161] [ip4][..udp] [...192.168.3.23][37603] -> [.194.110.134.13][.9999] + detected: [...161] [ip4][..udp] [...192.168.3.23][37603] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...162] [ip4][..udp] [...192.168.3.23][48196] -> [..34.155.128.54][.9999] + detected: [...162] [ip4][..udp] [...192.168.3.23][48196] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...163] [ip4][..udp] [...192.168.3.23][39684] -> [...34.88.73.160][.9999] + detected: [...163] [ip4][..udp] [...192.168.3.23][39684] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...164] [ip4][..udp] [...192.168.3.23][39693] -> [....98.98.151.3][.9999] + detected: [...164] [ip4][..udp] [...192.168.3.23][39693] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...165] [ip4][..udp] [...192.168.3.23][49432] -> [.15.181.194.202][.9999] + detected: [...165] [ip4][..udp] [...192.168.3.23][49432] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...166] [ip4][..udp] [...192.168.3.23][43597] -> [..98.96.251.186][.9999] + detected: [...166] [ip4][..udp] [...192.168.3.23][43597] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...167] [ip4][..udp] [...192.168.3.23][43985] -> [...101.46.59.21][.9999] + detected: [...167] [ip4][..udp] [...192.168.3.23][43985] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...168] [ip4][..udp] [...192.168.3.23][38399] -> [..34.100.183.43][.9999] + detected: [...168] [ip4][..udp] [...192.168.3.23][38399] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...169] [ip4][..udp] [...192.168.3.23][39594] -> [.176.97.192.194][.9999] + detected: [...169] [ip4][..udp] [...192.168.3.23][39594] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...170] [ip4][..udp] [...192.168.3.23][44646] -> [...52.77.92.200][.9999] + detected: [...170] [ip4][..udp] [...192.168.3.23][44646] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...171] [ip4][..udp] [...192.168.3.23][44328] -> [.15.181.194.202][.9999] + detected: [...171] [ip4][..udp] [...192.168.3.23][44328] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...172] [ip4][..udp] [...192.168.3.23][38002] -> [.35.201.213.182][.9999] + detected: [...172] [ip4][..udp] [...192.168.3.23][38002] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...173] [ip4][..udp] [...192.168.3.23][48611] -> [.40.115.242.242][.9999] + detected: [...173] [ip4][..udp] [...192.168.3.23][48611] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...174] [ip4][..udp] [...192.168.3.23][43498] -> [.34.176.100.180][.9999] + detected: [...174] [ip4][..udp] [...192.168.3.23][43498] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...175] [ip4][..udp] [...192.168.3.23][47574] -> [.35.201.213.182][.9999] + detected: [...175] [ip4][..udp] [...192.168.3.23][47574] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + new: [...176] [ip4][..udp] [...192.168.3.23][47269] -> [..65.52.182.211][.9999] + detected: [...176] [ip4][..udp] [...192.168.3.23][47269] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...177] [ip4][..udp] [...192.168.3.23][39623] -> [195.181.163.225][.9999] + detected: [...177] [ip4][..udp] [...192.168.3.23][39623] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...178] [ip4][..udp] [...192.168.3.23][37972] -> [...52.77.92.200][.9999] + detected: [...178] [ip4][..udp] [...192.168.3.23][37972] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...179] [ip4][..udp] [...192.168.3.23][37747] -> [.20.195.224.215][.9999] + detected: [...179] [ip4][..udp] [...192.168.3.23][37747] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...180] [ip4][..udp] [...192.168.3.23][46852] -> [.20.237.164.226][.9999] + detected: [...180] [ip4][..udp] [...192.168.3.23][46852] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...181] [ip4][..udp] [...192.168.3.23][48934] -> [..80.238.226.80][.9999] + detected: [...181] [ip4][..udp] [...192.168.3.23][48934] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...182] [ip4][..udp] [...192.168.3.23][45605] -> [..13.124.213.54][.9999] + detected: [...182] [ip4][..udp] [...192.168.3.23][45605] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...183] [ip4][..udp] [...192.168.3.23][46702] -> [.15.181.194.202][.9999] + detected: [...183] [ip4][..udp] [...192.168.3.23][46702] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + new: [...184] [ip4][..udp] [...192.168.3.23][37181] -> [.138.199.41.102][.9999] + detected: [...184] [ip4][..udp] [...192.168.3.23][37181] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...185] [ip4][..udp] [...192.168.3.23][39378] -> [.....20.249.1.0][.9999] + detected: [...185] [ip4][..udp] [...192.168.3.23][39378] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + new: [...186] [ip4][..udp] [...192.168.3.23][38712] -> [..103.198.202.8][.9999] + detected: [...186] [ip4][..udp] [...192.168.3.23][38712] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...187] [ip4][..udp] [...192.168.3.23][41188] -> [.121.127.42.118][.9999] + detected: [...187] [ip4][..udp] [...192.168.3.23][41188] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...188] [ip4][..udp] [...192.168.3.23][45864] -> [...45.33.103.81][.9999] + detected: [...188] [ip4][..udp] [...192.168.3.23][45864] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...189] [ip4][..udp] [...192.168.3.23][45757] -> [..23.90.172.130][.9999] + detected: [...189] [ip4][..udp] [...192.168.3.23][45757] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...190] [ip4][..udp] [...192.168.3.23][46627] -> [.121.127.42.118][.9999] + detected: [...190] [ip4][..udp] [...192.168.3.23][46627] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...191] [ip4][..udp] [...192.168.3.23][43077] -> [...154.93.36.41][.9999] + detected: [...191] [ip4][..udp] [...192.168.3.23][43077] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + new: [...192] [ip4][..udp] [...192.168.3.23][41618] -> [..98.96.251.186][.9999] + detected: [...192] [ip4][..udp] [...192.168.3.23][41618] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...173] [ip4][..udp] [...192.168.3.23][48611] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...114] [ip4][..udp] [...192.168.3.23][39432] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....69] [ip4][..udp] [...192.168.3.23][39470] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...190] [ip4][..udp] [...192.168.3.23][46627] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....66] [ip4][..udp] [...192.168.3.23][38313] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...141] [ip4][..udp] [...192.168.3.23][47274] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....53] [ip4][..udp] [...192.168.3.23][38459] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....63] [ip4][..udp] [...192.168.3.23][38761] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...144] [ip4][..udp] [...192.168.3.23][47921] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...155] [ip4][..udp] [...192.168.3.23][39075] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....99] [ip4][..udp] [...192.168.3.23][39859] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....18] [ip4][..udp] [...192.168.3.23][40390] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...112] [ip4][..udp] [...192.168.3.23][40431] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....67] [ip4][..udp] [...192.168.3.23][43478] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....14] [ip4][..udp] [...192.168.3.23][37686] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...146] [ip4][..udp] [...192.168.3.23][41580] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....95] [ip4][..udp] [...192.168.3.23][42026] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....44] [ip4][..udp] [...192.168.3.23][37008] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...118] [ip4][..udp] [...192.168.3.23][39141] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...143] [ip4][..udp] [...192.168.3.23][42677] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....33] [ip4][..udp] [...192.168.3.23][37783] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....84] [ip4][..udp] [...192.168.3.23][38070] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....21] [ip4][..udp] [...192.168.3.23][42921] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....22] [ip4][..udp] [...192.168.3.23][45553] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...113] [ip4][..udp] [...192.168.3.23][46332] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...158] [ip4][..udp] [...192.168.3.23][43812] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...136] [ip4][..udp] [...192.168.3.23][39270] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....24] [ip4][..udp] [...192.168.3.23][46317] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...177] [ip4][..udp] [...192.168.3.23][39623] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....80] [ip4][..udp] [...192.168.3.23][41387] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...100] [ip4][..udp] [...192.168.3.23][39236] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....29] [ip4][..udp] [...192.168.3.23][41680] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...151] [ip4][..udp] [...192.168.3.23][42012] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...188] [ip4][..udp] [...192.168.3.23][45864] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...103] [ip4][..udp] [...192.168.3.23][39779] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...131] [ip4][..udp] [...192.168.3.23][40665] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....71] [ip4][..udp] [...192.168.3.23][40959] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....28] [ip4][..udp] [...192.168.3.23][42764] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...179] [ip4][..udp] [...192.168.3.23][37747] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...162] [ip4][..udp] [...192.168.3.23][48196] -> [..34.155.128.54][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...184] [ip4][..udp] [...192.168.3.23][37181] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...174] [ip4][..udp] [...192.168.3.23][43498] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...167] [ip4][..udp] [...192.168.3.23][43985] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...160] [ip4][..udp] [...192.168.3.23][49989] -> [...3.24.157.167][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...172] [ip4][..udp] [...192.168.3.23][38002] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...186] [ip4][..udp] [...192.168.3.23][38712] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....49] [ip4][..udp] [...192.168.3.23][48276] -> [...45.33.103.81][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....40] [ip4][..udp] [...192.168.3.23][43864] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....87] [ip4][..udp] [...192.168.3.23][40074] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...178] [ip4][..udp] [...192.168.3.23][37972] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...109] [ip4][..udp] [...192.168.3.23][49078] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....91] [ip4][..udp] [...192.168.3.23][39572] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [.....8] [ip4][..udp] [...192.168.3.23][49183] -> [.18.162.179.244][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...171] [ip4][..udp] [...192.168.3.23][44328] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....37] [ip4][..udp] [...192.168.3.23][39220] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....54] [ip4][..udp] [...192.168.3.23][43552] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...125] [ip4][..udp] [...192.168.3.23][44684] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...129] [ip4][..udp] [...192.168.3.23][45104] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...119] [ip4][..udp] [...192.168.3.23][45088] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...154] [ip4][..udp] [...192.168.3.23][39070] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....38] [ip4][..udp] [...192.168.3.23][41692] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....82] [ip4][..udp] [...192.168.3.23][45530] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...153] [ip4][..udp] [...192.168.3.23][44962] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [.....9] [ip4][..udp] [...192.168.3.23][45624] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...183] [ip4][..udp] [...192.168.3.23][46702] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....89] [ip4][..udp] [...192.168.3.23][46825] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...176] [ip4][..udp] [...192.168.3.23][47269] -> [..65.52.182.211][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....60] [ip4][..udp] [...192.168.3.23][37678] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....27] [ip4][..udp] [...192.168.3.23][47189] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....59] [ip4][..udp] [...192.168.3.23][46385] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....62] [ip4][..udp] [...192.168.3.23][38633] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....72] [ip4][..udp] [...192.168.3.23][49407] -> [...101.46.59.21][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....73] [ip4][..udp] [...192.168.3.23][41578] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...102] [ip4][..udp] [...192.168.3.23][38514] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...127] [ip4][..udp] [...192.168.3.23][49395] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...140] [ip4][..udp] [...192.168.3.23][38800] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...152] [ip4][..udp] [...192.168.3.23][38821] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....58] [ip4][..udp] [...192.168.3.23][49704] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...163] [ip4][..udp] [...192.168.3.23][39684] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...105] [ip4][..udp] [...192.168.3.23][49942] -> [.34.176.100.180][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....36] [ip4][..udp] [...192.168.3.23][42726] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....39] [ip4][..udp] [...192.168.3.23][48743] -> [195.181.163.225][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....47] [ip4][..udp] [...192.168.3.23][39515] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...137] [ip4][..udp] [...192.168.3.23][44304] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....46] [ip4][..udp] [...192.168.3.23][44470] -> [.138.199.41.102][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...165] [ip4][..udp] [...192.168.3.23][49432] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....70] [ip4][..udp] [...192.168.3.23][40513] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....56] [ip4][..udp] [...192.168.3.23][40048] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...142] [ip4][..udp] [...192.168.3.23][39220] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...157] [ip4][..udp] [...192.168.3.23][37742] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....78] [ip4][..udp] [...192.168.3.23][49819] -> [.15.181.194.202][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...133] [ip4][..udp] [...192.168.3.23][46603] -> [.20.195.224.215][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....32] [ip4][..udp] [...192.168.3.23][38961] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...168] [ip4][..udp] [...192.168.3.23][38399] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...170] [ip4][..udp] [...192.168.3.23][44646] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...149] [ip4][..udp] [...192.168.3.23][41457] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [.....3] [ip4][..tcp] [...192.168.3.23][37119] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable] + idle: [....96] [ip4][..udp] [...192.168.3.23][40633] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....83] [ip4][..udp] [...192.168.3.23][45875] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...169] [ip4][..udp] [...192.168.3.23][39594] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...147] [ip4][..udp] [...192.168.3.23][49992] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....13] [ip4][..udp] [...192.168.3.23][49995] -> [.18.185.151.243][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...164] [ip4][..udp] [...192.168.3.23][39693] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....20] [ip4][..udp] [...192.168.3.23][39478] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....34] [ip4][..udp] [...192.168.3.23][46392] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....11] [ip4][..udp] [...192.168.3.23][42089] -> [..23.90.141.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....42] [ip4][..udp] [...192.168.3.23][37131] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...159] [ip4][..udp] [...192.168.3.23][42845] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...139] [ip4][..udp] [...192.168.3.23][47410] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...108] [ip4][..udp] [...192.168.3.23][45904] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....30] [ip4][..udp] [...192.168.3.23][45941] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...161] [ip4][..udp] [...192.168.3.23][37603] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...130] [ip4][..udp] [...192.168.3.23][46201] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...192] [ip4][..udp] [...192.168.3.23][41618] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...175] [ip4][..udp] [...192.168.3.23][47574] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....17] [ip4][..udp] [...192.168.3.23][46763] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [.....5] [ip4][..tcp] [...192.168.3.23][38726] -> [..104.18.50.182][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable] + idle: [...106] [ip4][..udp] [...192.168.3.23][43718] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....92] [ip4][..udp] [...192.168.3.23][48774] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....79] [ip4][..udp] [...192.168.3.23][48217] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....86] [ip4][..udp] [...192.168.3.23][39046] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...191] [ip4][..udp] [...192.168.3.23][43077] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...104] [ip4][..udp] [...192.168.3.23][41897] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...123] [ip4][..udp] [...192.168.3.23][42131] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...128] [ip4][..udp] [...192.168.3.23][48575] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....16] [ip4][..udp] [...192.168.3.23][44799] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...126] [ip4][..udp] [...192.168.3.23][48644] -> [.35.201.213.182][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...124] [ip4][..udp] [...192.168.3.23][37942] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....45] [ip4][..udp] [...192.168.3.23][49429] -> [..103.198.202.8][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....15] [ip4][..udp] [...192.168.3.23][44547] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....61] [ip4][..udp] [...192.168.3.23][48031] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....68] [ip4][..udp] [...192.168.3.23][39502] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...166] [ip4][..udp] [...192.168.3.23][43597] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...132] [ip4][..udp] [...192.168.3.23][40083] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....74] [ip4][..udp] [...192.168.3.23][43653] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....76] [ip4][..udp] [...192.168.3.23][43425] -> [.176.97.192.194][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....57] [ip4][..udp] [...192.168.3.23][43608] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...189] [ip4][..udp] [...192.168.3.23][45757] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...150] [ip4][..udp] [...192.168.3.23][43795] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....64] [ip4][..udp] [...192.168.3.23][39858] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....81] [ip4][..udp] [...192.168.3.23][49500] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...101] [ip4][..udp] [...192.168.3.23][41423] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....90] [ip4][..udp] [...192.168.3.23][38354] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + guessed: [...117] [ip4][..udp] [...192.168.3.23][47302] -> [.142.251.143.54][..443] [QUIC][Google][Web][Acceptable] + RISK: Susp Entropy + idle: [...117] [ip4][..udp] [...192.168.3.23][47302] -> [.142.251.143.54][..443] + idle: [...120] [ip4][..udp] [...192.168.3.23][49928] -> [...52.77.92.200][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....10] [ip4][..udp] [...192.168.3.23][41825] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....19] [ip4][..udp] [...192.168.3.23][40581] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....75] [ip4][..udp] [...192.168.3.23][44138] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....26] [ip4][..udp] [...192.168.3.23][44605] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....55] [ip4][..udp] [...192.168.3.23][42232] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...135] [ip4][..udp] [...192.168.3.23][38445] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...185] [ip4][..udp] [...192.168.3.23][39378] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....25] [ip4][..udp] [...192.168.3.23][48039] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....31] [ip4][..udp] [...192.168.3.23][45045] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [.....4] [ip4][..tcp] [...192.168.3.23][42942] -> [..104.18.53.166][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable] + idle: [...107] [ip4][..udp] [...192.168.3.23][48516] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....88] [ip4][..udp] [...192.168.3.23][39588] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....85] [ip4][..udp] [...192.168.3.23][43221] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [.....7] [ip4][..tcp] [...192.168.3.23][43470] -> [...2.19.126.219][..443] [TLS.GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...116] [ip4][..udp] [...192.168.3.23][48995] -> [...34.88.73.160][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [....65] [ip4][..udp] [...192.168.3.23][46109] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....52] [ip4][..udp] [...192.168.3.23][47203] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....51] [ip4][..udp] [...192.168.3.23][39583] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....50] [ip4][..udp] [...192.168.3.23][48846] -> [...154.93.36.41][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...156] [ip4][..udp] [...192.168.3.23][43680] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....93] [ip4][..udp] [...192.168.3.23][49818] -> [..23.90.172.130][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [.....6] [ip4][..tcp] [...192.168.3.23][45668] -> [.104.16.159.112][..443] [TLS.GearUP_Booster][Cloudflare][VPN][Acceptable] + idle: [...121] [ip4][..udp] [...192.168.3.23][48544] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....97] [ip4][..udp] [...192.168.3.23][41111] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...187] [ip4][..udp] [...192.168.3.23][41188] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...111] [ip4][..udp] [...192.168.3.23][48710] -> [.129.227.244.38][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....98] [ip4][..udp] [...192.168.3.23][49542] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...115] [ip4][..udp] [...192.168.3.23][45946] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...148] [ip4][..udp] [...192.168.3.23][46619] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...145] [ip4][..udp] [...192.168.3.23][49873] -> [..98.96.251.186][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...180] [ip4][..udp] [...192.168.3.23][46852] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....77] [ip4][..udp] [...192.168.3.23][45458] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....12] [ip4][..udp] [...192.168.3.23][49987] -> [....98.98.151.3][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...122] [ip4][..udp] [...192.168.3.23][49563] -> [..34.100.183.43][.9999] [GearUP_Booster][GoogleCloud][VPN][Acceptable] + idle: [...138] [ip4][..udp] [...192.168.3.23][44266] -> [.....20.249.1.0][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....48] [ip4][..udp] [...192.168.3.23][43033] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....94] [ip4][..udp] [...192.168.3.23][43269] -> [.121.127.42.118][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [....41] [ip4][..udp] [...192.168.3.23][48015] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [....43] [ip4][..udp] [...192.168.3.23][44205] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....35] [ip4][..udp] [...192.168.3.23][47617] -> [.40.115.242.242][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...181] [ip4][..udp] [...192.168.3.23][48934] -> [..80.238.226.80][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + idle: [...134] [ip4][..udp] [...192.168.3.23][49305] -> [.20.237.164.226][.9999] [GearUP_Booster][Azure][VPN][Acceptable] + idle: [...110] [ip4][..udp] [...192.168.3.23][48164] -> [..3.114.197.210][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [...182] [ip4][..udp] [...192.168.3.23][45605] -> [..13.124.213.54][.9999] [GearUP_Booster][AmazonAWS][VPN][Acceptable] + idle: [....23] [ip4][..udp] [...192.168.3.23][49487] -> [.194.110.134.13][.9999] [GearUP_Booster][Unknown][VPN][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/geforcenow.pcapng.out b/test/results/flow-info/default/geforcenow.pcapng.out index 534eae1c9..ce8204f3b 100644 --- a/test/results/flow-info/default/geforcenow.pcapng.out +++ b/test/results/flow-info/default/geforcenow.pcapng.out @@ -21,10 +21,6 @@ new: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] detected: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS][Nvidia][Network][Safe] detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS.GeForceNow][Nvidia][Game][Fun] RISK: TLS Cert Validity Too Long diff --git a/test/results/flow-info/default/gnutella.pcap.out b/test/results/flow-info/default/gnutella.pcap.out index 1cddd4c90..6848df8dc 100644 --- a/test/results/flow-info/default/gnutella.pcap.out +++ b/test/results/flow-info/default/gnutella.pcap.out @@ -1634,7 +1634,7 @@ idle: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][msedgewin10] idle: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Unknown][Network][Acceptable] idle: [....12] [ip4][..udp] [......10.0.2.15][63717] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][msedgewin10] - not-detected: [....42] [ip4][..tcp] [......10.0.2.15][50202] -> [.61.238.173.128][57648] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..tcp] [......10.0.2.15][50202] -> [.61.238.173.128][57648] [Unknown][Unknown][Unspecified][Unrated] end: [....42] [ip4][..tcp] [......10.0.2.15][50202] -> [.61.238.173.128][57648] end: [....46] [ip4][..tcp] [......10.0.2.15][50206] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol @@ -1645,7 +1645,7 @@ RISK: Unsafe Protocol end: [...119] [ip4][..tcp] [......10.0.2.15][50250] -> [...27.94.154.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....61] [ip4][..tcp] [......10.0.2.15][50220] -> [.36.233.196.226][.3820] [Unknown][Unknown][Unrated] + not-detected: [....61] [ip4][..tcp] [......10.0.2.15][50220] -> [.36.233.196.226][.3820] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....61] [ip4][..tcp] [......10.0.2.15][50220] -> [.36.233.196.226][.3820] end: [...122] [ip4][..tcp] [......10.0.2.15][50253] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1656,12 +1656,12 @@ RISK: Unsafe Protocol end: [....51] [ip4][..tcp] [......10.0.2.15][50211] -> [...14.199.10.60][23458] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....63] [ip4][..tcp] [......10.0.2.15][50222] -> [.119.14.143.237][.6523] [Unknown][Unknown][Unrated] + not-detected: [....63] [ip4][..tcp] [......10.0.2.15][50222] -> [.119.14.143.237][.6523] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....63] [ip4][..tcp] [......10.0.2.15][50222] -> [.119.14.143.237][.6523] end: [....43] [ip4][..tcp] [......10.0.2.15][50203] -> [..61.222.160.99][18994] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....69] [ip4][..tcp] [......10.0.2.15][50228] -> [..111.241.31.96][14384] [Unknown][Unknown][Unrated] + not-detected: [....69] [ip4][..tcp] [......10.0.2.15][50228] -> [..111.241.31.96][14384] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....69] [ip4][..tcp] [......10.0.2.15][50228] -> [..111.241.31.96][14384] end: [....35] [ip4][..tcp] [......10.0.2.15][50196] -> [...218.250.6.59][12556] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1776,7 +1776,7 @@ RISK: Unsafe Protocol end: [...289] [ip4][..tcp] [......10.0.2.15][50313] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...237] [ip4][..tcp] [......10.0.2.15][50283] -> [..51.68.153.214][35004] [Unknown][Unknown][Unrated] + not-detected: [...237] [ip4][..tcp] [......10.0.2.15][50283] -> [..51.68.153.214][35004] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [...237] [ip4][..tcp] [......10.0.2.15][50283] -> [..51.68.153.214][35004] end: [...296] [ip4][..tcp] [......10.0.2.15][50320] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1786,7 +1786,7 @@ RISK: Unsafe Protocol idle: [....14] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] idle: [....18] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63965] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] - not-detected: [...153] [ip4][..tcp] [......10.0.2.15][50266] -> [.219.70.175.103][.4315] [Unknown][Unknown][Unrated] + not-detected: [...153] [ip4][..tcp] [......10.0.2.15][50266] -> [.219.70.175.103][.4315] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [...153] [ip4][..tcp] [......10.0.2.15][50266] -> [.219.70.175.103][.4315] end: [...279] [ip4][..tcp] [......10.0.2.15][50303] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1803,7 +1803,7 @@ RISK: Unsafe Protocol end: [...223] [ip4][..tcp] [......10.0.2.15][50269] -> [..218.103.139.2][.3186] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...143] [ip4][..tcp] [......10.0.2.15][50256] -> [.36.233.201.161][.2886] [Unknown][Unknown][Unrated] + not-detected: [...143] [ip4][..tcp] [......10.0.2.15][50256] -> [.36.233.201.161][.2886] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [...143] [ip4][..tcp] [......10.0.2.15][50256] -> [.36.233.201.161][.2886] end: [...269] [ip4][..tcp] [......10.0.2.15][50293] -> [..97.83.183.148][.8890] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -2560,7 +2560,7 @@ RISK: Unsafe Protocol idle: [...202] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] [Unknown][Unknown][Unrated] + not-detected: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] idle: [...162] [ip4][..udp] [......10.0.2.15][28681] -> [.88.123.159.111][44729] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -3057,7 +3057,7 @@ new: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] detected: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy - not-detected: [....29] [ip4][..tcp] [......10.0.2.15][50191] -> [.207.38.163.228][.6778] [Unknown][Unknown][Unrated] + not-detected: [....29] [ip4][..tcp] [......10.0.2.15][50191] -> [.207.38.163.228][.6778] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....29] [ip4][..tcp] [......10.0.2.15][50191] -> [.207.38.163.228][.6778] idle: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -3068,13 +3068,13 @@ RISK: Unsafe Protocol idle: [...305] [ip4][..udp] [......10.0.2.15][28681] -> [..88.168.175.31][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....31] [ip4][..tcp] [......10.0.2.15][50193] -> [....89.75.52.19][46010] [Unknown][Unknown][Unrated] + not-detected: [....31] [ip4][..tcp] [......10.0.2.15][50193] -> [....89.75.52.19][46010] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....31] [ip4][..tcp] [......10.0.2.15][50193] -> [....89.75.52.19][46010] - not-detected: [....28] [ip4][..tcp] [......10.0.2.15][50190] -> [..80.140.63.147][29545] [Unknown][Unknown][Unrated] + not-detected: [....28] [ip4][..tcp] [......10.0.2.15][50190] -> [..80.140.63.147][29545] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....28] [ip4][..tcp] [......10.0.2.15][50190] -> [..80.140.63.147][29545] - not-detected: [....30] [ip4][..tcp] [......10.0.2.15][50192] -> [....45.65.87.24][16201] [Unknown][Unknown][Unrated] + not-detected: [....30] [ip4][..tcp] [......10.0.2.15][50192] -> [....45.65.87.24][16201] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....30] [ip4][..tcp] [......10.0.2.15][50192] -> [....45.65.87.24][16201] idle: [...322] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.219][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -3480,10 +3480,10 @@ RISK: Unsafe Protocol idle: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....90] [ip4][..tcp] [......10.0.2.15][50245] -> [..73.62.225.181][46843] [Unknown][Unknown][Unrated] + not-detected: [....90] [ip4][..tcp] [......10.0.2.15][50245] -> [..73.62.225.181][46843] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....90] [ip4][..tcp] [......10.0.2.15][50245] -> [..73.62.225.181][46843] - not-detected: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Unknown][Unknown][Unrated] + not-detected: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] idle: [...324] [ip4][..udp] [......10.0.2.15][28681] -> [.73.250.179.237][20848] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -4189,9 +4189,9 @@ RISK: Unsafe Protocol idle: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] [Unknown][Unknown][Unrated] + not-detected: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] [Unknown][Unknown][Unspecified][Unrated] idle: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] - not-detected: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Unknown][Unknown][Unrated] + not-detected: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] idle: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -4217,7 +4217,7 @@ new: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] detected: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] [Unknown][Unknown][Unrated] + not-detected: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] idle: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -4872,7 +4872,7 @@ new: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] detected: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] [Unknown][Unknown][Unrated] + not-detected: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] @@ -5007,7 +5007,7 @@ RISK: Unsafe Protocol idle: [...418] [ip4][..udp] [......10.0.2.15][28681] -> [.75.129.149.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] [Unknown][Unknown][Unrated] + not-detected: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] idle: [...432] [ip4][..udp] [......10.0.2.15][28681] -> [...104.6.118.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5018,7 +5018,7 @@ RISK: Unsafe Protocol idle: [...413] [ip4][..udp] [......10.0.2.15][28681] -> [...87.65.188.29][24676] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] [Unknown][Unknown][Unrated] + not-detected: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] idle: [...430] [ip4][..udp] [......10.0.2.15][28681] -> [....90.8.95.165][40763] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5031,7 +5031,7 @@ RISK: Unsafe Protocol idle: [...435] [ip4][..udp] [......10.0.2.15][28681] -> [.109.24.146.101][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] [Unknown][Unknown][Unrated] + not-detected: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] idle: [...427] [ip4][..udp] [......10.0.2.15][28681] -> [...81.249.13.30][15138] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5050,7 +5050,7 @@ RISK: Unsafe Protocol idle: [...431] [ip4][..udp] [......10.0.2.15][28681] -> [..88.124.71.246][49035] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] [Unknown][Unknown][Unrated] + not-detected: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] idle: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5061,7 +5061,7 @@ RISK: Unsafe Protocol idle: [...409] [ip4][..udp] [......10.0.2.15][28681] -> [...86.194.53.68][33770] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] [Unknown][Unknown][Unrated] + not-detected: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] idle: [...412] [ip4][..udp] [......10.0.2.15][28681] -> [...58.177.52.73][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5070,7 +5070,7 @@ RISK: Unsafe Protocol idle: [...407] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] [Unknown][Unknown][Unrated] + not-detected: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] idle: [...417] [ip4][..udp] [......10.0.2.15][28681] -> [.94.187.236.179][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5079,15 +5079,15 @@ RISK: Unsafe Protocol idle: [...436] [ip4][..udp] [......10.0.2.15][28681] -> [.219.68.179.137][.6406] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] [Unknown][Unknown][Unrated] + not-detected: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] idle: [...482] [ip4][..udp] [......10.0.2.15][28681] -> [..86.193.23.172][42227] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] [Unknown][Unknown][Unrated] + not-detected: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] - not-detected: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] [Unknown][Unknown][Unrated] + not-detected: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] idle: [...416] [ip4][..udp] [......10.0.2.15][28681] -> [..92.139.61.103][24096] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5096,14 +5096,14 @@ RISK: Unsafe Protocol idle: [...402] [ip4][..udp] [......10.0.2.15][28681] -> [...78.219.202.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] [Unknown][Unknown][Unrated] + not-detected: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] idle: [...419] [ip4][..udp] [......10.0.2.15][28681] -> [...78.193.236.8][46557] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...406] [ip4][..udp] [......10.0.2.15][28681] -> [....109.27.3.68][57380] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] [Unknown][Unknown][Unrated] + not-detected: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] idle: [...420] [ip4][..udp] [......10.0.2.15][28681] -> [..86.227.127.34][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5116,10 +5116,10 @@ RISK: Unsafe Protocol idle: [...429] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.215.213][23576] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] [Unknown][Unknown][Unrated] + not-detected: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] - not-detected: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] [Unknown][Unknown][Unrated] + not-detected: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] idle: [...438] [ip4][..udp] [......10.0.2.15][28681] -> [..71.86.190.163][14142] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5480,7 +5480,7 @@ RISK: Unsafe Protocol idle: [...434] [ip4][..udp] [......10.0.2.15][28681] -> [.114.24.182.130][22232] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] [Unknown][Unknown][Unrated] + not-detected: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] update: [...449] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][.8826] @@ -5592,204 +5592,204 @@ RISK: Unsafe Protocol idle: [...495] [ip4][..udp] [......10.0.2.15][28681] -> [...81.247.89.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...449] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][.8826] [Unknown][Unknown][Unrated] + not-detected: [...449] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][.8826] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...449] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][.8826] - not-detected: [...636] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][53143] [Unknown][Unknown][Unrated] + not-detected: [...636] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][53143] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...636] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][53143] - not-detected: [...685] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.8349] [Unknown][Unknown][Unrated] + not-detected: [...685] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.8349] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...685] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.8349] - not-detected: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] [Unknown][Unknown][Unrated] + not-detected: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] - not-detected: [...650] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][58856] [Unknown][Unknown][Unrated] + not-detected: [...650] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][58856] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...650] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][58856] - not-detected: [...576] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][42925] [Unknown][Unknown][Unrated] + not-detected: [...576] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][42925] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...576] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][42925] idle: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...575] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][19768] [Unknown][Unknown][Unrated] + not-detected: [...575] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][19768] [Unknown][Unknown][Unspecified][Unrated] idle: [...575] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][19768] - not-detected: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] [Unknown][Unknown][Unrated] + not-detected: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] - not-detected: [...444] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unrated] + not-detected: [...444] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...444] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] - not-detected: [...676] [ip4][..udp] [......10.0.2.15][28681] -> [...1.64.208.110][55550] [Unknown][Unknown][Unrated] + not-detected: [...676] [ip4][..udp] [......10.0.2.15][28681] -> [...1.64.208.110][55550] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...676] [ip4][..udp] [......10.0.2.15][28681] -> [...1.64.208.110][55550] - not-detected: [...697] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][53906] [Unknown][Unknown][Unrated] + not-detected: [...697] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][53906] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...697] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][53906] idle: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...604] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][53291] [Unknown][Unknown][Unrated] + not-detected: [...604] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][53291] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...604] [ip4][..udp] [......10.0.2.15][28681] -> [.123.202.31.113][53291] - not-detected: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] [Unknown][Unknown][Unrated] + not-detected: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] [Unknown][Unknown][Unspecified][Unrated] idle: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] idle: [...505] [ip4][..udp] [......10.0.2.15][28681] -> [.....42.2.62.28][.6387] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...698] [ip4][..udp] [......10.0.2.15][28681] -> [..70.81.219.111][19210] [Unknown][Unknown][Unrated] + not-detected: [...698] [ip4][..udp] [......10.0.2.15][28681] -> [..70.81.219.111][19210] [Unknown][Unknown][Unspecified][Unrated] idle: [...698] [ip4][..udp] [......10.0.2.15][28681] -> [..70.81.219.111][19210] - not-detected: [...644] [ip4][..udp] [......10.0.2.15][28681] -> [...173.22.22.94][34245] [Unknown][Unknown][Unrated] + not-detected: [...644] [ip4][..udp] [......10.0.2.15][28681] -> [...173.22.22.94][34245] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...644] [ip4][..udp] [......10.0.2.15][28681] -> [...173.22.22.94][34245] idle: [...507] [ip4][..udp] [......10.0.2.15][28681] -> [...50.4.204.220][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] [Unknown][Unknown][Unrated] + not-detected: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] - not-detected: [...610] [ip4][..udp] [......10.0.2.15][28681] -> [..61.10.174.159][.4841] [Unknown][Unknown][Unrated] + not-detected: [...610] [ip4][..udp] [......10.0.2.15][28681] -> [..61.10.174.159][.4841] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...610] [ip4][..udp] [......10.0.2.15][28681] -> [..61.10.174.159][.4841] - not-detected: [...671] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][49867] [Unknown][Unknown][Unrated] + not-detected: [...671] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][49867] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...671] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][49867] - not-detected: [...709] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][.3624] [Unknown][Unknown][Unrated] + not-detected: [...709] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][.3624] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...709] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][.3624] - not-detected: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] [Unknown][Unknown][Unrated] + not-detected: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] [Unknown][Unknown][Unspecified][Unrated] idle: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] - not-detected: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] [Unknown][Unknown][Unrated] + not-detected: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] idle: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] [Unknown][Unknown][Unrated] + not-detected: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] - not-detected: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] [Unknown][Unknown][Unrated] + not-detected: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] idle: [...498] [ip4][..udp] [......10.0.2.15][28681] -> [...8.44.149.207][30551] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...672] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.4765] [Unknown][Unknown][Unrated] + not-detected: [...672] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.4765] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...672] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.4765] - not-detected: [...640] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][65430] [Unknown][Unknown][Unrated] + not-detected: [...640] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][65430] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...640] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][65430] - not-detected: [...682] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][50896] [Unknown][Unknown][Unrated] + not-detected: [...682] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][50896] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...682] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][50896] - not-detected: [...654] [ip4][..udp] [......10.0.2.15][28681] -> [.84.118.116.198][44616] [Unknown][Unknown][Unrated] + not-detected: [...654] [ip4][..udp] [......10.0.2.15][28681] -> [.84.118.116.198][44616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...654] [ip4][..udp] [......10.0.2.15][28681] -> [.84.118.116.198][44616] - not-detected: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] [Unknown][Unknown][Unrated] + not-detected: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] - not-detected: [...712] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][59978] [Unknown][Unknown][Unrated] + not-detected: [...712] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][59978] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...712] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][59978] idle: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] [Unknown][Unknown][Unrated] + not-detected: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] [Unknown][Unknown][Unspecified][Unrated] idle: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] - not-detected: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] [Unknown][Unknown][Unrated] + not-detected: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] - not-detected: [...738] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3256] [Unknown][Unknown][Unrated] + not-detected: [...738] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3256] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...738] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3256] - not-detected: [...572] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] [Unknown][Unknown][Unrated] + not-detected: [...572] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] [Unknown][Unknown][Unspecified][Unrated] idle: [...572] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] - not-detected: [...520] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3339] [Unknown][Unknown][Unrated] + not-detected: [...520] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3339] [Unknown][Unknown][Unspecified][Unrated] idle: [...520] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3339] - not-detected: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] [Unknown][Unknown][Unrated] + not-detected: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] idle: [...513] [ip4][..udp] [......10.0.2.15][28681] -> [..78.196.216.12][58910] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] [Unknown][Unknown][Unrated] + not-detected: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] - not-detected: [...600] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][60092] [Unknown][Unknown][Unrated] + not-detected: [...600] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][60092] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...600] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][60092] idle: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] [Unknown][Unknown][Unrated] + not-detected: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] - not-detected: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] [Unknown][Unknown][Unrated] + not-detected: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] - not-detected: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] [Unknown][Unknown][Unrated] + not-detected: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] [Unknown][Unknown][Unspecified][Unrated] idle: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] - not-detected: [...681] [ip4][..udp] [......10.0.2.15][28681] -> [..61.220.41.241][53072] [Unknown][Unknown][Unrated] + not-detected: [...681] [ip4][..udp] [......10.0.2.15][28681] -> [..61.220.41.241][53072] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...681] [ip4][..udp] [......10.0.2.15][28681] -> [..61.220.41.241][53072] - not-detected: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] [Unknown][Unknown][Unrated] + not-detected: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] - not-detected: [...741] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.4364] [Unknown][Unknown][Unrated] + not-detected: [...741] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.4364] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...741] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.4364] - not-detected: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] [Unknown][Unknown][Unrated] + not-detected: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] - not-detected: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] [Unknown][Unknown][Unrated] + not-detected: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] - not-detected: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] [Unknown][Unknown][Unrated] + not-detected: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] - not-detected: [...658] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.8075] [Unknown][Unknown][Unrated] + not-detected: [...658] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.8075] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...658] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.8075] - not-detected: [...657] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53195] [Unknown][Unknown][Unrated] + not-detected: [...657] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53195] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...657] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53195] - not-detected: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] [Unknown][Unknown][Unrated] + not-detected: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] [Unknown][Unknown][Unspecified][Unrated] idle: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] idle: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] [Unknown][Unknown][Unrated] + not-detected: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] - not-detected: [...586] [ip4][..udp] [......10.0.2.15][28681] -> [..221.124.66.33][13060] [Unknown][Unknown][Unrated] + not-detected: [...586] [ip4][..udp] [......10.0.2.15][28681] -> [..221.124.66.33][13060] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...586] [ip4][..udp] [......10.0.2.15][28681] -> [..221.124.66.33][13060] idle: [...509] [ip4][..udp] [......10.0.2.15][28681] -> [.92.142.109.190][41370] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] [Unknown][Unknown][Unrated] + not-detected: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] - not-detected: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] [Unknown][Unknown][Unrated] + not-detected: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] - not-detected: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] [Unknown][Unknown][Unrated] + not-detected: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] - not-detected: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] [Unknown][Unknown][Unrated] + not-detected: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] - not-detected: [...598] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][.1512] [Unknown][Unknown][Unrated] + not-detected: [...598] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][.1512] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...598] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][.1512] - not-detected: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] [Unknown][Unknown][Unrated] + not-detected: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] - not-detected: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] [Unknown][Unknown][Unrated] + not-detected: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] [Unknown][Unknown][Unspecified][Unrated] idle: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] - not-detected: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] [Unknown][Unknown][Unrated] + not-detected: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] - not-detected: [...742] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][36780] [Unknown][Unknown][Unrated] + not-detected: [...742] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][36780] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...742] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][36780] - not-detected: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] [Unknown][Unknown][Unrated] + not-detected: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] - not-detected: [...665] [ip4][..udp] [......10.0.2.15][28681] -> [..82.36.106.134][.3927] [Unknown][Unknown][Unrated] + not-detected: [...665] [ip4][..udp] [......10.0.2.15][28681] -> [..82.36.106.134][.3927] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...665] [ip4][..udp] [......10.0.2.15][28681] -> [..82.36.106.134][.3927] - not-detected: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] [Unknown][Unknown][Unrated] + not-detected: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] idle: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5798,154 +5798,154 @@ RISK: Unsafe Protocol idle: [...518] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] [Unknown][Unknown][Unrated] + not-detected: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] idle: [...515] [ip4][..udp] [......10.0.2.15][28681] -> [220.137.106.173][11625] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] [Unknown][Unknown][Unrated] + not-detected: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] - not-detected: [...630] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][.3931] [Unknown][Unknown][Unrated] + not-detected: [...630] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][.3931] [Unknown][Unknown][Unspecified][Unrated] idle: [...630] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][.3931] - not-detected: [...565] [ip4][..udp] [......10.0.2.15][28681] -> [...114.45.40.28][.2656] [Unknown][Unknown][Unrated] + not-detected: [...565] [ip4][..udp] [......10.0.2.15][28681] -> [...114.45.40.28][.2656] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...565] [ip4][..udp] [......10.0.2.15][28681] -> [...114.45.40.28][.2656] - not-detected: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] [Unknown][Unknown][Unrated] + not-detected: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] idle: [...501] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...506] [ip4][..udp] [......10.0.2.15][28681] -> [..136.32.84.139][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] [Unknown][Unknown][Unrated] + not-detected: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] - not-detected: [...670] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52669] [Unknown][Unknown][Unrated] + not-detected: [...670] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52669] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...670] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52669] idle: [...508] [ip4][..udp] [......10.0.2.15][28681] -> [...92.144.99.73][10745] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] [Unknown][Unknown][Unrated] + not-detected: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] [Unknown][Unknown][Unspecified][Unrated] idle: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] - not-detected: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] [Unknown][Unknown][Unrated] + not-detected: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] - not-detected: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] [Unknown][Unknown][Unrated] + not-detected: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] [Unknown][Unknown][Unspecified][Unrated] idle: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] - not-detected: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] [Unknown][Unknown][Unrated] + not-detected: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] - not-detected: [...651] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][65023] [Unknown][Unknown][Unrated] + not-detected: [...651] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][65023] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...651] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][65023] - not-detected: [...625] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][49737] [Unknown][Unknown][Unrated] + not-detected: [...625] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][49737] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...625] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][49737] - not-detected: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] [Unknown][Unknown][Unrated] + not-detected: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] guessed: [...462] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [...462] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][47808] - not-detected: [...664] [ip4][..udp] [......10.0.2.15][28681] -> [..1.172.183.237][.4983] [Unknown][Unknown][Unrated] + not-detected: [...664] [ip4][..udp] [......10.0.2.15][28681] -> [..1.172.183.237][.4983] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...664] [ip4][..udp] [......10.0.2.15][28681] -> [..1.172.183.237][.4983] - not-detected: [...708] [ip4][..udp] [......10.0.2.15][28681] -> [..124.244.68.65][51967] [Unknown][Unknown][Unrated] + not-detected: [...708] [ip4][..udp] [......10.0.2.15][28681] -> [..124.244.68.65][51967] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...708] [ip4][..udp] [......10.0.2.15][28681] -> [..124.244.68.65][51967] - not-detected: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] [Unknown][Unknown][Unrated] + not-detected: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] - not-detected: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] [Unknown][Unknown][Unrated] + not-detected: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] [Unknown][Unknown][Unspecified][Unrated] idle: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] - not-detected: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] [Unknown][Unknown][Unrated] + not-detected: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] - not-detected: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] [Unknown][Unknown][Unrated] + not-detected: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] - not-detected: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] [Unknown][Unknown][Unrated] + not-detected: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] - not-detected: [...524] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][65362] [Unknown][Unknown][Unrated] + not-detected: [...524] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][65362] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...524] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][65362] - not-detected: [...642] [ip4][..udp] [......10.0.2.15][28681] -> [.220.39.142.122][.6346] [Unknown][Unknown][Unrated] + not-detected: [...642] [ip4][..udp] [......10.0.2.15][28681] -> [.220.39.142.122][.6346] [Unknown][Unknown][Unspecified][Unrated] idle: [...642] [ip4][..udp] [......10.0.2.15][28681] -> [.220.39.142.122][.6346] - not-detected: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] [Unknown][Unknown][Unrated] + not-detected: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] idle: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...720] [ip4][..udp] [......10.0.2.15][28681] -> [..76.26.178.132][10053] [Unknown][Unknown][Unrated] + not-detected: [...720] [ip4][..udp] [......10.0.2.15][28681] -> [..76.26.178.132][10053] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...720] [ip4][..udp] [......10.0.2.15][28681] -> [..76.26.178.132][10053] - not-detected: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] [Unknown][Unknown][Unrated] + not-detected: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] - not-detected: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] [Unknown][Unknown][Unrated] + not-detected: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] idle: [...499] [ip4][..udp] [......10.0.2.15][28681] -> [....1.161.80.82][.8656] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] [Unknown][Unknown][Unrated] + not-detected: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] - not-detected: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] [Unknown][Unknown][Unrated] + not-detected: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] - not-detected: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] [Unknown][Unknown][Unrated] + not-detected: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] [Unknown][Unknown][Unspecified][Unrated] idle: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] idle: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] [Unknown][Unknown][Unrated] + not-detected: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] - not-detected: [...702] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10728] [Unknown][Unknown][Unrated] + not-detected: [...702] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10728] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...702] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10728] - not-detected: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] [Unknown][Unknown][Unrated] + not-detected: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] - not-detected: [...699] [ip4][..udp] [......10.0.2.15][28681] -> [..77.222.213.44][26536] [Unknown][Unknown][Unrated] + not-detected: [...699] [ip4][..udp] [......10.0.2.15][28681] -> [..77.222.213.44][26536] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...699] [ip4][..udp] [......10.0.2.15][28681] -> [..77.222.213.44][26536] - not-detected: [...580] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] [Unknown][Unknown][Unrated] + not-detected: [...580] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...580] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] - not-detected: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] [Unknown][Unknown][Unrated] + not-detected: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] - not-detected: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] [Unknown][Unknown][Unrated] + not-detected: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] idle: [...511] [ip4][..udp] [......10.0.2.15][28681] -> [...68.47.223.27][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] [Unknown][Unknown][Unrated] + not-detected: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] [Unknown][Unknown][Unspecified][Unrated] idle: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] - not-detected: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] [Unknown][Unknown][Unrated] + not-detected: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] [Unknown][Unknown][Unspecified][Unrated] idle: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] - not-detected: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] [Unknown][Unknown][Unrated] + not-detected: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] idle: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] [Unknown][Unknown][Unrated] + not-detected: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] - not-detected: [...725] [ip4][..udp] [......10.0.2.15][28681] -> [..219.91.30.216][61635] [Unknown][Unknown][Unrated] + not-detected: [...725] [ip4][..udp] [......10.0.2.15][28681] -> [..219.91.30.216][61635] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...725] [ip4][..udp] [......10.0.2.15][28681] -> [..219.91.30.216][61635] - not-detected: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] [Unknown][Unknown][Unrated] + not-detected: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] - not-detected: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] [Unknown][Unknown][Unrated] + not-detected: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] - not-detected: [...525] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52660] [Unknown][Unknown][Unrated] + not-detected: [...525] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52660] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...525] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52660] idle: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -5954,425 +5954,425 @@ RISK: Unsafe Protocol idle: [...514] [ip4][..udp] [......10.0.2.15][28681] -> [..83.114.40.175][23552] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] [Unknown][Unknown][Unrated] + not-detected: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] [Unknown][Unknown][Unspecified][Unrated] idle: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] idle: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...624] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57492] [Unknown][Unknown][Unrated] + not-detected: [...624] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57492] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...624] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57492] - not-detected: [...730] [ip4][..udp] [......10.0.2.15][28681] -> [124.217.188.105][62849] [Unknown][Unknown][Unrated] + not-detected: [...730] [ip4][..udp] [......10.0.2.15][28681] -> [124.217.188.105][62849] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...730] [ip4][..udp] [......10.0.2.15][28681] -> [124.217.188.105][62849] - not-detected: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] [Unknown][Unknown][Unrated] + not-detected: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] - not-detected: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] [Unknown][Unknown][Unrated] + not-detected: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] [Unknown][Unknown][Unspecified][Unrated] idle: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] - not-detected: [...689] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.3688] [Unknown][Unknown][Unrated] + not-detected: [...689] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.3688] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...689] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.3688] idle: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...649] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][56128] [Unknown][Unknown][Unrated] + not-detected: [...649] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][56128] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...649] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][56128] - not-detected: [...635] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.2556] [Unknown][Unknown][Unrated] + not-detected: [...635] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.2556] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...635] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.2556] - not-detected: [...722] [ip4][..udp] [......10.0.2.15][28681] -> [.213.32.245.121][12333] [Unknown][Unknown][Unrated] + not-detected: [...722] [ip4][..udp] [......10.0.2.15][28681] -> [.213.32.245.121][12333] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...722] [ip4][..udp] [......10.0.2.15][28681] -> [.213.32.245.121][12333] - not-detected: [...737] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.127.251][23897] [Unknown][Unknown][Unrated] + not-detected: [...737] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.127.251][23897] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...737] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.127.251][23897] - not-detected: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] [Unknown][Unknown][Unrated] + not-detected: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] idle: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] [Unknown][Unknown][Unrated] + not-detected: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] - not-detected: [...688] [ip4][..udp] [......10.0.2.15][28681] -> [.114.36.234.196][11629] [Unknown][Unknown][Unrated] + not-detected: [...688] [ip4][..udp] [......10.0.2.15][28681] -> [.114.36.234.196][11629] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...688] [ip4][..udp] [......10.0.2.15][28681] -> [.114.36.234.196][11629] - not-detected: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] [Unknown][Unknown][Unrated] + not-detected: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] [Unknown][Unknown][Unspecified][Unrated] idle: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] - not-detected: [...656] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54914] [Unknown][Unknown][Unrated] + not-detected: [...656] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...656] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54914] - not-detected: [...694] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6514] [Unknown][Unknown][Unrated] + not-detected: [...694] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6514] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...694] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6514] - not-detected: [...660] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6527] [Unknown][Unknown][Unrated] + not-detected: [...660] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6527] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...660] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6527] - not-detected: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] [Unknown][Unknown][Unrated] + not-detected: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] - not-detected: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] [Unknown][Unknown][Unrated] + not-detected: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] - not-detected: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] [Unknown][Unknown][Unrated] + not-detected: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] - not-detected: [...583] [ip4][..udp] [......10.0.2.15][28681] -> [...87.75.180.80][35361] [Unknown][Unknown][Unrated] + not-detected: [...583] [ip4][..udp] [......10.0.2.15][28681] -> [...87.75.180.80][35361] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...583] [ip4][..udp] [......10.0.2.15][28681] -> [...87.75.180.80][35361] - not-detected: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] [Unknown][Unknown][Unrated] + not-detected: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] [Unknown][Unknown][Unspecified][Unrated] idle: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] - not-detected: [...728] [ip4][..udp] [......10.0.2.15][28681] -> [..112.10.134.44][19739] [Unknown][Unknown][Unrated] + not-detected: [...728] [ip4][..udp] [......10.0.2.15][28681] -> [..112.10.134.44][19739] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...728] [ip4][..udp] [......10.0.2.15][28681] -> [..112.10.134.44][19739] - not-detected: [...588] [ip4][..udp] [......10.0.2.15][28681] -> [.219.70.175.103][.4315] [Unknown][Unknown][Unrated] + not-detected: [...588] [ip4][..udp] [......10.0.2.15][28681] -> [.219.70.175.103][.4315] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...588] [ip4][..udp] [......10.0.2.15][28681] -> [.219.70.175.103][.4315] - not-detected: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] [Unknown][Unknown][Unrated] + not-detected: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] - not-detected: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] [Unknown][Unknown][Unrated] + not-detected: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] - not-detected: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] [Unknown][Unknown][Unrated] + not-detected: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] idle: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] [Unknown][Unknown][Unrated] + not-detected: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] - not-detected: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] [Unknown][Unknown][Unrated] + not-detected: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] [Unknown][Unknown][Unspecified][Unrated] idle: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] - not-detected: [...667] [ip4][..udp] [......10.0.2.15][28681] -> [.223.18.211.177][18085] [Unknown][Unknown][Unrated] + not-detected: [...667] [ip4][..udp] [......10.0.2.15][28681] -> [.223.18.211.177][18085] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...667] [ip4][..udp] [......10.0.2.15][28681] -> [.223.18.211.177][18085] - not-detected: [...622] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.18.166][61319] [Unknown][Unknown][Unrated] + not-detected: [...622] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.18.166][61319] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...622] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.18.166][61319] - not-detected: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] [Unknown][Unknown][Unrated] + not-detected: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] - not-detected: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] [Unknown][Unknown][Unrated] + not-detected: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] - not-detected: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] [Unknown][Unknown][Unrated] + not-detected: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] - not-detected: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] [Unknown][Unknown][Unrated] + not-detected: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] - not-detected: [...679] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.83.132][57131] [Unknown][Unknown][Unrated] + not-detected: [...679] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.83.132][57131] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...679] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.83.132][57131] - not-detected: [...716] [ip4][..udp] [......10.0.2.15][28681] -> [...98.249.190.8][25198] [Unknown][Unknown][Unrated] + not-detected: [...716] [ip4][..udp] [......10.0.2.15][28681] -> [...98.249.190.8][25198] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...716] [ip4][..udp] [......10.0.2.15][28681] -> [...98.249.190.8][25198] - not-detected: [...527] [ip4][..udp] [......10.0.2.15][28681] -> [..42.72.149.140][37848] [Unknown][Unknown][Unrated] + not-detected: [...527] [ip4][..udp] [......10.0.2.15][28681] -> [..42.72.149.140][37848] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...527] [ip4][..udp] [......10.0.2.15][28681] -> [..42.72.149.140][37848] - not-detected: [...723] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][13482] [Unknown][Unknown][Unrated] + not-detected: [...723] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][13482] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...723] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][13482] idle: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...500] [ip4][..udp] [......10.0.2.15][28681] -> [.220.143.34.225][20071] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...736] [ip4][..udp] [......10.0.2.15][28681] -> [118.166.252.163][14391] [Unknown][Unknown][Unrated] + not-detected: [...736] [ip4][..udp] [......10.0.2.15][28681] -> [118.166.252.163][14391] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...736] [ip4][..udp] [......10.0.2.15][28681] -> [118.166.252.163][14391] idle: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...618] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][13281] [Unknown][Unknown][Unrated] + not-detected: [...618] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][13281] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...618] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][13281] - not-detected: [...461] [ip4][..udp] [......10.0.2.15][28681] -> [..69.27.193.124][50555] [Unknown][Unknown][Unrated] + not-detected: [...461] [ip4][..udp] [......10.0.2.15][28681] -> [..69.27.193.124][50555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...461] [ip4][..udp] [......10.0.2.15][28681] -> [..69.27.193.124][50555] idle: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Unknown][Unknown][Unrated] + not-detected: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Unknown][Unknown][Unspecified][Unrated] idle: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] - not-detected: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] [Unknown][Unknown][Unrated] + not-detected: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] - not-detected: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] [Unknown][Unknown][Unrated] + not-detected: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] idle: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...504] [ip4][..udp] [......10.0.2.15][28681] -> [..85.203.45.107][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...611] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59384] [Unknown][Unknown][Unrated] + not-detected: [...611] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59384] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...611] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59384] - not-detected: [...724] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.9070] [Unknown][Unknown][Unrated] + not-detected: [...724] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.9070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...724] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.9070] - not-detected: [...668] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][64731] [Unknown][Unknown][Unrated] + not-detected: [...668] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][64731] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...668] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][64731] - not-detected: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] [Unknown][Unknown][Unrated] + not-detected: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] idle: [...519] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.8070] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...632] [ip4][..udp] [......10.0.2.15][28681] -> [...188.149.2.44][20964] [Unknown][Unknown][Unrated] + not-detected: [...632] [ip4][..udp] [......10.0.2.15][28681] -> [...188.149.2.44][20964] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...632] [ip4][..udp] [......10.0.2.15][28681] -> [...188.149.2.44][20964] - not-detected: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] [Unknown][Unknown][Unrated] + not-detected: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] - not-detected: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] [Unknown][Unknown][Unrated] + not-detected: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] - not-detected: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] [Unknown][Unknown][Unrated] + not-detected: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] - not-detected: [...478] [ip4][..udp] [......10.0.2.15][28681] -> [...36.235.85.44][64914] [Unknown][Unknown][Unrated] + not-detected: [...478] [ip4][..udp] [......10.0.2.15][28681] -> [...36.235.85.44][64914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...478] [ip4][..udp] [......10.0.2.15][28681] -> [...36.235.85.44][64914] - not-detected: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] [Unknown][Unknown][Unrated] + not-detected: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] - not-detected: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] [Unknown][Unknown][Unrated] + not-detected: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] idle: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] [Unknown][Unknown][Unrated] + not-detected: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] - not-detected: [...674] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.1.236][.9369] [Unknown][Unknown][Unrated] + not-detected: [...674] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.1.236][.9369] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...674] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.1.236][.9369] - not-detected: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] [Unknown][Unknown][Unrated] + not-detected: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] - not-detected: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] [Unknown][Unknown][Unrated] + not-detected: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] - not-detected: [...595] [ip4][..udp] [......10.0.2.15][28681] -> [.175.182.21.156][13732] [Unknown][Unknown][Unrated] + not-detected: [...595] [ip4][..udp] [......10.0.2.15][28681] -> [.175.182.21.156][13732] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...595] [ip4][..udp] [......10.0.2.15][28681] -> [.175.182.21.156][13732] - not-detected: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] [Unknown][Unknown][Unrated] + not-detected: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] [Unknown][Unknown][Unspecified][Unrated] idle: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] - not-detected: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] [Unknown][Unknown][Unrated] + not-detected: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] - not-detected: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] [Unknown][Unknown][Unrated] + not-detected: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] - not-detected: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] [Unknown][Unknown][Unrated] + not-detected: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] - not-detected: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] [Unknown][Unknown][Unrated] + not-detected: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] - not-detected: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] [Unknown][Unknown][Unrated] + not-detected: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] - not-detected: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] [Unknown][Unknown][Unrated] + not-detected: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] - not-detected: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] [Unknown][Unknown][Unrated] + not-detected: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] - not-detected: [...637] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.194.73][.1995] [Unknown][Unknown][Unrated] + not-detected: [...637] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.194.73][.1995] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...637] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.194.73][.1995] - not-detected: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] [Unknown][Unknown][Unrated] + not-detected: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] [Unknown][Unknown][Unspecified][Unrated] idle: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] - not-detected: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] [Unknown][Unknown][Unrated] + not-detected: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] [Unknown][Unknown][Unspecified][Unrated] idle: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] - not-detected: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] [Unknown][Unknown][Unrated] + not-detected: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] - not-detected: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] [Unknown][Unknown][Unrated] + not-detected: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] - not-detected: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] [Unknown][Unknown][Unrated] + not-detected: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] idle: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...673] [ip4][..udp] [......10.0.2.15][28681] -> [.125.59.215.249][14571] [Unknown][Unknown][Unrated] + not-detected: [...673] [ip4][..udp] [......10.0.2.15][28681] -> [.125.59.215.249][14571] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...673] [ip4][..udp] [......10.0.2.15][28681] -> [.125.59.215.249][14571] - not-detected: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] [Unknown][Unknown][Unrated] + not-detected: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] [Unknown][Unknown][Unspecified][Unrated] idle: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] - not-detected: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] [Unknown][Unknown][Unrated] + not-detected: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] - not-detected: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] [Unknown][Unknown][Unrated] + not-detected: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] [Unknown][Unknown][Unspecified][Unrated] idle: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] - not-detected: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] [Unknown][Unknown][Unrated] + not-detected: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] [Unknown][Unknown][Unspecified][Unrated] idle: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] - not-detected: [...743] [ip4][..udp] [......10.0.2.15][28681] -> [...27.94.154.53][.6346] [Unknown][Unknown][Unrated] + not-detected: [...743] [ip4][..udp] [......10.0.2.15][28681] -> [...27.94.154.53][.6346] [Unknown][Unknown][Unspecified][Unrated] idle: [...743] [ip4][..udp] [......10.0.2.15][28681] -> [...27.94.154.53][.6346] - not-detected: [...710] [ip4][..udp] [......10.0.2.15][28681] -> [113.254.140.225][63637] [Unknown][Unknown][Unrated] + not-detected: [...710] [ip4][..udp] [......10.0.2.15][28681] -> [113.254.140.225][63637] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...710] [ip4][..udp] [......10.0.2.15][28681] -> [113.254.140.225][63637] idle: [...510] [ip4][..udp] [......10.0.2.15][28681] -> [...79.94.85.113][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] [Unknown][Unknown][Unrated] + not-detected: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] - not-detected: [...655] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.2566] [Unknown][Unknown][Unrated] + not-detected: [...655] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.2566] [Unknown][Unknown][Unspecified][Unrated] idle: [...655] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.2566] - not-detected: [...548] [ip4][..udp] [......10.0.2.15][28681] -> [..74.50.147.205][17735] [Unknown][Unknown][Unrated] + not-detected: [...548] [ip4][..udp] [......10.0.2.15][28681] -> [..74.50.147.205][17735] [Unknown][Unknown][Unspecified][Unrated] idle: [...548] [ip4][..udp] [......10.0.2.15][28681] -> [..74.50.147.205][17735] - not-detected: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] [Unknown][Unknown][Unrated] + not-detected: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] idle: [...496] [ip4][..udp] [......10.0.2.15][28681] -> [.218.173.230.98][19004] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] [Unknown][Unknown][Unrated] + not-detected: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] idle: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...620] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53516] [Unknown][Unknown][Unrated] + not-detected: [...620] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53516] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...620] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53516] - not-detected: [...591] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53707] [Unknown][Unknown][Unrated] + not-detected: [...591] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53707] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...591] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53707] - not-detected: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] [Unknown][Unknown][Unrated] + not-detected: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] [Unknown][Unknown][Unspecified][Unrated] idle: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] - not-detected: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] [Unknown][Unknown][Unrated] + not-detected: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] - not-detected: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] [Unknown][Unknown][Unrated] + not-detected: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] idle: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...705] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.8658] [Unknown][Unknown][Unrated] + not-detected: [...705] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.8658] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...705] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.8658] idle: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] [Unknown][Unknown][Unrated] + not-detected: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] - not-detected: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] [Unknown][Unknown][Unrated] + not-detected: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] - not-detected: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] [Unknown][Unknown][Unrated] + not-detected: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] - not-detected: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] [Unknown][Unknown][Unrated] + not-detected: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] - not-detected: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] [Unknown][Unknown][Unrated] + not-detected: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] [Unknown][Unknown][Unspecified][Unrated] idle: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] - not-detected: [...549] [ip4][..udp] [......10.0.2.15][28681] -> [..84.211.151.48][11105] [Unknown][Unknown][Unrated] + not-detected: [...549] [ip4][..udp] [......10.0.2.15][28681] -> [..84.211.151.48][11105] [Unknown][Unknown][Unspecified][Unrated] idle: [...549] [ip4][..udp] [......10.0.2.15][28681] -> [..84.211.151.48][11105] - not-detected: [...567] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52889] [Unknown][Unknown][Unrated] + not-detected: [...567] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52889] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...567] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52889] idle: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...497] [ip4][..udp] [......10.0.2.15][28681] -> [..84.100.76.123][39628] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] [Unknown][Unknown][Unrated] + not-detected: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] [Unknown][Unknown][Unspecified][Unrated] idle: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] - not-detected: [...719] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Unknown][Unknown][Unrated] + not-detected: [...719] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Unknown][Unknown][Unspecified][Unrated] idle: [...719] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] - not-detected: [...523] [ip4][..udp] [......10.0.2.15][28681] -> [..1.162.138.200][24018] [Unknown][Unknown][Unrated] + not-detected: [...523] [ip4][..udp] [......10.0.2.15][28681] -> [..1.162.138.200][24018] [Unknown][Unknown][Unspecified][Unrated] idle: [...523] [ip4][..udp] [......10.0.2.15][28681] -> [..1.162.138.200][24018] - not-detected: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] [Unknown][Unknown][Unrated] + not-detected: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] [Unknown][Unknown][Unspecified][Unrated] idle: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] - not-detected: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] [Unknown][Unknown][Unrated] + not-detected: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] - not-detected: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] [Unknown][Unknown][Unrated] + not-detected: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] - not-detected: [...578] [ip4][..udp] [......10.0.2.15][28681] -> [..77.205.243.44][46006] [Unknown][Unknown][Unrated] + not-detected: [...578] [ip4][..udp] [......10.0.2.15][28681] -> [..77.205.243.44][46006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...578] [ip4][..udp] [......10.0.2.15][28681] -> [..77.205.243.44][46006] - not-detected: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] [Unknown][Unknown][Unrated] + not-detected: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] - not-detected: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] [Unknown][Unknown][Unrated] + not-detected: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] - not-detected: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] [Unknown][Unknown][Unrated] + not-detected: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] - not-detected: [...607] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.4814] [Unknown][Unknown][Unrated] + not-detected: [...607] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.4814] [Unknown][Unknown][Unspecified][Unrated] idle: [...607] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.4814] - not-detected: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] [Unknown][Unknown][Unrated] + not-detected: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] [Unknown][Unknown][Unspecified][Unrated] idle: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] - not-detected: [...581] [ip4][..udp] [......10.0.2.15][28681] -> [..58.115.108.10][.4641] [Unknown][Unknown][Unrated] + not-detected: [...581] [ip4][..udp] [......10.0.2.15][28681] -> [..58.115.108.10][.4641] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...581] [ip4][..udp] [......10.0.2.15][28681] -> [..58.115.108.10][.4641] - not-detected: [...612] [ip4][..udp] [......10.0.2.15][28681] -> [.106.104.88.139][.7423] [Unknown][Unknown][Unrated] + not-detected: [...612] [ip4][..udp] [......10.0.2.15][28681] -> [.106.104.88.139][.7423] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...612] [ip4][..udp] [......10.0.2.15][28681] -> [.106.104.88.139][.7423] - not-detected: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] [Unknown][Unknown][Unrated] + not-detected: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] - not-detected: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] [Unknown][Unknown][Unrated] + not-detected: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] - not-detected: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] [Unknown][Unknown][Unrated] + not-detected: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] [Unknown][Unknown][Unspecified][Unrated] idle: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] - not-detected: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] [Unknown][Unknown][Unrated] + not-detected: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] - not-detected: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] [Unknown][Unknown][Unrated] + not-detected: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] idle: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...516] [ip4][..udp] [......10.0.2.15][28681] -> [.119.246.147.72][.4572] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...584] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][18360] [Unknown][Unknown][Unrated] + not-detected: [...584] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][18360] [Unknown][Unknown][Unspecified][Unrated] idle: [...584] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][18360] - not-detected: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] [Unknown][Unknown][Unrated] + not-detected: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] - not-detected: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] [Unknown][Unknown][Unrated] + not-detected: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] - not-detected: [...594] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7375] [Unknown][Unknown][Unrated] + not-detected: [...594] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7375] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...594] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7375] - not-detected: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] [Unknown][Unknown][Unrated] + not-detected: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] - not-detected: [...692] [ip4][..udp] [......10.0.2.15][28681] -> [.76.110.153.177][40022] [Unknown][Unknown][Unrated] + not-detected: [...692] [ip4][..udp] [......10.0.2.15][28681] -> [.76.110.153.177][40022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...692] [ip4][..udp] [......10.0.2.15][28681] -> [.76.110.153.177][40022] - not-detected: [...718] [ip4][..udp] [......10.0.2.15][28681] -> [218.102.208.175][.9167] [Unknown][Unknown][Unrated] + not-detected: [...718] [ip4][..udp] [......10.0.2.15][28681] -> [218.102.208.175][.9167] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...718] [ip4][..udp] [......10.0.2.15][28681] -> [218.102.208.175][.9167] - not-detected: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] [Unknown][Unknown][Unrated] + not-detected: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] - not-detected: [...615] [ip4][..udp] [......10.0.2.15][28681] -> [.74.195.236.249][18557] [Unknown][Unknown][Unrated] + not-detected: [...615] [ip4][..udp] [......10.0.2.15][28681] -> [.74.195.236.249][18557] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...615] [ip4][..udp] [......10.0.2.15][28681] -> [.74.195.236.249][18557] - not-detected: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] [Unknown][Unknown][Unrated] + not-detected: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] - not-detected: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] [Unknown][Unknown][Unrated] + not-detected: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] [Unknown][Unknown][Unspecified][Unrated] idle: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] - not-detected: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] [Unknown][Unknown][Unrated] + not-detected: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] - not-detected: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] [Unknown][Unknown][Unrated] + not-detected: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] idle: [...512] [ip4][..udp] [......10.0.2.15][28681] -> [..209.204.207.5][49256] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unrated] + not-detected: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] idle: [...517] [ip4][..udp] [......10.0.2.15][28681] -> [..36.239.162.27][.7986] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...684] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][54436] [Unknown][Unknown][Unrated] + not-detected: [...684] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][54436] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...684] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][54436] update: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] @@ -6600,108 +6600,108 @@ RISK: Unsafe Protocol idle: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] [Unknown][Unknown][Unrated] + not-detected: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] - not-detected: [...554] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][55577] [Unknown][Unknown][Unrated] + not-detected: [...554] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][55577] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...554] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][55577] - not-detected: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] [Unknown][Unknown][Unrated] + not-detected: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] - not-detected: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] [Unknown][Unknown][Unrated] + not-detected: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] - not-detected: [...556] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49787] [Unknown][Unknown][Unrated] + not-detected: [...556] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49787] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...556] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49787] - not-detected: [...539] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.7510] [Unknown][Unknown][Unrated] + not-detected: [...539] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.7510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...539] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.7510] - not-detected: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] [Unknown][Unknown][Unrated] + not-detected: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] - not-detected: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] [Unknown][Unknown][Unrated] + not-detected: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] - not-detected: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] [Unknown][Unknown][Unrated] + not-detected: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] - not-detected: [...531] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51497] [Unknown][Unknown][Unrated] + not-detected: [...531] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51497] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...531] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51497] - not-detected: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] [Unknown][Unknown][Unrated] + not-detected: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] - not-detected: [...540] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52131] [Unknown][Unknown][Unrated] + not-detected: [...540] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52131] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...540] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52131] - not-detected: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] [Unknown][Unknown][Unrated] + not-detected: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] - not-detected: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] [Unknown][Unknown][Unrated] + not-detected: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] - not-detected: [...541] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][11141] [Unknown][Unknown][Unrated] + not-detected: [...541] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][11141] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...541] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][11141] - not-detected: [...561] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57466] [Unknown][Unknown][Unrated] + not-detected: [...561] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57466] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...561] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57466] - not-detected: [...546] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49867] [Unknown][Unknown][Unrated] + not-detected: [...546] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49867] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...546] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49867] - not-detected: [...534] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54436] [Unknown][Unknown][Unrated] + not-detected: [...534] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54436] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...534] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54436] - not-detected: [...551] [ip4][..udp] [......10.0.2.15][28681] -> [..92.24.129.230][14766] [Unknown][Unknown][Unrated] + not-detected: [...551] [ip4][..udp] [......10.0.2.15][28681] -> [..92.24.129.230][14766] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...551] [ip4][..udp] [......10.0.2.15][28681] -> [..92.24.129.230][14766] - not-detected: [...559] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][55080] [Unknown][Unknown][Unrated] + not-detected: [...559] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][55080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...559] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][55080] - not-detected: [...529] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][57929] [Unknown][Unknown][Unrated] + not-detected: [...529] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][57929] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...529] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][57929] - not-detected: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] [Unknown][Unknown][Unrated] + not-detected: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] - not-detected: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] [Unknown][Unknown][Unrated] + not-detected: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] - not-detected: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] [Unknown][Unknown][Unrated] + not-detected: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] - not-detected: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] [Unknown][Unknown][Unrated] + not-detected: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] - not-detected: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] [Unknown][Unknown][Unrated] + not-detected: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] - not-detected: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] [Unknown][Unknown][Unrated] + not-detected: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] - not-detected: [...536] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.222.160][56121] [Unknown][Unknown][Unrated] + not-detected: [...536] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.222.160][56121] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...536] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.222.160][56121] - not-detected: [...558] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6466] [Unknown][Unknown][Unrated] + not-detected: [...558] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6466] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...558] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6466] - not-detected: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] [Unknown][Unknown][Unrated] + not-detected: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] - not-detected: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] [Unknown][Unknown][Unrated] + not-detected: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] - not-detected: [...528] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][58442] [Unknown][Unknown][Unrated] + not-detected: [...528] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][58442] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...528] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][58442] idle: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] [Unknown][Unknown][Unrated] + not-detected: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] - not-detected: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] [Unknown][Unknown][Unrated] + not-detected: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] @@ -6826,12 +6826,12 @@ RISK: Unsafe Protocol idle: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] [Unknown][Unknown][Unrated] + not-detected: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] - not-detected: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] [Unknown][Unknown][Unrated] + not-detected: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] [Unknown][Unknown][Unspecified][Unrated] idle: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] - not-detected: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] [Unknown][Unknown][Unrated] + not-detected: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] [Unknown][Unknown][Unspecified][Unrated] idle: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7028,62 +7028,62 @@ RISK: Unsafe Protocol idle: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....49] [ip4][..tcp] [......10.0.2.15][50209] -> [113.252.206.254][49587] [Unknown][Unknown][Unrated] + not-detected: [....49] [ip4][..tcp] [......10.0.2.15][50209] -> [113.252.206.254][49587] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....49] [ip4][..tcp] [......10.0.2.15][50209] -> [113.252.206.254][49587] - not-detected: [....68] [ip4][..tcp] [......10.0.2.15][50227] -> [.111.246.157.94][51175] [Unknown][Unknown][Unrated] + not-detected: [....68] [ip4][..tcp] [......10.0.2.15][50227] -> [.111.246.157.94][51175] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....68] [ip4][..tcp] [......10.0.2.15][50227] -> [.111.246.157.94][51175] idle: [...797] [ip4][.icmp] [...154.3.42.209] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy idle: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....81] [ip4][..tcp] [......10.0.2.15][50240] -> [..36.237.10.152][21293] [Unknown][Unknown][Unrated] + not-detected: [....81] [ip4][..tcp] [......10.0.2.15][50240] -> [..36.237.10.152][21293] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....81] [ip4][..tcp] [......10.0.2.15][50240] -> [..36.237.10.152][21293] idle: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....79] [ip4][..tcp] [......10.0.2.15][50238] -> [.124.218.41.253][59144] [Unknown][Unknown][Unrated] + not-detected: [....79] [ip4][..tcp] [......10.0.2.15][50238] -> [.124.218.41.253][59144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....79] [ip4][..tcp] [......10.0.2.15][50238] -> [.124.218.41.253][59144] idle: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....32] [ip4][..tcp] [......10.0.2.15][50194] -> [..92.152.66.153][43771] [Unknown][Unknown][Unrated] + not-detected: [....32] [ip4][..tcp] [......10.0.2.15][50194] -> [..92.152.66.153][43771] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....32] [ip4][..tcp] [......10.0.2.15][50194] -> [..92.152.66.153][43771] - not-detected: [...231] [ip4][..tcp] [......10.0.2.15][50277] -> [.82.181.251.218][36368] [Unknown][Unknown][Unrated] + not-detected: [...231] [ip4][..tcp] [......10.0.2.15][50277] -> [.82.181.251.218][36368] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...231] [ip4][..tcp] [......10.0.2.15][50277] -> [.82.181.251.218][36368] idle: [...800] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] - not-detected: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unrated] + not-detected: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] - not-detected: [....71] [ip4][..tcp] [......10.0.2.15][50230] -> [....73.3.103.37][17296] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..tcp] [......10.0.2.15][50230] -> [....73.3.103.37][17296] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....71] [ip4][..tcp] [......10.0.2.15][50230] -> [....73.3.103.37][17296] - not-detected: [...244] [ip4][..tcp] [......10.0.2.15][50288] -> [...76.119.55.28][20347] [Unknown][Unknown][Unrated] + not-detected: [...244] [ip4][..tcp] [......10.0.2.15][50288] -> [...76.119.55.28][20347] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...244] [ip4][..tcp] [......10.0.2.15][50288] -> [...76.119.55.28][20347] - not-detected: [...151] [ip4][..tcp] [......10.0.2.15][50264] -> [...95.10.205.67][48380] [Unknown][Unknown][Unrated] + not-detected: [...151] [ip4][..tcp] [......10.0.2.15][50264] -> [...95.10.205.67][48380] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...151] [ip4][..tcp] [......10.0.2.15][50264] -> [...95.10.205.67][48380] idle: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...224] [ip4][..tcp] [......10.0.2.15][50270] -> [...114.27.24.95][11427] [Unknown][Unknown][Unrated] + not-detected: [...224] [ip4][..tcp] [......10.0.2.15][50270] -> [...114.27.24.95][11427] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...224] [ip4][..tcp] [......10.0.2.15][50270] -> [...114.27.24.95][11427] idle: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...147] [ip4][..tcp] [......10.0.2.15][50260] -> [113.255.200.161][51394] [Unknown][Unknown][Unrated] + not-detected: [...147] [ip4][..tcp] [......10.0.2.15][50260] -> [113.255.200.161][51394] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...147] [ip4][..tcp] [......10.0.2.15][50260] -> [113.255.200.161][51394] idle: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...769] [ip4][..udp] [......10.0.2.15][28681] -> [.123.110.61.169][11973] [Unknown][Unknown][Unrated] + not-detected: [...769] [ip4][..udp] [......10.0.2.15][28681] -> [.123.110.61.169][11973] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...769] [ip4][..udp] [......10.0.2.15][28681] -> [.123.110.61.169][11973] idle: [...788] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7096,66 +7096,66 @@ RISK: Unsafe Protocol idle: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...152] [ip4][..tcp] [......10.0.2.15][50265] -> [.113.255.250.32][52647] [Unknown][Unknown][Unrated] + not-detected: [...152] [ip4][..tcp] [......10.0.2.15][50265] -> [.113.255.250.32][52647] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...152] [ip4][..tcp] [......10.0.2.15][50265] -> [.113.255.250.32][52647] idle: [...801] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] - not-detected: [....59] [ip4][..tcp] [......10.0.2.15][50218] -> [..90.103.247.94][59045] [Unknown][Unknown][Unrated] + not-detected: [....59] [ip4][..tcp] [......10.0.2.15][50218] -> [..90.103.247.94][59045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....59] [ip4][..tcp] [......10.0.2.15][50218] -> [..90.103.247.94][59045] idle: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...230] [ip4][..tcp] [......10.0.2.15][50276] -> [.96.246.156.126][56070] [Unknown][Unknown][Unrated] + not-detected: [...230] [ip4][..tcp] [......10.0.2.15][50276] -> [.96.246.156.126][56070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...230] [ip4][..tcp] [......10.0.2.15][50276] -> [.96.246.156.126][56070] - not-detected: [....60] [ip4][..tcp] [......10.0.2.15][50219] -> [.193.121.165.12][55376] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [......10.0.2.15][50219] -> [.193.121.165.12][55376] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....60] [ip4][..tcp] [......10.0.2.15][50219] -> [.193.121.165.12][55376] end: [...239] [ip4][..tcp] [......10.0.2.15][50285] -> [..75.133.101.93][52367] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...144] [ip4][..tcp] [......10.0.2.15][50257] -> [...219.70.48.23][.3054] [Unknown][Unknown][Unrated] + not-detected: [...144] [ip4][..tcp] [......10.0.2.15][50257] -> [...219.70.48.23][.3054] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...144] [ip4][..tcp] [......10.0.2.15][50257] -> [...219.70.48.23][.3054] - not-detected: [....58] [ip4][..tcp] [......10.0.2.15][50217] -> [.113.252.86.162][54958] [Unknown][Unknown][Unrated] + not-detected: [....58] [ip4][..tcp] [......10.0.2.15][50217] -> [.113.252.86.162][54958] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....58] [ip4][..tcp] [......10.0.2.15][50217] -> [.113.252.86.162][54958] - not-detected: [...773] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] [Unknown][Unknown][Unrated] + not-detected: [...773] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] [Unknown][Unknown][Unspecified][Unrated] idle: [...773] [ip4][..udp] [......10.0.2.15][28681] -> [...86.153.21.93][36696] - not-detected: [....74] [ip4][..tcp] [......10.0.2.15][50233] -> [...1.163.14.246][12854] [Unknown][Unknown][Unrated] + not-detected: [....74] [ip4][..tcp] [......10.0.2.15][50233] -> [...1.163.14.246][12854] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....74] [ip4][..tcp] [......10.0.2.15][50233] -> [...1.163.14.246][12854] idle: [...799] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] idle: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] [Unknown][Unknown][Unrated] + not-detected: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] - not-detected: [...234] [ip4][..tcp] [......10.0.2.15][50280] -> [...99.199.148.6][.4338] [Unknown][Unknown][Unrated] + not-detected: [...234] [ip4][..tcp] [......10.0.2.15][50280] -> [...99.199.148.6][.4338] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...234] [ip4][..tcp] [......10.0.2.15][50280] -> [...99.199.148.6][.4338] - not-detected: [....50] [ip4][..tcp] [......10.0.2.15][50210] -> [..36.234.18.166][61404] [Unknown][Unknown][Unrated] + not-detected: [....50] [ip4][..tcp] [......10.0.2.15][50210] -> [..36.234.18.166][61404] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....50] [ip4][..tcp] [......10.0.2.15][50210] -> [..36.234.18.166][61404] - not-detected: [...235] [ip4][..tcp] [......10.0.2.15][50281] -> [.94.134.154.158][54130] [Unknown][Unknown][Unrated] + not-detected: [...235] [ip4][..tcp] [......10.0.2.15][50281] -> [.94.134.154.158][54130] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...235] [ip4][..tcp] [......10.0.2.15][50281] -> [.94.134.154.158][54130] - not-detected: [...232] [ip4][..tcp] [......10.0.2.15][50278] -> [..36.231.59.187][62234] [Unknown][Unknown][Unrated] + not-detected: [...232] [ip4][..tcp] [......10.0.2.15][50278] -> [..36.231.59.187][62234] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...232] [ip4][..tcp] [......10.0.2.15][50278] -> [..36.231.59.187][62234] idle: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...226] [ip4][..tcp] [......10.0.2.15][50272] -> [...1.172.184.48][13298] [Unknown][Unknown][Unrated] + not-detected: [...226] [ip4][..tcp] [......10.0.2.15][50272] -> [...1.172.184.48][13298] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...226] [ip4][..tcp] [......10.0.2.15][50272] -> [...1.172.184.48][13298] - not-detected: [...771] [ip4][..udp] [......10.0.2.15][28681] -> [...202.27.193.6][.6346] [Unknown][Unknown][Unrated] + not-detected: [...771] [ip4][..udp] [......10.0.2.15][28681] -> [...202.27.193.6][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...771] [ip4][..udp] [......10.0.2.15][28681] -> [...202.27.193.6][.6346] - not-detected: [....47] [ip4][..tcp] [......10.0.2.15][50207] -> [..90.78.171.204][.6346] [Unknown][Unknown][Unrated] + not-detected: [....47] [ip4][..tcp] [......10.0.2.15][50207] -> [..90.78.171.204][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....47] [ip4][..tcp] [......10.0.2.15][50207] -> [..90.78.171.204][.6346] - not-detected: [....92] [ip4][..tcp] [......10.0.2.15][50247] -> [..66.30.221.181][51560] [Unknown][Unknown][Unrated] + not-detected: [....92] [ip4][..tcp] [......10.0.2.15][50247] -> [..66.30.221.181][51560] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....92] [ip4][..tcp] [......10.0.2.15][50247] -> [..66.30.221.181][51560] idle: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7164,12 +7164,12 @@ RISK: Unsafe Protocol idle: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....83] [ip4][..tcp] [......10.0.2.15][50242] -> [109.210.203.131][.6346] [Unknown][Unknown][Unrated] + not-detected: [....83] [ip4][..tcp] [......10.0.2.15][50242] -> [109.210.203.131][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [......10.0.2.15][50242] -> [109.210.203.131][.6346] idle: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...227] [ip4][..tcp] [......10.0.2.15][50273] -> [..24.179.18.242][47329] [Unknown][Unknown][Unrated] + not-detected: [...227] [ip4][..tcp] [......10.0.2.15][50273] -> [..24.179.18.242][47329] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...227] [ip4][..tcp] [......10.0.2.15][50273] -> [..24.179.18.242][47329] end: [...276] [ip4][..tcp] [......10.0.2.15][50300] -> [..188.61.52.183][11852] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7184,56 +7184,56 @@ RISK: Unsafe Protocol idle: [...792] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] [Unknown][Unknown][Unrated] + not-detected: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] idle: [...783] [ip4][.icmp] [.65.182.231.232] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy - not-detected: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] [Unknown][Unknown][Unrated] + not-detected: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] - not-detected: [....72] [ip4][..tcp] [......10.0.2.15][50231] -> [..76.68.138.207][45079] [Unknown][Unknown][Unrated] + not-detected: [....72] [ip4][..tcp] [......10.0.2.15][50231] -> [..76.68.138.207][45079] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....72] [ip4][..tcp] [......10.0.2.15][50231] -> [..76.68.138.207][45079] - not-detected: [...228] [ip4][..tcp] [......10.0.2.15][50274] -> [..68.174.18.115][50679] [Unknown][Unknown][Unrated] + not-detected: [...228] [ip4][..tcp] [......10.0.2.15][50274] -> [..68.174.18.115][50679] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...228] [ip4][..tcp] [......10.0.2.15][50274] -> [..68.174.18.115][50679] - not-detected: [....84] [ip4][..tcp] [......10.0.2.15][50243] -> [176.138.129.252][27962] [Unknown][Unknown][Unrated] + not-detected: [....84] [ip4][..tcp] [......10.0.2.15][50243] -> [176.138.129.252][27962] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....84] [ip4][..tcp] [......10.0.2.15][50243] -> [176.138.129.252][27962] idle: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...297] [ip4][..tcp] [......10.0.2.15][50321] -> [213.229.111.224][.4876] [Unknown][Unknown][Unrated] + not-detected: [...297] [ip4][..tcp] [......10.0.2.15][50321] -> [213.229.111.224][.4876] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...297] [ip4][..tcp] [......10.0.2.15][50321] -> [213.229.111.224][.4876] - not-detected: [....45] [ip4][..tcp] [......10.0.2.15][50205] -> [.114.46.139.171][52120] [Unknown][Unknown][Unrated] + not-detected: [....45] [ip4][..tcp] [......10.0.2.15][50205] -> [.114.46.139.171][52120] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....45] [ip4][..tcp] [......10.0.2.15][50205] -> [.114.46.139.171][52120] idle: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Unknown][Media][Potentially Dangerous][189.147.72.83] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unsafe Protocol, Binary File/Data Transfer (Attempt) idle: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...777] [ip4][..udp] [......10.0.2.15][28681] -> [.124.244.211.43][23459] [Unknown][Unknown][Unrated] + not-detected: [...777] [ip4][..udp] [......10.0.2.15][28681] -> [.124.244.211.43][23459] [Unknown][Unknown][Unspecified][Unrated] idle: [...777] [ip4][..udp] [......10.0.2.15][28681] -> [.124.244.211.43][23459] - not-detected: [....75] [ip4][..tcp] [......10.0.2.15][50234] -> [...66.189.28.17][16269] [Unknown][Unknown][Unrated] + not-detected: [....75] [ip4][..tcp] [......10.0.2.15][50234] -> [...66.189.28.17][16269] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....75] [ip4][..tcp] [......10.0.2.15][50234] -> [...66.189.28.17][16269] idle: [...796] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] [Unknown][Unknown][Unrated] + not-detected: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] idle: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...145] [ip4][..tcp] [......10.0.2.15][50258] -> [122.100.216.210][.7097] [Unknown][Unknown][Unrated] + not-detected: [...145] [ip4][..tcp] [......10.0.2.15][50258] -> [122.100.216.210][.7097] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...145] [ip4][..tcp] [......10.0.2.15][50258] -> [122.100.216.210][.7097] - not-detected: [....44] [ip4][..tcp] [......10.0.2.15][50204] -> [..124.218.26.16][.9728] [Unknown][Unknown][Unrated] + not-detected: [....44] [ip4][..tcp] [......10.0.2.15][50204] -> [..124.218.26.16][.9728] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....44] [ip4][..tcp] [......10.0.2.15][50204] -> [..124.218.26.16][.9728] - not-detected: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] [Unknown][Unknown][Unrated] + not-detected: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] - not-detected: [....80] [ip4][..tcp] [......10.0.2.15][50239] -> [...112.105.52.2][.6384] [Unknown][Unknown][Unrated] + not-detected: [....80] [ip4][..tcp] [......10.0.2.15][50239] -> [...112.105.52.2][.6384] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....80] [ip4][..tcp] [......10.0.2.15][50239] -> [...112.105.52.2][.6384] end: [....94] [ip4][..tcp] [......10.0.2.15][50249] -> [.86.208.180.181][45883] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7242,22 +7242,22 @@ RISK: Unsafe Protocol idle: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...768] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] [Unknown][Unknown][Unrated] + not-detected: [...768] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] [Unknown][Unknown][Unspecified][Unrated] idle: [...768] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] idle: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....56] [ip4][..tcp] [......10.0.2.15][50215] -> [.124.244.64.237][.4704] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..tcp] [......10.0.2.15][50215] -> [.124.244.64.237][.4704] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....56] [ip4][..tcp] [......10.0.2.15][50215] -> [.124.244.64.237][.4704] idle: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...241] [ip4][..tcp] [......10.0.2.15][50287] -> [.98.215.130.156][12405] [Unknown][Unknown][Unrated] + not-detected: [...241] [ip4][..tcp] [......10.0.2.15][50287] -> [.98.215.130.156][12405] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...241] [ip4][..tcp] [......10.0.2.15][50287] -> [.98.215.130.156][12405] idle: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....82] [ip4][..tcp] [......10.0.2.15][50241] -> [..98.18.172.208][63172] [Unknown][Unknown][Unrated] + not-detected: [....82] [ip4][..tcp] [......10.0.2.15][50241] -> [..98.18.172.208][63172] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....82] [ip4][..tcp] [......10.0.2.15][50241] -> [..98.18.172.208][63172] idle: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7266,55 +7266,55 @@ RISK: Unsafe Protocol idle: [...763] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...286] [ip4][..tcp] [......10.0.2.15][50310] -> [.76.110.153.177][40022] [Unknown][Unknown][Unrated] + not-detected: [...286] [ip4][..tcp] [......10.0.2.15][50310] -> [.76.110.153.177][40022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...286] [ip4][..tcp] [......10.0.2.15][50310] -> [.76.110.153.177][40022] idle: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...245] [ip4][..tcp] [......10.0.2.15][50289] -> [.74.195.236.249][18557] [Unknown][Unknown][Unrated] + not-detected: [...245] [ip4][..tcp] [......10.0.2.15][50289] -> [.74.195.236.249][18557] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...245] [ip4][..tcp] [......10.0.2.15][50289] -> [.74.195.236.249][18557] idle: [...787] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...233] [ip4][..tcp] [......10.0.2.15][50279] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unrated] + not-detected: [...233] [ip4][..tcp] [......10.0.2.15][50279] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...233] [ip4][..tcp] [......10.0.2.15][50279] -> [.113.252.91.201][.4297] idle: [...793] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...123] [ip4][..tcp] [......10.0.2.15][50254] -> [..24.78.134.188][49046] [Unknown][Unknown][Unrated] + not-detected: [...123] [ip4][..tcp] [......10.0.2.15][50254] -> [..24.78.134.188][49046] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...123] [ip4][..tcp] [......10.0.2.15][50254] -> [..24.78.134.188][49046] - not-detected: [....48] [ip4][..tcp] [......10.0.2.15][50208] -> [.119.237.116.22][.8683] [Unknown][Unknown][Unrated] + not-detected: [....48] [ip4][..tcp] [......10.0.2.15][50208] -> [.119.237.116.22][.8683] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....48] [ip4][..tcp] [......10.0.2.15][50208] -> [.119.237.116.22][.8683] - not-detected: [....78] [ip4][..tcp] [......10.0.2.15][50237] -> [.88.123.202.175][37910] [Unknown][Unknown][Unrated] + not-detected: [....78] [ip4][..tcp] [......10.0.2.15][50237] -> [.88.123.202.175][37910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....78] [ip4][..tcp] [......10.0.2.15][50237] -> [.88.123.202.175][37910] idle: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...225] [ip4][..tcp] [......10.0.2.15][50271] -> [.218.164.198.27][60202] [Unknown][Unknown][Unrated] + not-detected: [...225] [ip4][..tcp] [......10.0.2.15][50271] -> [.218.164.198.27][60202] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...225] [ip4][..tcp] [......10.0.2.15][50271] -> [.218.164.198.27][60202] - not-detected: [....33] [ip4][..tcp] [......10.0.2.15][50195] -> [162.157.143.201][29762] [Unknown][Unknown][Unrated] + not-detected: [....33] [ip4][..tcp] [......10.0.2.15][50195] -> [162.157.143.201][29762] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....33] [ip4][..tcp] [......10.0.2.15][50195] -> [162.157.143.201][29762] - not-detected: [...772] [ip4][..udp] [......10.0.2.15][28681] -> [.73.192.231.237][.9676] [Unknown][Unknown][Unrated] + not-detected: [...772] [ip4][..udp] [......10.0.2.15][28681] -> [.73.192.231.237][.9676] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...772] [ip4][..udp] [......10.0.2.15][28681] -> [.73.192.231.237][.9676] - not-detected: [...120] [ip4][..tcp] [......10.0.2.15][50251] -> [...24.127.1.235][37814] [Unknown][Unknown][Unrated] + not-detected: [...120] [ip4][..tcp] [......10.0.2.15][50251] -> [...24.127.1.235][37814] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...120] [ip4][..tcp] [......10.0.2.15][50251] -> [...24.127.1.235][37814] - not-detected: [....40] [ip4][..tcp] [......10.0.2.15][50201] -> [..78.122.93.185][.6346] [Unknown][Unknown][Unrated] + not-detected: [....40] [ip4][..tcp] [......10.0.2.15][50201] -> [..78.122.93.185][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....40] [ip4][..tcp] [......10.0.2.15][50201] -> [..78.122.93.185][.6346] - not-detected: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] [Unknown][Unknown][Unrated] + not-detected: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] idle: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....65] [ip4][..tcp] [......10.0.2.15][50224] -> [...78.125.63.97][.6346] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..tcp] [......10.0.2.15][50224] -> [...78.125.63.97][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....65] [ip4][..tcp] [......10.0.2.15][50224] -> [...78.125.63.97][.6346] idle: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7323,44 +7323,44 @@ RISK: Unsafe Protocol idle: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...229] [ip4][..tcp] [......10.0.2.15][50275] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unrated] + not-detected: [...229] [ip4][..tcp] [......10.0.2.15][50275] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...229] [ip4][..tcp] [......10.0.2.15][50275] -> [.122.117.100.78][.9010] - not-detected: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] [Unknown][Unknown][Unrated] + not-detected: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] [Unknown][Unknown][Unspecified][Unrated] idle: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] idle: [...795] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....64] [ip4][..tcp] [......10.0.2.15][50223] -> [118.167.248.220][63108] [Unknown][Unknown][Unrated] + not-detected: [....64] [ip4][..tcp] [......10.0.2.15][50223] -> [118.167.248.220][63108] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....64] [ip4][..tcp] [......10.0.2.15][50223] -> [118.167.248.220][63108] - not-detected: [...266] [ip4][..tcp] [......10.0.2.15][50290] -> [....73.89.249.8][50649] [Unknown][Unknown][Unrated] + not-detected: [...266] [ip4][..tcp] [......10.0.2.15][50290] -> [....73.89.249.8][50649] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...266] [ip4][..tcp] [......10.0.2.15][50290] -> [....73.89.249.8][50649] idle: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....70] [ip4][..tcp] [......10.0.2.15][50229] -> [....1.36.249.91][64920] [Unknown][Unknown][Unrated] + not-detected: [....70] [ip4][..tcp] [......10.0.2.15][50229] -> [....1.36.249.91][64920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....70] [ip4][..tcp] [......10.0.2.15][50229] -> [....1.36.249.91][64920] idle: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] [Unknown][Unknown][Unrated] + not-detected: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] [Unknown][Unknown][Unspecified][Unrated] idle: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] idle: [...790] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...150] [ip4][..tcp] [......10.0.2.15][50263] -> [..73.182.136.42][27873] [Unknown][Unknown][Unrated] + not-detected: [...150] [ip4][..tcp] [......10.0.2.15][50263] -> [..73.182.136.42][27873] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...150] [ip4][..tcp] [......10.0.2.15][50263] -> [..73.182.136.42][27873] idle: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...776] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.10.83][.8797] [Unknown][Unknown][Unrated] + not-detected: [...776] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.10.83][.8797] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...776] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.10.83][.8797] - not-detected: [...765] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Unknown][Unknown][Unrated] + not-detected: [...765] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [...765] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] - not-detected: [...240] [ip4][..tcp] [......10.0.2.15][50286] -> [.84.118.116.198][44616] [Unknown][Unknown][Unrated] + not-detected: [...240] [ip4][..tcp] [......10.0.2.15][50286] -> [.84.118.116.198][44616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...240] [ip4][..tcp] [......10.0.2.15][50286] -> [.84.118.116.198][44616] idle: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -7371,66 +7371,66 @@ RISK: Unsafe Protocol idle: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....57] [ip4][..tcp] [......10.0.2.15][50216] -> [182.155.128.228][.3256] [Unknown][Unknown][Unrated] + not-detected: [....57] [ip4][..tcp] [......10.0.2.15][50216] -> [182.155.128.228][.3256] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....57] [ip4][..tcp] [......10.0.2.15][50216] -> [182.155.128.228][.3256] idle: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....62] [ip4][..tcp] [......10.0.2.15][50221] -> [...59.104.173.5][49956] [Unknown][Unknown][Unrated] + not-detected: [....62] [ip4][..tcp] [......10.0.2.15][50221] -> [...59.104.173.5][49956] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....62] [ip4][..tcp] [......10.0.2.15][50221] -> [...59.104.173.5][49956] idle: [...791] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] [Unknown][Unknown][Unrated] + not-detected: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] idle: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] [Unknown][Unknown][Unrated] + not-detected: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] [Unknown][Unknown][Unspecified][Unrated] idle: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] idle: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Unknown][Media][Potentially Dangerous][69.118.162.229] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unsafe Protocol, Binary File/Data Transfer (Attempt) - not-detected: [...281] [ip4][..tcp] [......10.0.2.15][50305] -> [....94.54.66.82][63637] [Unknown][Unknown][Unrated] + not-detected: [...281] [ip4][..tcp] [......10.0.2.15][50305] -> [....94.54.66.82][63637] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...281] [ip4][..tcp] [......10.0.2.15][50305] -> [....94.54.66.82][63637] - not-detected: [...236] [ip4][..tcp] [......10.0.2.15][50282] -> [..221.124.66.33][13060] [Unknown][Unknown][Unrated] + not-detected: [...236] [ip4][..tcp] [......10.0.2.15][50282] -> [..221.124.66.33][13060] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...236] [ip4][..tcp] [......10.0.2.15][50282] -> [..221.124.66.33][13060] idle: [...786] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....39] [ip4][..tcp] [......10.0.2.15][50200] -> [176.128.217.128][45194] [Unknown][Unknown][Unrated] + not-detected: [....39] [ip4][..tcp] [......10.0.2.15][50200] -> [176.128.217.128][45194] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....39] [ip4][..tcp] [......10.0.2.15][50200] -> [176.128.217.128][45194] - not-detected: [....66] [ip4][..tcp] [......10.0.2.15][50225] -> [.109.210.81.147][24800] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip4][..tcp] [......10.0.2.15][50225] -> [.109.210.81.147][24800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....66] [ip4][..tcp] [......10.0.2.15][50225] -> [.109.210.81.147][24800] - not-detected: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] [Unknown][Unknown][Unrated] + not-detected: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] idle: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [...779] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][18381] [Unknown][Unknown][Unrated] + not-detected: [...779] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][18381] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...779] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][18381] idle: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - not-detected: [....89] [ip4][..tcp] [......10.0.2.15][50244] -> [..188.61.52.183][63978] [Unknown][Unknown][Unrated] + not-detected: [....89] [ip4][..tcp] [......10.0.2.15][50244] -> [..188.61.52.183][63978] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....89] [ip4][..tcp] [......10.0.2.15][50244] -> [..188.61.52.183][63978] - not-detected: [...268] [ip4][..tcp] [......10.0.2.15][50292] -> [...95.10.205.67][11603] [Unknown][Unknown][Unrated] + not-detected: [...268] [ip4][..tcp] [......10.0.2.15][50292] -> [...95.10.205.67][11603] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...268] [ip4][..tcp] [......10.0.2.15][50292] -> [...95.10.205.67][11603] - not-detected: [...142] [ip4][..tcp] [......10.0.2.15][50255] -> [..36.236.203.37][52165] [Unknown][Unknown][Unrated] + not-detected: [...142] [ip4][..tcp] [......10.0.2.15][50255] -> [..36.236.203.37][52165] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...142] [ip4][..tcp] [......10.0.2.15][50255] -> [..36.236.203.37][52165] - not-detected: [....53] [ip4][..tcp] [......10.0.2.15][50213] -> [...85.117.153.7][50138] [Unknown][Unknown][Unrated] + not-detected: [....53] [ip4][..tcp] [......10.0.2.15][50213] -> [...85.117.153.7][50138] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....53] [ip4][..tcp] [......10.0.2.15][50213] -> [...85.117.153.7][50138] - not-detected: [....91] [ip4][..tcp] [......10.0.2.15][50246] -> [...80.7.252.192][45685] [Unknown][Unknown][Unrated] + not-detected: [....91] [ip4][..tcp] [......10.0.2.15][50246] -> [...80.7.252.192][45685] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....91] [ip4][..tcp] [......10.0.2.15][50246] -> [...80.7.252.192][45685] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gtp_false_positive.pcapng.out b/test/results/flow-info/default/gtp_false_positive.pcapng.out index 8f19de172..e0f9738bb 100644 --- a/test/results/flow-info/default/gtp_false_positive.pcapng.out +++ b/test/results/flow-info/default/gtp_false_positive.pcapng.out @@ -6,7 +6,7 @@ DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....2] [ip4][..udp] [...50.7.111.134][17000] -> [103.225.103.159][.2123] - not-detected: [.....1] [ip4][..udp] [.....24.1.33.66][29255] -> [..62.56.122.232][.3386] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..udp] [.....24.1.33.66][29255] -> [..62.56.122.232][.3386] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....24.1.33.66][29255] -> [..62.56.122.232][.3386] DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/default/hcl_notes.pcapng.out b/test/results/flow-info/default/hcl_notes.pcapng.out new file mode 100644 index 000000000..f7027291f --- /dev/null +++ b/test/results/flow-info/default/hcl_notes.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...192.168.1.31][49779] -> [...192.168.1.30][.1352] + detected: [.....1] [ip4][..tcp] [...192.168.1.31][49779] -> [...192.168.1.30][.1352] [HCL_Notes][Unknown][Collaborative][Acceptable] + idle: [.....1] [ip4][..tcp] [...192.168.1.31][49779] -> [...192.168.1.30][.1352] [HCL_Notes][Unknown][Collaborative][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/heuristic_tcp_ack_payload.pcap.out b/test/results/flow-info/default/heuristic_tcp_ack_payload.pcap.out index 474fc2ded..500c2d185 100644 --- a/test/results/flow-info/default/heuristic_tcp_ack_payload.pcap.out +++ b/test/results/flow-info/default/heuristic_tcp_ack_payload.pcap.out @@ -50,7 +50,7 @@ [IATS(ms)....: 0.0,10.5,0.0,1548.8,0.0,1559.9,0.0,2.5,0.0,14.1,0.0,4.4,0.0,0.1,0.0,17.1,0.0,0.0,0.0,4.7,0.0,18.5,0.0,216.2,0.0,213.8,0.0,10.4,0.0,5455.6,0.0] [PKTLENS.....: 52,52,46,46,46,46,42,42,609,609,46,46,1450,1450,2883,2883,42,42,42,42,166,166,298,298,42,42,298,298,42,42,71,71] [ENTROPIES...: 4.5,4.5,4.8,4.8,4.8,4.8,4.8,4.8,7.1,7.1,4.6,4.6,7.2,7.2,7.5,7.5,4.7,4.7,4.7,4.7,6.3,6.3,7.1,7.1,4.8,4.8,7.1,7.1,4.7,4.7,5.2,5.2] - guessed: [.....5] [ip4][..tcp] [194.226.199.103][62580] -> [..217.69.139.59][..443] [TLS][Unknown][Web][Safe] + guessed: [.....5] [ip4][..tcp] [194.226.199.103][62580] -> [..217.69.139.59][..443] [TLS][VK][Web][Safe] new: [.....6] [ip4][..tcp] [.194.226.199.61][.6946] -> [....2.22.40.186][..443] analyse: [.....6] [ip4][..tcp] [.194.226.199.61][.6946] -> [....2.22.40.186][..443] min| max| avg| stddev| variance| entropy @@ -69,5 +69,5 @@ end: [.....4] [ip4][..tcp] [..194.226.199.9][49756] -> [..92.223.106.21][..443] idle: [.....6] [ip4][..tcp] [.194.226.199.61][.6946] -> [....2.22.40.186][..443] [TLS][Unknown][Web][Safe] RISK: Susp Entropy - end: [.....5] [ip4][..tcp] [194.226.199.103][62580] -> [..217.69.139.59][..443] [TLS][Unknown][Web][Safe] + end: [.....5] [ip4][..tcp] [194.226.199.103][62580] -> [..217.69.139.59][..443] [TLS][VK][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/hots.pcapng.out b/test/results/flow-info/default/hots.pcapng.out index 948245cda..37aaec3a8 100644 --- a/test/results/flow-info/default/hots.pcapng.out +++ b/test/results/flow-info/default/hots.pcapng.out @@ -2,8 +2,8 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] - detected: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] - analyse: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] + detected: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Blizzard][Game][Fun] + analyse: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Blizzard][Game][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.004| 91.418| 2.995| 16.144| 260622725.939| 0.200] [PKTLEN......: 48.000| 60.000| 54.900| 5.000| 25.200| 5.000] @@ -13,17 +13,17 @@ [IATS(ms)....: 39.9,24.4,63.7,66.2,61.9,34.4,30.8,61.1,3.6,33.3,62.9,57.4,6.9,91418.3,63.4,62.5,36.6,26.4,63.2,62.9,63.1,62.9,63.5,62.7,63.2,32.4,30.2,63.0,62.9,26.1,37.0] [PKTLENS.....: 52,48,52,52,52,52,48,52,48,52,52,52,48,52,60,60,60,48,60,60,60,60,60,60,60,60,48,60,60,60,48,60] [ENTROPIES...: 4.9,4.8,4.8,4.9,4.9,4.9,4.8,4.9,4.8,4.9,4.9,4.9,4.8,4.9,4.4,4.4,4.4,3.7,4.4,4.4,4.3,4.4,4.2,4.3,4.3,4.4,3.7,4.4,4.4,4.4,3.7,4.4] - update: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] + update: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Blizzard][Game][Fun] DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] - detected: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] - idle: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] + detected: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Blizzard][Game][Fun] + idle: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Blizzard][Game][Fun] DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] - detected: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] - analyse: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] + detected: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Blizzard][Game][Fun] + analyse: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Blizzard][Game][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 0.063| 0.033| 0.019| 353.907| 4.700] [PKTLEN......: 48.000| 150.000| 105.500| 33.500| 1124.400| 4.900] @@ -33,6 +33,6 @@ [IATS(ms)....: 31.8,14.7,16.3,4.7,58.4,5.0,58.2,42.4,20.5,62.8,16.3,47.0,45.2,18.0,62.8,27.1,19.2,16.4,50.2,13.1,1.1,62.3,31.6,31.0,31.9,30.7,13.2,50.3,34.1,29.3,62.1] [PKTLENS.....: 111,111,48,132,132,103,103,121,121,103,109,109,103,48,150,109,109,48,109,48,150,150,146,48,129,48,138,138,121,48,123,109] [ENTROPIES...: 5.7,5.7,3.7,6.0,6.0,5.4,5.4,5.9,5.9,5.6,5.7,5.7,5.5,3.7,6.2,5.8,5.8,3.7,5.7,3.7,6.3,6.3,6.3,3.7,6.0,3.7,6.0,6.1,5.9,3.7,6.0,5.7] - idle: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] - idle: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] + idle: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Blizzard][Game][Fun] + idle: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Blizzard][Game][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http_asymmetric.pcapng.out b/test/results/flow-info/default/http_asymmetric.pcapng.out index 2c5c2af68..99f08c377 100644 --- a/test/results/flow-info/default/http_asymmetric.pcapng.out +++ b/test/results/flow-info/default/http_asymmetric.pcapng.out @@ -4,9 +4,10 @@ new: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] new: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] detected: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] - RISK: Unidirectional Traffic detected: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Susp Entropy, Unidirectional Traffic + RISK: HTTP Susp User-Agent, Susp Entropy + detection-update: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] + RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Susp Entropy, Error Code, Unidirectional Traffic end: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] diff --git a/test/results/flow-info/default/http_invalid_server.pcap.out b/test/results/flow-info/default/http_invalid_server.pcap.out index 45dff338d..200990edb 100644 --- a/test/results/flow-info/default/http_invalid_server.pcap.out +++ b/test/results/flow-info/default/http_invalid_server.pcap.out @@ -2,10 +2,10 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] - detected: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP][AmazonAWS][Web][Acceptable][ocsp.rootg2.amazontrust.com] + detected: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent - detection-update: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Web][Safe][ocsp.rootg2.amazontrust.com] + detection-update: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent, HTTP Susp Header - end: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Web][Safe][ocsp.rootg2.amazontrust.com] + end: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent, HTTP Susp Header DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http_ipv6.pcap.out b/test/results/flow-info/default/http_ipv6.pcap.out index df5225601..010b2bd21 100644 --- a/test/results/flow-info/default/http_ipv6.pcap.out +++ b/test/results/flow-info/default/http_ipv6.pcap.out @@ -4,11 +4,8 @@ new: [.....1] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][40526] -> [...............2a00:1450:4006:804::200e][..443] [MIDSTREAM] new: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [MIDSTREAM] detected: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [TLS][Google][Web][Safe] - detection-update: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic new: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] detected: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] [QUIC.Google][Google][Web][Acceptable][www.google.it] - detection-update: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [TLS][Google][Web][Safe] new: [.....4] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][58660] -> [...............2a00:1450:4006:803::2008][..443] [MIDSTREAM] new: [.....5] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][55145] -> [.................2a00:1450:400b:c02::5f][..443] analyse: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] [QUIC.Google][Google][Web][Acceptable][www.google.it] diff --git a/test/results/flow-info/default/http_starting_with_reply.pcapng.out b/test/results/flow-info/default/http_starting_with_reply.pcapng.out index 06dde63e0..9d9ee219f 100644 --- a/test/results/flow-info/default/http_starting_with_reply.pcapng.out +++ b/test/results/flow-info/default/http_starting_with_reply.pcapng.out @@ -4,10 +4,6 @@ new: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Susp Entropy - detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Susp Entropy, Unidirectional Traffic - detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Susp Entropy detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] RISK: Susp Entropy end: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] diff --git a/test/results/flow-info/default/instagram.pcap.out b/test/results/flow-info/default/instagram.pcap.out index df32241c7..8a666530e 100644 --- a/test/results/flow-info/default/instagram.pcap.out +++ b/test/results/flow-info/default/instagram.pcap.out @@ -208,7 +208,7 @@ guessed: [....25] [ip4][..tcp] [..92.122.48.138][...80] -> [..192.168.0.103][41562] [HTTP][Unknown][Web][Acceptable][] idle: [....25] [ip4][..tcp] [..92.122.48.138][...80] -> [..192.168.0.103][41562] idle: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] [ICMP][Unknown][Network][Acceptable] - not-detected: [....11] [ip4][..udp] [....192.168.0.1][..520] -> [..192.168.0.255][..520] [Unknown][Unknown][Unrated] + not-detected: [....11] [ip4][..udp] [....192.168.0.1][..520] -> [..192.168.0.255][..520] [Unknown][Unknown][Unspecified][Unrated] idle: [....11] [ip4][..udp] [....192.168.0.1][..520] -> [..192.168.0.255][..520] idle: [....10] [ip4][..udp] [..192.168.0.106][17500] -> [..192.168.0.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....4] [ip4][..tcp] [..192.168.0.103][57936] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-g.ak.instagram.com] diff --git a/test/results/flow-info/default/ip_fragmented_garbage.pcap.out b/test/results/flow-info/default/ip_fragmented_garbage.pcap.out index 5a37f238a..cd8258ec2 100644 --- a/test/results/flow-info/default/ip_fragmented_garbage.pcap.out +++ b/test/results/flow-info/default/ip_fragmented_garbage.pcap.out @@ -21,12 +21,12 @@ new: [.....2] [ip4][..tcp] [.......10.0.0.2][18730] -> [.....10.128.0.2][20304] [MIDSTREAM] new: [.....3] [ip4][..tcp] [.......10.0.0.2][.9253] -> [.....10.128.0.2][24102] new: [.....4] [ip4][..tcp] [.......10.0.0.2][16417] -> [.....10.128.0.2][16419] - not-detected: [.....4] [ip4][..tcp] [.......10.0.0.2][16417] -> [.....10.128.0.2][16419] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..tcp] [.......10.0.0.2][16417] -> [.....10.128.0.2][16419] [Unknown][Unknown][Unspecified][Unrated] end: [.....4] [ip4][..tcp] [.......10.0.0.2][16417] -> [.....10.128.0.2][16419] - not-detected: [.....3] [ip4][..tcp] [.......10.0.0.2][.9253] -> [.....10.128.0.2][24102] [Unknown][Unknown][Unrated] + not-detected: [.....3] [ip4][..tcp] [.......10.0.0.2][.9253] -> [.....10.128.0.2][24102] [Unknown][Unknown][Unspecified][Unrated] end: [.....3] [ip4][..tcp] [.......10.0.0.2][.9253] -> [.....10.128.0.2][24102] - not-detected: [.....1] [ip4][..tcp] [.......10.0.0.2][24102] -> [.....10.128.0.2][10792] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..tcp] [.......10.0.0.2][24102] -> [.....10.128.0.2][10792] [Unknown][Unknown][Unspecified][Unrated] end: [.....1] [ip4][..tcp] [.......10.0.0.2][24102] -> [.....10.128.0.2][10792] - not-detected: [.....2] [ip4][..tcp] [.......10.0.0.2][18730] -> [.....10.128.0.2][20304] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip4][..tcp] [.......10.0.0.2][18730] -> [.....10.128.0.2][20304] [Unknown][Unknown][Unspecified][Unrated] end: [.....2] [ip4][..tcp] [.......10.0.0.2][18730] -> [.....10.128.0.2][20304] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/iphone.pcap.out b/test/results/flow-info/default/iphone.pcap.out index 272b88162..a82c35bb9 100644 --- a/test/results/flow-info/default/iphone.pcap.out +++ b/test/results/flow-info/default/iphone.pcap.out @@ -6,11 +6,11 @@ new: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac] new: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] - detected: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] - detected: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] - detected: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] detected: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] new: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] @@ -195,7 +195,7 @@ idle: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][bag.itunes.apple.com] idle: [....14] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [....12] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] idle: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][mesu.apple.com] idle: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][gsp85-ssl.ls.apple.com] @@ -215,11 +215,11 @@ guessed: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] [NAT-PMP][Unknown][Network][Acceptable] idle: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] idle: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] idle: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe] idle: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] idle: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] end: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80] [HTTP.Apple][Apple][ConnCheck][Safe][captive.apple.com] idle: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] idle: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com] diff --git a/test/results/flow-info/default/jabber.pcap.out b/test/results/flow-info/default/jabber.pcap.out index c20860060..fa0071bc9 100644 --- a/test/results/flow-info/default/jabber.pcap.out +++ b/test/results/flow-info/default/jabber.pcap.out @@ -63,26 +63,32 @@ DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] detected: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy end: [.....7] [ip4][..tcp] [...192.168.58.1][53460] -> [.192.168.58.153][.5222] [Jabber][Unknown][Web][Acceptable] DAEMON-EVENT: [Processed: 298 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223] detected: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] idle: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy DAEMON-EVENT: [Processed: 313 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223] detected: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy idle: [.....9] [ip4][..tcp] [..192.168.2.100][37614] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] DAEMON-EVENT: [Processed: 328 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223] detected: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] idle: [....10] [ip4][..tcp] [..192.168.2.100][58388] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy DAEMON-EVENT: [Processed: 343 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223] detected: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy idle: [....11] [ip4][..tcp] [..192.168.2.100][41420] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] idle: [....12] [ip4][..tcp] [..192.168.2.100][34070] -> [.160.44.201.102][.5223] [Jabber][Unknown][Web][Acceptable] + RISK: Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/kerberos.pcap.out b/test/results/flow-info/default/kerberos.pcap.out index b659efba8..c6bd31f4d 100644 --- a/test/results/flow-info/default/kerberos.pcap.out +++ b/test/results/flow-info/default/kerberos.pcap.out @@ -51,10 +51,10 @@ new: [....34] [ip4][..tcp] [...172.16.8.201][49195] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....35] [ip4][..tcp] [...172.16.8.201][49196] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....36] [ip4][..tcp] [...172.16.8.201][49194] -> [.....172.16.8.8][..445] [MIDSTREAM] - not-detected: [....11] [ip4][..tcp] [...172.16.8.201][49165] -> [.....172.16.8.8][49155] [Unknown][Unknown][Unrated] + not-detected: [....11] [ip4][..tcp] [...172.16.8.201][49165] -> [.....172.16.8.8][49155] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [....11] [ip4][..tcp] [...172.16.8.201][49165] -> [.....172.16.8.8][49155] - not-detected: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] [Unknown][Unknown][Unrated] + not-detected: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] idle: [.....1] [ip4][..tcp] [...172.16.8.201][49157] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/lagofast.pcap.out b/test/results/flow-info/default/lagofast.pcap.out index b28faf18a..bda1b43bd 100644 --- a/test/results/flow-info/default/lagofast.pcap.out +++ b/test/results/flow-info/default/lagofast.pcap.out @@ -34,7 +34,7 @@ new: [....15] [ip4][..tcp] [...0.230.137.78][39354] -> [.142.141.18.132][..443] [MIDSTREAM] detected: [....15] [ip4][..tcp] [...0.230.137.78][39354] -> [.142.141.18.132][..443] [TLS.LagoFast][Unknown][VPN][Acceptable][gabooster.6fast.com] new: [....16] [ip4][..tcp] [..24.105.33.150][..443] -> [..5.163.124.163][47280] [MIDSTREAM] - detected: [....16] [ip4][..tcp] [..24.105.33.150][..443] -> [..5.163.124.163][47280] [TLS][Starcraft][Web][Safe] + detected: [....16] [ip4][..tcp] [..24.105.33.150][..443] -> [..5.163.124.163][47280] [TLS][Blizzard][Web][Safe] new: [....17] [ip4][..udp] [..187.34.30.159][11381] -> [....44.6.46.200][...53] detected: [....17] [ip4][..udp] [..187.34.30.159][11381] -> [....44.6.46.200][...53] [DNS][Unknown][Network][Acceptable][cbs.lagofast.com] new: [....18] [ip4][..udp] [.40.105.164.193][43932] -> [..99.193.243.15][...53] @@ -79,7 +79,7 @@ idle: [.....2] [ip4][..udp] [..46.18.153.127][59607] -> [...228.2.57.157][10510] [LagoFast][Unknown][VPN][Acceptable] idle: [.....5] [ip4][..udp] [..23.147.144.74][59607] -> [....63.29.27.84][.6198] [LagoFast][Unknown][VPN][Acceptable] idle: [.....7] [ip4][..udp] [..50.138.250.44][59607] -> [.87.176.151.245][.4477] [LagoFast][Unknown][VPN][Acceptable] - idle: [....16] [ip4][..tcp] [..24.105.33.150][..443] -> [..5.163.124.163][47280] [TLS][Starcraft][Web][Safe] + idle: [....16] [ip4][..tcp] [..24.105.33.150][..443] -> [..5.163.124.163][47280] [TLS][Blizzard][Web][Safe] idle: [.....1] [ip4][..udp] [..77.134.62.224][59607] -> [...43.83.218.54][.1189] [LagoFast][Unknown][VPN][Acceptable] idle: [....29] [ip4][..tcp] [..236.82.25.211][45722] -> [237.191.110.161][..443] [TLS.LagoFast][Unknown][VPN][Acceptable] idle: [....23] [ip4][..tcp] [206.184.203.226][44640] -> [.....8.106.2.77][..443] [TLS.LagoFast][Unknown][VPN][Acceptable] diff --git a/test/results/flow-info/default/log4j-webapp-exploit.pcap.out b/test/results/flow-info/default/log4j-webapp-exploit.pcap.out index 3ce08820c..64e054b67 100644 --- a/test/results/flow-info/default/log4j-webapp-exploit.pcap.out +++ b/test/results/flow-info/default/log4j-webapp-exploit.pcap.out @@ -27,7 +27,7 @@ [IATS(ms)....: 0.1,0.2,7288.6,7288.6,60.5,60.7,0.3,0.2,0.1,0.1,0.1,0.1,0.1,0.1,0.2,0.2,0.1,0.1,0.1,0.1,0.1,0.1,0.1,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.1] [PKTLENS.....: 60,60,52,55,52,53,52,53,52,53,52,53,52,53,52,53,52,53,52,55,52,57,52,55,52,55,52,55,52,55,52,55] [ENTROPIES...: 4.5,5.1,5.0,5.1,4.9,5.0,4.9,5.0,4.8,4.9,4.9,5.0,4.9,5.0,4.9,4.9,4.9,4.9,4.9,4.9,4.9,5.0,4.8,5.0,4.9,5.0,4.9,5.0,4.9,5.0,4.9,4.9] - not-detected: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unspecified][Unrated] new: [.....5] [ip4][..tcp] [..172.16.238.10][57742] -> [..172.16.238.11][.1389] detected: [.....5] [ip4][..tcp] [..172.16.238.10][57742] -> [..172.16.238.11][.1389] [LDAP][Unknown][System][Acceptable] RISK: Known Proto on Non Std Port @@ -41,8 +41,8 @@ RISK: Known Proto on Non Std Port end: [.....5] [ip4][..tcp] [..172.16.238.10][57742] -> [..172.16.238.11][.1389] [LDAP][Unknown][System][Acceptable] RISK: Known Proto on Non Std Port - end: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unrated] - not-detected: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unrated] + end: [.....4] [ip4][..tcp] [..172.16.238.10][55408] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unspecified][Unrated] + not-detected: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [.....7] [ip4][..tcp] [..172.16.238.10][55498] -> [....10.10.10.31][.9001] idle: [.....1] [ip4][..tcp] [...172.16.238.1][.1984] -> [..172.16.238.10][.8080] [HTTP][Unknown][Web][Acceptable][192.168.13.31] diff --git a/test/results/flow-info/default/lru_ipv6_caches.pcapng.out b/test/results/flow-info/default/lru_ipv6_caches.pcapng.out index c480d8027..34b2f59dd 100644 --- a/test/results/flow-info/default/lru_ipv6_caches.pcapng.out +++ b/test/results/flow-info/default/lru_ipv6_caches.pcapng.out @@ -16,11 +16,11 @@ detected: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port detected: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port new: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] detected: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] + detection-update: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] @@ -28,39 +28,25 @@ RISK: Unidirectional Traffic new: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] detected: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] detected: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] detected: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] detection-update: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Unidirectional Traffic idle: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] -> [20ed:470f:6f73:ce60:60be:8b4f:df37:b080][45658] [RTCP][Unknown][VoIP][Acceptable] idle: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -69,9 +55,9 @@ idle: [.....2] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [3024:e5ee:ac2f:cd76:5dd6:a7a1:f17f:5c27][60506] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mongo_false_positive.pcapng.out b/test/results/flow-info/default/mongo_false_positive.pcapng.out index af22cc5f6..614385e42 100644 --- a/test/results/flow-info/default/mongo_false_positive.pcapng.out +++ b/test/results/flow-info/default/mongo_false_positive.pcapng.out @@ -3,6 +3,6 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] guessed: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] [TLS][Unknown][Web][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy end: [.....1] [ip4][..tcp] [..188.75.184.20][49542] -> [.251.182.120.32][..443] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mongodb.pcap.out b/test/results/flow-info/default/mongodb.pcap.out index deace8da6..74c491bb6 100644 --- a/test/results/flow-info/default/mongodb.pcap.out +++ b/test/results/flow-info/default/mongodb.pcap.out @@ -32,7 +32,7 @@ new: [.....8][..50] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] detected: [.....7][.300] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] [MongoDB][Unknown][Database][Acceptable] RISK: Known Proto on Non Std Port - not-detected: [.....8][..50] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] [Unknown][Unknown][Unrated] + not-detected: [.....8][..50] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] [Unknown][Unknown][Unspecified][Unrated] idle: [.....8][..50] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] idle: [.....7][.300] [ip4][..tcp] [....10.10.10.18][64566] -> [....10.10.10.19][30000] [MongoDB][Unknown][Database][Acceptable] RISK: Known Proto on Non Std Port diff --git a/test/results/flow-info/default/msdo.pcapng.out b/test/results/flow-info/default/msdo.pcapng.out new file mode 100644 index 000000000..8a7784e37 --- /dev/null +++ b/test/results/flow-info/default/msdo.pcapng.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...192.168.1.31][49741] -> [...192.168.1.30][.7680] + detected: [.....1] [ip4][..tcp] [...192.168.1.31][49741] -> [...192.168.1.30][.7680] [MSDO][Unknown][SoftwareUpdate][Safe] + end: [.....1] [ip4][..tcp] [...192.168.1.31][49741] -> [...192.168.1.30][.7680] [MSDO][Unknown][SoftwareUpdate][Safe] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/natpmp.pcap.out b/test/results/flow-info/default/natpmp.pcap.out index bba1b1bdf..3734cfdbb 100644 --- a/test/results/flow-info/default/natpmp.pcap.out +++ b/test/results/flow-info/default/natpmp.pcap.out @@ -12,15 +12,9 @@ idle: [.....1] [ip4][..udp] [..192.168.1.128][36852] -> [..192.168.1.254][.5351] [NAT-PMP][Unknown][Network][Acceptable] new: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] detected: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - detection-update: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] detected: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - detection-update: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][36845] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out b/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out index 09341048b..2b2f1e16a 100644 --- a/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out +++ b/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out @@ -3,11 +3,9 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] detected: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable][10.68.137.118] - RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic - detection-update: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable][10.68.137.118] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] end: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable][10.68.137.118] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/nest_log_sink.pcap.out b/test/results/flow-info/default/nest_log_sink.pcap.out index b2da34ff9..696959e98 100644 --- a/test/results/flow-info/default/nest_log_sink.pcap.out +++ b/test/results/flow-info/default/nest_log_sink.pcap.out @@ -100,8 +100,6 @@ new: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] detected: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] detection-update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] new: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] detected: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] analyse: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] @@ -132,7 +130,7 @@ [PKTLENS.....: 46,44,46,570,40,718,46,92,40,244,40,100,162,669,46,220,190,46,220,201,332,102,46,46,40,46,40,46,40,46,40,40] [ENTROPIES...: 4.3,5.0,4.4,7.0,4.9,7.1,4.5,5.4,5.0,6.9,4.9,5.6,6.4,7.6,4.3,6.8,6.7,4.5,6.8,6.8,7.3,5.8,4.5,4.4,4.9,4.5,4.9,4.5,4.9,4.5,4.9,5.0] DAEMON-EVENT: [Processed: 562 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 6] + DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 1|detection-updates: 3|updates: 6] new: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] detected: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] @@ -182,10 +180,10 @@ [ENTROPIES...: 4.3,5.0,4.4,6.9,5.0,7.1,4.5,5.4,4.9,7.4,4.8,5.6,6.4,7.6,4.4,6.9,6.7,6.9,6.6,7.0,6.9,4.5,7.3,5.8,4.4,4.5,4.8,4.5,4.9,4.5,4.9,4.5] idle: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] DAEMON-EVENT: [Processed: 713 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 5|updates: 8] + DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] DAEMON-EVENT: [Processed: 743 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 5|updates: 8] + DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] DAEMON-EVENT: [Processed: 773 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 5|updates: 8] + DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] idle: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/netease_games.pcapng.out b/test/results/flow-info/default/netease_games.pcapng.out index 788ddac8f..360f5714c 100644 --- a/test/results/flow-info/default/netease_games.pcapng.out +++ b/test/results/flow-info/default/netease_games.pcapng.out @@ -4,7 +4,6 @@ new: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] detected: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS][Unknown][Network][Acceptable][data-detect.nie.easebar.com] detection-update: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS][Unknown][Network][Acceptable][data-detect.nie.easebar.com] - RISK: Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.88.231][49377] -> [....172.17.8.75][...53] [DNS][Unknown][Network][Acceptable][data-detect.nie.easebar.com] new: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] detected: [.....2] [ip4][..tcp] [.192.168.88.231][50402] -> [....35.73.71.94][..443] [TLS.NetEaseGames][AmazonAWS][Game][Fun][data-detect.nie.easebar.com] diff --git a/test/results/flow-info/default/netflix.pcap.out b/test/results/flow-info/default/netflix.pcap.out index 9ec528563..07c24bf75 100644 --- a/test/results/flow-info/default/netflix.pcap.out +++ b/test/results/flow-info/default/netflix.pcap.out @@ -5,7 +5,6 @@ new: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] detected: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] detection-update: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] new: [.....3] [ip4][..udp] [....192.168.1.7][52116] -> [....192.168.1.1][...53] detected: [.....3] [ip4][..udp] [....192.168.1.7][52116] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ichnaea.us-west-2.prodaa.netflix.com] @@ -461,7 +460,6 @@ new: [....52] [ip4][..udp] [....192.168.1.7][51622] -> [....192.168.1.1][...53] detected: [....52] [ip4][..udp] [....192.168.1.7][51622] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] detection-update: [....52] [ip4][..udp] [....192.168.1.7][51622] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] - RISK: Unidirectional Traffic detection-update: [....52] [ip4][..udp] [....192.168.1.7][51622] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][ios.nccp.netflix.com] new: [....53] [ip4][..tcp] [....192.168.1.7][53238] -> [...52.32.22.214][..443] detected: [....53] [ip4][..tcp] [....192.168.1.7][53238] -> [...52.32.22.214][..443] [TLS.NetFlix][AmazonAWS][Video][Fun][ios.nccp.netflix.com] diff --git a/test/results/flow-info/default/nexon.pcapng.out b/test/results/flow-info/default/nexon.pcapng.out new file mode 100644 index 000000000..9223865ba --- /dev/null +++ b/test/results/flow-info/default/nexon.pcapng.out @@ -0,0 +1,20 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.12.67][46824] -> [..54.64.252.215][.9995] + detected: [.....1] [ip4][..tcp] [..192.168.12.67][46824] -> [..54.64.252.215][.9995] [Nexon][AmazonAWS][Game][Fun] + new: [.....2] [ip4][..tcp] [..192.168.12.67][39908] -> [..18.185.38.147][.7500] + detected: [.....2] [ip4][..tcp] [..192.168.12.67][39908] -> [..18.185.38.147][.7500] [Nexon][AmazonAWS][Game][Fun] + analyse: [.....1] [ip4][..tcp] [..192.168.12.67][46824] -> [..54.64.252.215][.9995] [Nexon][AmazonAWS][Game][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 43.051| 6.153| 11.571| 133878106.817| 3.300] + [PKTLEN......: 52.000| 276.000| 81.100| 43.700| 1910.200| 4.800] + [BINS(c->s)..: 5,8,3,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] + [IATS(ms)....: 263.7,306.1,0.8,306.6,0.0,307.4,0.1,307.2,313.4,2118.5,2477.1,7517.2,7472.4,291.2,291.2,25327.8,25327.9,1611.5,1610.9,265.5,265.4,43050.1,43050.8,266.9,266.5,9059.2,9059.1,289.5,289.5,4522.2,4522.2] + [PKTLENS.....: 60,60,52,76,52,60,100,52,80,52,108,52,108,52,108,52,276,52,108,52,116,52,116,52,108,52,108,52,108,52,116,52] + [ENTROPIES...: 4.8,5.3,5.2,5.4,5.3,5.1,6.1,5.2,5.7,5.1,6.2,5.3,6.3,5.2,6.2,5.2,7.0,5.2,6.3,5.2,6.3,5.1,6.4,5.2,6.1,5.2,6.2,5.2,6.2,5.2,6.3,5.1] + end: [.....2] [ip4][..tcp] [..192.168.12.67][39908] -> [..18.185.38.147][.7500] [Nexon][AmazonAWS][Game][Fun] + idle: [.....1] [ip4][..tcp] [..192.168.12.67][46824] -> [..54.64.252.215][.9995] [Nexon][AmazonAWS][Game][Fun] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/no_sni.pcap.out b/test/results/flow-info/default/no_sni.pcap.out index 27b10647a..dfdcea5d7 100644 --- a/test/results/flow-info/default/no_sni.pcap.out +++ b/test/results/flow-info/default/no_sni.pcap.out @@ -3,10 +3,7 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] - detection-update: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic new: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] - detection-update: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] detected: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable][mozilla.cloudflare-dns.com] detection-update: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable][mozilla.cloudflare-dns.com] new: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] @@ -21,9 +18,9 @@ [PKTLENS.....: 64,52,40,656,46,210,46,722,40,102,46,40,124,46,71,40,191,126,100,132,71,46,46,46,366,71,40,40,46,293,71,40] [ENTROPIES...: 4.4,4.9,4.5,7.1,4.6,7.0,4.4,7.7,4.6,6.1,4.5,4.6,6.3,4.4,5.6,4.5,6.8,6.4,6.2,6.4,5.5,4.4,4.4,4.4,7.3,5.7,4.6,4.6,4.5,7.3,5.6,4.6] detected: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detection-update: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch analyse: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] [TLS][Cloudflare][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.473| 0.050| 0.107| 11455.737| 3.000] @@ -42,19 +39,19 @@ detected: [.....4] [ip4][..tcp] [..192.168.1.119][51635] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe][951c558a-5e07-47ca-a0c0-225da1b33163.is-cf.help.every1dns.net] detected: [.....5] [ip4][..tcp] [..192.168.1.119][51636] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe][951c558a-5e07-47ca-a0c0-225da1b33163.is-doh.help.every1dns.net] detected: [.....6] [ip4][..tcp] [..192.168.1.119][51637] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detected: [.....8] [ip4][..tcp] [..192.168.1.119][51639] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detected: [.....7] [ip4][..tcp] [..192.168.1.119][51638] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detection-update: [.....4] [ip4][..tcp] [..192.168.1.119][51635] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe][951c558a-5e07-47ca-a0c0-225da1b33163.is-cf.help.every1dns.net] detection-update: [.....5] [ip4][..tcp] [..192.168.1.119][51636] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe][951c558a-5e07-47ca-a0c0-225da1b33163.is-doh.help.every1dns.net] detection-update: [.....6] [ip4][..tcp] [..192.168.1.119][51637] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detection-update: [.....8] [ip4][..tcp] [..192.168.1.119][51639] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch detection-update: [.....7] [ip4][..tcp] [..192.168.1.119][51638] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch analyse: [.....6] [ip4][..tcp] [..192.168.1.119][51637] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.144| 0.032| 0.043| 1852.691| 3.800] @@ -68,13 +65,13 @@ end: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable][mozilla.cloudflare-dns.com] idle: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....4] [ip4][..tcp] [..192.168.1.119][51635] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe] idle: [.....5] [ip4][..tcp] [..192.168.1.119][51636] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe] idle: [.....6] [ip4][..tcp] [..192.168.1.119][51637] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch end: [.....7] [ip4][..tcp] [..192.168.1.119][51638] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch end: [.....8] [ip4][..tcp] [..192.168.1.119][51639] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/nordvpn.pcap.out b/test/results/flow-info/default/nordvpn.pcap.out index ef44c34d3..965d1c1b5 100644 --- a/test/results/flow-info/default/nordvpn.pcap.out +++ b/test/results/flow-info/default/nordvpn.pcap.out @@ -26,7 +26,7 @@ [PKTLENS.....: 52,52,40,128,46,140,423,136,1500,1500,1500,40,140,116,252,863,152,46,728,46,298,160,383,164,405,40,1457,46,142,46,143,46] [ENTROPIES...: 4.6,4.9,4.8,6.5,4.5,6.6,7.0,6.6,7.9,7.9,7.9,4.9,6.5,6.3,7.0,7.7,6.6,4.9,7.7,4.9,7.2,6.5,7.4,6.5,7.5,4.9,7.8,5.0,6.6,4.8,6.6,4.9] guessed: [.....3] [ip4][..tcp] [..192.168.1.204][49766] -> [.212.129.45.224][..995] [POPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy new: [.....4] [ip4][..tcp] [..192.168.1.204][49788] -> [...45.80.28.142][.8443] detected: [.....4] [ip4][..tcp] [..192.168.1.204][49788] -> [...45.80.28.142][.8443] [TLS.NordVPN][NordVPN][VPN][Acceptable][it315.nordvpn.com] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS @@ -38,5 +38,5 @@ idle: [.....4] [ip4][..tcp] [..192.168.1.204][49788] -> [...45.80.28.142][.8443] [TLS.NordVPN][NordVPN][VPN][Acceptable] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS idle: [.....3] [ip4][..tcp] [..192.168.1.204][49766] -> [.212.129.45.224][..995] [POPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ocs.pcap.out b/test/results/flow-info/default/ocs.pcap.out index 04ccfba59..2e525df7b 100644 --- a/test/results/flow-info/default/ocs.pcap.out +++ b/test/results/flow-info/default/ocs.pcap.out @@ -12,19 +12,18 @@ new: [.....6] [ip4][..tcp] [..192.168.180.2][39263] -> [..23.21.230.199][..443] new: [.....7] [ip4][..tcp] [..192.168.180.2][53356] -> [137.135.129.206][...80] detected: [.....5] [ip4][..tcp] [..192.168.180.2][48250] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun][ocu03.labgency.ws] - RISK: Unidirectional Traffic detected: [.....7] [ip4][..tcp] [..192.168.180.2][53356] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable][api.eu01.capptain.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic + RISK: HTTP Susp User-Agent new: [.....8] [ip4][..tcp] [..192.168.180.2][44959] -> [137.135.129.206][...80] detected: [.....8] [ip4][..tcp] [..192.168.180.2][44959] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable][api.eu01.capptain.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic + RISK: HTTP Susp User-Agent new: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] detected: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][android.clients.google.com] new: [....10] [ip4][..tcp] [..192.168.180.2][41223] -> [..216.58.208.46][..443] detected: [....10] [ip4][..tcp] [..192.168.180.2][41223] -> [..216.58.208.46][..443] [TLS][Google][Web][Safe][] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) detected: [.....6] [ip4][..tcp] [..192.168.180.2][39263] -> [..23.21.230.199][..443] [TLS.Crashlytics][AmazonAWS][DataTransfer][Acceptable][settings.crashlytics.com] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) new: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] detected: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][xmpp.device06.eu01.capptain.com] new: [....12] [ip4][..tcp] [..192.168.180.2][46166] -> [.137.135.131.52][.5122] @@ -32,10 +31,11 @@ new: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][ocs.labgency.ws] detected: [....13] [ip4][..tcp] [..192.168.180.2][49881] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun][ocu03.labgency.ws] - RISK: Unidirectional Traffic new: [....15] [ip4][..tcp] [..192.168.180.2][36680] -> [.178.248.208.54][..443] detected: [....15] [ip4][..tcp] [..192.168.180.2][36680] -> [.178.248.208.54][..443] [TLS.OCS][OCS][Media][Fun][ocs.labgency.ws] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) + detection-update: [....13] [ip4][..tcp] [..192.168.180.2][49881] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun][ocu03.labgency.ws] + RISK: Unidirectional Traffic analyse: [....13] [ip4][..tcp] [..192.168.180.2][49881] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun][ocu03.labgency.ws] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.929| 0.088| 0.173| 29794.175| 3.500] @@ -48,12 +48,12 @@ [ENTROPIES...: 4.5,5.1,6.0,5.1,5.2,5.2,5.2,5.2,5.3,5.2,5.2,5.2,5.2,5.1,5.2,5.2,5.1,5.2,5.1,5.1,5.0,5.1,5.2,5.1,5.2,5.1,5.2,5.2,5.2,5.0,5.1,5.1] new: [....16] [ip4][..tcp] [..192.168.180.2][32946] -> [.64.233.184.188][..443] detected: [....16] [ip4][..tcp] [..192.168.180.2][32946] -> [.64.233.184.188][..443] [TLS.GoogleServices][Google][Web][Acceptable][mtalk.google.com] - RISK: TLS (probably) Not Carrying HTTPS, Unidirectional Traffic + RISK: TLS (probably) Not Carrying HTTPS new: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] detected: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][play.googleapis.com] new: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] detected: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] [TLS][Google][Web][Safe][] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) update: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] update: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] update: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] @@ -64,6 +64,8 @@ detected: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.ocs.fr] new: [....20] [ip4][..tcp] [..192.168.180.2][42590] -> [178.248.208.210][...80] detected: [....20] [ip4][..tcp] [..192.168.180.2][42590] -> [178.248.208.210][...80] [HTTP.OCS][OCS][Media][Fun][www.ocs.fr] + RISK: HTTP Susp User-Agent + detection-update: [....20] [ip4][..tcp] [..192.168.180.2][42590] -> [178.248.208.210][...80] [HTTP.OCS][OCS][Media][Fun][www.ocs.fr] RISK: HTTP Susp User-Agent, Unidirectional Traffic analyse: [....20] [ip4][..tcp] [..192.168.180.2][42590] -> [178.248.208.210][...80] [HTTP.OCS][OCS][Media][Fun][www.ocs.fr] min| max| avg| stddev| variance| entropy @@ -77,14 +79,14 @@ [ENTROPIES...: 4.6,5.0,5.9,5.2,5.1,5.2,5.2,5.2,5.2,5.2,5.2,5.2,5.3,5.2,5.3,5.3,5.4,5.3,5.3,5.3,5.3,5.2,5.2,5.2,5.1,5.2,5.2,5.1,5.2,5.2,5.3,5.3] update: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] end: [.....7] [ip4][..tcp] [..192.168.180.2][53356] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable] - RISK: HTTP Susp User-Agent, Unidirectional Traffic + RISK: HTTP Susp User-Agent end: [....10] [ip4][..tcp] [..192.168.180.2][41223] -> [..216.58.208.46][..443] [TLS][Google][Web][Safe] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) idle: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....16] [ip4][..tcp] [..192.168.180.2][32946] -> [.64.233.184.188][..443] [TLS.GoogleServices][Google][Web][Acceptable] - RISK: TLS (probably) Not Carrying HTTPS, Unidirectional Traffic + RISK: TLS (probably) Not Carrying HTTPS idle: [....15] [ip4][..tcp] [..192.168.180.2][36680] -> [.178.248.208.54][..443] [TLS.OCS][OCS][Media][Fun] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) idle: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] @@ -93,14 +95,13 @@ RISK: HTTP Susp User-Agent, Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.180.2][40097] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] [TLS][Google][Web][Safe] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) end: [.....6] [ip4][..tcp] [..192.168.180.2][39263] -> [..23.21.230.199][..443] [TLS.Crashlytics][AmazonAWS][DataTransfer][Acceptable] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) idle: [.....5] [ip4][..tcp] [..192.168.180.2][48250] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] end: [.....8] [ip4][..tcp] [..192.168.180.2][44959] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable] - RISK: HTTP Susp User-Agent, Unidirectional Traffic + RISK: HTTP Susp User-Agent guessed: [.....1] [ip4][..tcp] [..192.168.180.2][47699] -> [.64.233.184.188][.5228] [Google][Google][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.180.2][47699] -> [.64.233.184.188][.5228] diff --git a/test/results/flow-info/default/ookla.pcap.out b/test/results/flow-info/default/ookla.pcap.out index eeeabc4c9..5573435ae 100644 --- a/test/results/flow-info/default/ookla.pcap.out +++ b/test/results/flow-info/default/ookla.pcap.out @@ -11,6 +11,7 @@ new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [Ookla][Unknown][Network][Safe] + RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/default/openvpn_obfuscated.pcapng.out b/test/results/flow-info/default/openvpn_obfuscated.pcapng.out index d7b5b1307..2f5536349 100644 --- a/test/results/flow-info/default/openvpn_obfuscated.pcapng.out +++ b/test/results/flow-info/default/openvpn_obfuscated.pcapng.out @@ -13,7 +13,7 @@ [PKTLENS.....: 60,60,52,140,52,152,52,429,148,1500,1500,1500,52,52,152,164,52,52,376,873,52,52,801,52,310,172,395,176,52,199,52,148] [ENTROPIES...: 4.7,5.2,5.1,6.5,5.1,6.6,5.1,7.3,6.6,7.9,7.9,7.9,5.0,5.1,6.5,6.7,5.1,5.1,7.3,7.8,5.1,5.1,7.7,5.2,7.3,6.7,7.5,6.5,5.1,6.9,5.1,6.5] guessed: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy new: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] @@ -31,7 +31,7 @@ guessed: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy guessed: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] [NordVPN][NordVPN][VPN][Acceptable] RISK: Susp Entropy idle: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out index 217c3777e..7020f805c 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out @@ -2,55 +2,51 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [......127.0.0.1][....1] -> [......127.0.0.1][....2] - detected: [.....1] [ip4][..udp] [......127.0.0.1][....1] -> [......127.0.0.1][....2] [HalfLife2][Unknown][Game][Fun] DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [......127.0.0.1][.1119] -> [......127.0.0.1][.1120] - idle: [.....1] [ip4][..udp] [......127.0.0.1][....1] -> [......127.0.0.1][....2] [HalfLife2][Unknown][Game][Fun] + not-detected: [.....1] [ip4][..udp] [......127.0.0.1][....1] -> [......127.0.0.1][....2] [Unknown][Unknown][Unspecified][Unrated] + idle: [.....1] [ip4][..udp] [......127.0.0.1][....1] -> [......127.0.0.1][....2] update: [.....2] [ip4][..udp] [......127.0.0.1][.1119] -> [......127.0.0.1][.1120] detected: [.....2] [ip4][..udp] [......127.0.0.1][.1119] -> [......127.0.0.1][.1120] [Protobuf][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [......127.0.0.1][.1119] -> [......127.0.0.1][.1120] [Protobuf][Unknown][Network][Safe] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 10 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 2] new: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] [MIDSTREAM] - detected: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues idle: [.....2] [ip4][..udp] [......127.0.0.1][.1119] -> [......127.0.0.1][.1120] [Protobuf][Unknown][Network][Safe] RISK: Unidirectional Traffic new: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [MIDSTREAM] - detected: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues new: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [MIDSTREAM] - detected: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [Starcraft][Starcraft][Game][Fun] - RISK: TCP Connection Issues new: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [MIDSTREAM] - detected: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues DAEMON-EVENT: [Processed: 14 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] + DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 2] new: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] update: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 5 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] + DAEMON-EVENT: [Flows][active: 5 / 7|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 3] new: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] - not-detected: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Unknown][Unknown][Unrated] + not-detected: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Unknown][Unknown][Unspecified][Unrated] idle: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] - idle: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues - idle: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues - idle: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: TCP Connection Issues - idle: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [Starcraft][Starcraft][Game][Fun] - RISK: TCP Connection Issues + guessed: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [Blizzard][Unknown][Game][Fun] + RISK: Unidirectional Traffic, TCP Connection Issues + idle: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] + guessed: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [Blizzard][Unknown][Game][Fun] + RISK: Unidirectional Traffic, TCP Connection Issues + idle: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] + guessed: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] [Blizzard][Unknown][Game][Fun] + RISK: Unidirectional Traffic, TCP Connection Issues + idle: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] + guessed: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [Blizzard][Blizzard][Game][Fun] + RISK: Unidirectional Traffic, TCP Connection Issues + idle: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 2|guessed: 4|detection-updates: 0|updates: 3] new: [.....9] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...10] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...10] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic, TCP Connection Issues - not-detected: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] [Unknown][Unknown][Unrated] + not-detected: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] new: [....10] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...11] [MIDSTREAM] diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out deleted file mode 100644 index 64f2c66a0..000000000 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out +++ /dev/null @@ -1,7 +0,0 @@ - DAEMON-EVENT: init - DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] - detected: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] [MapleStory][Edgecast][Game][Fun] - idle: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] [MapleStory][Edgecast][Game][Fun] - DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_4.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_4.pcapng.out index ac6a349ec..375fdfb1d 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_4.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_4.pcapng.out @@ -2,6 +2,6 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] - not-detected: [.....1] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Unknown][Unknown][Unspecified][Unrated] idle: [.....1] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pinterest.pcap.out b/test/results/flow-info/default/pinterest.pcap.out index 1589bf333..f60dfb28c 100644 --- a/test/results/flow-info/default/pinterest.pcap.out +++ b/test/results/flow-info/default/pinterest.pcap.out @@ -135,9 +135,6 @@ detection-update: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47790] -> [...............2a00:1450:4007:816::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable][content-autofill.googleapis.com] new: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [MIDSTREAM] detected: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] - detection-update: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] analyse: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.029| 0.002| 0.006| 41.161| 1.800] diff --git a/test/results/flow-info/default/quickplay.pcap.out b/test/results/flow-info/default/quickplay.pcap.out index 13087b961..11ad11d87 100644 --- a/test/results/flow-info/default/quickplay.pcap.out +++ b/test/results/flow-info/default/quickplay.pcap.out @@ -17,21 +17,11 @@ detected: [.....7] [ip4][..tcp] [..10.54.169.250][44793] -> [....31.13.68.49][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] new: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [MIDSTREAM] detected: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable][play-singtelhawk.quickplay.com] - detection-update: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable][play-singtelhawk.quickplay.com] - RISK: Unidirectional Traffic - detection-update: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable][play-singtelhawk.quickplay.com] new: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] - detection-update: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] - RISK: Unidirectional Traffic new: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun][hkextshort.weixin.qq.com] RISK: Known Proto on Non Std Port - detection-update: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] - detection-update: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun][hkextshort.weixin.qq.com] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun][hkextshort.weixin.qq.com] - RISK: Known Proto on Non Std Port new: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] new: [....12] [ip4][..tcp] [..10.54.169.250][42761] -> [203.205.129.101][...80] [MIDSTREAM] diff --git a/test/results/flow-info/default/raknet.pcap.out b/test/results/flow-info/default/raknet.pcap.out index 5d52fffbd..3c9022c91 100644 --- a/test/results/flow-info/default/raknet.pcap.out +++ b/test/results/flow-info/default/raknet.pcap.out @@ -54,7 +54,7 @@ update: [....10] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][60031] [RakNet][Unknown][Game][Fun] detected: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic - not-detected: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] [Unknown][Unknown][Unrated] + not-detected: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] idle: [.....9] [ip4][..udp] [.148.153.35.205][60005] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] @@ -70,7 +70,7 @@ update: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic new: [....12] [ip4][..udp] [.148.153.35.205][43582] -> [..192.168.2.100][44501] - not-detected: [....12] [ip4][..udp] [.148.153.35.205][43582] -> [..192.168.2.100][44501] [Unknown][Unknown][Unrated] + not-detected: [....12] [ip4][..udp] [.148.153.35.205][43582] -> [..192.168.2.100][44501] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [.148.153.35.205][43582] -> [..192.168.2.100][44501] idle: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] diff --git a/test/results/flow-info/default/reasm_crash_anon.pcapng.out b/test/results/flow-info/default/reasm_crash_anon.pcapng.out index f4a87cf08..fb423c5ec 100644 --- a/test/results/flow-info/default/reasm_crash_anon.pcapng.out +++ b/test/results/flow-info/default/reasm_crash_anon.pcapng.out @@ -12,12 +12,12 @@ [IATS(ms)....: 0.0,1.5,1.5,0.0,1.2,1.2,0.0,30097.7,30099.5,1.8,0.0,1.2,1.2,30097.5,0.0,30099.3,1.8,1.2,30097.4,1.8,0.0,30101.7,1.2,30097.5,30165.6,1.3,69.4,30031.1,0.0,30032.8,1.7] [PKTLENS.....: 65,65,126,52,52,777,52,52,65,106,52,52,765,52,65,65,106,52,52,65,52,52,777,52,65,106,777,52,65,65,106,52] [ENTROPIES...: 5.5,5.5,3.0,5.2,5.2,5.3,5.2,5.2,5.4,5.6,5.1,5.1,0.5,5.1,5.4,5.4,5.6,5.2,5.2,5.5,5.1,5.2,5.3,5.1,5.4,5.6,5.3,5.0,5.4,5.4,5.6,5.2] - not-detected: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy DAEMON-EVENT: [Processed: 93 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 169 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 1|guessed: 0|detection-updates: 0|updates: 0] - end: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unrated] + end: [.....1] [ip4][..tcp] [192.168.145.147][51218] -> [...10.209.8.148][21999] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/reddit.pcap.out b/test/results/flow-info/default/reddit.pcap.out index 78d312a8d..cc51f52d0 100644 --- a/test/results/flow-info/default/reddit.pcap.out +++ b/test/results/flow-info/default/reddit.pcap.out @@ -118,9 +118,9 @@ new: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] detected: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50960] -> [...............2a00:1450:4007:805::2002][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagservices.com] detected: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] [TLS][Unknown][Web][Safe][c.aaxads.com] - detected: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable][c.amazon-adsystem.com] + detected: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][c.amazon-adsystem.com] detection-update: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50960] -> [...............2a00:1450:4007:805::2002][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagservices.com] - detection-update: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable][c.amazon-adsystem.com] + detection-update: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][c.amazon-adsystem.com] detection-update: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] [TLS][Unknown][Web][Safe][c.aaxads.com] analyse: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50960] -> [...............2a00:1450:4007:805::2002][..443] [TLS.GoogleServices][Google][Web][Acceptable] min| max| avg| stddev| variance| entropy @@ -132,7 +132,7 @@ [IATS(ms)....: 31.5,31.5,0.2,36.8,7.0,0.0,43.6,0.0,0.6,0.6,2.4,0.2,0.1,37.7,0.7,1.1,36.8,0.1,0.1,0.0,0.5,8.6,9.1,0.1,0.1,0.2,0.0,0.2,0.0,0.1,0.0] [PKTLENS.....: 80,80,72,589,72,1280,1280,72,72,533,72,136,164,333,72,72,652,72,103,72,103,72,778,72,1280,72,1280,1280,72,72,1280,1280] [ENTROPIES...: 4.8,5.3,5.1,4.6,5.2,7.8,7.8,5.2,5.2,7.6,5.2,6.2,6.5,7.2,5.1,5.1,7.6,5.2,5.8,5.2,5.9,5.2,7.7,5.2,7.8,5.2,7.8,7.8,5.2,5.2,7.8,7.8] - analyse: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable] + analyse: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.051| 0.008| 0.015| 226.995| 3.000] [PKTLEN......: 72.000| 1460.000| 461.600| 586.500| 343946.100| 4.000] @@ -222,13 +222,13 @@ [PKTLENS.....: 80,80,72,589,72,1460,72,1460,735,72,72,198,171,362,362,72,72,72,172,72,314,72,116,72,110,110,72,72,72,531,72,338] [ENTROPIES...: 4.8,5.2,5.2,4.6,5.1,6.8,5.2,7.4,7.6,5.2,5.2,6.4,6.3,7.1,7.1,5.1,5.1,5.1,6.4,5.1,7.0,5.2,5.9,5.2,5.6,5.9,5.2,5.1,5.1,7.5,5.2,7.3] new: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] - detected: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Edgecast][SocialNetwork][Fun][cdn.syndication.twimg.com] - detection-update: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Edgecast][SocialNetwork][Fun][cdn.syndication.twimg.com] + detected: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][cdn.syndication.twimg.com] + detection-update: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][cdn.syndication.twimg.com] new: [....38] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54726] -> [...............2a00:1450:4007:808::2006][..443] new: [....39] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57282] -> [...............2a00:1450:4007:805::2004][..443] detected: [....38] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54726] -> [...............2a00:1450:4007:808::2006][..443] [TLS.Google][Google][Advertisement][Acceptable][static.doubleclick.net] detected: [....39] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57282] -> [...............2a00:1450:4007:805::2004][..443] [TLS.Google][Google][Web][Acceptable][www.google.com] - analyse: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Edgecast][SocialNetwork][Fun] + analyse: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.051| 0.012| 0.018| 319.203| 3.500] [PKTLEN......: 72.000| 1280.000| 307.800| 396.400| 157103.100| 4.100] @@ -292,13 +292,13 @@ detected: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable][adservice.google.com] new: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] new: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] - detected: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] + detected: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][aax-eu.amazon-adsystem.com] detection-update: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] [TLS.Google][Google][Web][Acceptable][adservice.google.fr] detection-update: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable][adservice.google.com] detected: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] [TLS.Google][Google][Advertisement][Acceptable][8a755a3fef0b189d8ab5b0d10758f68a.safeframe.googlesyndication.com] detection-update: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] [TLS.Google][Google][Advertisement][Acceptable][8a755a3fef0b189d8ab5b0d10758f68a.safeframe.googlesyndication.com] - detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] - detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable][aax-eu.amazon-adsystem.com] + detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][aax-eu.amazon-adsystem.com] + detection-update: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][aax-eu.amazon-adsystem.com] analyse: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Advertisement][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.046| 0.008| 0.012| 155.374| 3.400] @@ -383,7 +383,7 @@ idle: [....32] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48648] -> [...2620:116:800d:21:f916:5049:f87f:108e][..443] [TLS][Unknown][Web][Safe][secure.quantserve.com] idle: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] [TLS][Unknown][Web][Safe] idle: [....30] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39626] -> [.....................64:ff9b::2278:cf94][..443] [TLS][Unknown][Web][Safe] - idle: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable][c.amazon-adsystem.com] + idle: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][c.amazon-adsystem.com] idle: [....55] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36964] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable][tpc.googlesyndication.com] end: [....56] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36966] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] end: [....57] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36968] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] @@ -393,7 +393,7 @@ end: [....59] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36972] -> [...............2a00:1450:4007:80f::2001][..443] idle: [....33] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44264] -> [.....................64:ff9b::1736:86f1][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] idle: [....54] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38166] -> [...............2a00:1450:4007:811::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable][fonts.googleapis.com] - idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable] + idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] idle: [....27] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39520] -> [...............2a00:1450:4007:816::2008][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagmanager.com] idle: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] [TLS][Unknown][Web][Safe] idle: [.....1] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40028] -> [...............2a00:1450:4007:80a::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable][safebrowsing.googleapis.com] @@ -432,7 +432,7 @@ idle: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][syndication.twitter.com] idle: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50960] -> [...............2a00:1450:4007:805::2002][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagservices.com] idle: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] [TLS.Google][Google][Web][Acceptable] - idle: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Edgecast][SocialNetwork][Fun][cdn.syndication.twimg.com] + idle: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][cdn.syndication.twimg.com] idle: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][52296] -> [...............2a00:1450:4007:815::2016][..443] [TLS.YouTube][Google][Media][Fun] idle: [....38] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54726] -> [...............2a00:1450:4007:808::2006][..443] [TLS.Google][Google][Advertisement][Acceptable] idle: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54862] -> [...............2a00:1450:4007:806::200e][..443] [TLS.YouTube][Google][Media][Fun] diff --git a/test/results/flow-info/default/riot.pcapng.out b/test/results/flow-info/default/riot.pcapng.out index a99f5509c..b6a5a4c76 100644 --- a/test/results/flow-info/default/riot.pcapng.out +++ b/test/results/flow-info/default/riot.pcapng.out @@ -4,13 +4,9 @@ new: [.....1] [ip4][..tcp] [..52.41.135.135][..443] -> [..192.168.26.22][51817] [MIDSTREAM] new: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [TLS][GoogleCloud][Web][Safe] - detection-update: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [TLS][GoogleCloud][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [TLS.RiotGames][GoogleCloud][Game][Fun] - RISK: Unidirectional Traffic guessed: [.....1] [ip4][..tcp] [..52.41.135.135][..443] -> [..192.168.26.22][51817] [TLS][AmazonAWS][Web][Safe] RISK: Susp Entropy, Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..52.41.135.135][..443] -> [..192.168.26.22][51817] idle: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [TLS.RiotGames][GoogleCloud][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/rockstar_games.pcapng.out b/test/results/flow-info/default/rockstar_games.pcapng.out new file mode 100644 index 000000000..f801e7a91 --- /dev/null +++ b/test/results/flow-info/default/rockstar_games.pcapng.out @@ -0,0 +1,30 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [...192.168.1.23][50624] -> [.92.123.164.188][..443] + detected: [.....1] [ip4][..tcp] [...192.168.1.23][50624] -> [.92.123.164.188][..443] [TLS.RockstarGames][Unknown][Game][Fun][gamedownloads.rockstargames.com] + RISK: TLS (probably) Not Carrying HTTPS + detection-update: [.....1] [ip4][..tcp] [...192.168.1.23][50624] -> [.92.123.164.188][..443] [TLS.RockstarGames][Unknown][Game][Fun][gamedownloads.rockstargames.com] + RISK: TLS (probably) Not Carrying HTTPS + DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + new: [.....2] [ip4][..tcp] [...192.168.1.27][64057] -> [.104.255.105.53][..443] + detected: [.....2] [ip4][..tcp] [...192.168.1.27][64057] -> [.104.255.105.53][..443] [TLS.RockstarGames][Unknown][Game][Fun][rgl.rockstargames.com] + detection-update: [.....2] [ip4][..tcp] [...192.168.1.27][64057] -> [.104.255.105.53][..443] [TLS.RockstarGames][Unknown][Game][Fun][rgl.rockstargames.com] + new: [.....3] [ip4][..tcp] [...192.168.1.23][50630] -> [....23.38.18.80][..443] + detected: [.....3] [ip4][..tcp] [...192.168.1.23][50630] -> [....23.38.18.80][..443] [TLS.RockstarGames][Unknown][Game][Fun][s.rsg.sc] + detection-update: [.....3] [ip4][..tcp] [...192.168.1.23][50630] -> [....23.38.18.80][..443] [TLS.RockstarGames][Unknown][Game][Fun][s.rsg.sc] + idle: [.....1] [ip4][..tcp] [...192.168.1.23][50624] -> [.92.123.164.188][..443] [TLS.RockstarGames][Unknown][Game][Fun] + RISK: TLS (probably) Not Carrying HTTPS + DAEMON-EVENT: [Processed: 18 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + new: [.....4] [ip4][..udp] [...192.168.1.42][59487] -> [.192.81.241.191][61457] + detected: [.....4] [ip4][..udp] [...192.168.1.42][59487] -> [.192.81.241.191][61457] [DTLS][Unknown][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + detection-update: [.....4] [ip4][..udp] [...192.168.1.42][59487] -> [.192.81.241.191][61457] [DTLS.RockstarGames][Unknown][Game][Fun] + RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + idle: [.....3] [ip4][..tcp] [...192.168.1.23][50630] -> [....23.38.18.80][..443] [TLS.RockstarGames][Unknown][Game][Fun] + idle: [.....2] [ip4][..tcp] [...192.168.1.27][64057] -> [.104.255.105.53][..443] [TLS.RockstarGames][Unknown][Game][Fun] + idle: [.....4] [ip4][..udp] [...192.168.1.42][59487] -> [.192.81.241.191][61457] [DTLS.RockstarGames][Unknown][Game][Fun] + RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/shadowsocks.pcap.out b/test/results/flow-info/default/shadowsocks.pcap.out index 317f6475d..6bfd135f5 100644 --- a/test/results/flow-info/default/shadowsocks.pcap.out +++ b/test/results/flow-info/default/shadowsocks.pcap.out @@ -5,7 +5,6 @@ detected: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] new: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] end: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] - not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] [Unknown][Unknown][Unrated] - RISK: Fully Encrypted Flow + not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] [Unknown][Unknown][Unspecified][Unrated] end: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/shell.pcap.out b/test/results/flow-info/default/shell.pcap.out index abfa7197d..30d54d535 100644 --- a/test/results/flow-info/default/shell.pcap.out +++ b/test/results/flow-info/default/shell.pcap.out @@ -5,16 +5,16 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][54112] -> [......127.0.0.1][33333] new: [.....3] [ip4][..udp] [......127.0.0.1][58538] -> [......127.0.0.1][33333] new: [.....4] [ip4][..tcp] [......127.0.0.1][54970] -> [......127.0.0.1][33333] - not-detected: [.....1] [ip4][..tcp] [......127.0.0.1][47638] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..tcp] [......127.0.0.1][47638] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Possible Exploit Attempt end: [.....1] [ip4][..tcp] [......127.0.0.1][47638] -> [......127.0.0.1][33333] - not-detected: [.....2] [ip4][..udp] [......127.0.0.1][54112] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip4][..udp] [......127.0.0.1][54112] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Possible Exploit Attempt, Unidirectional Traffic idle: [.....2] [ip4][..udp] [......127.0.0.1][54112] -> [......127.0.0.1][33333] - not-detected: [.....4] [ip4][..tcp] [......127.0.0.1][54970] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..tcp] [......127.0.0.1][54970] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Possible Exploit Attempt end: [.....4] [ip4][..tcp] [......127.0.0.1][54970] -> [......127.0.0.1][33333] - not-detected: [.....3] [ip4][..udp] [......127.0.0.1][58538] -> [......127.0.0.1][33333] [Unknown][Unknown][Unrated] + not-detected: [.....3] [ip4][..udp] [......127.0.0.1][58538] -> [......127.0.0.1][33333] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Possible Exploit Attempt, Unidirectional Traffic idle: [.....3] [ip4][..udp] [......127.0.0.1][58538] -> [......127.0.0.1][33333] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/signal.pcap.out b/test/results/flow-info/default/signal.pcap.out index f727f088a..7d20c1080 100644 --- a/test/results/flow-info/default/signal.pcap.out +++ b/test/results/flow-info/default/signal.pcap.out @@ -97,9 +97,6 @@ [ENTROPIES...: 4.4,5.2,5.1,4.6,5.2,7.1,7.7,5.0,6.5,5.8,6.4,5.1,5.7,5.6,5.6,7.1,7.9,7.9,7.9,7.4,5.2,5.9,7.7,5.1,5.1,7.9,7.9,7.9,7.9,6.1,5.2,5.0] new: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [MIDSTREAM] detected: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] - detection-update: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] new: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] detected: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun][cdn.signal.org] detection-update: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun][cdn.signal.org] diff --git a/test/results/flow-info/default/signal_audiocall.pcapng.out b/test/results/flow-info/default/signal_audiocall.pcapng.out index 6008c8d4b..caa87375a 100644 --- a/test/results/flow-info/default/signal_audiocall.pcapng.out +++ b/test/results/flow-info/default/signal_audiocall.pcapng.out @@ -5,9 +5,6 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] @@ -27,10 +24,6 @@ [IATS(ms)....: 1.7,3.7,1.2,10.3,10.2,26.7,26.6,250.2,250.3,501.2,501.1,1004.0,1009.3,956.1,950.7,3.8,9.0,1.1,5.3,38.9,115.9,0.0,84.9,11.6,28.8,13.0,35.9,1.2,42.5,17.7,63.5] [PKTLENS.....: 48,56,80,112,144,112,56,108,56,108,56,108,56,108,148,80,168,148,128,80,160,168,136,128,168,168,128,168,148,80,136,136] [ENTROPIES...: 5.1,4.9,5.5,5.7,5.8,5.7,4.9,5.7,4.9,5.7,4.9,5.6,4.9,5.7,5.8,5.9,6.1,5.8,5.9,5.7,6.0,6.2,6.0,5.8,5.9,6.1,5.8,5.9,5.9,5.9,6.0,5.9] - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port analyse: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.008| 2.229| 0.465| 0.655| 429159.809| 3.800] diff --git a/test/results/flow-info/default/signal_audiocall_2.pcapng.out b/test/results/flow-info/default/signal_audiocall_2.pcapng.out new file mode 100644 index 000000000..6c441d89d --- /dev/null +++ b/test/results/flow-info/default/signal_audiocall_2.pcapng.out @@ -0,0 +1,58 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [..192.168.12.67][47464] -> [..76.223.92.165][..443] + new: [.....2] [ip4][..tcp] [..192.168.12.67][47466] -> [..76.223.92.165][..443] + detected: [.....2] [ip4][..tcp] [..192.168.12.67][47466] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + detected: [.....1] [ip4][..tcp] [..192.168.12.67][47464] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + detection-update: [.....1] [ip4][..tcp] [..192.168.12.67][47464] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + detection-update: [.....2] [ip4][..tcp] [..192.168.12.67][47466] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + analyse: [.....2] [ip4][..tcp] [..192.168.12.67][47466] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 29.945| 1.996| 7.336| 53823422.857| 1.300] + [PKTLEN......: 52.000| 1500.000| 234.800| 363.000| 131748.400| 4.000] + [BINS(c->s)..: 10,1,1,0,0,0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 6,0,4,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,1,1,0,0,1,1,0,0,1,1] + [IATS(ms)....: 2.6,5.0,9.4,14.7,193.3,0.0,0.0,0.0,15.5,228.5,2.3,9.9,4.1,1.4,6.0,42.7,11.9,12.2,87.8,0.0,101.2,12.1,0.0,29.8,29913.7,29945.1,101.6,143.7,427.5,469.0,100.3] + [PKTLENS.....: 60,60,52,312,52,185,1500,1500,246,246,52,52,52,52,64,132,52,409,52,140,140,52,337,140,52,291,52,844,52,111,52,120] + [ENTROPIES...: 4.8,5.3,5.2,6.2,5.2,6.5,7.9,7.9,7.2,7.2,5.2,5.3,5.3,5.3,5.2,6.3,5.3,7.4,5.3,6.4,6.6,5.3,7.3,6.5,5.2,7.1,5.2,7.7,5.2,6.2,5.2,6.3] + analyse: [.....1] [ip4][..tcp] [..192.168.12.67][47464] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun] + min| max| avg| stddev| variance| entropy + [IAT.........: < 0.001| 30.483| 2.018| 7.472| 55827184.484| 1.200] + [PKTLEN......: 52.000| 1500.000| 215.800| 351.100| 123252.700| 3.900] + [BINS(c->s)..: 10,1,1,0,0,0,0,0,2,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 7,0,3,3,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0] + [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,0,1,0,1,1,1,0,1,1,0,0,1,1,0,0,1,1] + [IATS(ms)....: 3.2,7.8,15.5,22.9,189.5,0.0,0.5,0.0,0.0,195.2,2.7,9.6,3.6,2.4,15.3,38.5,52.1,52.4,48.0,0.0,58.9,53.4,6.1,76.2,30454.4,30482.5,101.3,139.6,192.6,230.6,101.8] + [PKTLENS.....: 60,60,52,312,52,179,58,1500,1500,246,52,52,52,52,52,132,52,516,52,140,140,52,425,169,52,111,52,139,52,323,52,169] + [ENTROPIES...: 4.8,5.3,5.2,6.1,5.2,6.5,5.2,7.9,7.9,7.1,5.2,5.2,5.2,5.2,5.2,6.3,5.2,7.6,5.2,6.6,6.4,5.2,7.5,6.7,5.2,6.1,5.3,6.6,5.0,7.2,5.2,6.7] + new: [.....3] [ip4][..udp] [..192.168.12.67][43281] -> [...141.101.90.1][.3478] + detected: [.....3] [ip4][..udp] [..192.168.12.67][43281] -> [...141.101.90.1][.3478] [STUN][Cloudflare][Network][Acceptable][] + detection-update: [.....3] [ip4][..udp] [..192.168.12.67][43281] -> [...141.101.90.1][.3478] [STUN.SignalVoip][Cloudflare][VoIP][Acceptable][turn.cloudflare.com] + new: [.....4] [ip4][..udp] [..192.168.12.67][43281] -> [...10.219.164.8][50017] + detected: [.....4] [ip4][..udp] [..192.168.12.67][43281] -> [...10.219.164.8][50017] [STUN.SignalVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port + new: [.....5] [ip4][..udp] [..192.168.12.67][43281] -> [...93.40.63.219][49514] + detected: [.....5] [ip4][..udp] [..192.168.12.67][43281] -> [...93.40.63.219][49514] [STUN.SignalVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....4] [ip4][..udp] [..192.168.12.67][43281] -> [...10.219.164.8][50017] [STUN.SignalVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + analyse: [.....5] [ip4][..udp] [..192.168.12.67][43281] -> [...93.40.63.219][49514] [STUN.SignalVoip][Unknown][VoIP][Acceptable] + min| max| avg| stddev| variance| entropy + [IAT.........: 0.015| 2.310| 0.647| 0.844| 712545.796| 3.900] + [PKTLEN......: 92.000| 132.000| 108.200| 16.300| 265.900| 5.000] + [BINS(c->s)..: 0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [DIRECTIONS..: 0,1,0,1,0,1,1,0,1,0,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0] + [IATS(ms)....: 39.3,49.9,49.6,47.9,40.3,14.7,50.0,50.9,50.1,49.1,47.6,998.7,1035.2,214.8,254.0,747.9,784.8,214.9,250.8,2256.6,2295.3,215.0,253.9,2261.3,2300.0,210.0,252.5,2270.9,2310.1,200.0,234.9] + [PKTLENS.....: 124,92,132,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92,124,92] + [ENTROPIES...: 5.8,5.7,5.7,5.8,5.9,5.7,5.9,5.7,5.9,5.7,5.9,5.7,5.9,5.6,5.8,5.8,5.9,5.7,5.9,5.8,5.8,5.7,5.9,5.7,5.9,5.7,5.8,5.8,5.8,5.8,6.0,5.8] + idle: [.....5] [ip4][..udp] [..192.168.12.67][43281] -> [...93.40.63.219][49514] [STUN.SignalVoip][Unknown][VoIP][Acceptable] + RISK: Known Proto on Non Std Port + idle: [.....1] [ip4][..tcp] [..192.168.12.67][47464] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + idle: [.....2] [ip4][..tcp] [..192.168.12.67][47466] -> [..76.223.92.165][..443] [TLS.Signal][AmazonAWS][Chat][Fun][chat.signal.org] + idle: [.....3] [ip4][..udp] [..192.168.12.67][43281] -> [...141.101.90.1][.3478] [STUN.SignalVoip][Cloudflare][VoIP][Acceptable][turn.cloudflare.com] + idle: [.....4] [ip4][..udp] [..192.168.12.67][43281] -> [...10.219.164.8][50017] [STUN.SignalVoip][Unknown][VoIP][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/signal_videocall.pcapng.out b/test/results/flow-info/default/signal_videocall.pcapng.out index 626c8440d..964b3c0e5 100644 --- a/test/results/flow-info/default/signal_videocall.pcapng.out +++ b/test/results/flow-info/default/signal_videocall.pcapng.out @@ -5,13 +5,8 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] new: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] detected: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] diff --git a/test/results/flow-info/default/sip.pcap.out b/test/results/flow-info/default/sip.pcap.out index 6b99bbd05..fdc3e8fc6 100644 --- a/test/results/flow-info/default/sip.pcap.out +++ b/test/results/flow-info/default/sip.pcap.out @@ -49,7 +49,7 @@ update: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] idle: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] - not-detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] idle: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] diff --git a/test/results/flow-info/default/sites.pcapng.out b/test/results/flow-info/default/sites.pcapng.out index 6b02ae237..17d817050 100644 --- a/test/results/flow-info/default/sites.pcapng.out +++ b/test/results/flow-info/default/sites.pcapng.out @@ -99,8 +99,8 @@ detected: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe][www.ebay.com] detection-update: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe][www.ebay.com] new: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] - detected: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com] - detection-update: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com] + detected: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][assets.ubuntu.com] + detection-update: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][assets.ubuntu.com] new: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] detected: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun][hulu.com] detection-update: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun][hulu.com] @@ -168,7 +168,7 @@ idle: [....23] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443] [TLS.Bloomberg][Unknown][Cloud][Acceptable] idle: [....31] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443] [TLS.GoogleMaps][Google][Web][Safe] idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun] - idle: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable] + idle: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable] idle: [....25] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443] [TLS.LinkedIn][Azure][SocialNetwork][Fun] idle: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun] idle: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe] @@ -266,8 +266,8 @@ DAEMON-EVENT: [Processed: 584 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 52|skipped: 0|!detected: 0|guessed: 4|detection-updates: 51|updates: 1] new: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] - detected: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru] - detection-update: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru] + detected: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe][732231.ms.ok.ru] + detection-update: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe][732231.ms.ok.ru] idle: [....50] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] idle: [....51] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] idle: [....52] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable] @@ -282,7 +282,7 @@ new: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443] detected: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443] [TLS.iQIYI][Unknown][Streaming][Fun][msg.qy.net] detection-update: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443] [TLS.iQIYI][Unknown][Streaming][Fun][msg.qy.net] - end: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe] + end: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe] DAEMON-EVENT: [Processed: 623 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 56|skipped: 0|!detected: 0|guessed: 4|detection-updates: 55|updates: 1] new: [....57] [ip4][..tcp] [.192.168.88.171][49217] -> [.54.208.106.218][..443] @@ -342,5 +342,42 @@ [PKTLENS.....: 52,48,40,557,46,1500,1500,1216,941,40,120,2031,46,327,327,40,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,40,1500,1500,1500,1500,1500] [ENTROPIES...: 4.5,5.0,4.7,6.6,4.7,7.8,7.9,7.9,7.7,4.7,6.2,7.9,4.7,7.3,7.3,4.7,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,4.7,7.9,7.9,7.9,7.9,7.9] idle: [....64] [ip4][..tcp] [..192.168.1.183][44102] -> [..146.70.182.51][..443] [TLS.SurfShark][Unknown][VPN][Acceptable] + DAEMON-EVENT: [Processed: 798 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 65|skipped: 0|!detected: 0|guessed: 4|detection-updates: 63|updates: 1] + new: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] + detected: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe][www.ui.com] + detection-update: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe][www.ui.com] end: [....65] [ip4][..tcp] [..192.168.88.98][65086] -> [.109.238.90.239][..443] [TLS.RUTUBE][Unknown][Media][Fun][rutube.ru] + DAEMON-EVENT: [Processed: 816 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 66|skipped: 0|!detected: 0|guessed: 4|detection-updates: 64|updates: 1] + new: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443] + detected: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443] [TLS.VK][VK][SocialNetwork][Fun][pubsub.live.vkvideo.ru] + idle: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe] + DAEMON-EVENT: [Processed: 820 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 1 / 67|skipped: 0|!detected: 0|guessed: 4|detection-updates: 64|updates: 1] + new: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] + detected: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC][AmazonAWS][Web][Acceptable] + detection-update: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC.Kick][AmazonAWS][Video][Fun][clips.kick.com] + RISK: Unidirectional Traffic + new: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443] + detected: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443] [TLS.Kick][Cloudflare][Video][Fun][kick.com] + idle: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443] [TLS.VK][VK][SocialNetwork][Fun] + DAEMON-EVENT: [Processed: 828 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 69|skipped: 0|!detected: 0|guessed: 4|detection-updates: 65|updates: 1] + new: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80] + detected: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80] [HTTP.Canonical][Yandex][Cloud][Acceptable][ru.archive.ubuntu.com] + idle: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC.Kick][AmazonAWS][Video][Fun][clips.kick.com] + RISK: Unidirectional Traffic + idle: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443] [TLS.Kick][Cloudflare][Video][Fun] + new: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443] + detected: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][api.snapcraft.io] + RISK: TLS (probably) Not Carrying HTTPS + new: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443] + detected: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][ppa.launchpadcontent.net] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443] [TLS.Canonical][Canonical][Cloud][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443] [TLS.Canonical][Canonical][Cloud][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80] [HTTP.Canonical][Yandex][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/snmp.pcap.out b/test/results/flow-info/default/snmp.pcap.out index de7ceeb40..018b92593 100644 --- a/test/results/flow-info/default/snmp.pcap.out +++ b/test/results/flow-info/default/snmp.pcap.out @@ -48,33 +48,25 @@ idle: [.....9] [ip4][..udp] [.131.179.49.165][60694] -> [..254.158.1.169][..161] [SNMP][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [.131.179.49.165][35970] -> [..254.158.1.169][..161] [SNMP][Unknown][Network][Acceptable] idle: [.....8] [ip4][..udp] [..35.95.158.217][49306] -> [...30.79.214.36][..161] [SNMP][AmazonAWS][Network][Acceptable] - detection-update: [....11] [ip4][..udp] [..92.135.15.240][54318] -> [.137.49.110.186][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] detected: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [..92.135.15.240][54318] -> [.137.49.110.186][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - detection-update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] detected: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] detected: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] [SNMP][Unknown][Network][Acceptable] new: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] detected: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] [SNMP][Unknown][Network][Acceptable] update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 10] + DAEMON-EVENT: [Flows][active: 4 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 10] new: [....16][.908] [ip4][..udp] [...10.231.2.134][..161] -> [....10.72.247.4][61088] detected: [....16][.908] [ip4][..udp] [...10.231.2.134][..161] -> [....10.72.247.4][61088] [SNMP][Unknown][Network][Acceptable] RISK: Error Code idle: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] [SNMP][Unknown][Network][Acceptable] idle: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] idle: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] [SNMP][Unknown][Network][Acceptable] new: [....17][1308] [ip4][..udp] [.....10.99.8.88][43242] -> [.10.100.253.146][..161] diff --git a/test/results/flow-info/default/srvloc.pcap.out b/test/results/flow-info/default/srvloc.pcap.out index 13c752afa..ac533d387 100644 --- a/test/results/flow-info/default/srvloc.pcap.out +++ b/test/results/flow-info/default/srvloc.pcap.out @@ -742,13 +742,13 @@ DAEMON-EVENT: [Processed: 170 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 167|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] - detected: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + detected: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] idle: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] DAEMON-EVENT: [Processed: 171 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 168|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] detected: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - idle: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + idle: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] DAEMON-EVENT: [Processed: 172 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 169|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] @@ -957,14 +957,14 @@ detected: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] idle: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] new: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] - detected: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + detected: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] update: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] DAEMON-EVENT: [Processed: 219 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 216|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 38] new: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] detected: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] idle: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - idle: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + idle: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] new: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] detected: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] update: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] @@ -1622,7 +1622,7 @@ DAEMON-EVENT: [Processed: 369 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 363|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] - detected: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + detected: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] idle: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] idle: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] idle: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] @@ -1630,7 +1630,7 @@ DAEMON-EVENT: [Flows][active: 1 / 364|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] detected: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - idle: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] + idle: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] DAEMON-EVENT: [Processed: 371 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 365|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] diff --git a/test/results/flow-info/default/starcraft_battle.pcap.out b/test/results/flow-info/default/starcraft_battle.pcap.out index 806e8ab94..653b593a8 100644 --- a/test/results/flow-info/default/starcraft_battle.pcap.out +++ b/test/results/flow-info/default/starcraft_battle.pcap.out @@ -6,14 +6,12 @@ new: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] detected: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][91.252.30.192.in-addr.arpa] detection-update: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][100.1.168.192.in-addr.arpa] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][100.1.168.192.in-addr.arpa] RISK: Minor Issues new: [.....3] [ip4][..tcp] [..80.239.186.26][..443] -> [..192.168.1.100][.3476] [MIDSTREAM] new: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] detected: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][254.1.168.192.in-addr.arpa] detection-update: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][26.186.239.80.in-addr.arpa] - RISK: Unidirectional Traffic detection-update: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][254.1.168.192.in-addr.arpa] RISK: Error Code detection-update: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][26.186.239.80.in-addr.arpa] @@ -27,7 +25,6 @@ new: [.....9] [ip4][..udp] [..192.168.1.100][58851] -> [..192.168.1.254][...53] detected: [.....9] [ip4][..udp] [..192.168.1.100][58851] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][22.40.194.173.in-addr.arpa] detection-update: [.....9] [ip4][..udp] [..192.168.1.100][58851] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][110.212.58.216.in-addr.arpa] - RISK: Unidirectional Traffic detection-update: [.....9] [ip4][..udp] [..192.168.1.100][58851] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][110.212.58.216.in-addr.arpa] new: [....10] [ip4][..tcp] [..192.168.1.100][.3427] -> [.80.239.208.193][.1119] [MIDSTREAM] new: [....11] [ip4][..tcp] [..192.168.1.100][.2759] -> [.64.233.184.188][.5228] [MIDSTREAM] @@ -38,17 +35,12 @@ detected: [....13] [ip4][..tcp] [..192.168.1.100][.3506] -> [173.194.113.224][...80] [HTTP.Google][Google][Advertisement][Acceptable][www.google-analytics.com] new: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] detected: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name - detection-update: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name, Unidirectional Traffic detection-update: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name, Risky Domain Name new: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] - detected: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP][Unknown][Web][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name - detection-update: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP][Unknown][Download][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name, Binary File/Data Transfer (Attempt) - analyse: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP][Unknown][Download][Acceptable][llnw.blizzard.com] + detected: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP.Blizzard][Unknown][Game][Fun][llnw.blizzard.com] + detection-update: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP.Blizzard][Unknown][Download][Fun][llnw.blizzard.com] + RISK: Binary File/Data Transfer (Attempt) + analyse: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP.Blizzard][Unknown][Download][Fun][llnw.blizzard.com] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.072| 0.012| 0.024| 562.008| 2.800] [PKTLEN......: 40.000| 1500.000| 685.500| 719.000| 516967.300| 4.100] @@ -86,19 +78,16 @@ new: [....28] [ip4][..udp] [..192.168.1.100][53145] -> [..192.168.1.254][...53] detected: [....28] [ip4][..udp] [..192.168.1.100][53145] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][nydus.battle.net] detection-update: [....28] [ip4][..udp] [..192.168.1.100][53145] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][nydus.battle.net] - RISK: Unidirectional Traffic - detection-update: [....28] [ip4][..udp] [..192.168.1.100][53145] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][nydus.battle.net] new: [....29] [ip4][..tcp] [..192.168.1.100][.3515] -> [..80.239.186.26][...80] - detected: [....29] [ip4][..tcp] [..192.168.1.100][.3515] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] + detected: [....29] [ip4][..tcp] [..192.168.1.100][.3515] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] new: [....30] [ip4][..tcp] [..192.168.1.100][.3516] -> [..80.239.186.21][...80] - detected: [....30] [ip4][..tcp] [..192.168.1.100][.3516] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] + detected: [....30] [ip4][..tcp] [..192.168.1.100][.3516] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] new: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] new: [....32] [ip4][..tcp] [..192.168.1.100][.3518] -> [..80.239.186.26][...80] - detected: [....32] [ip4][..tcp] [..192.168.1.100][.3518] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] + detected: [....32] [ip4][..tcp] [..192.168.1.100][.3518] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] new: [....33] [ip4][..tcp] [..192.168.1.100][.3519] -> [..80.239.186.21][...80] - detected: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] [Starcraft][Unknown][Game][Fun] - detected: [....33] [ip4][..tcp] [..192.168.1.100][.3519] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] - analyse: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] [Starcraft][Unknown][Game][Fun] + detected: [....33] [ip4][..tcp] [..192.168.1.100][.3519] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] + analyse: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.166| 0.038| 0.053| 2837.592| 3.600] [PKTLEN......: 40.000| 783.000| 102.400| 136.000| 18494.500| 4.300] @@ -108,43 +97,42 @@ [IATS(ms)....: 52.5,52.6,94.6,145.7,24.3,95.1,95.9,166.3,70.9,49.6,160.3,31.2,128.6,15.2,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0] [PKTLENS.....: 52,46,40,142,46,783,40,220,303,40,235,46,108,42,63,63,63,63,63,63,63,63,63,63,63,63,63,63,63,63,63,63] [ENTROPIES...: 4.5,4.6,4.7,5.4,4.5,7.8,5.0,7.1,7.2,4.9,6.2,4.7,5.0,4.8,5.6,5.5,5.6,5.6,5.6,5.7,5.5,5.5,5.5,5.7,5.7,5.7,5.5,5.6,5.6,5.7,5.6,5.6] + guessed: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] [Blizzard][Unknown][Game][Fun] new: [....34] [ip4][..udp] [..192.168.1.100][53146] -> [...5.42.180.154][.1119] new: [....35] [ip4][..udp] [..192.168.1.100][53146] -> [..62.115.246.51][.1119] new: [....36] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.212][.1119] new: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] new: [....38] [ip4][..tcp] [..192.168.1.100][.3521] -> [..80.239.186.26][...80] - detected: [....38] [ip4][..tcp] [..192.168.1.100][.3521] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] + detected: [....38] [ip4][..tcp] [..192.168.1.100][.3521] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] new: [....39] [ip4][..tcp] [..192.168.1.100][.3522] -> [..80.239.186.21][...80] - detected: [....39] [ip4][..tcp] [..192.168.1.100][.3522] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] + detected: [....39] [ip4][..tcp] [..192.168.1.100][.3522] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] new: [....40] [ip4][..tcp] [..192.168.1.100][.3523] -> [..80.239.186.26][...80] new: [....41] [ip4][..tcp] [..192.168.1.100][.3524] -> [..80.239.186.26][...80] - detected: [....40] [ip4][..tcp] [..192.168.1.100][.3523] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - detected: [....41] [ip4][..tcp] [..192.168.1.100][.3524] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] + detected: [....40] [ip4][..tcp] [..192.168.1.100][.3523] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + detected: [....41] [ip4][..tcp] [..192.168.1.100][.3524] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] new: [....42] [ip4][..tcp] [..192.168.1.100][.3525] -> [..80.239.186.40][...80] new: [....43] [ip4][..tcp] [..192.168.1.100][.3526] -> [..80.239.186.40][...80] - detected: [....42] [ip4][..tcp] [..192.168.1.100][.3525] -> [..80.239.186.40][...80] [HTTP][Unknown][Web][Acceptable][eu.battle.net] - detected: [....43] [ip4][..tcp] [..192.168.1.100][.3526] -> [..80.239.186.40][...80] [HTTP][Unknown][Web][Acceptable][eu.battle.net] + detected: [....42] [ip4][..tcp] [..192.168.1.100][.3525] -> [..80.239.186.40][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.battle.net] + detected: [....43] [ip4][..tcp] [..192.168.1.100][.3526] -> [..80.239.186.40][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.battle.net] new: [....44] [ip4][..udp] [..192.168.1.100][55468] -> [..192.168.1.254][...53] detected: [....44] [ip4][..udp] [..192.168.1.100][55468] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][bnetcmsus-a.akamaihd.net] detection-update: [....44] [ip4][..udp] [..192.168.1.100][55468] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][bnetcmsus-a.akamaihd.net] - RISK: Unidirectional Traffic - detection-update: [....44] [ip4][..udp] [..192.168.1.100][55468] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][bnetcmsus-a.akamaihd.net] new: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] new: [....46] [ip4][..tcp] [..192.168.1.100][.3528] -> [...2.228.46.112][...80] new: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] new: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] new: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] - detected: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] + detected: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] new: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] new: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] - detected: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - detected: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - detected: [....46] [ip4][..tcp] [..192.168.1.100][.3528] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - detected: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] + detected: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + detected: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + detected: [....46] [ip4][..tcp] [..192.168.1.100][.3528] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + detected: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] new: [....52] [ip4][..tcp] [..192.168.1.100][.3534] -> [...2.228.46.112][...80] - detected: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - detected: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - analyse: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] + detected: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + detected: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + analyse: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.034| 0.007| 0.013| 169.003| 2.900] [PKTLEN......: 40.000| 1500.000| 866.800| 718.400| 516058.300| 4.300] @@ -154,13 +142,13 @@ [IATS(ms)....: 32.5,32.5,1.6,34.3,1.1,0.1,33.9,0.2,0.1,0.3,0.1,0.3,0.4,0.2,0.1,0.3,0.1,0.1,0.2,0.1,0.6,0.7,0.1,0.1,0.2,0.1,0.1,0.3,32.9,0.3,33.2] [PKTLENS.....: 52,52,40,189,46,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40,1500,1500,40] [ENTROPIES...: 4.5,4.8,4.7,5.8,4.5,5.9,7.7,4.7,7.8,7.8,4.7,7.8,7.7,4.7,7.7,7.8,4.7,7.8,7.8,4.7,7.8,7.8,4.7,7.7,7.8,4.7,7.8,7.7,4.7,7.8,7.8,4.7] - idle: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - idle: [....46] [ip4][..tcp] [..192.168.1.100][.3528] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - idle: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - idle: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - idle: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][bnetcmsus-a.akamaihd.net] - idle: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] - idle: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] + idle: [....45] [ip4][..tcp] [..192.168.1.100][.3527] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + idle: [....46] [ip4][..tcp] [..192.168.1.100][.3528] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + idle: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + idle: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + idle: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun][bnetcmsus-a.akamaihd.net] + idle: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun] + idle: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] [HTTP.Blizzard][Unknown][Game][Fun] guessed: [....52] [ip4][..tcp] [..192.168.1.100][.3534] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [..192.168.1.100][.3534] -> [...2.228.46.112][...80] @@ -173,17 +161,17 @@ end: [....20] [ip4][..tcp] [..192.168.1.100][.3491] -> [...2.228.46.104][..443] [TLS][Unknown][Web][Safe] end: [....17] [ip4][..tcp] [..192.168.1.100][.3492] -> [...2.228.46.104][..443] [TLS][Unknown][Web][Safe] idle: [....28] [ip4][..udp] [..192.168.1.100][53145] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][nydus.battle.net] - end: [....29] [ip4][..tcp] [..192.168.1.100][.3515] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - end: [....30] [ip4][..tcp] [..192.168.1.100][.3516] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] - end: [....32] [ip4][..tcp] [..192.168.1.100][.3518] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - end: [....33] [ip4][..tcp] [..192.168.1.100][.3519] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] - end: [....38] [ip4][..tcp] [..192.168.1.100][.3521] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - end: [....39] [ip4][..tcp] [..192.168.1.100][.3522] -> [..80.239.186.21][...80] [HTTP][Unknown][Web][Acceptable][eu.launcher.battle.net] - end: [....40] [ip4][..tcp] [..192.168.1.100][.3523] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - end: [....41] [ip4][..tcp] [..192.168.1.100][.3524] -> [..80.239.186.26][...80] [HTTP][Unknown][Web][Acceptable][nydus.battle.net] - end: [....42] [ip4][..tcp] [..192.168.1.100][.3525] -> [..80.239.186.40][...80] [HTTP][Unknown][Web][Acceptable][eu.battle.net] - end: [....43] [ip4][..tcp] [..192.168.1.100][.3526] -> [..80.239.186.40][...80] [HTTP][Unknown][Web][Acceptable][eu.battle.net] - guessed: [....34] [ip4][..udp] [..192.168.1.100][53146] -> [...5.42.180.154][.1119] [Starcraft][Unknown][Game][Fun] + end: [....29] [ip4][..tcp] [..192.168.1.100][.3515] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + end: [....30] [ip4][..tcp] [..192.168.1.100][.3516] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] + end: [....32] [ip4][..tcp] [..192.168.1.100][.3518] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + end: [....33] [ip4][..tcp] [..192.168.1.100][.3519] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] + end: [....38] [ip4][..tcp] [..192.168.1.100][.3521] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + end: [....39] [ip4][..tcp] [..192.168.1.100][.3522] -> [..80.239.186.21][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.launcher.battle.net] + end: [....40] [ip4][..tcp] [..192.168.1.100][.3523] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + end: [....41] [ip4][..tcp] [..192.168.1.100][.3524] -> [..80.239.186.26][...80] [HTTP.Blizzard][Unknown][Game][Fun][nydus.battle.net] + end: [....42] [ip4][..tcp] [..192.168.1.100][.3525] -> [..80.239.186.40][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.battle.net] + end: [....43] [ip4][..tcp] [..192.168.1.100][.3526] -> [..80.239.186.40][...80] [HTTP.Blizzard][Unknown][Game][Fun][eu.battle.net] + guessed: [....34] [ip4][..udp] [..192.168.1.100][53146] -> [...5.42.180.154][.1119] [Blizzard][Unknown][Game][Fun] idle: [....34] [ip4][..udp] [..192.168.1.100][53146] -> [...5.42.180.154][.1119] guessed: [.....3] [ip4][..tcp] [..80.239.186.26][..443] -> [..192.168.1.100][.3476] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic, TCP Connection Issues, Probing Attempt @@ -192,14 +180,14 @@ RISK: Unidirectional Traffic, TCP Connection Issues, Probing Attempt end: [.....5] [ip4][..tcp] [..80.239.186.40][..443] -> [..192.168.1.100][.3478] idle: [....27] [ip4][....2] [..192.168.1.107] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] - guessed: [....10] [ip4][..tcp] [..192.168.1.100][.3427] -> [.80.239.208.193][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [....10] [ip4][..tcp] [..192.168.1.100][.3427] -> [.80.239.208.193][.1119] [Blizzard][Unknown][Game][Fun] end: [....10] [ip4][..tcp] [..192.168.1.100][.3427] -> [.80.239.208.193][.1119] idle: [....44] [ip4][..udp] [..192.168.1.100][55468] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][bnetcmsus-a.akamaihd.net] - end: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP][Unknown][Download][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name, Binary File/Data Transfer (Attempt) + end: [....15] [ip4][..tcp] [..192.168.1.100][.3508] -> [.87.248.221.254][...80] [HTTP.Blizzard][Unknown][Download][Fun][llnw.blizzard.com] + RISK: Binary File/Data Transfer (Attempt) guessed: [....11] [ip4][..tcp] [..192.168.1.100][.2759] -> [.64.233.184.188][.5228] [Google][Google][Web][Acceptable] idle: [....11] [ip4][..tcp] [..192.168.1.100][.2759] -> [.64.233.184.188][.5228] - idle: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] [Starcraft][Unknown][Game][Fun] + idle: [....31] [ip4][..tcp] [..192.168.1.100][.3517] -> [213.248.127.130][.1119] [Blizzard][Unknown][Game][Fun] idle: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][100.1.168.192.in-addr.arpa] RISK: Minor Issues idle: [.....4] [ip4][..udp] [..192.168.1.100][58831] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][26.186.239.80.in-addr.arpa] @@ -209,10 +197,9 @@ end: [....16] [ip4][..tcp] [..192.168.1.100][.3512] -> [..12.129.222.54][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] RISK: HTTP Susp User-Agent, HTTP Obsolete Server idle: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][llnw.blizzard.com] - RISK: Susp DGA Domain name, Risky Domain Name - guessed: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] [Blizzard][Unknown][Game][Fun] idle: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] - guessed: [....36] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.212][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [....36] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.212][.1119] [Blizzard][Unknown][Game][Fun] idle: [....36] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.212][.1119] guessed: [.....6] [ip4][..udp] [..173.194.40.22][..443] -> [..192.168.1.100][53568] [QUIC][Google][Web][Acceptable] RISK: Susp Entropy @@ -221,7 +208,7 @@ idle: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] [TLS][Github][Web][Safe] guessed: [....25] [ip4][..tcp] [..192.168.1.100][.3486] -> [.199.38.164.156][..443] [TLS][Unknown][Web][Safe] end: [....25] [ip4][..tcp] [..192.168.1.100][.3486] -> [.199.38.164.156][..443] - guessed: [....35] [ip4][..udp] [..192.168.1.100][53146] -> [..62.115.246.51][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [....35] [ip4][..udp] [..192.168.1.100][53146] -> [..62.115.246.51][.1119] [Blizzard][Unknown][Game][Fun] idle: [....35] [ip4][..udp] [..192.168.1.100][53146] -> [..62.115.246.51][.1119] guessed: [.....8] [ip4][..tcp] [..192.168.1.100][.3052] -> [.216.58.212.110][..443] [TLS][Google][Web][Safe] idle: [.....8] [ip4][..tcp] [..192.168.1.100][.3052] -> [.216.58.212.110][..443] diff --git a/test/results/flow-info/default/stun.pcap.out b/test/results/flow-info/default/stun.pcap.out index 9db02bdbf..7a844e42c 100644 --- a/test/results/flow-info/default/stun.pcap.out +++ b/test/results/flow-info/default/stun.pcap.out @@ -3,20 +3,19 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] detected: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com] new: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] detected: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] RISK: Susp Entropy end: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.TeamsCall][Unknown][VoIP][Acceptable] + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 24 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] detected: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][] idle: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] @@ -36,7 +35,7 @@ [ENTROPIES...: 5.4,5.5,5.4,5.5,5.5,5.5,5.5,5.5,5.5,5.6,5.5,5.6,5.4,5.6,5.5,5.6,5.4,5.5,5.5,5.5,5.4,5.6,5.4,5.5,5.5,5.6,5.5,5.6,5.5,5.5,5.4,5.5] update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] new: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] detected: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN][Facebook][Network][Acceptable][] RISK: Known Proto on Non Std Port @@ -54,14 +53,14 @@ [ENTROPIES...: 4.9,5.6,5.9,5.8,5.9,6.0,5.6,5.8,5.5,5.6,5.9,6.0,6.0,5.9,5.8,5.5,6.0,5.9,6.0,5.9,5.9,6.0,5.8,6.0,5.9,6.0,5.9,5.9,5.8,5.6,6.1,6.0] idle: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 141 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 3] new: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] detected: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][] detection-update: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com] idle: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable][turner.facebook] RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 161 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 3] new: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][] detection-update: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleCall][Google][VoIP][Acceptable] @@ -78,22 +77,17 @@ [ENTROPIES...: 5.9,5.9,5.0,5.9,7.3,6.7,5.8,5.7,7.4,5.7,6.0,6.2,6.4,5.9,6.1,5.4,5.4,5.6,5.9,5.3,5.2,5.9,5.8,5.2,6.1,5.9,6.0,6.1,6.0,5.9,6.1,5.9] idle: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com] DAEMON-EVENT: [Processed: 194 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 3] new: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] idle: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleCall][Google][VoIP][Acceptable] DAEMON-EVENT: [Processed: 198 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 3] new: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] detected: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] idle: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out b/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out index d36a9ca46..651983945 100644 --- a/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out +++ b/test/results/flow-info/default/stun_dtls_unidirectional_client.pcap.out @@ -4,10 +4,6 @@ new: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] detected: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [STUN][Unknown][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [DTLS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....26.83.9.81][57567] -> [..33.35.223.103][..540] [DTLS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out b/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out index 075026f10..4c996cd2f 100644 --- a/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out +++ b/test/results/flow-info/default/stun_dtls_unidirectional_server.pcap.out @@ -4,10 +4,8 @@ new: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] detected: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [STUN][Unknown][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [DTLS][Unknown][Network][Safe] - RISK: Self-signed Cert, Unidirectional Traffic + RISK: Self-signed Cert idle: [.....1] [ip4][..udp] [..33.35.223.103][..540] -> [.....26.83.9.81][57567] [DTLS][Unknown][Network][Safe] - RISK: Self-signed Cert, Unidirectional Traffic + RISK: Self-signed Cert DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_signal.pcapng.out b/test/results/flow-info/default/stun_signal.pcapng.out index 32aa70be8..0d2186390 100644 --- a/test/results/flow-info/default/stun_signal.pcapng.out +++ b/test/results/flow-info/default/stun_signal.pcapng.out @@ -20,25 +20,21 @@ new: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] detected: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] RISK: Susp Entropy - detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN][AmazonAWS][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN][AmazonAWS][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port + detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] new: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] @@ -55,23 +51,15 @@ RISK: Known Proto on Non Std Port new: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] detected: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] detected: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port + detection-update: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.679| 0.149| 0.201| 40331.911| 3.900] @@ -116,38 +104,25 @@ new: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] detected: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] detected: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] new: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] detected: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....21] [ip4][.icmp] [.35.158.122.211] -> [.192.168.12.169] detected: [....21] [ip4][.icmp] [.35.158.122.211] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] RISK: Susp Entropy detection-update: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....16] [ip4][..udp] [.192.168.12.169][37970] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....16] [ip4][..udp] [.192.168.12.169][37970] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] detected: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port new: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] detected: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port + detection-update: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.665| 0.153| 0.189| 35784.253| 4.000] diff --git a/test/results/flow-info/default/stun_signal_tcp.pcapng.out b/test/results/flow-info/default/stun_signal_tcp.pcapng.out index 1f6d126c4..54b78ec2f 100644 --- a/test/results/flow-info/default/stun_signal_tcp.pcapng.out +++ b/test/results/flow-info/default/stun_signal_tcp.pcapng.out @@ -3,7 +3,9 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] detected: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN][GoogleCloud][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] + RISK: Known Proto on Non Std Port analyse: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.287| 0.030| 0.068| 4621.743| 3.100] @@ -15,4 +17,5 @@ [PKTLENS.....: 52,52,40,68,46,124,156,124,40,160,160,160,160,92,92,144,40,172,46,172,46,288,140,46,172,46,172,148,46,188,40,140] [ENTROPIES...: 4.7,4.9,4.8,5.2,4.4,5.8,5.9,5.8,4.6,5.7,5.8,5.9,5.9,5.7,5.8,6.1,4.8,6.1,4.8,6.1,4.7,6.4,5.9,4.8,6.0,4.8,6.1,5.9,4.8,5.9,4.8,5.9] idle: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out b/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out index e807f682d..70dbd8703 100644 --- a/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out +++ b/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out @@ -3,5 +3,7 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] detected: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port end: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] [STUN][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_wa_call.pcapng.out b/test/results/flow-info/default/stun_wa_call.pcapng.out index 52241ec46..4a064300e 100644 --- a/test/results/flow-info/default/stun_wa_call.pcapng.out +++ b/test/results/flow-info/default/stun_wa_call.pcapng.out @@ -3,29 +3,14 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] detected: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] detected: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] detected: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] detected: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.505| 0.249| 0.601| 361608.839| 2.900] @@ -38,29 +23,14 @@ [ENTROPIES...: 7.0,7.0,5.8,5.8,5.8,7.0,7.0,7.0,7.0,5.7,5.8,5.7,5.7,5.7,5.2,5.2,5.8,7.0,7.0,5.7,5.8,5.8,4.9,6.0,6.1,5.0,5.5,5.7,6.6,5.5,6.9,7.2] new: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] detected: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] detected: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] detected: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.025| 0.011| 0.005| 24.788| 4.800] diff --git a/test/results/flow-info/default/stun_zoom.pcapng.out b/test/results/flow-info/default/stun_zoom.pcapng.out index 05276f928..aca5bdbb5 100644 --- a/test/results/flow-info/default/stun_zoom.pcapng.out +++ b/test/results/flow-info/default/stun_zoom.pcapng.out @@ -4,20 +4,12 @@ new: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] detected: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/default/synscan.pcap.out b/test/results/flow-info/default/synscan.pcap.out index 2ee77a805..54044b176 100644 --- a/test/results/flow-info/default/synscan.pcap.out +++ b/test/results/flow-info/default/synscan.pcap.out @@ -1995,400 +1995,400 @@ new: [..1992] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1092] new: [..1993] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5002] new: [..1994] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4998] - not-detected: [..1534] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55055] [Unknown][Unknown][Unrated] + not-detected: [..1534] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55055] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1534] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55055] - not-detected: [..1791] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55056] [Unknown][Unknown][Unrated] + not-detected: [..1791] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55056] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1791] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55056] - not-detected: [..1619] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55055] [Unknown][Unknown][Unrated] + not-detected: [..1619] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55055] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1619] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55055] - not-detected: [..1866] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55056] [Unknown][Unknown][Unrated] + not-detected: [..1866] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55056] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1866] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55056] - not-detected: [...871] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55555] [Unknown][Unknown][Unrated] + not-detected: [...871] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...871] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55555] - not-detected: [...934] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55555] [Unknown][Unknown][Unrated] + not-detected: [...934] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...934] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55555] - not-detected: [...579] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55600] [Unknown][Unknown][Unrated] + not-detected: [...579] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...579] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][55600] - not-detected: [...641] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55600] [Unknown][Unknown][Unrated] + not-detected: [...641] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...641] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][55600] - not-detected: [..1106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][22939] [Unknown][Unknown][Unrated] + not-detected: [..1106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][22939] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][22939] - not-detected: [..1149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][22939] [Unknown][Unknown][Unrated] + not-detected: [..1149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][22939] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][22939] - not-detected: [..1796] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][23502] [Unknown][Unknown][Unrated] + not-detected: [..1796] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][23502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1796] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][23502] - not-detected: [..1861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][23502] [Unknown][Unknown][Unrated] + not-detected: [..1861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][23502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][23502] - not-detected: [..1335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56737] [Unknown][Unknown][Unrated] + not-detected: [..1335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56737] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56737] - not-detected: [..1643] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56738] [Unknown][Unknown][Unrated] + not-detected: [..1643] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56738] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1643] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][56738] - not-detected: [..1410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56737] [Unknown][Unknown][Unrated] + not-detected: [..1410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56737] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56737] - not-detected: [..1728] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56738] [Unknown][Unknown][Unrated] + not-detected: [..1728] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56738] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1728] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][56738] - not-detected: [...292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24444] [Unknown][Unknown][Unrated] + not-detected: [...292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24444] - not-detected: [...328] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24444] [Unknown][Unknown][Unrated] + not-detected: [...328] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...328] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24444] - not-detected: [..1322] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57294] [Unknown][Unknown][Unrated] + not-detected: [..1322] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57294] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1322] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57294] - not-detected: [..1423] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57294] [Unknown][Unknown][Unrated] + not-detected: [..1423] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57294] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1423] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57294] - not-detected: [..1387] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24800] [Unknown][Unknown][Unrated] + not-detected: [..1387] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1387] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][24800] - not-detected: [..1462] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24800] [Unknown][Unknown][Unrated] + not-detected: [..1462] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1462] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][24800] - not-detected: [...462] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57797] [Unknown][Unknown][Unrated] + not-detected: [...462] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57797] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...462] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][57797] - not-detected: [...486] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57797] [Unknown][Unknown][Unrated] + not-detected: [...486] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57797] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...486] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][57797] - not-detected: [..1337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][58080] [Unknown][Unknown][Unrated] + not-detected: [..1337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][58080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][58080] - not-detected: [..1408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][58080] [Unknown][Unknown][Unrated] + not-detected: [..1408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][58080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][58080] - not-detected: [...454] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25734] [Unknown][Unknown][Unrated] + not-detected: [...454] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25734] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...454] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25734] - not-detected: [..1686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25735] [Unknown][Unknown][Unrated] + not-detected: [..1686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25735] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][25735] - not-detected: [...494] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25734] [Unknown][Unknown][Unrated] + not-detected: [...494] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25734] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...494] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25734] - not-detected: [..1771] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25735] [Unknown][Unknown][Unrated] + not-detected: [..1771] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25735] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1771] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][25735] - not-detected: [..1594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][26214] [Unknown][Unknown][Unrated] + not-detected: [..1594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][26214] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][26214] - not-detected: [..1656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][26214] [Unknown][Unknown][Unrated] + not-detected: [..1656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][26214] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][26214] - not-detected: [..1253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27000] [Unknown][Unknown][Unrated] + not-detected: [..1253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27000] - not-detected: [..1307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27000] [Unknown][Unknown][Unrated] + not-detected: [..1307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27000] - not-detected: [..1927] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60020] [Unknown][Unknown][Unrated] + not-detected: [..1927] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60020] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1927] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60020] - not-detected: [..1967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60020] [Unknown][Unknown][Unrated] + not-detected: [..1967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60020] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60020] - not-detected: [..1439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27352] [Unknown][Unknown][Unrated] + not-detected: [..1439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27352] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27352] - not-detected: [..1801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27353] [Unknown][Unknown][Unrated] + not-detected: [..1801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27353] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27353] - not-detected: [..1507] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27352] [Unknown][Unknown][Unrated] + not-detected: [..1507] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27352] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1507] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27352] - not-detected: [..1856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27353] [Unknown][Unknown][Unrated] + not-detected: [..1856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27353] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27353] - not-detected: [...189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27355] [Unknown][Unknown][Unrated] + not-detected: [...189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27355] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27355] - not-detected: [...379] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27356] [Unknown][Unknown][Unrated] + not-detected: [...379] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27356] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...379] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27356] - not-detected: [...226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27355] [Unknown][Unknown][Unrated] + not-detected: [...226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27355] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27355] - not-detected: [...405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27356] [Unknown][Unknown][Unrated] + not-detected: [...405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27356] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27356] - not-detected: [...434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60443] [Unknown][Unknown][Unrated] + not-detected: [...434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][60443] - not-detected: [...473] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60443] [Unknown][Unknown][Unrated] + not-detected: [...473] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...473] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][60443] - not-detected: [...946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27715] [Unknown][Unknown][Unrated] + not-detected: [...946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27715] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][27715] - not-detected: [..1009] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27715] [Unknown][Unknown][Unrated] + not-detected: [..1009] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27715] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1009] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][27715] - not-detected: [...948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][28201] [Unknown][Unknown][Unrated] + not-detected: [...948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][28201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][28201] - not-detected: [..1007] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][28201] [Unknown][Unknown][Unrated] + not-detected: [..1007] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][28201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1007] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][28201] - not-detected: [...177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61532] [Unknown][Unknown][Unrated] + not-detected: [...177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61532] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61532] - not-detected: [...197] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61532] [Unknown][Unknown][Unrated] + not-detected: [...197] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61532] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...197] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61532] - not-detected: [..1390] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61900] [Unknown][Unknown][Unrated] + not-detected: [..1390] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1390] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][61900] - not-detected: [..1459] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61900] [Unknown][Unknown][Unrated] + not-detected: [..1459] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1459] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][61900] - not-detected: [...299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][62078] [Unknown][Unknown][Unrated] + not-detected: [...299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][62078] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][62078] - not-detected: [...321] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][62078] [Unknown][Unknown][Unrated] + not-detected: [...321] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][62078] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...321] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][62078] - not-detected: [...693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30000] [Unknown][Unknown][Unrated] + not-detected: [...693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30000] - not-detected: [...754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30000] [Unknown][Unknown][Unrated] + not-detected: [...754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30000] - not-detected: [..1776] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][63331] [Unknown][Unknown][Unrated] + not-detected: [..1776] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][63331] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1776] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][63331] - not-detected: [..1881] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][63331] [Unknown][Unknown][Unrated] + not-detected: [..1881] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][63331] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1881] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][63331] - not-detected: [...208] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30718] [Unknown][Unknown][Unrated] + not-detected: [...208] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...208] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30718] - not-detected: [...248] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30718] [Unknown][Unknown][Unrated] + not-detected: [...248] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...248] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30718] - not-detected: [..1678] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30951] [Unknown][Unknown][Unrated] + not-detected: [..1678] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30951] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1678] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][30951] - not-detected: [..1749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30951] [Unknown][Unknown][Unrated] + not-detected: [..1749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30951] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][30951] - not-detected: [...985] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31038] [Unknown][Unknown][Unrated] + not-detected: [...985] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...985] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31038] - not-detected: [..1062] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][31038] [Unknown][Unknown][Unrated] + not-detected: [..1062] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][31038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1062] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][31038] - not-detected: [...109] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31337] [Unknown][Unknown][Unrated] + not-detected: [...109] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31337] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [...109] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][31337] - not-detected: [..1189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64623] [Unknown][Unknown][Unrated] + not-detected: [..1189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64623] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1189] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64623] - not-detected: [..1267] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64623] [Unknown][Unknown][Unrated] + not-detected: [..1267] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64623] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1267] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64623] - not-detected: [...952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64680] [Unknown][Unknown][Unrated] + not-detected: [...952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64680] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][64680] - not-detected: [..1003] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64680] [Unknown][Unknown][Unrated] + not-detected: [..1003] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64680] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1003] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][64680] - not-detected: [....96] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65000] [Unknown][Unknown][Unrated] + not-detected: [....96] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....96] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65000] - not-detected: [...113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65000] [Unknown][Unknown][Unrated] + not-detected: [...113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65000] - not-detected: [...565] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65129] [Unknown][Unknown][Unrated] + not-detected: [...565] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...565] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65129] - not-detected: [...655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65129] [Unknown][Unknown][Unrated] + not-detected: [...655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65129] - not-detected: [..1744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65389] [Unknown][Unknown][Unrated] + not-detected: [..1744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][65389] - not-detected: [..1810] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65389] [Unknown][Unknown][Unrated] + not-detected: [..1810] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1810] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][65389] - not-detected: [...185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32768] [Unknown][Unknown][Unrated] + not-detected: [...185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32768] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32768] - not-detected: [..1225] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32769] [Unknown][Unknown][Unrated] + not-detected: [..1225] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32769] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1225] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32769] - not-detected: [...944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....1] [Unknown][Unknown][Unrated] + not-detected: [...944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....1] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....1] - not-detected: [...230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32768] [Unknown][Unknown][Unrated] + not-detected: [...230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32768] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32768] - not-detected: [..1775] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32770] [Unknown][Unknown][Unrated] + not-detected: [..1775] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32770] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1775] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32770] - not-detected: [..1300] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32769] [Unknown][Unknown][Unrated] + not-detected: [..1300] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32769] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1300] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32769] - not-detected: [..1011] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....1] [Unknown][Unknown][Unrated] + not-detected: [..1011] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....1] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1011] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....1] - not-detected: [..1834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32770] [Unknown][Unknown][Unrated] + not-detected: [..1834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32770] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32770] - not-detected: [..1480] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32771] [Unknown][Unknown][Unrated] + not-detected: [..1480] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32771] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1480] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32771] - not-detected: [...544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....3] [Unknown][Unknown][Unrated] + not-detected: [...544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....3] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....3] - not-detected: [..1569] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32771] [Unknown][Unknown][Unrated] + not-detected: [..1569] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32771] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1569] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32771] - not-detected: [..1332] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32772] [Unknown][Unknown][Unrated] + not-detected: [..1332] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32772] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1332] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32772] - not-detected: [...841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....4] [Unknown][Unknown][Unrated] + not-detected: [...841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....4] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....4] - not-detected: [...603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....3] [Unknown][Unknown][Unrated] + not-detected: [...603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....3] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....3] - not-detected: [..1413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32772] [Unknown][Unknown][Unrated] + not-detected: [..1413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32772] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32772] - not-detected: [..1177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32773] [Unknown][Unknown][Unrated] + not-detected: [..1177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32773] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1177] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32773] - not-detected: [...906] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....4] [Unknown][Unknown][Unrated] + not-detected: [...906] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....4] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...906] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....4] - not-detected: [..1230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32773] [Unknown][Unknown][Unrated] + not-detected: [..1230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32773] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1230] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32773] - not-detected: [...585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32774] [Unknown][Unknown][Unrated] + not-detected: [...585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32774] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32774] - not-detected: [....54] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....6] [Unknown][Unknown][Unrated] + not-detected: [....54] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....6] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....54] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....6] - not-detected: [..1843] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32775] [Unknown][Unknown][Unrated] + not-detected: [..1843] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32775] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1843] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32775] - not-detected: [...670] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32774] [Unknown][Unknown][Unrated] + not-detected: [...670] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32774] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...670] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32774] - not-detected: [...514] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....7] [Unknown][Unknown][Unrated] + not-detected: [...514] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....7] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...514] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....7] - not-detected: [....74] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....6] [Unknown][Unknown][Unrated] + not-detected: [....74] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....6] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....74] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....6] - not-detected: [..1918] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32775] [Unknown][Unknown][Unrated] + not-detected: [..1918] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32775] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1918] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32775] - not-detected: [...557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....7] [Unknown][Unknown][Unrated] + not-detected: [...557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....7] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....7] - not-detected: [...509] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32776] [Unknown][Unknown][Unrated] + not-detected: [...509] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32776] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...509] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32776] - not-detected: [..1642] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32777] [Unknown][Unknown][Unrated] + not-detected: [..1642] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1642] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32777] - not-detected: [...562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32776] [Unknown][Unknown][Unrated] + not-detected: [...562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32776] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32776] - not-detected: [...371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....9] [Unknown][Unknown][Unrated] + not-detected: [...371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....9] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][....9] - not-detected: [..1729] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32777] [Unknown][Unknown][Unrated] + not-detected: [..1729] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1729] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32777] - not-detected: [...413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....9] [Unknown][Unknown][Unrated] + not-detected: [...413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....9] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...413] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][....9] - not-detected: [....93] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32778] [Unknown][Unknown][Unrated] + not-detected: [....93] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....93] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32778] - not-detected: [...792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32779] [Unknown][Unknown][Unrated] + not-detected: [...792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32779] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32779] - not-detected: [...116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32778] [Unknown][Unknown][Unrated] + not-detected: [...116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32778] - not-detected: [...863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32779] [Unknown][Unknown][Unrated] + not-detected: [...863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32779] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32779] - not-detected: [...503] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32780] [Unknown][Unknown][Unrated] + not-detected: [...503] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32780] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...503] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32780] - not-detected: [...528] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32780] [Unknown][Unknown][Unrated] + not-detected: [...528] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32780] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...528] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32780] - not-detected: [..1373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...13] [Unknown][Unknown][Unrated] + not-detected: [..1373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...13] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...13] - not-detected: [...276] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32781] [Unknown][Unknown][Unrated] + not-detected: [...276] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32781] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...276] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32781] - not-detected: [..1446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...13] [Unknown][Unknown][Unrated] + not-detected: [..1446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...13] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...13] - not-detected: [...770] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32782] [Unknown][Unknown][Unrated] + not-detected: [...770] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...770] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32782] - not-detected: [...303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32781] [Unknown][Unknown][Unrated] + not-detected: [...303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32781] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32781] - not-detected: [...998] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32783] [Unknown][Unknown][Unrated] + not-detected: [...998] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...998] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32783] - not-detected: [...827] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32782] [Unknown][Unknown][Unrated] + not-detected: [...827] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...827] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32782] - not-detected: [..1527] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32784] [Unknown][Unknown][Unrated] + not-detected: [..1527] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32784] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1527] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32784] - not-detected: [..1049] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32783] [Unknown][Unknown][Unrated] + not-detected: [..1049] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1049] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32783] - not-detected: [..1596] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32784] [Unknown][Unknown][Unrated] + not-detected: [..1596] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32784] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1596] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32784] - not-detected: [...436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32785] [Unknown][Unknown][Unrated] + not-detected: [...436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32785] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][32785] - not-detected: [...289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...17] [Unknown][Unknown][Unrated] + not-detected: [...289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...17] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...17] - not-detected: [...471] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32785] [Unknown][Unknown][Unrated] + not-detected: [...471] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32785] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...471] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][32785] - not-detected: [...331] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...17] [Unknown][Unknown][Unrated] + not-detected: [...331] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...17] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...331] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...17] - not-detected: [..1139] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...19] [Unknown][Unknown][Unrated] + not-detected: [..1139] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...19] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1139] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...19] guessed: [..1320] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...20] [FTP_DATA][Unknown][Download][Acceptable] RISK: Unidirectional Traffic idle: [..1320] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...20] - not-detected: [..1208] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...19] [Unknown][Unknown][Unrated] + not-detected: [..1208] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...19] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1208] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...19] guessed: [..1425] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...20] [FTP_DATA][Unknown][Download][Acceptable] @@ -2405,107 +2405,107 @@ guessed: [....16] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...23] [Telnet][Unknown][RemoteAccess][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....16] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...23] - not-detected: [...135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...24] [Unknown][Unknown][Unrated] + not-detected: [...135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...24] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...24] guessed: [....17] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...23] [Telnet][Unknown][RemoteAccess][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....17] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...23] - not-detected: [...157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...24] [Unknown][Unknown][Unrated] + not-detected: [...157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...24] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...24] guessed: [....35] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...25] [SMTP][Unknown][Email][Acceptable][] RISK: TCP Connection Issues, Probing Attempt end: [....35] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...25] - not-detected: [...293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...26] [Unknown][Unknown][Unrated] + not-detected: [...293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...26] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...26] - not-detected: [...327] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...26] [Unknown][Unknown][Unrated] + not-detected: [...327] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...26] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...327] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...26] - not-detected: [...429] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...30] [Unknown][Unknown][Unrated] + not-detected: [...429] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...30] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...429] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...30] - not-detected: [...478] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...30] [Unknown][Unknown][Unrated] + not-detected: [...478] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...30] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...478] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...30] - not-detected: [...132] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...32] [Unknown][Unknown][Unrated] + not-detected: [...132] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...32] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...132] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...32] - not-detected: [..1640] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...33] [Unknown][Unknown][Unrated] + not-detected: [..1640] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...33] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1640] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...33] - not-detected: [...160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...32] [Unknown][Unknown][Unrated] + not-detected: [...160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...32] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...32] - not-detected: [..1701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...33] [Unknown][Unknown][Unrated] + not-detected: [..1701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...33] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...33] - not-detected: [..1368] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...37] [Unknown][Unknown][Unrated] + not-detected: [..1368] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...37] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1368] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...37] - not-detected: [..1451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...37] [Unknown][Unknown][Unrated] + not-detected: [..1451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...37] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...37] - not-detected: [...694] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...42] [Unknown][Unknown][Unrated] + not-detected: [...694] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...42] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...694] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...42] guessed: [..1222] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...43] [Whois-DAS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [..1222] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...43] - not-detected: [...753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...42] [Unknown][Unknown][Unrated] + not-detected: [...753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...42] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...42] guessed: [..1276] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...43] [Whois-DAS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [..1276] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...43] - not-detected: [..1485] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...49] [Unknown][Unknown][Unrated] + not-detected: [..1485] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...49] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1485] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...49] - not-detected: [..1564] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...49] [Unknown][Unknown][Unrated] + not-detected: [..1564] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...49] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1564] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...49] guessed: [.....9] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...53] [DNS][Unknown][Network][Acceptable][] idle: [.....9] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...53] - not-detected: [..1184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...70] [Unknown][Unknown][Unrated] + not-detected: [..1184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...70] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [..1184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...70] - not-detected: [..1196] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...79] [Unknown][Unknown][Unrated] + not-detected: [..1196] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...79] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1196] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...79] - not-detected: [..1260] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...79] [Unknown][Unknown][Unrated] + not-detected: [..1260] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...79] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1260] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...79] guessed: [....13] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...80] [HTTP][Unknown][Web][Acceptable][] idle: [....13] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...80] - not-detected: [..1365] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...81] [Unknown][Unknown][Unrated] + not-detected: [..1365] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...81] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1365] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...81] - not-detected: [..1429] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...81] [Unknown][Unknown][Unrated] + not-detected: [..1429] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...81] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1429] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...81] - not-detected: [...466] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...82] [Unknown][Unknown][Unrated] + not-detected: [...466] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...82] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...466] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...82] - not-detected: [...619] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...83] [Unknown][Unknown][Unrated] + not-detected: [...619] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...83] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...619] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...83] - not-detected: [...482] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...82] [Unknown][Unknown][Unrated] + not-detected: [...482] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...82] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...482] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...82] - not-detected: [...799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...84] [Unknown][Unknown][Unrated] + not-detected: [...799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...84] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...84] - not-detected: [...678] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...83] [Unknown][Unknown][Unrated] + not-detected: [...678] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...83] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...678] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...83] - not-detected: [..1824] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...85] [Unknown][Unknown][Unrated] + not-detected: [..1824] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...85] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1824] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...85] - not-detected: [...856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...84] [Unknown][Unknown][Unrated] + not-detected: [...856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...84] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...856] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...84] - not-detected: [..1907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...85] [Unknown][Unknown][Unrated] + not-detected: [..1907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...85] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...85] guessed: [..1330] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...88] [Kerberos][Unknown][Network][Acceptable] @@ -2514,40 +2514,40 @@ guessed: [..1415] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [..1415] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...88] - not-detected: [..1040] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...89] [Unknown][Unknown][Unrated] + not-detected: [..1040] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...89] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1040] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...89] - not-detected: [..1895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...90] [Unknown][Unknown][Unrated] + not-detected: [..1895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...90] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...90] - not-detected: [..1115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...89] [Unknown][Unknown][Unrated] + not-detected: [..1115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...89] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...89] - not-detected: [..1957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...90] [Unknown][Unknown][Unrated] + not-detected: [..1957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...90] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...90] - not-detected: [...377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...99] [Unknown][Unknown][Unrated] + not-detected: [...377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...99] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][...99] - not-detected: [..1588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..100] [Unknown][Unknown][Unrated] + not-detected: [..1588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..100] - not-detected: [...407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...99] [Unknown][Unknown][Unrated] + not-detected: [...407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...99] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][...99] - not-detected: [..1662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..100] [Unknown][Unknown][Unrated] + not-detected: [..1662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..100] - not-detected: [..1248] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..106] [Unknown][Unknown][Unrated] + not-detected: [..1248] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1248] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..106] - not-detected: [..1312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..106] [Unknown][Unknown][Unrated] + not-detected: [..1312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..106] - not-detected: [...763] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..109] [Unknown][Unknown][Unrated] + not-detected: [...763] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..109] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...763] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..109] - not-detected: [...834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..109] [Unknown][Unknown][Unrated] + not-detected: [...834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..109] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...834] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..109] guessed: [....32] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..110] [POP3][Unknown][Email][Unsafe] @@ -2556,28 +2556,28 @@ guessed: [....67] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..110] [POP3][Unknown][Email][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....67] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..110] - not-detected: [.....5] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..111] [Unknown][Unknown][Unrated] + not-detected: [.....5] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....5] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..111] - not-detected: [....25] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..111] [Unknown][Unknown][Unrated] + not-detected: [....25] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....25] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..111] - not-detected: [....12] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..113] [Unknown][Unknown][Unrated] + not-detected: [....12] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..113] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [....12] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..113] - not-detected: [..1593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..119] [Unknown][Unknown][Unrated] + not-detected: [..1593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..119] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..119] - not-detected: [..1657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..119] [Unknown][Unknown][Unrated] + not-detected: [..1657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..119] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..119] - not-detected: [...523] [ip4][..tcp] [.....172.16.0.8][36061] -> [...64.13.134.52][..113] [Unknown][Unknown][Unrated] + not-detected: [...523] [ip4][..tcp] [.....172.16.0.8][36061] -> [...64.13.134.52][..113] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [...523] [ip4][..tcp] [.....172.16.0.8][36061] -> [...64.13.134.52][..113] - not-detected: [...723] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..125] [Unknown][Unknown][Unrated] + not-detected: [...723] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..125] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...723] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..125] - not-detected: [...782] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..125] [Unknown][Unknown][Unrated] + not-detected: [...782] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..125] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...782] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..125] guessed: [....39] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..135] [DCERPC][Unknown][RPC][Acceptable] @@ -2595,31 +2595,31 @@ guessed: [.....2] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..143] [IMAP][Unknown][Email][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..143] - not-detected: [..1032] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..144] [Unknown][Unknown][Unrated] + not-detected: [..1032] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1032] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..144] guessed: [....28] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..143] [IMAP][Unknown][Email][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....28] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..143] - not-detected: [..1123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..144] [Unknown][Unknown][Unrated] + not-detected: [..1123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..144] - not-detected: [..1384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..146] [Unknown][Unknown][Unrated] + not-detected: [..1384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..146] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..146] - not-detected: [..1465] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..146] [Unknown][Unknown][Unrated] + not-detected: [..1465] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..146] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1465] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..146] - not-detected: [..1634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..161] [Unknown][Unknown][Unrated] + not-detected: [..1634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..161] - not-detected: [..1707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..161] [Unknown][Unknown][Unrated] + not-detected: [..1707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..161] - not-detected: [...504] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..163] [Unknown][Unknown][Unrated] + not-detected: [...504] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...504] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..163] - not-detected: [...527] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..163] [Unknown][Unknown][Unrated] + not-detected: [...527] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...527] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..163] guessed: [..1891] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..179] [BGP][Unknown][Network][Acceptable] @@ -2628,94 +2628,94 @@ guessed: [..1961] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..179] [BGP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [..1961] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..179] - not-detected: [.....4] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..199] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..199] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..199] - not-detected: [....26] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..199] [Unknown][Unknown][Unrated] + not-detected: [....26] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..199] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....26] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..199] - not-detected: [..1030] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..211] [Unknown][Unknown][Unrated] + not-detected: [..1030] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..211] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1030] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..211] - not-detected: [..1075] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..211] [Unknown][Unknown][Unrated] + not-detected: [..1075] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..211] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1075] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..211] - not-detected: [...564] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..212] [Unknown][Unknown][Unrated] + not-detected: [...564] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..212] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...564] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..212] - not-detected: [...656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..212] [Unknown][Unknown][Unrated] + not-detected: [...656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..212] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...656] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..212] - not-detected: [..1192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..222] [Unknown][Unknown][Unrated] + not-detected: [..1192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..222] - not-detected: [..1264] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..222] [Unknown][Unknown][Unrated] + not-detected: [..1264] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1264] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..222] - not-detected: [...419] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..254] [Unknown][Unknown][Unrated] + not-detected: [...419] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..254] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...419] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..254] - not-detected: [..1101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..255] [Unknown][Unknown][Unrated] + not-detected: [..1101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..255] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..255] - not-detected: [...447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..254] [Unknown][Unknown][Unrated] + not-detected: [...447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..254] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..254] - not-detected: [..1154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..255] [Unknown][Unknown][Unrated] + not-detected: [..1154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..255] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..255] - not-detected: [....37] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..256] [Unknown][Unknown][Unrated] + not-detected: [....37] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..256] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....37] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..256] - not-detected: [....63] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..256] [Unknown][Unknown][Unrated] + not-detected: [....63] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..256] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....63] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..256] - not-detected: [..1886] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..259] [Unknown][Unknown][Unrated] + not-detected: [..1886] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..259] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1886] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..259] - not-detected: [..1966] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..259] [Unknown][Unknown][Unrated] + not-detected: [..1966] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..259] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1966] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..259] - not-detected: [..1487] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..264] [Unknown][Unknown][Unrated] + not-detected: [..1487] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..264] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1487] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..264] - not-detected: [..1562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..264] [Unknown][Unknown][Unrated] + not-detected: [..1562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..264] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1562] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..264] - not-detected: [...270] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..280] [Unknown][Unknown][Unrated] + not-detected: [...270] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..280] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...270] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..280] - not-detected: [...309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..280] [Unknown][Unknown][Unrated] + not-detected: [...309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..280] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..280] - not-detected: [...747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..301] [Unknown][Unknown][Unrated] + not-detected: [...747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..301] - not-detected: [...808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..301] [Unknown][Unknown][Unrated] + not-detected: [...808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..301] - not-detected: [..1939] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..306] [Unknown][Unknown][Unrated] + not-detected: [..1939] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..306] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1939] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..306] - not-detected: [..1983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..306] [Unknown][Unknown][Unrated] + not-detected: [..1983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..306] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..306] - not-detected: [..1898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..311] [Unknown][Unknown][Unrated] + not-detected: [..1898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..311] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..311] - not-detected: [..1954] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..311] [Unknown][Unknown][Unrated] + not-detected: [..1954] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..311] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1954] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..311] - not-detected: [..1497] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..340] [Unknown][Unknown][Unrated] + not-detected: [..1497] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..340] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1497] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..340] - not-detected: [..1552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..340] [Unknown][Unknown][Unrated] + not-detected: [..1552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..340] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..340] - not-detected: [...726] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..366] [Unknown][Unknown][Unrated] + not-detected: [...726] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..366] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...726] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..366] - not-detected: [...779] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..366] [Unknown][Unknown][Unrated] + not-detected: [...779] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..366] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...779] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..366] guessed: [..1844] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..389] [LDAP][Unknown][System][Acceptable] @@ -2724,34 +2724,34 @@ guessed: [..1917] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..389] [LDAP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [..1917] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..389] - not-detected: [..1105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..406] [Unknown][Unknown][Unrated] + not-detected: [..1105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..406] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..406] - not-detected: [..1385] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..407] [Unknown][Unknown][Unrated] + not-detected: [..1385] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..407] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1385] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..407] - not-detected: [..1150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..406] [Unknown][Unknown][Unrated] + not-detected: [..1150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..406] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..406] - not-detected: [..1464] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..407] [Unknown][Unknown][Unrated] + not-detected: [..1464] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..407] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1464] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..407] - not-detected: [..1318] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..416] [Unknown][Unknown][Unrated] + not-detected: [..1318] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..416] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1318] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..416] - not-detected: [..1479] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..417] [Unknown][Unknown][Unrated] + not-detected: [..1479] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..417] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1479] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..417] - not-detected: [..1379] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..416] [Unknown][Unknown][Unrated] + not-detected: [..1379] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..416] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1379] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..416] - not-detected: [..1570] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..417] [Unknown][Unknown][Unrated] + not-detected: [..1570] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..417] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1570] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..417] - not-detected: [...170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..425] [Unknown][Unknown][Unrated] + not-detected: [...170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..425] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..425] - not-detected: [...204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..425] [Unknown][Unknown][Unrated] + not-detected: [...204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..425] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..425] guessed: [..1289] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] @@ -2763,13 +2763,13 @@ guessed: [.....1] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..443] - not-detected: [..1672] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..444] [Unknown][Unknown][Unrated] + not-detected: [..1672] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1672] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..444] guessed: [....29] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [....29] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..443] - not-detected: [..1755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..444] [Unknown][Unknown][Unrated] + not-detected: [..1755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..444] guessed: [....36] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..445] [SMBv23][Unknown][System][Acceptable] @@ -2778,34 +2778,34 @@ guessed: [....64] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..445] [SMBv23][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [....64] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..445] - not-detected: [..1294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..458] [Unknown][Unknown][Unrated] + not-detected: [..1294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..458] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..458] - not-detected: [..1356] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..458] [Unknown][Unknown][Unrated] + not-detected: [..1356] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..458] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1356] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..458] - not-detected: [...516] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..464] [Unknown][Unknown][Unrated] + not-detected: [...516] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..464] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...516] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..464] guessed: [..1830] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..465] [SMTPS][Unknown][Email][Safe] RISK: Unidirectional Traffic idle: [..1830] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..465] - not-detected: [...555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..464] [Unknown][Unknown][Unrated] + not-detected: [...555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..464] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..464] guessed: [..1901] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..465] [SMTPS][Unknown][Email][Safe] RISK: Unidirectional Traffic idle: [..1901] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..465] - not-detected: [...837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..481] [Unknown][Unknown][Unrated] + not-detected: [...837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..481] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..481] - not-detected: [...910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..481] [Unknown][Unknown][Unrated] + not-detected: [...910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..481] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..481] - not-detected: [...178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..497] [Unknown][Unknown][Unrated] + not-detected: [...178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..497] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..497] - not-detected: [...196] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..497] [Unknown][Unknown][Unrated] + not-detected: [...196] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..497] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...196] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..497] guessed: [...886] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..500] [IPSec][Unknown][VPN][Safe] @@ -2814,58 +2814,58 @@ guessed: [...969] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [...969] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..500] - not-detected: [..1950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..512] [Unknown][Unknown][Unrated] + not-detected: [..1950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..512] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..512] - not-detected: [..1972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..512] [Unknown][Unknown][Unrated] + not-detected: [..1972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..512] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..512] - not-detected: [..1341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..513] [Unknown][Unknown][Unrated] + not-detected: [..1341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..513] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..513] - not-detected: [..1404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..513] [Unknown][Unknown][Unrated] + not-detected: [..1404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..513] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..513] guessed: [....88] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..514] [Syslog][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [....88] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..514] - not-detected: [..1623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..515] [Unknown][Unknown][Unrated] + not-detected: [..1623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..515] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..515] guessed: [...121] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..514] [Syslog][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [...121] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..514] - not-detected: [..1682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..515] [Unknown][Unknown][Unrated] + not-detected: [..1682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..515] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..515] - not-detected: [..1135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..524] [Unknown][Unknown][Unrated] + not-detected: [..1135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..524] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1135] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..524] - not-detected: [..1212] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..524] [Unknown][Unknown][Unrated] + not-detected: [..1212] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..524] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1212] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..524] - not-detected: [..1323] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..541] [Unknown][Unknown][Unrated] + not-detected: [..1323] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..541] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1323] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..541] - not-detected: [..1422] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..541] [Unknown][Unknown][Unrated] + not-detected: [..1422] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..541] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1422] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..541] - not-detected: [..1187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..543] [Unknown][Unknown][Unrated] + not-detected: [..1187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..543] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..543] - not-detected: [..1670] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..544] [Unknown][Unknown][Unrated] + not-detected: [..1670] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..544] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1670] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..544] - not-detected: [..1269] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..543] [Unknown][Unknown][Unrated] + not-detected: [..1269] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..543] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1269] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..543] - not-detected: [..1732] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..544] [Unknown][Unknown][Unrated] + not-detected: [..1732] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..544] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1732] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..544] - not-detected: [...892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..545] [Unknown][Unknown][Unrated] + not-detected: [...892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..545] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..545] - not-detected: [...963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..545] [Unknown][Unknown][Unrated] + not-detected: [...963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..545] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..545] guessed: [....42] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..548] [AFP][Unknown][DataTransfer][Acceptable] @@ -2877,25 +2877,25 @@ guessed: [....38] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..554] [RTSP][Unknown][Media][Fun] RISK: Unidirectional Traffic idle: [....38] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..554] - not-detected: [..1624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..555] [Unknown][Unknown][Unrated] + not-detected: [..1624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..555] guessed: [....62] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..554] [RTSP][Unknown][Media][Fun] RISK: Unidirectional Traffic idle: [....62] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..554] - not-detected: [..1717] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..555] [Unknown][Unknown][Unrated] + not-detected: [..1717] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1717] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..555] - not-detected: [..1894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..563] [Unknown][Unknown][Unrated] + not-detected: [..1894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..563] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..563] - not-detected: [..1958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..563] [Unknown][Unknown][Unrated] + not-detected: [..1958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..563] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..563] - not-detected: [..1102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33354] [Unknown][Unknown][Unrated] + not-detected: [..1102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33354] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33354] - not-detected: [..1153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33354] [Unknown][Unknown][Unrated] + not-detected: [..1153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33354] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33354] guessed: [.....8] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..587] [SMTP][Unknown][Email][Acceptable][] @@ -2904,40 +2904,40 @@ guessed: [....22] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..587] [SMTP][Unknown][Email][Acceptable][] RISK: Unidirectional Traffic idle: [....22] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..587] - not-detected: [..1391] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..593] [Unknown][Unknown][Unrated] + not-detected: [..1391] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..593] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1391] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..593] - not-detected: [..1458] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..593] [Unknown][Unknown][Unrated] + not-detected: [..1458] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..593] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1458] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..593] - not-detected: [..1537] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..616] [Unknown][Unknown][Unrated] + not-detected: [..1537] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1537] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..616] - not-detected: [..1616] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..616] [Unknown][Unknown][Unrated] + not-detected: [..1616] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1616] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..616] - not-detected: [...773] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..617] [Unknown][Unknown][Unrated] + not-detected: [...773] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..617] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...773] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..617] - not-detected: [...824] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..617] [Unknown][Unknown][Unrated] + not-detected: [...824] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..617] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...824] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..617] - not-detected: [..1832] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..625] [Unknown][Unknown][Unrated] + not-detected: [..1832] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..625] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1832] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..625] - not-detected: [..1909] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..625] [Unknown][Unknown][Unrated] + not-detected: [..1909] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..625] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1909] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..625] - not-detected: [..1494] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..631] [Unknown][Unknown][Unrated] + not-detected: [..1494] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..631] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1494] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..631] - not-detected: [..1555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..631] [Unknown][Unknown][Unrated] + not-detected: [..1555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..631] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1555] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..631] - not-detected: [..1583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..636] [Unknown][Unknown][Unrated] + not-detected: [..1583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..636] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..636] - not-detected: [..1667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..636] [Unknown][Unknown][Unrated] + not-detected: [..1667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..636] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..636] guessed: [...497] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..646] [LDP][Unknown][Network][Acceptable] @@ -2946,142 +2946,142 @@ guessed: [...534] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..646] [LDP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...534] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..646] - not-detected: [..1495] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..648] [Unknown][Unknown][Unrated] + not-detected: [..1495] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..648] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1495] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..648] - not-detected: [..1554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..648] [Unknown][Unknown][Unrated] + not-detected: [..1554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..648] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..648] - not-detected: [...296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..666] [Unknown][Unknown][Unrated] + not-detected: [...296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..666] - not-detected: [..1024] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..667] [Unknown][Unknown][Unrated] + not-detected: [..1024] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..667] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1024] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..667] - not-detected: [...324] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..666] [Unknown][Unknown][Unrated] + not-detected: [...324] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...324] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..666] - not-detected: [..1639] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..668] [Unknown][Unknown][Unrated] + not-detected: [..1639] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..668] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1639] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..668] - not-detected: [..1081] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..667] [Unknown][Unknown][Unrated] + not-detected: [..1081] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..667] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1081] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..667] - not-detected: [..1702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..668] [Unknown][Unknown][Unrated] + not-detected: [..1702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..668] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..668] - not-detected: [....57] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..683] [Unknown][Unknown][Unrated] + not-detected: [....57] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..683] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....57] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..683] - not-detected: [....71] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..683] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..683] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....71] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..683] - not-detected: [..1846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..687] [Unknown][Unknown][Unrated] + not-detected: [..1846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..687] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..687] - not-detected: [..1915] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..687] [Unknown][Unknown][Unrated] + not-detected: [..1915] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..687] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1915] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..687] - not-detected: [..1297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..691] [Unknown][Unknown][Unrated] + not-detected: [..1297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..691] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..691] - not-detected: [..1353] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..691] [Unknown][Unknown][Unrated] + not-detected: [..1353] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..691] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1353] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..691] - not-detected: [...274] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..700] [Unknown][Unknown][Unrated] + not-detected: [...274] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..700] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...274] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..700] - not-detected: [...305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..700] [Unknown][Unknown][Unrated] + not-detected: [...305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..700] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..700] - not-detected: [...950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..705] [Unknown][Unknown][Unrated] + not-detected: [...950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..705] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...950] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..705] - not-detected: [..1005] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..705] [Unknown][Unknown][Unrated] + not-detected: [..1005] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..705] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1005] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..705] - not-detected: [..1224] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..711] [Unknown][Unknown][Unrated] + not-detected: [..1224] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..711] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1224] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..711] - not-detected: [..1301] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..711] [Unknown][Unknown][Unrated] + not-detected: [..1301] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..711] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1301] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..711] - not-detected: [..1170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..714] [Unknown][Unknown][Unrated] + not-detected: [..1170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..714] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1170] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..714] - not-detected: [..1237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..714] [Unknown][Unknown][Unrated] + not-detected: [..1237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..714] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..714] - not-detected: [..1382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..720] [Unknown][Unknown][Unrated] + not-detected: [..1382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..720] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..720] - not-detected: [..1467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..720] [Unknown][Unknown][Unrated] + not-detected: [..1467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..720] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..720] - not-detected: [..1342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..722] [Unknown][Unknown][Unrated] + not-detected: [..1342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..722] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..722] - not-detected: [..1403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..722] [Unknown][Unknown][Unrated] + not-detected: [..1403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..722] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..722] - not-detected: [...457] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..726] [Unknown][Unknown][Unrated] + not-detected: [...457] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..726] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...457] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..726] - not-detected: [...491] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..726] [Unknown][Unknown][Unrated] + not-detected: [...491] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..726] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...491] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..726] - not-detected: [...631] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..749] [Unknown][Unknown][Unrated] + not-detected: [...631] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..749] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...631] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..749] - not-detected: [...706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..749] [Unknown][Unknown][Unrated] + not-detected: [...706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..749] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..749] - not-detected: [...218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..765] [Unknown][Unknown][Unrated] + not-detected: [...218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..765] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..765] - not-detected: [...238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..765] [Unknown][Unknown][Unrated] + not-detected: [...238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..765] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..765] - not-detected: [..1649] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..777] [Unknown][Unknown][Unrated] + not-detected: [..1649] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1649] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..777] - not-detected: [..1722] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..777] [Unknown][Unknown][Unrated] + not-detected: [..1722] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1722] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..777] - not-detected: [..1500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..783] [Unknown][Unknown][Unrated] + not-detected: [..1500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..783] - not-detected: [..1549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..783] [Unknown][Unknown][Unrated] + not-detected: [..1549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..783] - not-detected: [..1654] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..787] [Unknown][Unknown][Unrated] + not-detected: [..1654] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..787] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1654] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..787] - not-detected: [..1730] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..787] [Unknown][Unknown][Unrated] + not-detected: [..1730] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..787] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1730] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..787] - not-detected: [..1036] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..800] [Unknown][Unknown][Unrated] + not-detected: [..1036] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1036] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..800] - not-detected: [..1119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..800] [Unknown][Unknown][Unrated] + not-detected: [..1119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..800] - not-detected: [...301] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..801] [Unknown][Unknown][Unrated] + not-detected: [...301] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...301] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..801] - not-detected: [...319] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..801] [Unknown][Unknown][Unrated] + not-detected: [...319] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...319] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..801] - not-detected: [...209] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..808] [Unknown][Unknown][Unrated] + not-detected: [...209] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..808] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...209] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..808] - not-detected: [...247] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..808] [Unknown][Unknown][Unrated] + not-detected: [...247] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..808] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...247] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..808] - not-detected: [...100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..843] [Unknown][Unknown][Unrated] + not-detected: [...100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..843] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..843] - not-detected: [...150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..843] [Unknown][Unknown][Unrated] + not-detected: [...150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..843] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...150] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..843] guessed: [..1592] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..873] [RSYNC][Unknown][DataTransfer][Acceptable] @@ -3090,82 +3090,82 @@ guessed: [..1658] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..873] [RSYNC][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1658] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..873] - not-detected: [..1625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..880] [Unknown][Unknown][Unrated] + not-detected: [..1625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..880] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..880] - not-detected: [..1716] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..880] [Unknown][Unknown][Unrated] + not-detected: [..1716] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..880] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1716] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..880] - not-detected: [...589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..888] [Unknown][Unknown][Unrated] + not-detected: [...589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..888] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..888] - not-detected: [...666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..888] [Unknown][Unknown][Unrated] + not-detected: [...666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..888] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..888] - not-detected: [...883] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..898] [Unknown][Unknown][Unrated] + not-detected: [...883] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..898] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...883] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..898] - not-detected: [...972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..898] [Unknown][Unknown][Unrated] + not-detected: [...972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..898] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...972] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..898] - not-detected: [..1591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..900] [Unknown][Unknown][Unrated] + not-detected: [..1591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..900] - not-detected: [..1659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..900] [Unknown][Unknown][Unrated] + not-detected: [..1659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..900] - not-detected: [...866] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..901] [Unknown][Unknown][Unrated] + not-detected: [...866] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..901] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...866] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..901] - not-detected: [..1092] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..902] [Unknown][Unknown][Unrated] + not-detected: [..1092] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..902] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1092] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..902] - not-detected: [...939] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..901] [Unknown][Unknown][Unrated] + not-detected: [...939] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..901] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...939] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..901] guessed: [..1587] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..903] [VMware][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [..1587] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..903] - not-detected: [..1163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..902] [Unknown][Unknown][Unrated] + not-detected: [..1163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..902] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..902] guessed: [..1663] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..903] [VMware][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [..1663] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..903] - not-detected: [..1780] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..911] [Unknown][Unknown][Unrated] + not-detected: [..1780] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1780] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..911] - not-detected: [..1877] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..911] [Unknown][Unknown][Unrated] + not-detected: [..1877] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1877] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..911] - not-detected: [...456] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..912] [Unknown][Unknown][Unrated] + not-detected: [...456] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..912] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...456] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..912] - not-detected: [...492] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..912] [Unknown][Unknown][Unrated] + not-detected: [...492] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..912] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...492] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..912] - not-detected: [...867] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..981] [Unknown][Unknown][Unrated] + not-detected: [...867] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..981] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...867] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..981] - not-detected: [...938] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..981] [Unknown][Unknown][Unrated] + not-detected: [...938] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..981] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...938] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..981] - not-detected: [...914] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..987] [Unknown][Unknown][Unrated] + not-detected: [...914] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..987] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...914] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..987] - not-detected: [...983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..987] [Unknown][Unknown][Unrated] + not-detected: [...983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..987] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...983] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..987] - not-detected: [....47] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..990] [Unknown][Unknown][Unrated] + not-detected: [....47] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..990] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....47] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..990] - not-detected: [....81] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..990] [Unknown][Unknown][Unrated] + not-detected: [....81] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..990] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....81] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..990] - not-detected: [..1099] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..992] [Unknown][Unknown][Unrated] + not-detected: [..1099] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..992] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1099] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..992] - not-detected: [..1156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..992] [Unknown][Unknown][Unrated] + not-detected: [..1156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..992] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..992] guessed: [....31] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..993] [IMAPS][Unknown][Email][Safe] @@ -3180,970 +3180,970 @@ guessed: [....23] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..995] [POPS][Unknown][Email][Safe] RISK: Unidirectional Traffic idle: [....23] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..995] - not-detected: [...522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..999] [Unknown][Unknown][Unrated] + not-detected: [...522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][..999] - not-detected: [..1434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1000] [Unknown][Unknown][Unrated] + not-detected: [..1434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1434] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1000] - not-detected: [...549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..999] [Unknown][Unknown][Unrated] + not-detected: [...549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...549] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][..999] - not-detected: [..1512] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1000] [Unknown][Unknown][Unrated] + not-detected: [..1512] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1512] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1000] - not-detected: [...845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1001] [Unknown][Unknown][Unrated] + not-detected: [...845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1001] - not-detected: [...902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1001] [Unknown][Unknown][Unrated] + not-detected: [...902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1001] - not-detected: [...894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1002] [Unknown][Unknown][Unrated] + not-detected: [...894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...894] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1002] - not-detected: [...961] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1002] [Unknown][Unknown][Unrated] + not-detected: [...961] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...961] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1002] - not-detected: [..1827] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1007] [Unknown][Unknown][Unrated] + not-detected: [..1827] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1827] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1007] - not-detected: [..1904] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1007] [Unknown][Unknown][Unrated] + not-detected: [..1904] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1904] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1007] - not-detected: [...576] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1009] [Unknown][Unknown][Unrated] + not-detected: [...576] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...576] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1009] - not-detected: [..1095] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1010] [Unknown][Unknown][Unrated] + not-detected: [..1095] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1095] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1010] - not-detected: [...644] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1009] [Unknown][Unknown][Unrated] + not-detected: [...644] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...644] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1009] - not-detected: [..1160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1010] [Unknown][Unknown][Unrated] + not-detected: [..1160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1160] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1010] - not-detected: [..1070] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1011] [Unknown][Unknown][Unrated] + not-detected: [..1070] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1070] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1011] - not-detected: [..1127] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1011] [Unknown][Unknown][Unrated] + not-detected: [..1127] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1127] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1011] - not-detected: [..1926] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1021] [Unknown][Unknown][Unrated] + not-detected: [..1926] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1926] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1021] - not-detected: [..1968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1021] [Unknown][Unknown][Unrated] + not-detected: [..1968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1021] - not-detected: [..1529] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1022] [Unknown][Unknown][Unrated] + not-detected: [..1529] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1529] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1022] - not-detected: [..1604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1022] [Unknown][Unknown][Unrated] + not-detected: [..1604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1022] - not-detected: [..1586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1023] [Unknown][Unknown][Unrated] + not-detected: [..1586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1023] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1023] - not-detected: [..1664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1023] [Unknown][Unknown][Unrated] + not-detected: [..1664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1023] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1023] - not-detected: [...130] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1024] [Unknown][Unknown][Unrated] + not-detected: [...130] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1024] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...130] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1024] - not-detected: [...162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1024] [Unknown][Unknown][Unrated] + not-detected: [...162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1024] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1024] - not-detected: [.....6] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1025] [Unknown][Unknown][Unrated] + not-detected: [.....6] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1025] - not-detected: [..1471] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1026] [Unknown][Unknown][Unrated] + not-detected: [..1471] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1026] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1471] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1026] - not-detected: [....24] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1025] [Unknown][Unknown][Unrated] + not-detected: [....24] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....24] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1025] - not-detected: [..1530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1026] [Unknown][Unknown][Unrated] + not-detected: [..1530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1026] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1026] - not-detected: [...428] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1027] [Unknown][Unknown][Unrated] + not-detected: [...428] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1027] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...428] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1027] - not-detected: [..1590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1028] [Unknown][Unknown][Unrated] + not-detected: [..1590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1028] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1028] - not-detected: [...479] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1027] [Unknown][Unknown][Unrated] + not-detected: [...479] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1027] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...479] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1027] - not-detected: [..1660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1028] [Unknown][Unknown][Unrated] + not-detected: [..1660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1028] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1028] - not-detected: [...864] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1029] [Unknown][Unknown][Unrated] + not-detected: [...864] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1029] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...864] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1029] - not-detected: [..1186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1030] [Unknown][Unknown][Unrated] + not-detected: [..1186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1030] - not-detected: [...941] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1029] [Unknown][Unknown][Unrated] + not-detected: [...941] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1029] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...941] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1029] - not-detected: [..1270] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1030] [Unknown][Unknown][Unrated] + not-detected: [..1270] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1270] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1030] - not-detected: [...636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1031] [Unknown][Unknown][Unrated] + not-detected: [...636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1031] - not-detected: [..1198] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1032] [Unknown][Unknown][Unrated] + not-detected: [..1198] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1032] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1198] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1032] - not-detected: [...701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1031] [Unknown][Unknown][Unrated] + not-detected: [...701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...701] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1031] - not-detected: [..1493] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1033] [Unknown][Unknown][Unrated] + not-detected: [..1493] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1493] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1033] - not-detected: [..1274] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1032] [Unknown][Unknown][Unrated] + not-detected: [..1274] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1032] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1274] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1032] - not-detected: [..1556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1033] [Unknown][Unknown][Unrated] + not-detected: [..1556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1033] - not-detected: [..1546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1034] [Unknown][Unknown][Unrated] + not-detected: [..1546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1034] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1034] - not-detected: [..1607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1034] [Unknown][Unknown][Unrated] + not-detected: [..1607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1034] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1034] - not-detected: [..1329] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1035] [Unknown][Unknown][Unrated] + not-detected: [..1329] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1035] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1329] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1035] - not-detected: [..1416] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1035] [Unknown][Unknown][Unrated] + not-detected: [..1416] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1035] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1416] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1035] - not-detected: [...581] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1036] [Unknown][Unknown][Unrated] + not-detected: [...581] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1036] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...581] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1036] - not-detected: [..1028] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1037] [Unknown][Unknown][Unrated] + not-detected: [..1028] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1037] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1028] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1037] - not-detected: [...639] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1036] [Unknown][Unknown][Unrated] + not-detected: [...639] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1036] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...639] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1036] - not-detected: [..1821] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1038] [Unknown][Unknown][Unrated] + not-detected: [..1821] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1821] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1038] - not-detected: [..1077] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1037] [Unknown][Unknown][Unrated] + not-detected: [..1077] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1037] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1077] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1037] - not-detected: [..1885] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1038] [Unknown][Unknown][Unrated] + not-detected: [..1885] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1885] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1038] - not-detected: [..1538] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1039] [Unknown][Unknown][Unrated] + not-detected: [..1538] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1039] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1538] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1039] - not-detected: [..1615] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1039] [Unknown][Unknown][Unrated] + not-detected: [..1615] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1039] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1615] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1039] - not-detected: [...376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1040] [Unknown][Unknown][Unrated] + not-detected: [...376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1040] - not-detected: [...734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1041] [Unknown][Unknown][Unrated] + not-detected: [...734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1041] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1041] - not-detected: [...408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1040] [Unknown][Unknown][Unrated] + not-detected: [...408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...408] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1040] - not-detected: [...821] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1041] [Unknown][Unknown][Unrated] + not-detected: [...821] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1041] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...821] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1041] - not-detected: [...735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1042] [Unknown][Unknown][Unrated] + not-detected: [...735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1042] - not-detected: [...820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1042] [Unknown][Unknown][Unrated] + not-detected: [...820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1042] - not-detected: [...183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1043] [Unknown][Unknown][Unrated] + not-detected: [...183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1043] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1043] - not-detected: [..1949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1044] [Unknown][Unknown][Unrated] + not-detected: [..1949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1044] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1044] - not-detected: [...232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1043] [Unknown][Unknown][Unrated] + not-detected: [...232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1043] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1043] - not-detected: [..1973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1044] [Unknown][Unknown][Unrated] + not-detected: [..1973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1044] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1044] - not-detected: [..1247] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1045] [Unknown][Unknown][Unrated] + not-detected: [..1247] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1247] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1045] - not-detected: [..1313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1045] [Unknown][Unknown][Unrated] + not-detected: [..1313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1045] - not-detected: [...945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1046] [Unknown][Unknown][Unrated] + not-detected: [...945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1046] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1046] - not-detected: [..1010] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1046] [Unknown][Unknown][Unrated] + not-detected: [..1010] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1046] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1010] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1046] - not-detected: [...347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1047] [Unknown][Unknown][Unrated] + not-detected: [...347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1047] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1047] - not-detected: [...439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1048] [Unknown][Unknown][Unrated] + not-detected: [...439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1048] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...439] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1048] - not-detected: [...396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1047] [Unknown][Unknown][Unrated] + not-detected: [...396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1047] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1047] - not-detected: [..1932] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1049] [Unknown][Unknown][Unrated] + not-detected: [..1932] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1049] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1932] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1049] - not-detected: [...468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1048] [Unknown][Unknown][Unrated] + not-detected: [...468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1048] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1048] - not-detected: [..1990] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1049] [Unknown][Unknown][Unrated] + not-detected: [..1990] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1049] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1990] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1049] - not-detected: [..1103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1050] [Unknown][Unknown][Unrated] + not-detected: [..1103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1050] - not-detected: [..1152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1050] [Unknown][Unknown][Unrated] + not-detected: [..1152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1050] - not-detected: [...891] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1051] [Unknown][Unknown][Unrated] + not-detected: [...891] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1051] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...891] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1051] - not-detected: [...964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1051] [Unknown][Unknown][Unrated] + not-detected: [...964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1051] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1051] - not-detected: [...690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1052] [Unknown][Unknown][Unrated] + not-detected: [...690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1052] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1052] - not-detected: [...757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1052] [Unknown][Unknown][Unrated] + not-detected: [...757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1052] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1052] - not-detected: [...584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1053] [Unknown][Unknown][Unrated] + not-detected: [...584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1053] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1053] - not-detected: [..1520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1054] [Unknown][Unknown][Unrated] + not-detected: [..1520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1054] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1054] - not-detected: [...671] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1053] [Unknown][Unknown][Unrated] + not-detected: [...671] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1053] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...671] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1053] - not-detected: [..1603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1054] [Unknown][Unknown][Unrated] + not-detected: [..1603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1054] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1603] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1054] - not-detected: [..1331] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1055] [Unknown][Unknown][Unrated] + not-detected: [..1331] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1055] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1331] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1055] - not-detected: [..1414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1055] [Unknown][Unknown][Unrated] + not-detected: [..1414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1055] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1055] - not-detected: [....43] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1056] [Unknown][Unknown][Unrated] + not-detected: [....43] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1056] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....43] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1056] - not-detected: [..1742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1057] [Unknown][Unknown][Unrated] + not-detected: [..1742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1057] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1057] - not-detected: [....85] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1056] [Unknown][Unknown][Unrated] + not-detected: [....85] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1056] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....85] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1056] - not-detected: [..1812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1057] [Unknown][Unknown][Unrated] + not-detected: [..1812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1057] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1057] - not-detected: [...569] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1058] [Unknown][Unknown][Unrated] + not-detected: [...569] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1058] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...569] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1058] - not-detected: [...988] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1059] [Unknown][Unknown][Unrated] + not-detected: [...988] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1059] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...988] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1059] - not-detected: [...651] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1058] [Unknown][Unknown][Unrated] + not-detected: [...651] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1058] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...651] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1058] - not-detected: [..1059] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1059] [Unknown][Unknown][Unrated] + not-detected: [..1059] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1059] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1059] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1059] - not-detected: [...348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1060] [Unknown][Unknown][Unrated] + not-detected: [...348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1060] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1060] - not-detected: [..1249] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1061] [Unknown][Unknown][Unrated] + not-detected: [..1249] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1061] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1249] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1061] - not-detected: [...395] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1060] [Unknown][Unknown][Unrated] + not-detected: [...395] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1060] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...395] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1060] - not-detected: [..1311] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1061] [Unknown][Unknown][Unrated] + not-detected: [..1311] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1061] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1311] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1061] - not-detected: [..1066] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1062] [Unknown][Unknown][Unrated] + not-detected: [..1066] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1062] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1066] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1062] - not-detected: [..1797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1063] [Unknown][Unknown][Unrated] + not-detected: [..1797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1063] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1063] - not-detected: [..1131] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1062] [Unknown][Unknown][Unrated] + not-detected: [..1131] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1062] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1131] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1062] - not-detected: [..1860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1063] [Unknown][Unknown][Unrated] + not-detected: [..1860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1063] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1063] - not-detected: [...214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1064] [Unknown][Unknown][Unrated] + not-detected: [...214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1064] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1064] - not-detected: [...508] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1065] [Unknown][Unknown][Unrated] + not-detected: [...508] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1065] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...508] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1065] - not-detected: [...242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1064] [Unknown][Unknown][Unrated] + not-detected: [...242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1064] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1064] - not-detected: [...836] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1066] [Unknown][Unknown][Unrated] + not-detected: [...836] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1066] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...836] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1066] - not-detected: [...563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1065] [Unknown][Unknown][Unrated] + not-detected: [...563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1065] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1065] - not-detected: [...911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1066] [Unknown][Unknown][Unrated] + not-detected: [...911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1066] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1066] - not-detected: [...104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1067] [Unknown][Unknown][Unrated] + not-detected: [...104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1067] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1067] - not-detected: [..1295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1068] [Unknown][Unknown][Unrated] + not-detected: [..1295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1068] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1068] - not-detected: [...146] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1067] [Unknown][Unknown][Unrated] + not-detected: [...146] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1067] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...146] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1067] - not-detected: [..1355] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1068] [Unknown][Unknown][Unrated] + not-detected: [..1355] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1068] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1355] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1068] - not-detected: [..1349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1069] [Unknown][Unknown][Unrated] + not-detected: [..1349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1069] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1069] - not-detected: [..1396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1069] [Unknown][Unknown][Unrated] + not-detected: [..1396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1069] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1396] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1069] - not-detected: [...418] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1070] [Unknown][Unknown][Unrated] + not-detected: [...418] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...418] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1070] - not-detected: [...448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1070] [Unknown][Unknown][Unrated] + not-detected: [...448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1070] - not-detected: [...207] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1071] [Unknown][Unknown][Unrated] + not-detected: [...207] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...207] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1071] - not-detected: [...744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1072] [Unknown][Unknown][Unrated] + not-detected: [...744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1072] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...744] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1072] - not-detected: [...249] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1071] [Unknown][Unknown][Unrated] + not-detected: [...249] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...249] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1071] - not-detected: [...811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1072] [Unknown][Unknown][Unrated] + not-detected: [...811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1072] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1072] - not-detected: [...175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1073] [Unknown][Unknown][Unrated] + not-detected: [...175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1073] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1073] - not-detected: [..1650] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1074] [Unknown][Unknown][Unrated] + not-detected: [..1650] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1074] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1650] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1074] - not-detected: [...199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1073] [Unknown][Unknown][Unrated] + not-detected: [...199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1073] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1073] - not-detected: [..1721] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1074] [Unknown][Unknown][Unrated] + not-detected: [..1721] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1074] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1721] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1074] - not-detected: [....97] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1075] [Unknown][Unknown][Unrated] + not-detected: [....97] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1075] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....97] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1075] - not-detected: [..1483] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1076] [Unknown][Unknown][Unrated] + not-detected: [..1483] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1076] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1483] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1076] - not-detected: [...153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1075] [Unknown][Unknown][Unrated] + not-detected: [...153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1075] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...153] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1075] - not-detected: [..1566] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1076] [Unknown][Unknown][Unrated] + not-detected: [..1566] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1076] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1566] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1076] - not-detected: [..1333] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1077] [Unknown][Unknown][Unrated] + not-detected: [..1333] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1077] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1333] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1077] - not-detected: [..1412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1077] [Unknown][Unknown][Unrated] + not-detected: [..1412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1077] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1077] - not-detected: [...748] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1078] [Unknown][Unknown][Unrated] + not-detected: [...748] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1078] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...748] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1078] - not-detected: [...807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1078] [Unknown][Unknown][Unrated] + not-detected: [...807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1078] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1078] - not-detected: [...771] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1079] [Unknown][Unknown][Unrated] + not-detected: [...771] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1079] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...771] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1079] guessed: [..1694] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1080] [SOCKS][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [..1694] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1080] - not-detected: [...826] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1079] [Unknown][Unknown][Unrated] + not-detected: [...826] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1079] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...826] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1079] guessed: [..1763] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1080] [SOCKS][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [..1763] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1080] - not-detected: [..1490] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1081] [Unknown][Unknown][Unrated] + not-detected: [..1490] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1490] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1081] - not-detected: [..1559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1081] [Unknown][Unknown][Unrated] + not-detected: [..1559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1081] - not-detected: [...842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1082] [Unknown][Unknown][Unrated] + not-detected: [...842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1082] - not-detected: [...905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1082] [Unknown][Unknown][Unrated] + not-detected: [...905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1082] - not-detected: [...714] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1083] [Unknown][Unknown][Unrated] + not-detected: [...714] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1083] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...714] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1083] - not-detected: [...791] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1083] [Unknown][Unknown][Unrated] + not-detected: [...791] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1083] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...791] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1083] - not-detected: [...261] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1084] [Unknown][Unknown][Unrated] + not-detected: [...261] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1084] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...261] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1084] - not-detected: [...768] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1085] [Unknown][Unknown][Unrated] + not-detected: [...768] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1085] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...768] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1085] - not-detected: [...277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1084] [Unknown][Unknown][Unrated] + not-detected: [...277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1084] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1084] - not-detected: [...829] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1085] [Unknown][Unknown][Unrated] + not-detected: [...829] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1085] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...829] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1085] - not-detected: [...689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1086] [Unknown][Unknown][Unrated] + not-detected: [...689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1086] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1086] - not-detected: [...758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1086] [Unknown][Unknown][Unrated] + not-detected: [...758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1086] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1086] - not-detected: [...383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1087] [Unknown][Unknown][Unrated] + not-detected: [...383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1087] - not-detected: [...521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1088] [Unknown][Unknown][Unrated] + not-detected: [...521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1088] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1088] - not-detected: [...401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1087] [Unknown][Unknown][Unrated] + not-detected: [...401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1087] - not-detected: [..1679] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1089] [Unknown][Unknown][Unrated] + not-detected: [..1679] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1089] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1679] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1089] - not-detected: [...550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1088] [Unknown][Unknown][Unrated] + not-detected: [...550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1088] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1088] - not-detected: [..1748] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1089] [Unknown][Unknown][Unrated] + not-detected: [..1748] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1089] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1748] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1089] - not-detected: [..1629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1090] [Unknown][Unknown][Unrated] + not-detected: [..1629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1090] - not-detected: [..1712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1090] [Unknown][Unknown][Unrated] + not-detected: [..1712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1090] - not-detected: [..1137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1091] [Unknown][Unknown][Unrated] + not-detected: [..1137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1091] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1091] - not-detected: [..1930] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1092] [Unknown][Unknown][Unrated] + not-detected: [..1930] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1092] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1930] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1092] - not-detected: [..1210] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1091] [Unknown][Unknown][Unrated] + not-detected: [..1210] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1091] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1210] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1091] - not-detected: [..1992] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1092] [Unknown][Unknown][Unrated] + not-detected: [..1992] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1092] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1992] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1092] - not-detected: [...896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1093] [Unknown][Unknown][Unrated] + not-detected: [...896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1093] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1093] - not-detected: [..1646] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1094] [Unknown][Unknown][Unrated] + not-detected: [..1646] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1094] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1646] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1094] - not-detected: [...959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1093] [Unknown][Unknown][Unrated] + not-detected: [...959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1093] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1093] - not-detected: [..1725] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1094] [Unknown][Unknown][Unrated] + not-detected: [..1725] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1094] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1725] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1094] - not-detected: [...213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1095] [Unknown][Unknown][Unrated] + not-detected: [...213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1095] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1095] - not-detected: [...598] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1096] [Unknown][Unknown][Unrated] + not-detected: [...598] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1096] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...598] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1096] - not-detected: [...243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1095] [Unknown][Unknown][Unrated] + not-detected: [...243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1095] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1095] - not-detected: [...657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1096] [Unknown][Unknown][Unrated] + not-detected: [...657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1096] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...657] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1096] - not-detected: [...422] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1097] [Unknown][Unknown][Unrated] + not-detected: [...422] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1097] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...422] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1097] - not-detected: [..1257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1098] [Unknown][Unknown][Unrated] + not-detected: [..1257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1098] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1098] - not-detected: [...444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1097] [Unknown][Unknown][Unrated] + not-detected: [...444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1097] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1097] - not-detected: [..1303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1098] [Unknown][Unknown][Unrated] + not-detected: [..1303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1098] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1303] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1098] guessed: [..1045] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1099] [JRMI][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [..1045] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1099] - not-detected: [..1166] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1100] [Unknown][Unknown][Unrated] + not-detected: [..1166] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1166] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1100] guessed: [..1110] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1099] [JRMI][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [..1110] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1099] - not-detected: [..1241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1100] [Unknown][Unknown][Unrated] + not-detected: [..1241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1100] - not-detected: [..1533] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1102] [Unknown][Unknown][Unrated] + not-detected: [..1533] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1533] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1102] - not-detected: [..1620] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1102] [Unknown][Unknown][Unrated] + not-detected: [..1620] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1620] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1102] - not-detected: [..1941] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1104] [Unknown][Unknown][Unrated] + not-detected: [..1941] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1104] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1941] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1104] - not-detected: [..1981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1104] [Unknown][Unknown][Unrated] + not-detected: [..1981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1104] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1104] - not-detected: [..1178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1105] [Unknown][Unknown][Unrated] + not-detected: [..1178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1105] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1178] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1105] - not-detected: [..1229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1105] [Unknown][Unknown][Unrated] + not-detected: [..1229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1105] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1105] - not-detected: [..1144] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1106] [Unknown][Unknown][Unrated] + not-detected: [..1144] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1144] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1106] - not-detected: [..1582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1107] [Unknown][Unknown][Unrated] + not-detected: [..1582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1107] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1107] - not-detected: [..1203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1106] [Unknown][Unknown][Unrated] + not-detected: [..1203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1106] - not-detected: [..1828] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1108] [Unknown][Unknown][Unrated] + not-detected: [..1828] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1108] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1828] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1108] - not-detected: [..1668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1107] [Unknown][Unknown][Unrated] + not-detected: [..1668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1107] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1107] - not-detected: [..1903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1108] [Unknown][Unknown][Unrated] + not-detected: [..1903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1108] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1108] - not-detected: [..1943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1110] [Unknown][Unknown][Unrated] + not-detected: [..1943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1110] - not-detected: [..1979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1110] [Unknown][Unknown][Unrated] + not-detected: [..1979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1110] - not-detected: [...215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1111] [Unknown][Unknown][Unrated] + not-detected: [...215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1111] - not-detected: [..1033] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1112] [Unknown][Unknown][Unrated] + not-detected: [..1033] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1112] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1033] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1112] - not-detected: [...241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1111] [Unknown][Unknown][Unrated] + not-detected: [...241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...241] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1111] - not-detected: [..1517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1113] [Unknown][Unknown][Unrated] + not-detected: [..1517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1113] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1113] - not-detected: [..1122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1112] [Unknown][Unknown][Unrated] + not-detected: [..1122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1112] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1112] - not-detected: [..1581] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1113] [Unknown][Unknown][Unrated] + not-detected: [..1581] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1113] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1581] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1113] - not-detected: [..1395] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1114] [Unknown][Unknown][Unrated] + not-detected: [..1395] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1114] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1395] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1114] - not-detected: [..1454] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1114] [Unknown][Unknown][Unrated] + not-detected: [..1454] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1114] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1454] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1114] - not-detected: [..1071] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1117] [Unknown][Unknown][Unrated] + not-detected: [..1071] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1117] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1071] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1117] - not-detected: [..1126] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1117] [Unknown][Unknown][Unrated] + not-detected: [..1126] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1117] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1126] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1117] - guessed: [...870] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [...870] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1119] [Blizzard][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [...870] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1119] - guessed: [...935] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1119] [Starcraft][Unknown][Game][Fun] + guessed: [...935] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1119] [Blizzard][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [...935] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1119] - not-detected: [..1215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1121] [Unknown][Unknown][Unrated] + not-detected: [..1215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1121] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1215] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1121] - not-detected: [..1283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1121] [Unknown][Unknown][Unrated] + not-detected: [..1283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1121] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1121] - not-detected: [..1223] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1122] [Unknown][Unknown][Unrated] + not-detected: [..1223] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1122] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1223] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1122] - not-detected: [..1275] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1122] [Unknown][Unknown][Unrated] + not-detected: [..1275] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1122] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1275] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1122] - not-detected: [...265] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1123] [Unknown][Unknown][Unrated] + not-detected: [...265] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1123] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...265] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1123] - not-detected: [..1252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1124] [Unknown][Unknown][Unrated] + not-detected: [..1252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1124] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1124] - not-detected: [...314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1123] [Unknown][Unknown][Unrated] + not-detected: [...314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1123] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1123] - not-detected: [..1308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1124] [Unknown][Unknown][Unrated] + not-detected: [..1308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1124] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1124] - not-detected: [..1339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1126] [Unknown][Unknown][Unrated] + not-detected: [..1339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1126] - not-detected: [..1406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1126] [Unknown][Unknown][Unrated] + not-detected: [..1406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1126] - not-detected: [..1525] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1130] [Unknown][Unknown][Unrated] + not-detected: [..1525] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1130] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1525] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1130] - not-detected: [..1598] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1130] [Unknown][Unknown][Unrated] + not-detected: [..1598] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1130] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1598] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1130] - not-detected: [...271] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1131] [Unknown][Unknown][Unrated] + not-detected: [...271] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1131] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...271] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1131] - not-detected: [...106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33899] [Unknown][Unknown][Unrated] + not-detected: [...106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33899] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...106] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][33899] - not-detected: [..1188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1132] [Unknown][Unknown][Unrated] + not-detected: [..1188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1132] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1132] - not-detected: [...308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1131] [Unknown][Unknown][Unrated] + not-detected: [...308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1131] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...308] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1131] - not-detected: [...144] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33899] [Unknown][Unknown][Unrated] + not-detected: [...144] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33899] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...144] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][33899] - not-detected: [..1268] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1132] [Unknown][Unknown][Unrated] + not-detected: [..1268] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1132] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1268] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1132] - not-detected: [...993] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1137] [Unknown][Unknown][Unrated] + not-detected: [...993] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1137] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...993] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1137] - not-detected: [..1141] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1138] [Unknown][Unknown][Unrated] + not-detected: [..1141] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1138] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1141] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1138] - not-detected: [..1054] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1137] [Unknown][Unknown][Unrated] + not-detected: [..1054] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1137] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1054] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1137] - not-detected: [..1206] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1138] [Unknown][Unknown][Unrated] + not-detected: [..1206] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1138] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1206] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1138] - not-detected: [...772] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1141] [Unknown][Unknown][Unrated] + not-detected: [...772] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1141] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...772] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1141] - not-detected: [...825] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1141] [Unknown][Unknown][Unrated] + not-detected: [...825] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1141] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...825] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1141] - not-detected: [..1326] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1145] [Unknown][Unknown][Unrated] + not-detected: [..1326] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1145] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1326] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1145] - not-detected: [..1419] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1145] [Unknown][Unknown][Unrated] + not-detected: [..1419] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1145] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1419] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1145] - not-detected: [..1501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1147] [Unknown][Unknown][Unrated] + not-detected: [..1501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1147] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1147] - not-detected: [..1548] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1147] [Unknown][Unknown][Unrated] + not-detected: [..1548] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1147] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1548] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1147] - not-detected: [...725] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1148] [Unknown][Unknown][Unrated] + not-detected: [...725] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1148] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...725] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1148] - not-detected: [..1747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1149] [Unknown][Unknown][Unrated] + not-detected: [..1747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1149] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1747] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1149] - not-detected: [...780] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1148] [Unknown][Unknown][Unrated] + not-detected: [...780] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1148] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...780] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1148] - not-detected: [..1807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1149] [Unknown][Unknown][Unrated] + not-detected: [..1807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1149] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1807] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1149] - not-detected: [...424] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1151] [Unknown][Unknown][Unrated] + not-detected: [...424] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1151] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...424] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1151] - not-detected: [..1800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1152] [Unknown][Unknown][Unrated] + not-detected: [..1800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1152] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1152] - not-detected: [...442] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1151] [Unknown][Unknown][Unrated] + not-detected: [...442] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1151] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...442] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1151] - not-detected: [..1857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1152] [Unknown][Unknown][Unrated] + not-detected: [..1857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1152] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1152] - not-detected: [...345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1154] [Unknown][Unknown][Unrated] + not-detected: [...345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1154] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1154] - not-detected: [...398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1154] [Unknown][Unknown][Unrated] + not-detected: [...398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1154] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1154] - not-detected: [..1246] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1163] [Unknown][Unknown][Unrated] + not-detected: [..1246] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1246] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1163] - not-detected: [..1314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1163] [Unknown][Unknown][Unrated] + not-detected: [..1314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1314] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1163] - not-detected: [...882] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1164] [Unknown][Unknown][Unrated] + not-detected: [...882] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1164] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...882] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1164] - not-detected: [...973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1164] [Unknown][Unknown][Unrated] + not-detected: [...973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1164] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...973] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1164] - not-detected: [...737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1165] [Unknown][Unknown][Unrated] + not-detected: [...737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1165] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1165] - not-detected: [...818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1165] [Unknown][Unknown][Unrated] + not-detected: [...818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1165] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1165] - not-detected: [...373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1166] [Unknown][Unknown][Unrated] + not-detected: [...373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1166] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...373] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1166] - not-detected: [...411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1166] [Unknown][Unknown][Unrated] + not-detected: [...411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1166] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1166] - not-detected: [...547] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1169] [Unknown][Unknown][Unrated] + not-detected: [...547] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1169] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...547] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1169] - not-detected: [...600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1169] [Unknown][Unknown][Unrated] + not-detected: [...600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1169] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1169] - not-detected: [..1020] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1174] [Unknown][Unknown][Unrated] + not-detected: [..1020] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1174] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1020] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1174] - not-detected: [..1180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1175] [Unknown][Unknown][Unrated] + not-detected: [..1180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1175] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1175] - not-detected: [..1085] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1174] [Unknown][Unknown][Unrated] + not-detected: [..1085] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1174] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1085] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1174] - not-detected: [..1227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1175] [Unknown][Unknown][Unrated] + not-detected: [..1227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1175] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1175] - not-detected: [...252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1183] [Unknown][Unknown][Unrated] + not-detected: [...252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1183] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...252] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1183] - not-detected: [...286] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1183] [Unknown][Unknown][Unrated] + not-detected: [...286] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1183] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...286] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1183] - not-detected: [...566] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1185] [Unknown][Unknown][Unrated] + not-detected: [...566] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1185] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...566] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1185] - not-detected: [...949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1186] [Unknown][Unknown][Unrated] + not-detected: [...949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1186] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...949] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1186] - not-detected: [...654] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1185] [Unknown][Unknown][Unrated] + not-detected: [...654] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1185] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...654] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1185] - not-detected: [..1006] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1186] [Unknown][Unknown][Unrated] + not-detected: [..1006] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1186] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1006] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1186] - not-detected: [...127] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1187] [Unknown][Unknown][Unrated] + not-detected: [...127] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1187] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...127] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1187] - not-detected: [...165] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1187] [Unknown][Unknown][Unrated] + not-detected: [...165] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1187] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...165] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1187] - not-detected: [...874] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1192] [Unknown][Unknown][Unrated] + not-detected: [...874] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1192] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...874] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1192] - not-detected: [...931] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1192] [Unknown][Unknown][Unrated] + not-detected: [...931] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1192] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...931] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1192] - not-detected: [..1782] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1198] [Unknown][Unknown][Unrated] + not-detected: [..1782] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1198] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1782] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1198] - not-detected: [..1875] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1198] [Unknown][Unknown][Unrated] + not-detected: [..1875] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1198] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1875] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1198] - not-detected: [...718] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1199] [Unknown][Unknown][Unrated] + not-detected: [...718] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1199] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...718] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1199] - not-detected: [...787] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1199] [Unknown][Unknown][Unrated] + not-detected: [...787] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1199] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...787] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1199] - not-detected: [...591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1201] [Unknown][Unknown][Unrated] + not-detected: [...591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...591] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1201] - not-detected: [...664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1201] [Unknown][Unknown][Unrated] + not-detected: [...664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...664] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1201] - not-detected: [..1637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1213] [Unknown][Unknown][Unrated] + not-detected: [..1637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1213] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1213] - not-detected: [..1704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1213] [Unknown][Unknown][Unrated] + not-detected: [..1704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1213] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1213] - not-detected: [...573] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1216] [Unknown][Unknown][Unrated] + not-detected: [...573] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1216] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...573] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1216] - not-detected: [..1067] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1217] [Unknown][Unknown][Unrated] + not-detected: [..1067] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1217] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1067] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1217] - not-detected: [...647] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1216] [Unknown][Unknown][Unrated] + not-detected: [...647] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1216] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...647] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1216] - not-detected: [..1130] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1217] [Unknown][Unknown][Unrated] + not-detected: [..1130] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1217] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1130] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1217] - not-detected: [...685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1218] [Unknown][Unknown][Unrated] + not-detected: [...685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1218] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1218] - not-detected: [...762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1218] [Unknown][Unknown][Unrated] + not-detected: [...762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1218] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1218] - not-detected: [....52] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1233] [Unknown][Unknown][Unrated] + not-detected: [....52] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1233] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1233] - not-detected: [..1804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1234] [Unknown][Unknown][Unrated] + not-detected: [..1804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1234] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1234] - not-detected: [....76] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1233] [Unknown][Unknown][Unrated] + not-detected: [....76] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1233] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....76] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1233] - not-detected: [..1853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1234] [Unknown][Unknown][Unrated] + not-detected: [..1853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1234] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1234] - not-detected: [..1823] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1236] [Unknown][Unknown][Unrated] + not-detected: [..1823] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1236] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1823] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1236] - not-detected: [..1883] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1236] [Unknown][Unknown][Unrated] + not-detected: [..1883] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1236] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1883] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1236] - not-detected: [...297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1244] [Unknown][Unknown][Unrated] + not-detected: [...297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1244] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...297] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1244] - not-detected: [...323] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1244] [Unknown][Unknown][Unrated] + not-detected: [...323] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1244] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...323] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1244] - not-detected: [...110] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1247] [Unknown][Unknown][Unrated] + not-detected: [...110] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1247] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...110] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1247] - not-detected: [...568] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1248] [Unknown][Unknown][Unrated] + not-detected: [...568] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1248] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...568] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1248] - not-detected: [...141] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1247] [Unknown][Unknown][Unrated] + not-detected: [...141] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1247] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...141] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1247] - not-detected: [...652] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1248] [Unknown][Unknown][Unrated] + not-detected: [...652] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1248] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...652] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1248] - not-detected: [...510] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1259] [Unknown][Unknown][Unrated] + not-detected: [...510] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1259] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...510] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1259] - not-detected: [...561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1259] [Unknown][Unknown][Unrated] + not-detected: [...561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1259] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1259] - not-detected: [...697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1271] [Unknown][Unknown][Unrated] + not-detected: [...697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1271] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1271] - not-detected: [..1213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1272] [Unknown][Unknown][Unrated] + not-detected: [..1213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1272] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1213] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1272] - not-detected: [...750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1271] [Unknown][Unknown][Unrated] + not-detected: [...750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1271] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1271] - not-detected: [..1285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1272] [Unknown][Unknown][Unrated] + not-detected: [..1285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1272] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1272] - not-detected: [...571] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1277] [Unknown][Unknown][Unrated] + not-detected: [...571] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1277] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...571] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1277] - not-detected: [...649] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1277] [Unknown][Unknown][Unrated] + not-detected: [...649] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1277] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...649] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1277] - not-detected: [..1321] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1287] [Unknown][Unknown][Unrated] + not-detected: [..1321] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1287] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1321] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1287] - not-detected: [..1424] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1287] [Unknown][Unknown][Unrated] + not-detected: [..1424] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1287] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1424] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1287] - not-detected: [...137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1296] [Unknown][Unknown][Unrated] + not-detected: [...137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1296] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...137] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1296] - not-detected: [...155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1296] [Unknown][Unknown][Unrated] + not-detected: [...155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1296] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1296] - not-detected: [....98] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1300] [Unknown][Unknown][Unrated] + not-detected: [....98] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....98] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1300] - not-detected: [...632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1301] [Unknown][Unknown][Unrated] + not-detected: [...632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1301] - not-detected: [...152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1300] [Unknown][Unknown][Unrated] + not-detected: [...152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...152] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1300] - not-detected: [...705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1301] [Unknown][Unknown][Unrated] + not-detected: [...705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1301] - not-detected: [...620] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1309] [Unknown][Unknown][Unrated] + not-detected: [...620] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1309] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...620] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1309] - not-detected: [..1393] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1310] [Unknown][Unknown][Unrated] + not-detected: [..1393] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1310] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1393] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1310] - not-detected: [...677] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1309] [Unknown][Unknown][Unrated] + not-detected: [...677] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1309] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...677] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1309] - not-detected: [..1456] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1310] [Unknown][Unknown][Unrated] + not-detected: [..1456] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1310] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1456] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1310] - not-detected: [...111] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1311] [Unknown][Unknown][Unrated] + not-detected: [...111] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1311] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...111] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1311] - not-detected: [...140] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1311] [Unknown][Unknown][Unrated] + not-detected: [...140] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1311] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...140] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1311] - not-detected: [...543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1322] [Unknown][Unknown][Unrated] + not-detected: [...543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1322] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1322] - not-detected: [...604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1322] [Unknown][Unknown][Unrated] + not-detected: [...604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1322] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...604] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1322] - not-detected: [...372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1328] [Unknown][Unknown][Unrated] + not-detected: [...372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1328] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1328] - not-detected: [...412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1328] [Unknown][Unknown][Unrated] + not-detected: [...412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1328] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...412] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1328] - not-detected: [..1585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1334] [Unknown][Unknown][Unrated] + not-detected: [..1585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1334] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1585] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1334] - not-detected: [..1665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1334] [Unknown][Unknown][Unrated] + not-detected: [..1665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1334] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1334] - guessed: [..1324] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1352] [LotusNotes][Unknown][Collaborative][Acceptable] + guessed: [..1324] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1352] [HCL_Notes][Unknown][Collaborative][Acceptable] RISK: Unidirectional Traffic idle: [..1324] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1352] - guessed: [..1421] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1352] [LotusNotes][Unknown][Collaborative][Acceptable] + guessed: [..1421] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1352] [HCL_Notes][Unknown][Collaborative][Acceptable] RISK: Unidirectional Traffic idle: [..1421] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1352] - not-detected: [....55] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1417] [Unknown][Unknown][Unrated] + not-detected: [....55] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1417] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....55] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1417] - not-detected: [....73] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1417] [Unknown][Unknown][Unrated] + not-detected: [....73] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1417] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....73] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1417] guessed: [...181] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] @@ -4158,22 +4158,22 @@ guessed: [..1880] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1434] [MsSQL-TDS][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [..1880] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1434] - not-detected: [...997] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1443] [Unknown][Unknown][Unrated] + not-detected: [...997] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...997] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1443] - not-detected: [..1050] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1443] [Unknown][Unknown][Unrated] + not-detected: [..1050] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1050] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1443] - not-detected: [...575] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1455] [Unknown][Unknown][Unrated] + not-detected: [...575] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1455] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...575] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1455] - not-detected: [...645] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1455] [Unknown][Unknown][Unrated] + not-detected: [...645] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1455] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...645] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1455] - not-detected: [...432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1461] [Unknown][Unknown][Unrated] + not-detected: [...432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1461] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1461] - not-detected: [...475] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1461] [Unknown][Unknown][Unrated] + not-detected: [...475] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1461] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...475] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1461] guessed: [..1773] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1494] [Citrix][Unknown][Network][Acceptable] @@ -4182,22 +4182,22 @@ guessed: [..1836] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1494] [Citrix][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [..1836] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1494] - not-detected: [..1488] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1500] [Unknown][Unknown][Unrated] + not-detected: [..1488] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1488] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1500] - not-detected: [..1561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1500] [Unknown][Unknown][Unrated] + not-detected: [..1561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1561] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1500] - not-detected: [..1244] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1501] [Unknown][Unknown][Unrated] + not-detected: [..1244] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1501] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1244] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1501] - not-detected: [..1316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1501] [Unknown][Unknown][Unrated] + not-detected: [..1316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1501] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1501] - not-detected: [..1482] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1503] [Unknown][Unknown][Unrated] + not-detected: [..1482] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1503] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1482] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1503] - not-detected: [..1567] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1503] [Unknown][Unknown][Unrated] + not-detected: [..1567] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1503] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1567] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1503] guessed: [...843] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1521] [Oracle][Unknown][Database][Acceptable] @@ -4206,94 +4206,94 @@ guessed: [...904] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1521] [Oracle][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [...904] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1521] - not-detected: [...344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1524] [Unknown][Unknown][Unrated] + not-detected: [...344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1524] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1524] - not-detected: [...399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1524] [Unknown][Unknown][Unrated] + not-detected: [...399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1524] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1524] - not-detected: [..1072] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1533] [Unknown][Unknown][Unrated] + not-detected: [..1072] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1533] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1072] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1533] - not-detected: [..1125] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1533] [Unknown][Unknown][Unrated] + not-detected: [..1125] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1533] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1125] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1533] - not-detected: [..1528] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1556] [Unknown][Unknown][Unrated] + not-detected: [..1528] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1556] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1528] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1556] - not-detected: [..1605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1556] [Unknown][Unknown][Unrated] + not-detected: [..1605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1556] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1556] - not-detected: [..1784] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1580] [Unknown][Unknown][Unrated] + not-detected: [..1784] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1784] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1580] - not-detected: [..1873] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1580] [Unknown][Unknown][Unrated] + not-detected: [..1873] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1873] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1580] - not-detected: [...190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1583] [Unknown][Unknown][Unrated] + not-detected: [...190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1583] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1583] - not-detected: [...225] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1583] [Unknown][Unknown][Unrated] + not-detected: [...225] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1583] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...225] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1583] - not-detected: [....95] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1594] [Unknown][Unknown][Unrated] + not-detected: [....95] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1594] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....95] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1594] - not-detected: [...114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1594] [Unknown][Unknown][Unrated] + not-detected: [...114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1594] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1594] - not-detected: [...873] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1600] [Unknown][Unknown][Unrated] + not-detected: [...873] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...873] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1600] - not-detected: [...932] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1600] [Unknown][Unknown][Unrated] + not-detected: [...932] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...932] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1600] - not-detected: [...186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1641] [Unknown][Unknown][Unrated] + not-detected: [...186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1641] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...186] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1641] - not-detected: [...229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1641] [Unknown][Unknown][Unrated] + not-detected: [...229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1641] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...229] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1641] - not-detected: [...724] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1658] [Unknown][Unknown][Unrated] + not-detected: [...724] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1658] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...724] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1658] - not-detected: [...781] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1658] [Unknown][Unknown][Unrated] + not-detected: [...781] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1658] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...781] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1658] - not-detected: [...384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1666] [Unknown][Unknown][Unrated] + not-detected: [...384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...384] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1666] - not-detected: [...400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1666] [Unknown][Unknown][Unrated] + not-detected: [...400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1666] - not-detected: [....51] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1687] [Unknown][Unknown][Unrated] + not-detected: [....51] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1687] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....51] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1687] - not-detected: [...440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1688] [Unknown][Unknown][Unrated] + not-detected: [...440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1688] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1688] - not-detected: [....77] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1687] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1687] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....77] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1687] - not-detected: [...467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1688] [Unknown][Unknown][Unrated] + not-detected: [...467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1688] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...467] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1688] - not-detected: [..1296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1700] [Unknown][Unknown][Unrated] + not-detected: [..1296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1700] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1296] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1700] - not-detected: [..1354] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1700] [Unknown][Unknown][Unrated] + not-detected: [..1354] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1700] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1354] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1700] - not-detected: [..1221] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1717] [Unknown][Unknown][Unrated] + not-detected: [..1221] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1717] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1221] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1717] - not-detected: [..1277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1717] [Unknown][Unknown][Unrated] + not-detected: [..1277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1717] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1277] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1717] - not-detected: [...721] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1718] [Unknown][Unknown][Unrated] + not-detected: [...721] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...721] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1718] - not-detected: [...784] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1718] [Unknown][Unknown][Unrated] + not-detected: [...784] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...784] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1718] guessed: [...537] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1719] [H323][Unknown][VoIP][Acceptable] @@ -4305,73 +4305,73 @@ guessed: [....34] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1720] [H323][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [....34] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1720] - not-detected: [...719] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1721] [Unknown][Unknown][Unrated] + not-detected: [...719] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1721] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...719] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1721] guessed: [....65] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1720] [H323][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [....65] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1720] - not-detected: [...786] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1721] [Unknown][Unknown][Unrated] + not-detected: [...786] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1721] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...786] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1721] - not-detected: [....30] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1723] [Unknown][Unknown][Unrated] + not-detected: [....30] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1723] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....30] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1723] - not-detected: [....69] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1723] [Unknown][Unknown][Unrated] + not-detected: [....69] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1723] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....69] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1723] - not-detected: [..1626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1755] [Unknown][Unknown][Unrated] + not-detected: [..1626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1755] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1755] - not-detected: [..1715] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1755] [Unknown][Unknown][Unrated] + not-detected: [..1715] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1755] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1715] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1755] - not-detected: [...545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1761] [Unknown][Unknown][Unrated] + not-detected: [...545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1761] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1761] - not-detected: [...602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1761] [Unknown][Unknown][Unrated] + not-detected: [...602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1761] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1761] - not-detected: [..1104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1782] [Unknown][Unknown][Unrated] + not-detected: [..1104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1104] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1782] - not-detected: [..1151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1782] [Unknown][Unknown][Unrated] + not-detected: [..1151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1782] - not-detected: [..1014] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1783] [Unknown][Unknown][Unrated] + not-detected: [..1014] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1014] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1783] - not-detected: [..1091] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1783] [Unknown][Unknown][Unrated] + not-detected: [..1091] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1091] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1783] - not-detected: [..1841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1801] [Unknown][Unknown][Unrated] + not-detected: [..1841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1841] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1801] - not-detected: [..1920] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1801] [Unknown][Unknown][Unrated] + not-detected: [..1920] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1920] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1801] - not-detected: [...885] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34571] [Unknown][Unknown][Unrated] + not-detected: [...885] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34571] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...885] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34571] - not-detected: [...970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34571] [Unknown][Unknown][Unrated] + not-detected: [...970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34571] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34571] - not-detected: [...590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34572] [Unknown][Unknown][Unrated] + not-detected: [...590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34572] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...590] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34572] - not-detected: [..1046] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34573] [Unknown][Unknown][Unrated] + not-detected: [..1046] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34573] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1046] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][34573] - not-detected: [...665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34572] [Unknown][Unknown][Unrated] + not-detected: [...665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34572] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...665] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34572] - not-detected: [...453] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1805] [Unknown][Unknown][Unrated] + not-detected: [...453] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1805] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...453] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1805] - not-detected: [..1109] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34573] [Unknown][Unknown][Unrated] + not-detected: [..1109] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34573] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1109] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][34573] - not-detected: [...495] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1805] [Unknown][Unknown][Unrated] + not-detected: [...495] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1805] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...495] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1805] guessed: [..1940] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1812] [Radius][Unknown][Network][Acceptable] @@ -4380,52 +4380,52 @@ guessed: [..1982] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [..1982] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1812] - not-detected: [...728] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1839] [Unknown][Unknown][Unrated] + not-detected: [...728] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1839] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...728] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1839] - not-detected: [...777] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1839] [Unknown][Unknown][Unrated] + not-detected: [...777] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1839] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...777] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1839] - not-detected: [...269] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1840] [Unknown][Unknown][Unrated] + not-detected: [...269] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1840] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...269] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1840] - not-detected: [...310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1840] [Unknown][Unknown][Unrated] + not-detected: [...310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1840] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1840] - not-detected: [...500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1862] [Unknown][Unknown][Unrated] + not-detected: [...500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1862] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...500] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1862] - not-detected: [..1936] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1863] [Unknown][Unknown][Unrated] + not-detected: [..1936] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1863] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1936] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1863] - not-detected: [...531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1862] [Unknown][Unknown][Unrated] + not-detected: [...531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1862] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1862] - not-detected: [..1986] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1863] [Unknown][Unknown][Unrated] + not-detected: [..1986] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1863] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1986] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1863] - not-detected: [...865] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1864] [Unknown][Unknown][Unrated] + not-detected: [...865] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1864] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...865] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1864] - not-detected: [...940] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1864] [Unknown][Unknown][Unrated] + not-detected: [...940] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1864] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...940] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1864] - not-detected: [...717] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1875] [Unknown][Unknown][Unrated] + not-detected: [...717] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1875] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...717] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1875] - not-detected: [...788] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1875] [Unknown][Unknown][Unrated] + not-detected: [...788] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1875] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...788] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1875] - not-detected: [...992] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1900] [Unknown][Unknown][Unrated] + not-detected: [...992] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...992] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1900] - not-detected: [..1055] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1900] [Unknown][Unknown][Unrated] + not-detected: [..1055] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1055] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1900] - not-detected: [...847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1914] [Unknown][Unknown][Unrated] + not-detected: [...847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1914] - not-detected: [...900] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1914] [Unknown][Unknown][Unrated] + not-detected: [...900] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...900] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1914] guessed: [..1547] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1935] [RTMP][Unknown][Media][Acceptable] @@ -4434,478 +4434,478 @@ guessed: [..1606] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1935] [RTMP][Unknown][Media][Acceptable] RISK: Unidirectional Traffic idle: [..1606] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1935] - not-detected: [..1474] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1947] [Unknown][Unknown][Unrated] + not-detected: [..1474] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1947] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1474] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1947] - not-detected: [..1575] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1947] [Unknown][Unknown][Unrated] + not-detected: [..1575] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1947] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1575] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1947] - not-detected: [..1164] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1971] [Unknown][Unknown][Unrated] + not-detected: [..1164] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1971] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1164] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1971] - not-detected: [..1250] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1972] [Unknown][Unknown][Unrated] + not-detected: [..1250] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1972] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1250] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1972] - not-detected: [..1243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1971] [Unknown][Unknown][Unrated] + not-detected: [..1243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1971] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1243] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1971] - not-detected: [..1310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1972] [Unknown][Unknown][Unrated] + not-detected: [..1310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1972] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1310] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1972] - not-detected: [...880] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1974] [Unknown][Unknown][Unrated] + not-detected: [...880] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1974] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...880] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1974] - not-detected: [...925] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1974] [Unknown][Unknown][Unrated] + not-detected: [...925] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1974] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...925] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1974] - not-detected: [..1892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1984] [Unknown][Unknown][Unrated] + not-detected: [..1892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1984] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1892] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1984] - not-detected: [..1960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1984] [Unknown][Unknown][Unrated] + not-detected: [..1960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1984] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1984] - not-detected: [..1319] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1998] [Unknown][Unknown][Unrated] + not-detected: [..1319] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1319] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1998] - not-detected: [..1378] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1998] [Unknown][Unknown][Unrated] + not-detected: [..1378] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1378] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1998] - not-detected: [...764] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1999] [Unknown][Unknown][Unrated] + not-detected: [...764] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...764] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.1999] guessed: [..1631] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2000] [CiscoSkinny][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [..1631] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2000] - not-detected: [...833] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1999] [Unknown][Unknown][Unrated] + not-detected: [...833] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...833] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.1999] guessed: [..1710] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2000] [CiscoSkinny][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [..1710] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2000] - not-detected: [...355] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2001] [Unknown][Unknown][Unrated] + not-detected: [...355] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...355] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2001] guessed: [..1496] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2002] [Roughtime][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [..1496] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2002] - not-detected: [...388] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2001] [Unknown][Unknown][Unrated] + not-detected: [...388] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...388] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2001] guessed: [..1553] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2002] [Roughtime][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [..1553] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2002] - not-detected: [..1185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2003] [Unknown][Unknown][Unrated] + not-detected: [..1185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1185] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2003] - not-detected: [..1271] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2003] [Unknown][Unknown][Unrated] + not-detected: [..1271] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1271] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2003] - not-detected: [...893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2004] [Unknown][Unknown][Unrated] + not-detected: [...893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2004] - not-detected: [...962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2004] [Unknown][Unknown][Unrated] + not-detected: [...962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2004] - not-detected: [...101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2005] [Unknown][Unknown][Unrated] + not-detected: [...101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...101] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2005] - not-detected: [..1693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2006] [Unknown][Unknown][Unrated] + not-detected: [..1693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1693] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2006] - not-detected: [...149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2005] [Unknown][Unknown][Unrated] + not-detected: [...149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...149] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2005] - not-detected: [..1764] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2006] [Unknown][Unknown][Unrated] + not-detected: [..1764] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1764] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2006] - not-detected: [..1432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2007] [Unknown][Unknown][Unrated] + not-detected: [..1432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1432] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2007] - not-detected: [..1822] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2008] [Unknown][Unknown][Unrated] + not-detected: [..1822] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2008] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1822] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2008] - not-detected: [..1514] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2007] [Unknown][Unknown][Unrated] + not-detected: [..1514] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1514] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2007] - not-detected: [..1884] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2008] [Unknown][Unknown][Unrated] + not-detected: [..1884] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2008] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1884] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2008] - not-detected: [...951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2009] [Unknown][Unknown][Unrated] + not-detected: [...951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2009] - not-detected: [..1677] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2010] [Unknown][Unknown][Unrated] + not-detected: [..1677] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1677] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2010] - not-detected: [..1004] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2009] [Unknown][Unknown][Unrated] + not-detected: [..1004] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1004] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2009] - not-detected: [..1750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2010] [Unknown][Unknown][Unrated] + not-detected: [..1750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1750] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2010] - not-detected: [...515] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2013] [Unknown][Unknown][Unrated] + not-detected: [...515] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2013] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...515] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2013] - not-detected: [...556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2013] [Unknown][Unknown][Unrated] + not-detected: [...556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2013] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...556] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2013] - not-detected: [...340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2020] [Unknown][Unknown][Unrated] + not-detected: [...340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2020] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2020] - not-detected: [..1376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2021] [Unknown][Unknown][Unrated] + not-detected: [..1376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1376] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2021] - not-detected: [...362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2020] [Unknown][Unknown][Unrated] + not-detected: [...362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2020] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2020] - not-detected: [..1453] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2021] [Unknown][Unknown][Unrated] + not-detected: [..1453] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1453] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2021] - not-detected: [...741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2022] [Unknown][Unknown][Unrated] + not-detected: [...741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2022] - not-detected: [...814] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2022] [Unknown][Unknown][Unrated] + not-detected: [...814] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...814] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2022] - not-detected: [....53] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2030] [Unknown][Unknown][Unrated] + not-detected: [....53] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....53] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2030] - not-detected: [....75] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2030] [Unknown][Unknown][Unrated] + not-detected: [....75] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....75] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2030] - not-detected: [..1888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2033] [Unknown][Unknown][Unrated] + not-detected: [..1888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2033] - not-detected: [..1964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2033] [Unknown][Unknown][Unrated] + not-detected: [..1964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1964] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2033] - not-detected: [..1945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2034] [Unknown][Unknown][Unrated] + not-detected: [..1945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2034] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1945] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2034] - not-detected: [..1977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2034] [Unknown][Unknown][Unrated] + not-detected: [..1977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2034] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2034] - not-detected: [..1031] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2035] [Unknown][Unknown][Unrated] + not-detected: [..1031] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2035] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1031] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2035] - not-detected: [..1074] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2035] [Unknown][Unknown][Unrated] + not-detected: [..1074] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2035] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1074] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2035] - not-detected: [....86] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2038] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....86] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2038] - not-detected: [...123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2038] [Unknown][Unknown][Unrated] + not-detected: [...123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2038] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...123] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2038] - not-detected: [..1785] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2040] [Unknown][Unknown][Unrated] + not-detected: [..1785] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1785] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2040] - not-detected: [..1872] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2040] [Unknown][Unknown][Unrated] + not-detected: [..1872] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1872] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2040] - not-detected: [..1258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2041] [Unknown][Unknown][Unrated] + not-detected: [..1258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2041] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2041] - not-detected: [..1302] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2041] [Unknown][Unknown][Unrated] + not-detected: [..1302] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2041] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1302] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2041] - not-detected: [..1140] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2042] [Unknown][Unknown][Unrated] + not-detected: [..1140] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1140] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2042] - not-detected: [..1545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2043] [Unknown][Unknown][Unrated] + not-detected: [..1545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2043] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1545] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2043] - not-detected: [..1207] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2042] [Unknown][Unknown][Unrated] + not-detected: [..1207] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1207] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2042] - not-detected: [..1608] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2043] [Unknown][Unknown][Unrated] + not-detected: [..1608] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2043] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1608] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2043] - not-detected: [..1779] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2045] [Unknown][Unknown][Unrated] + not-detected: [..1779] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1779] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2045] - not-detected: [..1878] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2045] [Unknown][Unknown][Unrated] + not-detected: [..1878] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1878] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2045] - not-detected: [...350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2046] [Unknown][Unknown][Unrated] + not-detected: [...350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2046] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2046] - not-detected: [...587] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2047] [Unknown][Unknown][Unrated] + not-detected: [...587] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2047] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...587] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2047] - not-detected: [...393] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2046] [Unknown][Unknown][Unrated] + not-detected: [...393] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2046] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...393] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2046] - not-detected: [...668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2047] [Unknown][Unknown][Unrated] + not-detected: [...668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2047] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...668] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2047] - not-detected: [...637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2048] [Unknown][Unknown][Unrated] + not-detected: [...637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2048] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...637] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2048] guessed: [..1825] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2049] [NFS][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1825] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2049] - not-detected: [...700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2048] [Unknown][Unknown][Unrated] + not-detected: [...700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2048] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2048] guessed: [..1906] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2049] [NFS][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1906] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2049] - not-detected: [..1833] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2065] [Unknown][Unknown][Unrated] + not-detected: [..1833] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2065] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1833] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2065] - not-detected: [..1908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2065] [Unknown][Unknown][Unrated] + not-detected: [..1908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2065] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2065] - not-detected: [..1647] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2068] [Unknown][Unknown][Unrated] + not-detected: [..1647] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2068] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1647] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2068] - not-detected: [..1724] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2068] [Unknown][Unknown][Unrated] + not-detected: [..1724] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2068] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1724] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2068] - not-detected: [...217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2099] [Unknown][Unknown][Unrated] + not-detected: [...217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2099] - not-detected: [...844] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2100] [Unknown][Unknown][Unrated] + not-detected: [...844] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...844] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2100] - not-detected: [...239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2099] [Unknown][Unknown][Unrated] + not-detected: [...239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2099] - not-detected: [...903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2100] [Unknown][Unknown][Unrated] + not-detected: [...903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...903] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2100] - not-detected: [..1931] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2103] [Unknown][Unknown][Unrated] + not-detected: [..1931] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1931] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2103] - not-detected: [..1991] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2103] [Unknown][Unknown][Unrated] + not-detected: [..1991] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1991] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2103] - not-detected: [..1636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2105] [Unknown][Unknown][Unrated] + not-detected: [..1636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2105] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1636] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2105] - not-detected: [..1705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2105] [Unknown][Unknown][Unrated] + not-detected: [..1705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2105] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1705] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2105] - not-detected: [...176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2106] [Unknown][Unknown][Unrated] + not-detected: [...176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2106] - not-detected: [...730] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2107] [Unknown][Unknown][Unrated] + not-detected: [...730] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2107] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...730] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2107] - not-detected: [...198] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2106] [Unknown][Unknown][Unrated] + not-detected: [...198] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...198] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2106] - not-detected: [...775] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2107] [Unknown][Unknown][Unrated] + not-detected: [...775] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2107] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...775] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2107] - not-detected: [..1486] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2111] [Unknown][Unknown][Unrated] + not-detected: [..1486] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1486] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2111] - not-detected: [..1563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2111] [Unknown][Unknown][Unrated] + not-detected: [..1563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1563] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2111] - not-detected: [..1148] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2119] [Unknown][Unknown][Unrated] + not-detected: [..1148] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2119] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1148] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2119] - not-detected: [..1199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2119] [Unknown][Unknown][Unrated] + not-detected: [..1199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2119] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1199] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2119] - not-detected: [...595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2121] [Unknown][Unknown][Unrated] + not-detected: [...595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2121] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2121] - not-detected: [...660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2121] [Unknown][Unknown][Unrated] + not-detected: [...660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2121] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...660] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2121] - not-detected: [...572] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2126] [Unknown][Unknown][Unrated] + not-detected: [...572] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...572] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2126] - not-detected: [...648] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2126] [Unknown][Unknown][Unrated] + not-detected: [...648] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...648] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2126] - not-detected: [..1369] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2135] [Unknown][Unknown][Unrated] + not-detected: [..1369] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2135] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1369] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2135] - not-detected: [..1450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2135] [Unknown][Unknown][Unrated] + not-detected: [..1450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2135] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2135] - not-detected: [..1143] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2144] [Unknown][Unknown][Unrated] + not-detected: [..1143] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1143] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2144] - not-detected: [..1204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2144] [Unknown][Unknown][Unrated] + not-detected: [..1204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2144] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1204] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2144] - not-detected: [..1792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2160] [Unknown][Unknown][Unrated] + not-detected: [..1792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2160] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1792] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2160] - not-detected: [..1865] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2160] [Unknown][Unknown][Unrated] + not-detected: [..1865] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2160] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1865] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2160] - not-detected: [...465] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2161] [Unknown][Unknown][Unrated] + not-detected: [...465] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...465] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2161] - not-detected: [...483] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2161] [Unknown][Unknown][Unrated] + not-detected: [...483] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...483] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2161] - not-detected: [..1034] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2170] [Unknown][Unknown][Unrated] + not-detected: [..1034] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2170] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1034] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2170] - not-detected: [..1121] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2170] [Unknown][Unknown][Unrated] + not-detected: [..1121] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2170] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1121] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2170] - not-detected: [..1286] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2179] [Unknown][Unknown][Unrated] + not-detected: [..1286] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2179] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1286] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2179] - not-detected: [..1364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2179] [Unknown][Unknown][Unrated] + not-detected: [..1364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2179] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2179] guessed: [...193] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2190] [TiVoConnect][Unknown][Network][Fun] RISK: Unidirectional Traffic idle: [...193] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2190] - not-detected: [..1327] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2191] [Unknown][Unknown][Unrated] + not-detected: [..1327] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2191] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1327] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2191] guessed: [...222] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2190] [TiVoConnect][Unknown][Network][Fun] RISK: Unidirectional Traffic idle: [...222] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2190] - not-detected: [..1418] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2191] [Unknown][Unknown][Unrated] + not-detected: [..1418] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2191] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1418] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2191] - not-detected: [...594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2196] [Unknown][Unknown][Unrated] + not-detected: [...594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2196] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...594] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2196] - not-detected: [...661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2196] [Unknown][Unknown][Unrated] + not-detected: [...661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2196] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2196] - not-detected: [...506] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2200] [Unknown][Unknown][Unrated] + not-detected: [...506] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...506] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2200] - not-detected: [...525] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2200] [Unknown][Unknown][Unrated] + not-detected: [...525] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...525] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2200] - not-detected: [....49] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2222] [Unknown][Unknown][Unrated] + not-detected: [....49] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....49] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2222] - not-detected: [....79] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2222] [Unknown][Unknown][Unrated] + not-detected: [....79] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....79] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2222] - not-detected: [..1851] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2251] [Unknown][Unknown][Unrated] + not-detected: [..1851] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2251] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1851] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2251] - not-detected: [..1910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2251] [Unknown][Unknown][Unrated] + not-detected: [..1910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2251] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1910] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2251] - not-detected: [...431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2260] [Unknown][Unknown][Unrated] + not-detected: [...431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2260] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2260] - not-detected: [...476] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2260] [Unknown][Unknown][Unrated] + not-detected: [...476] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2260] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...476] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2260] - not-detected: [...536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2288] [Unknown][Unknown][Unrated] + not-detected: [...536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2288] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2288] - not-detected: [...611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2288] [Unknown][Unknown][Unrated] + not-detected: [...611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2288] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2288] - not-detected: [...921] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2301] [Unknown][Unknown][Unrated] + not-detected: [...921] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...921] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2301] - not-detected: [...976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2301] [Unknown][Unknown][Unrated] + not-detected: [...976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2301] - not-detected: [..1543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2323] [Unknown][Unknown][Unrated] + not-detected: [..1543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2323] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1543] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2323] - not-detected: [..1610] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2323] [Unknown][Unknown][Unrated] + not-detected: [..1610] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2323] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1610] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2323] - not-detected: [..1795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2366] [Unknown][Unknown][Unrated] + not-detected: [..1795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2366] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2366] - not-detected: [..1862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2366] [Unknown][Unknown][Unrated] + not-detected: [..1862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2366] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2366] - not-detected: [..1016] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2381] [Unknown][Unknown][Unrated] + not-detected: [..1016] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2381] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1016] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2381] - not-detected: [..1089] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2381] [Unknown][Unknown][Unrated] + not-detected: [..1089] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2381] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1089] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2381] - not-detected: [...295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2382] [Unknown][Unknown][Unrated] + not-detected: [...295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2382] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...295] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2382] - not-detected: [...740] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2383] [Unknown][Unknown][Unrated] + not-detected: [...740] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2383] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...740] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2383] - not-detected: [...325] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2382] [Unknown][Unknown][Unrated] + not-detected: [...325] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2382] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...325] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2382] - not-detected: [...815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2383] [Unknown][Unknown][Unrated] + not-detected: [...815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2383] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2383] - not-detected: [...417] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2393] [Unknown][Unknown][Unrated] + not-detected: [...417] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2393] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...417] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2393] - not-detected: [..1291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2394] [Unknown][Unknown][Unrated] + not-detected: [..1291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2394] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2394] - not-detected: [...449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2393] [Unknown][Unknown][Unrated] + not-detected: [...449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2393] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2393] - not-detected: [..1359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2394] [Unknown][Unknown][Unrated] + not-detected: [..1359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2394] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2394] - not-detected: [..1038] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2399] [Unknown][Unknown][Unrated] + not-detected: [..1038] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2399] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1038] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2399] - not-detected: [..1117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2399] [Unknown][Unknown][Unrated] + not-detected: [..1117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2399] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2399] - not-detected: [..1937] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2401] [Unknown][Unknown][Unrated] + not-detected: [..1937] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2401] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1937] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2401] - not-detected: [..1985] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2401] [Unknown][Unknown][Unrated] + not-detected: [..1985] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2401] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1985] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2401] - not-detected: [..1435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2492] [Unknown][Unknown][Unrated] + not-detected: [..1435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2492] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2492] - not-detected: [..1511] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2492] [Unknown][Unknown][Unrated] + not-detected: [..1511] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2492] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1511] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2492] - not-detected: [..1491] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2500] [Unknown][Unknown][Unrated] + not-detected: [..1491] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1491] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2500] - not-detected: [..1558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2500] [Unknown][Unknown][Unrated] + not-detected: [..1558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2500] - not-detected: [...349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2522] [Unknown][Unknown][Unrated] + not-detected: [...349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2522] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...349] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2522] - not-detected: [...394] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2522] [Unknown][Unknown][Unrated] + not-detected: [...394] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2522] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...394] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2522] - not-detected: [...267] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2525] [Unknown][Unknown][Unrated] + not-detected: [...267] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2525] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...267] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2525] - not-detected: [...312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2525] [Unknown][Unknown][Unrated] + not-detected: [...312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2525] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...312] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2525] - not-detected: [..1367] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2557] [Unknown][Unknown][Unrated] + not-detected: [..1367] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2557] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1367] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2557] - not-detected: [..1427] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2557] [Unknown][Unknown][Unrated] + not-detected: [..1427] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2557] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1427] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2557] - not-detected: [...895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2601] [Unknown][Unknown][Unrated] + not-detected: [...895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2601] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...895] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2601] - not-detected: [..1245] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2602] [Unknown][Unknown][Unrated] + not-detected: [..1245] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2602] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1245] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2602] - not-detected: [...960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2601] [Unknown][Unknown][Unrated] + not-detected: [...960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2601] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...960] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2601] - not-detected: [..1315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2602] [Unknown][Unknown][Unrated] + not-detected: [..1315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2602] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2602] guessed: [...989] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2604] [OSPF][Unknown][Network][Acceptable] @@ -4920,220 +4920,220 @@ guessed: [....83] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2605] [BGP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2605] - not-detected: [..1840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2607] [Unknown][Unknown][Unrated] + not-detected: [..1840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2607] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2607] - not-detected: [..1921] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2607] [Unknown][Unknown][Unrated] + not-detected: [..1921] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2607] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1921] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2607] - not-detected: [..1293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2608] [Unknown][Unknown][Unrated] + not-detected: [..1293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2608] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1293] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2608] - not-detected: [..1357] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2608] [Unknown][Unknown][Unrated] + not-detected: [..1357] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2608] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1357] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2608] - not-detected: [..1622] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2638] [Unknown][Unknown][Unrated] + not-detected: [..1622] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2638] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1622] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2638] - not-detected: [..1683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2638] [Unknown][Unknown][Unrated] + not-detected: [..1683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2638] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2638] - not-detected: [....99] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2701] [Unknown][Unknown][Unrated] + not-detected: [....99] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2701] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....99] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2701] - not-detected: [..1048] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2702] [Unknown][Unknown][Unrated] + not-detected: [..1048] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2702] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1048] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2702] - not-detected: [...151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2701] [Unknown][Unknown][Unrated] + not-detected: [...151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2701] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...151] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2701] - not-detected: [..1107] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2702] [Unknown][Unknown][Unrated] + not-detected: [..1107] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2702] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1107] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2702] - not-detected: [..1436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2710] [Unknown][Unknown][Unrated] + not-detected: [..1436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2710] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1436] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2710] - not-detected: [..1510] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2710] [Unknown][Unknown][Unrated] + not-detected: [..1510] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2710] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1510] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2710] - not-detected: [...732] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2717] [Unknown][Unknown][Unrated] + not-detected: [...732] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2717] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...732] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2717] - not-detected: [..1942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2718] [Unknown][Unknown][Unrated] + not-detected: [..1942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2718] - not-detected: [...823] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2717] [Unknown][Unknown][Unrated] + not-detected: [...823] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2717] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...823] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2717] - not-detected: [..1980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2718] [Unknown][Unknown][Unrated] + not-detected: [..1980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2718] - not-detected: [..1897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2725] [Unknown][Unknown][Unrated] + not-detected: [..1897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2725] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2725] - not-detected: [..1955] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2725] [Unknown][Unknown][Unrated] + not-detected: [..1955] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2725] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1955] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2725] - not-detected: [...512] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][35500] [Unknown][Unknown][Unrated] + not-detected: [...512] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][35500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...512] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][35500] - not-detected: [...559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][35500] [Unknown][Unknown][Unrated] + not-detected: [...559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][35500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...559] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][35500] - not-detected: [...460] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2800] [Unknown][Unknown][Unrated] + not-detected: [...460] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...460] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2800] - not-detected: [...488] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2800] [Unknown][Unknown][Unrated] + not-detected: [...488] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...488] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2800] - not-detected: [..1370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2809] [Unknown][Unknown][Unrated] + not-detected: [..1370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2809] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2809] - not-detected: [..1449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2809] [Unknown][Unknown][Unrated] + not-detected: [..1449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2809] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1449] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2809] - not-detected: [...352] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2811] [Unknown][Unknown][Unrated] + not-detected: [...352] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2811] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...352] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2811] - not-detected: [...391] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2811] [Unknown][Unknown][Unrated] + not-detected: [...391] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2811] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...391] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2811] - not-detected: [...179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2869] [Unknown][Unknown][Unrated] + not-detected: [...179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2869] - not-detected: [...195] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2869] [Unknown][Unknown][Unrated] + not-detected: [...195] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...195] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2869] - not-detected: [..1526] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2875] [Unknown][Unknown][Unrated] + not-detected: [..1526] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2875] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1526] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2875] - not-detected: [..1597] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2875] [Unknown][Unknown][Unrated] + not-detected: [..1597] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2875] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1597] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2875] - not-detected: [...416] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2909] [Unknown][Unknown][Unrated] + not-detected: [...416] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2909] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...416] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2909] - not-detected: [..1680] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2910] [Unknown][Unknown][Unrated] + not-detected: [..1680] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1680] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2910] - not-detected: [...450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2909] [Unknown][Unknown][Unrated] + not-detected: [...450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2909] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...450] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2909] - not-detected: [..1757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2910] [Unknown][Unknown][Unrated] + not-detected: [..1757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1757] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2910] - not-detected: [..1837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2920] [Unknown][Unknown][Unrated] + not-detected: [..1837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1837] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2920] - not-detected: [..1924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2920] [Unknown][Unknown][Unrated] + not-detected: [..1924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2920] - not-detected: [...840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2967] [Unknown][Unknown][Unrated] + not-detected: [...840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2967] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...840] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2967] - not-detected: [...907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2967] [Unknown][Unknown][Unrated] + not-detected: [...907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2967] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...907] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2967] - not-detected: [...415] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2968] [Unknown][Unknown][Unrated] + not-detected: [...415] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2968] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...415] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2968] - not-detected: [...451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2968] [Unknown][Unknown][Unrated] + not-detected: [...451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2968] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...451] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2968] - not-detected: [...586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2998] [Unknown][Unknown][Unrated] + not-detected: [...586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...586] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.2998] - not-detected: [...669] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2998] [Unknown][Unknown][Unrated] + not-detected: [...669] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...669] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.2998] - not-detected: [...433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3000] [Unknown][Unknown][Unrated] + not-detected: [...433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3000] - not-detected: [...474] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3000] [Unknown][Unknown][Unrated] + not-detected: [...474] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...474] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3000] - not-detected: [...192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3001] [Unknown][Unknown][Unrated] + not-detected: [...192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...192] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3001] - not-detected: [...223] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3001] [Unknown][Unknown][Unrated] + not-detected: [...223] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...223] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3001] - not-detected: [..1688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3003] [Unknown][Unknown][Unrated] + not-detected: [..1688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3003] - not-detected: [..1769] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3003] [Unknown][Unknown][Unrated] + not-detected: [..1769] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1769] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3003] - not-detected: [..1696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3005] [Unknown][Unknown][Unrated] + not-detected: [..1696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3005] - not-detected: [..1761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3005] [Unknown][Unknown][Unrated] + not-detected: [..1761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3005] - not-detected: [...806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3006] [Unknown][Unknown][Unrated] + not-detected: [...806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3006] - not-detected: [...869] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3007] [Unknown][Unknown][Unrated] + not-detected: [...869] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...869] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3007] - not-detected: [...849] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3006] [Unknown][Unknown][Unrated] + not-detected: [...849] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...849] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3006] - not-detected: [...936] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3007] [Unknown][Unknown][Unrated] + not-detected: [...936] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...936] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3007] - not-detected: [..1689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3011] [Unknown][Unknown][Unrated] + not-detected: [..1689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1689] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3011] - not-detected: [..1768] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3011] [Unknown][Unknown][Unrated] + not-detected: [..1768] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1768] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3011] - not-detected: [..1849] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3013] [Unknown][Unknown][Unrated] + not-detected: [..1849] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3013] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1849] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3013] - not-detected: [..1912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3013] [Unknown][Unknown][Unrated] + not-detected: [..1912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3013] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3013] - not-detected: [...273] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3017] [Unknown][Unknown][Unrated] + not-detected: [...273] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3017] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...273] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3017] - not-detected: [...306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3017] [Unknown][Unknown][Unrated] + not-detected: [...306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3017] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3017] - not-detected: [...635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3030] [Unknown][Unknown][Unrated] + not-detected: [...635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3030] - not-detected: [..1938] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3031] [Unknown][Unknown][Unrated] + not-detected: [..1938] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1938] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3031] - not-detected: [...702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3030] [Unknown][Unknown][Unrated] + not-detected: [...702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...702] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3030] - not-detected: [..1984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3031] [Unknown][Unknown][Unrated] + not-detected: [..1984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3031] - not-detected: [....58] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3050] [Unknown][Unknown][Unrated] + not-detected: [....58] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....58] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3050] - not-detected: [....70] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3050] [Unknown][Unknown][Unrated] + not-detected: [....70] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....70] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3050] - not-detected: [...298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3052] [Unknown][Unknown][Unrated] + not-detected: [...298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3052] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3052] - not-detected: [...322] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3052] [Unknown][Unknown][Unrated] + not-detected: [...322] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3052] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...322] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3052] - not-detected: [...211] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3071] [Unknown][Unknown][Unrated] + not-detected: [...211] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...211] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3071] - not-detected: [...245] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3071] [Unknown][Unknown][Unrated] + not-detected: [...245] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...245] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3071] - not-detected: [...126] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3077] [Unknown][Unknown][Unrated] + not-detected: [...126] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3077] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...126] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3077] - not-detected: [...166] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3077] [Unknown][Unknown][Unrated] + not-detected: [...166] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3077] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...166] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3077] guessed: [..1831] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3128] [HTTP_Proxy][Unknown][Web][Acceptable][] @@ -5142,52 +5142,52 @@ guessed: [..1900] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3128] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [..1900] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3128] - not-detected: [...805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3168] [Unknown][Unknown][Unrated] + not-detected: [...805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3168] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3168] - not-detected: [...850] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3168] [Unknown][Unknown][Unrated] + not-detected: [...850] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3168] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...850] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3168] - not-detected: [..1673] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3211] [Unknown][Unknown][Unrated] + not-detected: [..1673] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3211] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1673] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3211] - not-detected: [..1754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3211] [Unknown][Unknown][Unrated] + not-detected: [..1754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3211] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1754] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3211] - not-detected: [..1366] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3221] [Unknown][Unknown][Unrated] + not-detected: [..1366] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1366] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3221] - not-detected: [..1428] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3221] [Unknown][Unknown][Unrated] + not-detected: [..1428] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1428] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3221] - not-detected: [..1181] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3260] [Unknown][Unknown][Unrated] + not-detected: [..1181] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3260] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1181] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3260] - not-detected: [..1952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3261] [Unknown][Unknown][Unrated] + not-detected: [..1952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3261] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1952] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3261] - not-detected: [..1226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3260] [Unknown][Unknown][Unrated] + not-detected: [..1226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3260] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1226] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3260] - not-detected: [..1970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3261] [Unknown][Unknown][Unrated] + not-detected: [..1970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3261] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1970] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3261] - not-detected: [..1948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3268] [Unknown][Unknown][Unrated] + not-detected: [..1948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3268] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1948] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3268] - not-detected: [..1974] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3268] [Unknown][Unknown][Unrated] + not-detected: [..1974] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3268] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1974] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3268] - not-detected: [..1433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3269] [Unknown][Unknown][Unrated] + not-detected: [..1433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3269] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1433] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3269] - not-detected: [..1513] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3269] [Unknown][Unknown][Unrated] + not-detected: [..1513] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3269] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1513] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3269] - not-detected: [..1325] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3283] [Unknown][Unknown][Unrated] + not-detected: [..1325] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3283] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1325] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3283] - not-detected: [..1420] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3283] [Unknown][Unknown][Unrated] + not-detected: [..1420] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3283] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1420] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3283] guessed: [..1191] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3300] [Ceph][Unknown][DataTransfer][Acceptable] @@ -5196,10 +5196,10 @@ guessed: [..1265] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3300] [Ceph][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1265] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3300] - not-detected: [...505] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3301] [Unknown][Unknown][Unrated] + not-detected: [...505] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...505] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3301] - not-detected: [...526] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3301] [Unknown][Unknown][Unrated] + not-detected: [...526] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3301] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...526] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3301] guessed: [.....3] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3306] [MySQL][Unknown][Database][Acceptable] @@ -5208,400 +5208,400 @@ guessed: [....27] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3306] [MySQL][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [....27] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3306] - not-detected: [..1375] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3322] [Unknown][Unknown][Unrated] + not-detected: [..1375] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3322] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1375] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3322] - not-detected: [..1444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3322] [Unknown][Unknown][Unrated] + not-detected: [..1444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3322] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1444] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3322] - not-detected: [..1386] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3323] [Unknown][Unknown][Unrated] + not-detected: [..1386] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3323] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1386] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3323] - not-detected: [..1630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3324] [Unknown][Unknown][Unrated] + not-detected: [..1630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3324] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3324] - not-detected: [..1463] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3323] [Unknown][Unknown][Unrated] + not-detected: [..1463] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3323] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1463] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3323] - not-detected: [..1711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3324] [Unknown][Unknown][Unrated] + not-detected: [..1711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3324] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3324] - not-detected: [..1069] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3325] [Unknown][Unknown][Unrated] + not-detected: [..1069] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3325] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1069] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3325] - not-detected: [..1128] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3325] [Unknown][Unknown][Unrated] + not-detected: [..1128] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3325] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1128] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3325] - not-detected: [..1377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3333] [Unknown][Unknown][Unrated] + not-detected: [..1377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3333] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1377] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3333] - not-detected: [..1452] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3333] [Unknown][Unknown][Unrated] + not-detected: [..1452] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3333] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1452] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3333] - not-detected: [..1736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3351] [Unknown][Unknown][Unrated] + not-detected: [..1736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3351] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3351] - not-detected: [..1818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3351] [Unknown][Unknown][Unrated] + not-detected: [..1818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3351] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1818] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3351] - not-detected: [...593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3367] [Unknown][Unknown][Unrated] + not-detected: [...593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3367] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...593] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3367] - not-detected: [...662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3367] [Unknown][Unknown][Unrated] + not-detected: [...662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3367] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...662] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3367] - not-detected: [...294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3369] [Unknown][Unknown][Unrated] + not-detected: [...294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3369] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...294] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3369] - not-detected: [..1345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3370] [Unknown][Unknown][Unrated] + not-detected: [..1345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3370] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1345] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3370] - not-detected: [...326] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3369] [Unknown][Unknown][Unrated] + not-detected: [...326] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3369] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...326] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3369] - not-detected: [..1535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3371] [Unknown][Unknown][Unrated] + not-detected: [..1535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3371] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3371] - not-detected: [..1400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3370] [Unknown][Unknown][Unrated] + not-detected: [..1400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3370] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1400] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3370] - not-detected: [..1845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3372] [Unknown][Unknown][Unrated] + not-detected: [..1845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3372] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1845] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3372] - not-detected: [..1618] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3371] [Unknown][Unknown][Unrated] + not-detected: [..1618] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3371] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1618] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3371] - not-detected: [..1916] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3372] [Unknown][Unknown][Unrated] + not-detected: [..1916] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3372] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1916] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3372] guessed: [....15] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3389] [RDP][Unknown][RemoteAccess][Acceptable] RISK: Desktop/File Sharing, Unidirectional Traffic idle: [....15] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3389] - not-detected: [...716] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3390] [Unknown][Unknown][Unrated] + not-detected: [...716] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3390] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...716] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3390] guessed: [....18] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3389] [RDP][Unknown][RemoteAccess][Acceptable] RISK: Desktop/File Sharing, Unidirectional Traffic idle: [....18] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3389] - not-detected: [...789] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3390] [Unknown][Unknown][Unrated] + not-detected: [...789] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3390] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...789] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3390] - not-detected: [..1073] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3404] [Unknown][Unknown][Unrated] + not-detected: [..1073] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3404] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1073] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3404] - not-detected: [..1124] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3404] [Unknown][Unknown][Unrated] + not-detected: [..1124] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3404] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1124] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3404] - not-detected: [...351] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3476] [Unknown][Unknown][Unrated] + not-detected: [...351] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3476] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...351] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3476] - not-detected: [...392] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3476] [Unknown][Unknown][Unrated] + not-detected: [...392] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3476] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...392] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3476] - not-detected: [...336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3493] [Unknown][Unknown][Unrated] + not-detected: [...336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3493] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3493] - not-detected: [...366] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3493] [Unknown][Unknown][Unrated] + not-detected: [...366] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3493] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...366] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3493] - not-detected: [...520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3517] [Unknown][Unknown][Unrated] + not-detected: [...520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3517] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...520] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3517] - not-detected: [...551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3517] [Unknown][Unknown][Unrated] + not-detected: [...551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3517] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3517] - not-detected: [..1098] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3527] [Unknown][Unknown][Unrated] + not-detected: [..1098] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3527] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1098] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3527] - not-detected: [..1157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3527] [Unknown][Unknown][Unrated] + not-detected: [..1157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3527] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1157] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3527] - not-detected: [...688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3546] [Unknown][Unknown][Unrated] + not-detected: [...688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3546] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...688] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3546] - not-detected: [...759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3546] [Unknown][Unknown][Unrated] + not-detected: [...759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3546] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3546] - not-detected: [..1256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3551] [Unknown][Unknown][Unrated] + not-detected: [..1256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3551] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3551] - not-detected: [..1304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3551] [Unknown][Unknown][Unrated] + not-detected: [..1304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3551] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3551] - not-detected: [..1039] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3580] [Unknown][Unknown][Unrated] + not-detected: [..1039] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1039] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3580] - not-detected: [..1116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3580] [Unknown][Unknown][Unrated] + not-detected: [..1116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1116] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3580] - not-detected: [...890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3659] [Unknown][Unknown][Unrated] + not-detected: [...890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3659] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3659] - not-detected: [...965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3659] [Unknown][Unknown][Unrated] + not-detected: [...965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3659] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3659] - not-detected: [..1838] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3689] [Unknown][Unknown][Unrated] + not-detected: [..1838] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3689] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1838] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3689] - not-detected: [..1923] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3689] [Unknown][Unknown][Unrated] + not-detected: [..1923] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3689] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1923] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3689] - not-detected: [..1093] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3690] [Unknown][Unknown][Unrated] + not-detected: [..1093] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1093] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3690] - not-detected: [..1162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3690] [Unknown][Unknown][Unrated] + not-detected: [..1162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3690] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1162] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3690] - not-detected: [..1589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3703] [Unknown][Unknown][Unrated] + not-detected: [..1589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3703] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1589] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3703] - not-detected: [..1661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3703] [Unknown][Unknown][Unrated] + not-detected: [..1661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3703] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1661] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3703] - not-detected: [...337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3737] [Unknown][Unknown][Unrated] + not-detected: [...337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3737] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...337] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3737] - not-detected: [...365] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3737] [Unknown][Unknown][Unrated] + not-detected: [...365] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3737] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...365] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3737] - not-detected: [...872] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3766] [Unknown][Unknown][Unrated] + not-detected: [...872] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3766] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...872] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3766] - not-detected: [...933] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3766] [Unknown][Unknown][Unrated] + not-detected: [...933] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3766] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...933] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3766] - not-detected: [...420] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3784] [Unknown][Unknown][Unrated] + not-detected: [...420] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3784] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...420] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3784] - not-detected: [...446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3784] [Unknown][Unknown][Unrated] + not-detected: [...446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3784] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...446] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3784] - not-detected: [..1251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3800] [Unknown][Unknown][Unrated] + not-detected: [..1251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3800] - not-detected: [..1309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3800] [Unknown][Unknown][Unrated] + not-detected: [..1309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1309] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3800] - not-detected: [...800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3801] [Unknown][Unknown][Unrated] + not-detected: [...800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...800] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3801] - not-detected: [...855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3801] [Unknown][Unknown][Unrated] + not-detected: [...855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3801] - not-detected: [...358] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3809] [Unknown][Unknown][Unrated] + not-detected: [...358] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3809] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...358] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3809] - not-detected: [...385] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3809] [Unknown][Unknown][Unrated] + not-detected: [...385] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3809] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...385] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3809] - not-detected: [...291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3814] [Unknown][Unknown][Unrated] + not-detected: [...291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3814] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...291] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3814] - not-detected: [...329] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3814] [Unknown][Unknown][Unrated] + not-detected: [...329] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3814] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...329] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3814] - not-detected: [...125] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3826] [Unknown][Unknown][Unrated] + not-detected: [...125] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3826] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...125] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3826] - not-detected: [...357] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3827] [Unknown][Unknown][Unrated] + not-detected: [...357] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3827] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...357] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3827] - not-detected: [...167] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3826] [Unknown][Unknown][Unrated] + not-detected: [...167] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3826] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...167] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3826] - not-detected: [..1787] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3828] [Unknown][Unknown][Unrated] + not-detected: [..1787] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3828] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1787] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3828] - not-detected: [...386] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3827] [Unknown][Unknown][Unrated] + not-detected: [...386] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3827] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...386] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3827] - not-detected: [..1870] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3828] [Unknown][Unknown][Unrated] + not-detected: [..1870] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3828] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1870] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3828] - not-detected: [...614] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3851] [Unknown][Unknown][Unrated] + not-detected: [...614] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3851] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...614] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3851] - not-detected: [...683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3851] [Unknown][Unknown][Unrated] + not-detected: [...683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3851] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...683] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3851] - not-detected: [..1348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3869] [Unknown][Unknown][Unrated] + not-detected: [..1348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1348] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3869] - not-detected: [..1397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3869] [Unknown][Unknown][Unrated] + not-detected: [..1397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3869] - not-detected: [..1372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3871] [Unknown][Unknown][Unrated] + not-detected: [..1372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3871] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1372] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3871] - not-detected: [..1447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3871] [Unknown][Unknown][Unrated] + not-detected: [..1447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3871] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1447] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3871] - not-detected: [...798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3878] [Unknown][Unknown][Unrated] + not-detected: [...798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3878] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3878] - not-detected: [...857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3878] [Unknown][Unknown][Unrated] + not-detected: [...857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3878] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...857] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3878] - not-detected: [....89] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3880] [Unknown][Unknown][Unrated] + not-detected: [....89] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3880] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....89] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3880] - not-detected: [...120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3880] [Unknown][Unknown][Unrated] + not-detected: [...120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3880] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3880] - not-detected: [..1430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3889] [Unknown][Unknown][Unrated] + not-detected: [..1430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3889] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3889] - not-detected: [..1516] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3889] [Unknown][Unknown][Unrated] + not-detected: [..1516] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3889] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1516] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3889] - not-detected: [...624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3905] [Unknown][Unknown][Unrated] + not-detected: [...624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3905] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...624] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3905] - not-detected: [...713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3905] [Unknown][Unknown][Unrated] + not-detected: [...713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3905] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3905] - not-detected: [..1743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3914] [Unknown][Unknown][Unrated] + not-detected: [..1743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3914] - not-detected: [..1811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3914] [Unknown][Unknown][Unrated] + not-detected: [..1811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3914] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1811] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3914] - not-detected: [...300] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3918] [Unknown][Unknown][Unrated] + not-detected: [...300] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3918] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...300] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3918] - not-detected: [...320] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3918] [Unknown][Unknown][Unrated] + not-detected: [...320] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3918] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...320] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3918] - not-detected: [..1652] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3920] [Unknown][Unknown][Unrated] + not-detected: [..1652] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1652] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3920] - not-detected: [..1719] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3920] [Unknown][Unknown][Unrated] + not-detected: [..1719] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1719] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3920] - not-detected: [...256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3945] [Unknown][Unknown][Unrated] + not-detected: [...256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3945] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...256] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3945] - not-detected: [...282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3945] [Unknown][Unknown][Unrated] + not-detected: [...282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3945] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3945] - not-detected: [...955] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3971] [Unknown][Unknown][Unrated] + not-detected: [...955] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3971] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...955] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3971] - not-detected: [..1000] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3971] [Unknown][Unknown][Unrated] + not-detected: [..1000] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3971] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1000] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3971] - not-detected: [..1518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3986] [Unknown][Unknown][Unrated] + not-detected: [..1518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3986] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3986] - not-detected: [..1580] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3986] [Unknown][Unknown][Unrated] + not-detected: [..1580] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3986] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1580] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3986] - not-detected: [...691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3995] [Unknown][Unknown][Unrated] + not-detected: [...691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3995] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3995] - not-detected: [...756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3995] [Unknown][Unknown][Unrated] + not-detected: [...756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3995] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3995] - not-detected: [..1692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3998] [Unknown][Unknown][Unrated] + not-detected: [..1692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.3998] - not-detected: [..1765] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3998] [Unknown][Unknown][Unrated] + not-detected: [..1765] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1765] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.3998] guessed: [...182] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4000] [NoMachine][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...182] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4000] - not-detected: [..1842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4001] [Unknown][Unknown][Unrated] + not-detected: [..1842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1842] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4001] guessed: [...233] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4000] [NoMachine][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...233] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4000] - not-detected: [..1919] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4001] [Unknown][Unknown][Unrated] + not-detected: [..1919] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1919] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4001] - not-detected: [..1484] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4002] [Unknown][Unknown][Unrated] + not-detected: [..1484] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1484] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4002] - not-detected: [..1565] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4002] [Unknown][Unknown][Unrated] + not-detected: [..1565] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1565] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4002] - not-detected: [...105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4003] [Unknown][Unknown][Unrated] + not-detected: [...105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...105] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4003] - not-detected: [..1290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4004] [Unknown][Unknown][Unrated] + not-detected: [..1290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4004] - not-detected: [...145] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4003] [Unknown][Unknown][Unrated] + not-detected: [...145] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...145] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4003] - not-detected: [..1360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4004] [Unknown][Unknown][Unrated] + not-detected: [..1360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4004] - not-detected: [...374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4005] [Unknown][Unknown][Unrated] + not-detected: [...374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4005] - not-detected: [...410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4005] [Unknown][Unknown][Unrated] + not-detected: [...410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...410] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4005] - not-detected: [...335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4006] [Unknown][Unknown][Unrated] + not-detected: [...335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...335] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4006] - not-detected: [...367] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4006] [Unknown][Unknown][Unrated] + not-detected: [...367] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...367] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4006] - not-detected: [..1645] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4045] [Unknown][Unknown][Unrated] + not-detected: [..1645] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1645] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4045] - not-detected: [..1726] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4045] [Unknown][Unknown][Unrated] + not-detected: [..1726] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1726] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4045] - not-detected: [...380] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4111] [Unknown][Unknown][Unrated] + not-detected: [...380] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...380] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4111] - not-detected: [...404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4111] [Unknown][Unknown][Unrated] + not-detected: [...404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...404] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4111] - not-detected: [...765] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4125] [Unknown][Unknown][Unrated] + not-detected: [...765] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4125] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...765] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4125] - not-detected: [...832] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4125] [Unknown][Unknown][Unrated] + not-detected: [...832] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4125] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...832] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4125] - not-detected: [...463] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4126] [Unknown][Unknown][Unrated] + not-detected: [...463] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...463] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4126] - not-detected: [...485] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4126] [Unknown][Unknown][Unrated] + not-detected: [...485] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4126] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...485] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4126] - not-detected: [...353] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4129] [Unknown][Unknown][Unrated] + not-detected: [...353] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...353] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4129] - not-detected: [...390] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4129] [Unknown][Unknown][Unrated] + not-detected: [...390] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...390] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4129] - not-detected: [...425] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4224] [Unknown][Unknown][Unrated] + not-detected: [...425] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4224] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...425] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4224] - not-detected: [...441] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4224] [Unknown][Unknown][Unrated] + not-detected: [...441] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4224] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...441] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4224] - not-detected: [..1346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4242] [Unknown][Unknown][Unrated] + not-detected: [..1346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4242] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4242] - not-detected: [..1399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4242] [Unknown][Unknown][Unrated] + not-detected: [..1399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4242] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1399] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4242] - not-detected: [...917] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4279] [Unknown][Unknown][Unrated] + not-detected: [...917] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4279] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...917] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4279] - not-detected: [...980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4279] [Unknown][Unknown][Unrated] + not-detected: [...980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4279] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...980] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4279] - not-detected: [..1699] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4321] [Unknown][Unknown][Unrated] + not-detected: [..1699] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4321] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1699] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4321] - not-detected: [..1758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4321] [Unknown][Unknown][Unrated] + not-detected: [..1758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4321] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1758] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4321] guessed: [...622] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4343] [Whois-DAS][Unknown][Network][Acceptable][] @@ -5610,142 +5610,142 @@ guessed: [...675] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4343] [Whois-DAS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic idle: [...675] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4343] - not-detected: [...991] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4443] [Unknown][Unknown][Unrated] + not-detected: [...991] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...991] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4443] - not-detected: [..1195] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4444] [Unknown][Unknown][Unrated] + not-detected: [..1195] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1195] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4444] - not-detected: [..1056] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4443] [Unknown][Unknown][Unrated] + not-detected: [..1056] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1056] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4443] - not-detected: [..1261] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4444] [Unknown][Unknown][Unrated] + not-detected: [..1261] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4444] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1261] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4444] - not-detected: [..1015] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4445] [Unknown][Unknown][Unrated] + not-detected: [..1015] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4445] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1015] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4445] - not-detected: [..1145] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4446] [Unknown][Unknown][Unrated] + not-detected: [..1145] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4446] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1145] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4446] - not-detected: [..1090] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4445] [Unknown][Unknown][Unrated] + not-detected: [..1090] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4445] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1090] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4445] - not-detected: [..1202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4446] [Unknown][Unknown][Unrated] + not-detected: [..1202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4446] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4446] - not-detected: [...617] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4449] [Unknown][Unknown][Unrated] + not-detected: [...617] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4449] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...617] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4449] - not-detected: [...680] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4449] [Unknown][Unknown][Unrated] + not-detected: [...680] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4449] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...680] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4449] - not-detected: [...898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4550] [Unknown][Unknown][Unrated] + not-detected: [...898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4550] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...898] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4550] - not-detected: [...957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4550] [Unknown][Unknown][Unrated] + not-detected: [...957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4550] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...957] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4550] - not-detected: [...541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4567] [Unknown][Unknown][Unrated] + not-detected: [...541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4567] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4567] - not-detected: [...606] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4567] [Unknown][Unknown][Unrated] + not-detected: [...606] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4567] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...606] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4567] - not-detected: [...459] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4662] [Unknown][Unknown][Unrated] + not-detected: [...459] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4662] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...459] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4662] - not-detected: [...489] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4662] [Unknown][Unknown][Unrated] + not-detected: [...489] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4662] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...489] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4662] - not-detected: [....92] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4848] [Unknown][Unknown][Unrated] + not-detected: [....92] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4848] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....92] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4848] - not-detected: [...117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4848] [Unknown][Unknown][Unrated] + not-detected: [...117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4848] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...117] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4848] guessed: [...333] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4899] [Radmin][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...333] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4899] - not-detected: [...692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4900] [Unknown][Unknown][Unrated] + not-detected: [...692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...692] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4900] guessed: [...369] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4899] [Radmin][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...369] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4899] - not-detected: [...755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4900] [Unknown][Unknown][Unrated] + not-detected: [...755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...755] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4900] - not-detected: [..1928] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4998] [Unknown][Unknown][Unrated] + not-detected: [..1928] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1928] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.4998] - not-detected: [..1994] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4998] [Unknown][Unknown][Unrated] + not-detected: [..1994] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1994] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.4998] - not-detected: [..1169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5000] [Unknown][Unknown][Unrated] + not-detected: [..1169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5000] - not-detected: [..1238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5000] [Unknown][Unknown][Unrated] + not-detected: [..1238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1238] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5000] guessed: [...745] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5001] [TargusDataspeed][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...745] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5001] - not-detected: [..1929] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5002] [Unknown][Unknown][Unrated] + not-detected: [..1929] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1929] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5002] guessed: [...810] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5001] [TargusDataspeed][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...810] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5001] - not-detected: [..1993] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5002] [Unknown][Unknown][Unrated] + not-detected: [..1993] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1993] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5002] - not-detected: [..1798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5003] [Unknown][Unknown][Unrated] + not-detected: [..1798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1798] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5003] - not-detected: [..1859] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5003] [Unknown][Unknown][Unrated] + not-detected: [..1859] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1859] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5003] - not-detected: [..1437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5004] [Unknown][Unknown][Unrated] + not-detected: [..1437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5004] - not-detected: [..1509] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5004] [Unknown][Unknown][Unrated] + not-detected: [..1509] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1509] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5004] - not-detected: [..1542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5009] [Unknown][Unknown][Unrated] + not-detected: [..1542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5009] - not-detected: [..1611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5009] [Unknown][Unknown][Unrated] + not-detected: [..1611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1611] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5009] - not-detected: [..1047] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5030] [Unknown][Unknown][Unrated] + not-detected: [..1047] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1047] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5030] - not-detected: [..1108] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5030] [Unknown][Unknown][Unrated] + not-detected: [..1108] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5030] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1108] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5030] - not-detected: [...212] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5033] [Unknown][Unknown][Unrated] + not-detected: [...212] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...212] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5033] - not-detected: [...244] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5033] [Unknown][Unknown][Unrated] + not-detected: [...244] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5033] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...244] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5033] - not-detected: [..1179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5050] [Unknown][Unknown][Unrated] + not-detected: [..1179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1179] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5050] - not-detected: [..1228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5050] [Unknown][Unknown][Unrated] + not-detected: [..1228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5050] - not-detected: [...739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5051] [Unknown][Unknown][Unrated] + not-detected: [...739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5051] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5051] - not-detected: [...816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5051] [Unknown][Unknown][Unrated] + not-detected: [...816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5051] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5051] - not-detected: [..1584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5054] [Unknown][Unknown][Unrated] + not-detected: [..1584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5054] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1584] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5054] - not-detected: [..1666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5054] [Unknown][Unknown][Unrated] + not-detected: [..1666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5054] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1666] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5054] guessed: [...889] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -5760,298 +5760,298 @@ guessed: [..1879] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5061] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [..1879] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5061] - not-detected: [...339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5080] [Unknown][Unknown][Unrated] + not-detected: [...339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...339] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5080] - not-detected: [...363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5080] [Unknown][Unknown][Unrated] + not-detected: [...363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5080] - not-detected: [..1287] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5087] [Unknown][Unknown][Unrated] + not-detected: [..1287] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1287] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5087] - not-detected: [..1363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5087] [Unknown][Unknown][Unrated] + not-detected: [..1363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1363] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5087] - not-detected: [..1136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5100] [Unknown][Unknown][Unrated] + not-detected: [..1136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5100] - not-detected: [..1211] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5100] [Unknown][Unknown][Unrated] + not-detected: [..1211] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1211] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5100] - not-detected: [...136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5101] [Unknown][Unknown][Unrated] + not-detected: [...136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...136] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5101] - not-detected: [..1026] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5102] [Unknown][Unknown][Unrated] + not-detected: [..1026] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1026] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5102] - not-detected: [...156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5101] [Unknown][Unknown][Unrated] + not-detected: [...156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...156] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5101] - not-detected: [..1079] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5102] [Unknown][Unknown][Unrated] + not-detected: [..1079] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1079] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5102] - not-detected: [...887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5120] [Unknown][Unknown][Unrated] + not-detected: [...887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5120] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5120] - not-detected: [...968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5120] [Unknown][Unknown][Unrated] + not-detected: [...968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5120] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...968] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5120] - not-detected: [...260] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5190] [Unknown][Unknown][Unrated] + not-detected: [...260] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5190] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...260] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5190] - not-detected: [...278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5190] [Unknown][Unknown][Unrated] + not-detected: [...278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5190] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5190] - not-detected: [...438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5200] [Unknown][Unknown][Unrated] + not-detected: [...438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5200] - not-detected: [...469] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5200] [Unknown][Unknown][Unrated] + not-detected: [...469] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...469] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5200] - not-detected: [...288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5214] [Unknown][Unknown][Unrated] + not-detected: [...288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5214] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5214] - not-detected: [...332] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5214] [Unknown][Unknown][Unrated] + not-detected: [...332] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5214] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...332] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5214] - not-detected: [...338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5221] [Unknown][Unknown][Unrated] + not-detected: [...338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5221] - not-detected: [..1165] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5222] [Unknown][Unknown][Unrated] + not-detected: [..1165] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1165] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5222] - not-detected: [...364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5221] [Unknown][Unknown][Unrated] + not-detected: [...364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...364] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5221] - not-detected: [..1242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5222] [Unknown][Unknown][Unrated] + not-detected: [..1242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1242] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5222] - not-detected: [..1850] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5225] [Unknown][Unknown][Unrated] + not-detected: [..1850] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5225] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1850] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5225] - not-detected: [..1911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5225] [Unknown][Unknown][Unrated] + not-detected: [..1911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5225] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1911] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5225] - not-detected: [..1476] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5226] [Unknown][Unknown][Unrated] + not-detected: [..1476] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5226] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1476] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5226] - not-detected: [..1573] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5226] [Unknown][Unknown][Unrated] + not-detected: [..1573] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5226] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1573] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5226] - not-detected: [..1946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5269] [Unknown][Unknown][Unrated] + not-detected: [..1946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5269] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1946] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5269] - not-detected: [..1976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5269] [Unknown][Unknown][Unrated] + not-detected: [..1976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5269] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1976] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5269] - not-detected: [...835] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5280] [Unknown][Unknown][Unrated] + not-detected: [...835] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5280] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...835] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5280] - not-detected: [...912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5280] [Unknown][Unknown][Unrated] + not-detected: [...912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5280] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...912] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5280] - not-detected: [..1220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5298] [Unknown][Unknown][Unrated] + not-detected: [..1220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5298] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5298] - not-detected: [..1278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5298] [Unknown][Unknown][Unrated] + not-detected: [..1278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5298] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1278] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5298] - not-detected: [..1681] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5357] [Unknown][Unknown][Unrated] + not-detected: [..1681] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5357] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1681] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5357] - not-detected: [..1756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5357] [Unknown][Unknown][Unrated] + not-detected: [..1756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5357] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1756] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5357] - not-detected: [...738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5405] [Unknown][Unknown][Unrated] + not-detected: [...738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5405] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5405] - not-detected: [...817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5405] [Unknown][Unknown][Unrated] + not-detected: [...817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5405] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5405] - not-detected: [....48] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5414] [Unknown][Unknown][Unrated] + not-detected: [....48] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5414] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....48] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5414] - not-detected: [....80] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5414] [Unknown][Unknown][Unrated] + not-detected: [....80] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5414] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....80] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5414] - not-detected: [...257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5431] [Unknown][Unknown][Unrated] + not-detected: [...257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5431] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...257] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5431] guessed: [..1146] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5432] [PostgreSQL][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [..1146] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5432] - not-detected: [...281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5431] [Unknown][Unknown][Unrated] + not-detected: [...281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5431] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5431] guessed: [..1201] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5432] [PostgreSQL][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [..1201] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5432] - not-detected: [...378] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5440] [Unknown][Unknown][Unrated] + not-detected: [...378] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5440] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...378] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5440] - not-detected: [...406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5440] [Unknown][Unknown][Unrated] + not-detected: [...406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5440] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...406] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5440] - not-detected: [...275] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5500] [Unknown][Unknown][Unrated] + not-detected: [...275] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...275] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5500] - not-detected: [...304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5500] [Unknown][Unknown][Unrated] + not-detected: [...304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...304] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5500] - not-detected: [...794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5510] [Unknown][Unknown][Unrated] + not-detected: [...794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5510] - not-detected: [...861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5510] [Unknown][Unknown][Unrated] + not-detected: [...861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...861] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5510] - not-detected: [..1317] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][38292] [Unknown][Unknown][Unrated] + not-detected: [..1317] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][38292] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1317] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][38292] - not-detected: [..1380] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][38292] [Unknown][Unknown][Unrated] + not-detected: [..1380] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][38292] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1380] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][38292] - not-detected: [..1254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5544] [Unknown][Unknown][Unrated] + not-detected: [..1254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5544] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5544] - not-detected: [..1306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5544] [Unknown][Unknown][Unrated] + not-detected: [..1306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5544] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1306] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5544] - not-detected: [..1621] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5550] [Unknown][Unknown][Unrated] + not-detected: [..1621] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5550] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1621] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5550] - not-detected: [..1684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5550] [Unknown][Unknown][Unrated] + not-detected: [..1684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5550] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5550] - not-detected: [..1790] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5555] [Unknown][Unknown][Unrated] + not-detected: [..1790] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1790] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5555] - not-detected: [..1867] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5555] [Unknown][Unknown][Unrated] + not-detected: [..1867] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5555] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1867] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5555] - not-detected: [...868] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5560] [Unknown][Unknown][Unrated] + not-detected: [...868] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5560] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...868] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5560] - not-detected: [...937] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5560] [Unknown][Unknown][Unrated] + not-detected: [...937] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5560] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...937] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5560] - not-detected: [...795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5566] [Unknown][Unknown][Unrated] + not-detected: [...795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...795] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5566] - not-detected: [...860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5566] [Unknown][Unknown][Unrated] + not-detected: [...860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...860] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5566] - not-detected: [...356] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5631] [Unknown][Unknown][Unrated] + not-detected: [...356] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5631] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...356] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5631] - not-detected: [...387] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5631] [Unknown][Unknown][Unrated] + not-detected: [...387] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5631] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...387] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5631] - not-detected: [..1697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5633] [Unknown][Unknown][Unrated] + not-detected: [..1697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5633] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1697] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5633] - not-detected: [..1760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5633] [Unknown][Unknown][Unrated] + not-detected: [..1760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5633] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5633] - not-detected: [..1475] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5666] [Unknown][Unknown][Unrated] + not-detected: [..1475] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1475] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5666] - not-detected: [..1574] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5666] [Unknown][Unknown][Unrated] + not-detected: [..1574] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1574] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5666] - not-detected: [..1839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5678] [Unknown][Unknown][Unrated] + not-detected: [..1839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5678] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5678] - not-detected: [..1922] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5678] [Unknown][Unknown][Unrated] + not-detected: [..1922] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5678] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1922] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5678] - not-detected: [...915] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5679] [Unknown][Unknown][Unrated] + not-detected: [...915] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5679] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...915] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5679] - not-detected: [...982] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5679] [Unknown][Unknown][Unrated] + not-detected: [...982] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5679] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...982] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5679] - not-detected: [...804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5718] [Unknown][Unknown][Unrated] + not-detected: [...804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...804] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5718] - not-detected: [...851] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5718] [Unknown][Unknown][Unrated] + not-detected: [...851] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5718] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...851] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5718] - not-detected: [...518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5730] [Unknown][Unknown][Unrated] + not-detected: [...518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5730] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...518] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5730] - not-detected: [...553] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5730] [Unknown][Unknown][Unrated] + not-detected: [...553] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5730] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...553] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5730] guessed: [...375] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5800] [VNC][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...375] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5800] - not-detected: [..1374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5801] [Unknown][Unknown][Unrated] + not-detected: [..1374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1374] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5801] guessed: [...409] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5800] [VNC][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...409] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5800] - not-detected: [..1445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5801] [Unknown][Unknown][Unrated] + not-detected: [..1445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5801] - not-detected: [...995] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5802] [Unknown][Unknown][Unrated] + not-detected: [...995] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5802] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...995] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5802] - not-detected: [..1052] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5802] [Unknown][Unknown][Unrated] + not-detected: [..1052] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5802] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1052] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5802] - not-detected: [...629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5810] [Unknown][Unknown][Unrated] + not-detected: [...629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5810] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...629] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5810] - not-detected: [...708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5810] [Unknown][Unknown][Unrated] + not-detected: [...708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5810] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5810] - not-detected: [...430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5811] [Unknown][Unknown][Unrated] + not-detected: [...430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5811] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...430] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5811] - not-detected: [...477] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5811] [Unknown][Unknown][Unrated] + not-detected: [...477] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5811] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...477] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5811] - not-detected: [..1469] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5815] [Unknown][Unknown][Unrated] + not-detected: [..1469] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5815] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1469] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5815] - not-detected: [..1532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5815] [Unknown][Unknown][Unrated] + not-detected: [..1532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5815] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5815] - not-detected: [...129] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5822] [Unknown][Unknown][Unrated] + not-detected: [...129] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5822] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...129] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5822] - not-detected: [...163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5822] [Unknown][Unknown][Unrated] + not-detected: [...163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5822] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...163] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5822] - not-detected: [...187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5825] [Unknown][Unknown][Unrated] + not-detected: [...187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5825] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...187] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5825] - not-detected: [...228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5825] [Unknown][Unknown][Unrated] + not-detected: [...228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5825] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...228] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5825] - not-detected: [...596] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5850] [Unknown][Unknown][Unrated] + not-detected: [...596] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5850] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...596] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5850] - not-detected: [...659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5850] [Unknown][Unknown][Unrated] + not-detected: [...659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5850] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...659] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5850] - not-detected: [..1641] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5859] [Unknown][Unknown][Unrated] + not-detected: [..1641] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5859] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1641] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5859] - not-detected: [..1700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5859] [Unknown][Unknown][Unrated] + not-detected: [..1700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5859] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1700] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5859] - not-detected: [..1889] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5862] [Unknown][Unknown][Unrated] + not-detected: [..1889] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5862] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1889] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5862] - not-detected: [..1963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5862] [Unknown][Unknown][Unrated] + not-detected: [..1963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5862] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1963] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5862] - not-detected: [..1027] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5877] [Unknown][Unknown][Unrated] + not-detected: [..1027] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1027] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5877] - not-detected: [..1078] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5877] [Unknown][Unknown][Unrated] + not-detected: [..1078] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1078] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5877] guessed: [....10] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5900] [VNC][Unknown][RemoteAccess][Acceptable] @@ -6063,622 +6063,622 @@ guessed: [....21] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5900] [VNC][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [....21] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5900] - not-detected: [..1022] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5902] [Unknown][Unknown][Unrated] + not-detected: [..1022] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5902] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1022] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5902] guessed: [...909] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5901] [VNC][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [...909] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5901] - not-detected: [..1083] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5902] [Unknown][Unknown][Unrated] + not-detected: [..1083] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5902] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1083] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5902] - not-detected: [...103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5903] [Unknown][Unknown][Unrated] + not-detected: [...103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5903] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...103] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5903] - not-detected: [..1653] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5904] [Unknown][Unknown][Unrated] + not-detected: [..1653] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5904] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1653] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5904] - not-detected: [...147] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5903] [Unknown][Unknown][Unrated] + not-detected: [...147] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5903] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...147] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5903] - not-detected: [..1718] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5904] [Unknown][Unknown][Unrated] + not-detected: [..1718] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5904] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1718] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5904] - not-detected: [...535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5906] [Unknown][Unknown][Unrated] + not-detected: [...535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5906] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...535] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5906] - not-detected: [..1029] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5907] [Unknown][Unknown][Unrated] + not-detected: [..1029] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5907] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1029] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5907] - not-detected: [...612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5906] [Unknown][Unknown][Unrated] + not-detected: [...612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5906] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5906] - not-detected: [..1076] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5907] [Unknown][Unknown][Unrated] + not-detected: [..1076] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5907] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1076] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5907] - not-detected: [..1298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5910] [Unknown][Unknown][Unrated] + not-detected: [..1298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1298] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5910] - not-detected: [..1774] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5911] [Unknown][Unknown][Unrated] + not-detected: [..1774] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1774] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5911] - not-detected: [..1352] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5910] [Unknown][Unknown][Unrated] + not-detected: [..1352] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5910] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1352] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5910] - not-detected: [..1835] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5911] [Unknown][Unknown][Unrated] + not-detected: [..1835] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1835] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5911] - not-detected: [..1803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5915] [Unknown][Unknown][Unrated] + not-detected: [..1803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5915] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5915] - not-detected: [..1854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5915] [Unknown][Unknown][Unrated] + not-detected: [..1854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5915] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5915] - not-detected: [...769] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5922] [Unknown][Unknown][Unrated] + not-detected: [...769] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5922] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...769] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5922] - not-detected: [...828] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5922] [Unknown][Unknown][Unrated] + not-detected: [...828] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5922] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...828] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5922] - not-detected: [..1805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5925] [Unknown][Unknown][Unrated] + not-detected: [..1805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5925] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1805] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5925] - not-detected: [..1852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5925] [Unknown][Unknown][Unrated] + not-detected: [..1852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5925] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5925] - not-detected: [..1522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5950] [Unknown][Unknown][Unrated] + not-detected: [..1522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5950] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1522] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5950] - not-detected: [..1601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5950] [Unknown][Unknown][Unrated] + not-detected: [..1601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5950] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5950] - not-detected: [..1292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5952] [Unknown][Unknown][Unrated] + not-detected: [..1292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5952] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1292] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5952] - not-detected: [..1358] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5952] [Unknown][Unknown][Unrated] + not-detected: [..1358] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5952] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1358] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5952] - not-detected: [...169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5959] [Unknown][Unknown][Unrated] + not-detected: [...169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5959] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...169] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5959] - not-detected: [..1142] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5960] [Unknown][Unknown][Unrated] + not-detected: [..1142] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5960] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1142] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5960] - not-detected: [...205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5959] [Unknown][Unknown][Unrated] + not-detected: [...205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5959] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5959] - not-detected: [..1336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5961] [Unknown][Unknown][Unrated] + not-detected: [..1336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5961] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1336] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5961] - not-detected: [..1205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5960] [Unknown][Unknown][Unrated] + not-detected: [..1205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5960] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1205] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5960] - not-detected: [..1947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5962] [Unknown][Unknown][Unrated] + not-detected: [..1947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5962] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5962] - not-detected: [..1409] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5961] [Unknown][Unknown][Unrated] + not-detected: [..1409] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5961] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1409] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5961] - not-detected: [..1975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5962] [Unknown][Unknown][Unrated] + not-detected: [..1975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5962] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5962] - not-detected: [...343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5963] [Unknown][Unknown][Unrated] + not-detected: [...343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5963] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5963] - not-detected: [...359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5963] [Unknown][Unknown][Unrated] + not-detected: [...359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5963] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...359] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5963] - not-detected: [...942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5987] [Unknown][Unknown][Unrated] + not-detected: [...942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5987] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...942] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5987] - not-detected: [..1013] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5987] [Unknown][Unknown][Unrated] + not-detected: [..1013] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5987] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1013] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5987] - not-detected: [...570] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5988] [Unknown][Unknown][Unrated] + not-detected: [...570] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...570] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5988] - not-detected: [...897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5989] [Unknown][Unknown][Unrated] + not-detected: [...897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5989] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...897] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5989] - not-detected: [...650] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5988] [Unknown][Unknown][Unrated] + not-detected: [...650] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...650] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5988] - not-detected: [...958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5989] [Unknown][Unknown][Unrated] + not-detected: [...958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5989] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...958] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5989] - not-detected: [..1064] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5998] [Unknown][Unknown][Unrated] + not-detected: [..1064] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1064] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5998] - not-detected: [..1133] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5998] [Unknown][Unknown][Unrated] + not-detected: [..1133] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1133] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5998] - not-detected: [...628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5999] [Unknown][Unknown][Unrated] + not-detected: [...628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.5999] - not-detected: [...709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5999] [Unknown][Unknown][Unrated] + not-detected: [...709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.5999] - not-detected: [....50] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6000] [Unknown][Unknown][Unrated] + not-detected: [....50] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....50] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6000] - not-detected: [..1481] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6001] [Unknown][Unknown][Unrated] + not-detected: [..1481] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1481] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6001] - not-detected: [....78] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6000] [Unknown][Unknown][Unrated] + not-detected: [....78] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....78] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6000] - not-detected: [..1568] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6001] [Unknown][Unknown][Unrated] + not-detected: [..1568] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1568] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6001] - not-detected: [..1392] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6002] [Unknown][Unknown][Unrated] + not-detected: [..1392] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1392] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6002] - not-detected: [..1457] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6002] [Unknown][Unknown][Unrated] + not-detected: [..1457] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1457] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6002] - not-detected: [..1217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6003] [Unknown][Unknown][Unrated] + not-detected: [..1217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1217] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6003] - not-detected: [..1741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6004] [Unknown][Unknown][Unrated] + not-detected: [..1741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1741] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6004] - not-detected: [..1281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6003] [Unknown][Unknown][Unrated] + not-detected: [..1281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1281] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6003] - not-detected: [..1944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6005] [Unknown][Unknown][Unrated] + not-detected: [..1944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1944] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6005] - not-detected: [..1813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6004] [Unknown][Unknown][Unrated] + not-detected: [..1813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6004] - not-detected: [..1978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6005] [Unknown][Unknown][Unrated] + not-detected: [..1978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6005] - not-detected: [..1695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6006] [Unknown][Unknown][Unrated] + not-detected: [..1695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6006] - not-detected: [..1762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6006] [Unknown][Unknown][Unrated] + not-detected: [..1762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1762] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6006] - not-detected: [..1190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6007] [Unknown][Unknown][Unrated] + not-detected: [..1190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1190] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6007] - not-detected: [..1266] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6007] [Unknown][Unknown][Unrated] + not-detected: [..1266] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1266] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6007] - not-detected: [..1347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6009] [Unknown][Unknown][Unrated] + not-detected: [..1347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1347] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6009] - not-detected: [..1398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6009] [Unknown][Unknown][Unrated] + not-detected: [..1398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1398] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6009] - not-detected: [...517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6025] [Unknown][Unknown][Unrated] + not-detected: [...517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...517] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6025] - not-detected: [...554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6025] [Unknown][Unknown][Unrated] + not-detected: [...554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...554] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6025] - not-detected: [..1781] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6059] [Unknown][Unknown][Unrated] + not-detected: [..1781] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6059] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1781] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6059] - not-detected: [..1876] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6059] [Unknown][Unknown][Unrated] + not-detected: [..1876] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6059] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1876] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6059] - not-detected: [..1381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6100] [Unknown][Unknown][Unrated] + not-detected: [..1381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6100] - not-detected: [..1468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6100] [Unknown][Unknown][Unrated] + not-detected: [..1468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1468] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6100] - not-detected: [..1035] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6101] [Unknown][Unknown][Unrated] + not-detected: [..1035] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1035] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6101] - not-detected: [..1120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6101] [Unknown][Unknown][Unrated] + not-detected: [..1120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1120] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6101] - not-detected: [...582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6106] [Unknown][Unknown][Unrated] + not-detected: [...582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...582] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6106] - not-detected: [...673] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6106] [Unknown][Unknown][Unrated] + not-detected: [...673] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...673] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6106] - not-detected: [..1172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6112] [Unknown][Unknown][Unrated] + not-detected: [..1172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6112] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6112] - not-detected: [..1235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6112] [Unknown][Unknown][Unrated] + not-detected: [..1235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6112] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6112] - not-detected: [..1786] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6123] [Unknown][Unknown][Unrated] + not-detected: [..1786] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6123] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1786] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6123] - not-detected: [..1871] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6123] [Unknown][Unknown][Unrated] + not-detected: [..1871] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6123] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1871] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6123] - not-detected: [..1735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6129] [Unknown][Unknown][Unrated] + not-detected: [..1735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1735] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6129] - not-detected: [..1819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6129] [Unknown][Unknown][Unrated] + not-detected: [..1819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6129] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6129] - not-detected: [..1174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6156] [Unknown][Unknown][Unrated] + not-detected: [..1174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6156] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6156] - not-detected: [..1233] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6156] [Unknown][Unknown][Unrated] + not-detected: [..1233] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6156] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1233] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6156] - not-detected: [...461] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6346] [Unknown][Unknown][Unrated] + not-detected: [...461] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...461] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6346] - not-detected: [...487] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6346] [Unknown][Unknown][Unrated] + not-detected: [...487] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6346] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...487] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6346] - not-detected: [...266] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6389] [Unknown][Unknown][Unrated] + not-detected: [...266] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...266] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6389] - not-detected: [...313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6389] [Unknown][Unknown][Unrated] + not-detected: [...313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...313] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6389] - not-detected: [..1745] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6502] [Unknown][Unknown][Unrated] + not-detected: [..1745] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1745] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6502] - not-detected: [..1809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6502] [Unknown][Unknown][Unrated] + not-detected: [..1809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6502] - not-detected: [...742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6510] [Unknown][Unknown][Unrated] + not-detected: [...742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...742] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6510] - not-detected: [...813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6510] [Unknown][Unknown][Unrated] + not-detected: [...813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...813] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6510] - not-detected: [...210] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6543] [Unknown][Unknown][Unrated] + not-detected: [...210] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6543] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...210] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6543] - not-detected: [...246] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6543] [Unknown][Unknown][Unrated] + not-detected: [...246] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6543] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...246] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6543] - not-detected: [...638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6547] [Unknown][Unknown][Unrated] + not-detected: [...638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6547] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6547] - not-detected: [...699] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6547] [Unknown][Unknown][Unrated] + not-detected: [...699] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6547] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...699] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6547] - not-detected: [..1431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6565] [Unknown][Unknown][Unrated] + not-detected: [..1431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6565] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1431] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6565] - not-detected: [..1515] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6565] [Unknown][Unknown][Unrated] + not-detected: [..1515] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6565] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1515] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6565] - not-detected: [..1334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6566] [Unknown][Unknown][Unrated] + not-detected: [..1334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6566] - not-detected: [..1492] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6567] [Unknown][Unknown][Unrated] + not-detected: [..1492] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6567] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1492] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6567] - not-detected: [..1411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6566] [Unknown][Unknown][Unrated] + not-detected: [..1411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1411] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6566] - not-detected: [..1557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6567] [Unknown][Unknown][Unrated] + not-detected: [..1557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6567] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1557] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6567] - not-detected: [...191] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6580] [Unknown][Unknown][Unrated] + not-detected: [...191] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...191] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6580] - not-detected: [...224] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6580] [Unknown][Unknown][Unrated] + not-detected: [...224] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6580] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...224] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6580] - not-detected: [..1826] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6646] [Unknown][Unknown][Unrated] + not-detected: [..1826] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6646] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1826] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6646] - not-detected: [..1905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6646] [Unknown][Unknown][Unrated] + not-detected: [..1905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6646] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1905] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6646] - not-detected: [..1899] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6666] [Unknown][Unknown][Unrated] + not-detected: [..1899] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1899] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6666] - not-detected: [..1953] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6666] [Unknown][Unknown][Unrated] + not-detected: [..1953] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1953] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6666] - not-detected: [..1675] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6667] [Unknown][Unknown][Unrated] + not-detected: [..1675] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6667] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1675] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6667] - not-detected: [..1752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6667] [Unknown][Unknown][Unrated] + not-detected: [..1752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6667] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6667] - not-detected: [..1167] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6668] [Unknown][Unknown][Unrated] + not-detected: [..1167] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6668] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1167] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6668] - not-detected: [..1240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6668] [Unknown][Unknown][Unrated] + not-detected: [..1240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6668] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6668] - not-detected: [...180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6669] [Unknown][Unknown][Unrated] + not-detected: [...180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6669] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...180] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6669] - not-detected: [...235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6669] [Unknown][Unknown][Unrated] + not-detected: [...235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6669] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...235] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6669] - not-detected: [...956] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6689] [Unknown][Unknown][Unrated] + not-detected: [...956] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6689] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...956] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6689] - not-detected: [...999] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6689] [Unknown][Unknown][Unrated] + not-detected: [...999] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6689] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...999] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6689] - not-detected: [..1541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6692] [Unknown][Unknown][Unrated] + not-detected: [..1541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6692] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1541] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6692] - not-detected: [..1612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6692] [Unknown][Unknown][Unrated] + not-detected: [..1612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6692] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1612] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6692] - not-detected: [...290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6699] [Unknown][Unknown][Unrated] + not-detected: [...290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6699] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...290] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6699] - not-detected: [...330] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6699] [Unknown][Unknown][Unrated] + not-detected: [...330] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6699] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...330] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6699] - not-detected: [...627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6779] [Unknown][Unknown][Unrated] + not-detected: [...627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6779] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6779] - not-detected: [...710] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6779] [Unknown][Unknown][Unrated] + not-detected: [...710] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6779] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...710] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6779] - not-detected: [...259] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6788] [Unknown][Unknown][Unrated] + not-detected: [...259] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6788] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...259] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6788] guessed: [..1740] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6789] [Ceph][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1740] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6789] - not-detected: [...279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6788] [Unknown][Unknown][Unrated] + not-detected: [...279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6788] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6788] guessed: [..1814] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6789] [Ceph][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [..1814] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6789] - not-detected: [..1499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6792] [Unknown][Unknown][Unrated] + not-detected: [..1499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6792] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6792] - not-detected: [..1550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6792] [Unknown][Unknown][Unrated] + not-detected: [..1550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6792] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1550] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6792] - not-detected: [...262] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6839] [Unknown][Unknown][Unrated] + not-detected: [...262] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6839] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...262] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6839] - not-detected: [...317] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6839] [Unknown][Unknown][Unrated] + not-detected: [...317] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6839] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...317] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6839] - not-detected: [...884] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6881] [Unknown][Unknown][Unrated] + not-detected: [...884] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6881] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...884] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6881] - not-detected: [...971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6881] [Unknown][Unknown][Unrated] + not-detected: [...971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6881] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6881] - not-detected: [..1685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6901] [Unknown][Unknown][Unrated] + not-detected: [..1685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6901] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1685] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6901] - not-detected: [..1772] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6901] [Unknown][Unknown][Unrated] + not-detected: [..1772] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6901] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1772] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6901] - not-detected: [..1687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6969] [Unknown][Unknown][Unrated] + not-detected: [..1687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6969] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.6969] - not-detected: [..1770] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6969] [Unknown][Unknown][Unrated] + not-detected: [..1770] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6969] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1770] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.6969] guessed: [...268] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7000] [Cassandra][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [...268] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7000] - not-detected: [...616] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7001] [Unknown][Unknown][Unrated] + not-detected: [...616] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...616] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7001] guessed: [...311] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7000] [Cassandra][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [...311] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7000] - not-detected: [...947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7002] [Unknown][Unknown][Unrated] + not-detected: [...947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...947] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7002] - not-detected: [...681] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7001] [Unknown][Unknown][Unrated] + not-detected: [...681] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...681] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7001] - not-detected: [..1008] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7002] [Unknown][Unknown][Unrated] + not-detected: [..1008] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1008] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7002] - not-detected: [..1440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7004] [Unknown][Unknown][Unrated] + not-detected: [..1440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1440] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7004] - not-detected: [..1506] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7004] [Unknown][Unknown][Unrated] + not-detected: [..1506] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1506] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7004] - not-detected: [..1802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7007] [Unknown][Unknown][Unrated] + not-detected: [..1802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7007] - not-detected: [..1855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7007] [Unknown][Unknown][Unrated] + not-detected: [..1855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1855] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7007] - not-detected: [..1018] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7019] [Unknown][Unknown][Unrated] + not-detected: [..1018] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7019] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1018] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7019] - not-detected: [..1087] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7019] [Unknown][Unknown][Unrated] + not-detected: [..1087] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7019] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1087] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7019] - not-detected: [..1255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7025] [Unknown][Unknown][Unrated] + not-detected: [..1255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7025] - not-detected: [..1305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7025] [Unknown][Unknown][Unrated] + not-detected: [..1305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1305] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7025] - not-detected: [...507] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7070] [Unknown][Unknown][Unrated] + not-detected: [...507] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...507] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7070] - not-detected: [...524] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7070] [Unknown][Unknown][Unrated] + not-detected: [...524] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7070] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...524] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7070] - not-detected: [...613] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7100] [Unknown][Unknown][Unrated] + not-detected: [...613] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...613] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7100] - not-detected: [...684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7100] [Unknown][Unknown][Unrated] + not-detected: [...684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...684] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7100] - not-detected: [..1676] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7103] [Unknown][Unknown][Unrated] + not-detected: [..1676] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1676] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7103] - not-detected: [..1751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7103] [Unknown][Unknown][Unrated] + not-detected: [..1751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7103] - not-detected: [..1042] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7106] [Unknown][Unknown][Unrated] + not-detected: [..1042] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1042] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7106] - not-detected: [..1113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7106] [Unknown][Unknown][Unrated] + not-detected: [..1113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7106] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1113] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7106] - not-detected: [...128] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7200] [Unknown][Unknown][Unrated] + not-detected: [...128] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...128] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7200] - not-detected: [...583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7201] [Unknown][Unknown][Unrated] + not-detected: [...583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...583] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7201] - not-detected: [...164] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7200] [Unknown][Unknown][Unrated] + not-detected: [...164] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...164] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7200] - not-detected: [...672] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7201] [Unknown][Unknown][Unrated] + not-detected: [...672] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7201] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...672] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7201] - not-detected: [..1698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7402] [Unknown][Unknown][Unrated] + not-detected: [..1698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7402] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7402] - not-detected: [..1759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7402] [Unknown][Unknown][Unrated] + not-detected: [..1759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7402] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1759] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7402] - not-detected: [..1473] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40193] [Unknown][Unknown][Unrated] + not-detected: [..1473] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40193] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1473] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40193] - not-detected: [..1576] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40193] [Unknown][Unknown][Unrated] + not-detected: [..1576] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40193] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1576] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40193] - not-detected: [..1498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7435] [Unknown][Unknown][Unrated] + not-detected: [..1498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7435] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7435] - not-detected: [..1551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7435] [Unknown][Unknown][Unrated] + not-detected: [..1551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7435] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1551] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7435] - not-detected: [..1438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7443] [Unknown][Unknown][Unrated] + not-detected: [..1438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1438] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7443] - not-detected: [..1508] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7443] [Unknown][Unknown][Unrated] + not-detected: [..1508] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1508] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7443] - not-detected: [...206] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7496] [Unknown][Unknown][Unrated] + not-detected: [...206] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7496] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...206] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7496] - not-detected: [...250] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7496] [Unknown][Unknown][Unrated] + not-detected: [...250] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7496] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...250] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7496] - not-detected: [...597] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7512] [Unknown][Unknown][Unrated] + not-detected: [...597] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7512] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...597] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7512] - not-detected: [...658] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7512] [Unknown][Unknown][Unrated] + not-detected: [...658] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7512] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...658] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7512] - not-detected: [...625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7625] [Unknown][Unknown][Unrated] + not-detected: [...625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7625] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...625] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7625] - not-detected: [...712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7625] [Unknown][Unknown][Unrated] + not-detected: [...712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7625] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...712] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7625] - not-detected: [..1539] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7627] [Unknown][Unknown][Unrated] + not-detected: [..1539] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7627] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1539] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7627] - not-detected: [..1614] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7627] [Unknown][Unknown][Unrated] + not-detected: [..1614] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7627] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1614] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7627] - not-detected: [...107] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7676] [Unknown][Unknown][Unrated] + not-detected: [...107] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7676] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...107] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7676] - not-detected: [...143] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7676] [Unknown][Unknown][Unrated] + not-detected: [...143] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7676] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...143] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7676] - not-detected: [...458] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7741] [Unknown][Unknown][Unrated] + not-detected: [...458] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7741] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...458] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7741] - not-detected: [...490] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7741] [Unknown][Unknown][Unrated] + not-detected: [...490] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7741] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...490] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7741] - not-detected: [....91] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7777] [Unknown][Unknown][Unrated] + not-detected: [....91] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....91] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7777] - not-detected: [...913] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7778] [Unknown][Unknown][Unrated] + not-detected: [...913] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...913] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7778] - not-detected: [...118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7777] [Unknown][Unknown][Unrated] + not-detected: [...118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7777] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7777] - not-detected: [...984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7778] [Unknown][Unknown][Unrated] + not-detected: [...984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...984] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7778] - not-detected: [...382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7800] [Unknown][Unknown][Unrated] + not-detected: [...382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...382] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7800] - not-detected: [...402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7800] [Unknown][Unknown][Unrated] + not-detected: [...402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7800] - not-detected: [...502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7911] [Unknown][Unknown][Unrated] + not-detected: [...502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7911] - not-detected: [...529] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7911] [Unknown][Unknown][Unrated] + not-detected: [...529] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...529] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7911] - not-detected: [..1847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7920] [Unknown][Unknown][Unrated] + not-detected: [..1847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1847] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7920] - not-detected: [..1914] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7920] [Unknown][Unknown][Unrated] + not-detected: [..1914] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7920] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1914] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7920] - not-detected: [..1171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7921] [Unknown][Unknown][Unrated] + not-detected: [..1171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7921] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7921] - not-detected: [..1236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7921] [Unknown][Unknown][Unrated] + not-detected: [..1236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7921] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7921] - not-detected: [...848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7937] [Unknown][Unknown][Unrated] + not-detected: [...848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7937] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7937] - not-detected: [..1197] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7938] [Unknown][Unknown][Unrated] + not-detected: [..1197] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7938] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1197] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7938] - not-detected: [...899] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7937] [Unknown][Unknown][Unrated] + not-detected: [...899] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7937] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...899] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7937] - not-detected: [..1259] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7938] [Unknown][Unknown][Unrated] + not-detected: [..1259] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7938] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1259] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7938] - not-detected: [..1388] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7999] [Unknown][Unknown][Unrated] + not-detected: [..1388] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1388] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.7999] - not-detected: [..1461] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7999] [Unknown][Unknown][Unrated] + not-detected: [..1461] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1461] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.7999] - not-detected: [...427] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8000] [Unknown][Unknown][Unrated] + not-detected: [...427] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...427] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8000] - not-detected: [..1344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8001] [Unknown][Unknown][Unrated] + not-detected: [..1344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1344] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8001] - not-detected: [...480] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8000] [Unknown][Unknown][Unrated] + not-detected: [...480] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...480] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8000] - not-detected: [..1401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8001] [Unknown][Unknown][Unrated] + not-detected: [..1401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1401] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8001] - not-detected: [...633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8002] [Unknown][Unknown][Unrated] + not-detected: [...633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8002] - not-detected: [...704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8002] [Unknown][Unknown][Unrated] + not-detected: [...704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...704] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8002] - not-detected: [..1176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8007] [Unknown][Unknown][Unrated] + not-detected: [..1176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1176] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8007] guessed: [..1394] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8008] [CiscoVPN][Unknown][VPN][Acceptable] RISK: Unidirectional Traffic idle: [..1394] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8008] - not-detected: [..1231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8007] [Unknown][Unknown][Unrated] + not-detected: [..1231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8007] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8007] guessed: [..1455] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8008] [CiscoVPN][Unknown][VPN][Acceptable] @@ -6693,205 +6693,205 @@ guessed: [...676] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8009] [AJP][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [...676] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8009] - not-detected: [..1478] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8011] [Unknown][Unknown][Unrated] + not-detected: [..1478] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1478] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8011] guessed: [...974] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8010] [AJP][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [...974] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8010] - not-detected: [..1571] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8011] [Unknown][Unknown][Unrated] + not-detected: [..1571] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1571] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8011] - not-detected: [...519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8021] [Unknown][Unknown][Unrated] + not-detected: [...519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8021] - not-detected: [..1789] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8022] [Unknown][Unknown][Unrated] + not-detected: [..1789] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1789] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8022] - not-detected: [...552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8021] [Unknown][Unknown][Unrated] + not-detected: [...552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8021] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...552] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8021] - not-detected: [..1868] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8022] [Unknown][Unknown][Unrated] + not-detected: [..1868] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8022] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1868] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8022] - not-detected: [..1383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8031] [Unknown][Unknown][Unrated] + not-detected: [..1383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1383] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8031] - not-detected: [..1466] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8031] [Unknown][Unknown][Unrated] + not-detected: [..1466] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1466] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8031] - not-detected: [...839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8042] [Unknown][Unknown][Unrated] + not-detected: [...839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...839] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8042] - not-detected: [...908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8042] [Unknown][Unknown][Unrated] + not-detected: [...908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8042] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...908] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8042] - not-detected: [...258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8045] [Unknown][Unknown][Unrated] + not-detected: [...258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...258] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8045] - not-detected: [...280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8045] [Unknown][Unknown][Unrated] + not-detected: [...280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8045] guessed: [....33] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....33] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8080] - not-detected: [..1442] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8081] [Unknown][Unknown][Unrated] + not-detected: [..1442] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1442] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8081] guessed: [....66] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....66] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8080] - not-detected: [..1504] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8081] [Unknown][Unknown][Unrated] + not-detected: [..1504] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1504] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8081] - not-detected: [...736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8082] [Unknown][Unknown][Unrated] + not-detected: [...736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...736] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8082] - not-detected: [..1648] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8083] [Unknown][Unknown][Unrated] + not-detected: [..1648] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8083] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1648] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8083] - not-detected: [...819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8082] [Unknown][Unknown][Unrated] + not-detected: [...819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...819] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8082] - not-detected: [..1896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8084] [Unknown][Unknown][Unrated] + not-detected: [..1896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8084] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1896] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8084] - not-detected: [..1723] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8083] [Unknown][Unknown][Unrated] + not-detected: [..1723] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8083] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1723] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8083] - not-detected: [..1956] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8084] [Unknown][Unknown][Unrated] + not-detected: [..1956] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8084] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1956] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8084] - not-detected: [..1147] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8085] [Unknown][Unknown][Unrated] + not-detected: [..1147] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8085] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1147] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8085] - not-detected: [..1200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8085] [Unknown][Unknown][Unrated] + not-detected: [..1200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8085] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8085] - not-detected: [...346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8086] [Unknown][Unknown][Unrated] + not-detected: [...346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8086] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...346] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8086] - not-detected: [..1043] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8087] [Unknown][Unknown][Unrated] + not-detected: [..1043] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1043] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8087] - not-detected: [...397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8086] [Unknown][Unknown][Unrated] + not-detected: [...397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8086] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...397] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8086] - not-detected: [..1218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8088] [Unknown][Unknown][Unrated] + not-detected: [..1218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8088] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1218] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8088] - not-detected: [..1112] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8087] [Unknown][Unknown][Unrated] + not-detected: [..1112] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8087] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1112] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8087] - not-detected: [..1280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8088] [Unknown][Unknown][Unrated] + not-detected: [..1280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8088] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1280] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8088] - not-detected: [..1094] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8089] [Unknown][Unknown][Unrated] + not-detected: [..1094] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8089] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1094] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8089] - not-detected: [..1161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8089] [Unknown][Unknown][Unrated] + not-detected: [..1161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8089] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8089] - not-detected: [...846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8090] [Unknown][Unknown][Unrated] + not-detected: [...846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...846] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8090] - not-detected: [...901] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8090] [Unknown][Unknown][Unrated] + not-detected: [...901] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...901] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8090] - not-detected: [..1890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8093] [Unknown][Unknown][Unrated] + not-detected: [..1890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8093] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1890] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8093] - not-detected: [..1962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8093] [Unknown][Unknown][Unrated] + not-detected: [..1962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8093] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1962] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8093] - not-detected: [...634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8099] [Unknown][Unknown][Unrated] + not-detected: [...634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...634] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8099] - not-detected: [...703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8099] [Unknown][Unknown][Unrated] + not-detected: [...703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8099] - not-detected: [...501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8100] [Unknown][Unknown][Unrated] + not-detected: [...501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...501] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8100] - not-detected: [...530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8100] [Unknown][Unknown][Unrated] + not-detected: [...530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...530] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8100] - not-detected: [...263] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40911] [Unknown][Unknown][Unrated] + not-detected: [...263] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...263] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][40911] - not-detected: [...316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40911] [Unknown][Unknown][Unrated] + not-detected: [...316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40911] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...316] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][40911] - not-detected: [...916] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8180] [Unknown][Unknown][Unrated] + not-detected: [...916] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8180] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...916] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8180] - not-detected: [...981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8180] [Unknown][Unknown][Unrated] + not-detected: [...981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8180] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...981] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8180] - not-detected: [...746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8181] [Unknown][Unknown][Unrated] + not-detected: [...746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8181] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8181] - not-detected: [...809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8181] [Unknown][Unknown][Unrated] + not-detected: [...809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8181] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...809] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8181] - not-detected: [...696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8192] [Unknown][Unknown][Unrated] + not-detected: [...696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8192] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...696] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8192] - not-detected: [...751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8192] [Unknown][Unknown][Unrated] + not-detected: [...751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8192] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...751] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8192] - not-detected: [...542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8193] [Unknown][Unknown][Unrated] + not-detected: [...542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8193] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...542] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8193] - not-detected: [..1193] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8194] [Unknown][Unknown][Unrated] + not-detected: [..1193] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8194] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1193] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8194] - not-detected: [...605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8193] [Unknown][Unknown][Unrated] + not-detected: [...605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8193] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...605] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8193] - not-detected: [..1263] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8194] [Unknown][Unknown][Unrated] + not-detected: [..1263] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8194] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1263] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8194] - not-detected: [...588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8200] [Unknown][Unknown][Unrated] + not-detected: [...588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...588] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8200] - not-detected: [...667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8200] [Unknown][Unknown][Unrated] + not-detected: [...667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...667] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8200] - not-detected: [....56] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8222] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....56] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8222] - not-detected: [....72] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8222] [Unknown][Unknown][Unrated] + not-detected: [....72] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....72] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8222] - not-detected: [..1628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8254] [Unknown][Unknown][Unrated] + not-detected: [..1628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8254] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1628] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8254] - not-detected: [..1713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8254] [Unknown][Unknown][Unrated] + not-detected: [..1713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8254] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1713] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8254] - not-detected: [..1544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8290] [Unknown][Unknown][Unrated] + not-detected: [..1544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8290] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1544] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8290] - not-detected: [..1609] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8290] [Unknown][Unknown][Unrated] + not-detected: [..1609] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8290] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1609] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8290] - not-detected: [...124] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8291] [Unknown][Unknown][Unrated] + not-detected: [...124] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8291] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...124] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8291] - not-detected: [...578] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8292] [Unknown][Unknown][Unrated] + not-detected: [...578] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8292] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...578] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8292] - not-detected: [...168] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8291] [Unknown][Unknown][Unrated] + not-detected: [...168] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8291] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...168] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8291] - not-detected: [...642] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8292] [Unknown][Unknown][Unrated] + not-detected: [...642] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8292] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...642] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8292] - not-detected: [...254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8300] [Unknown][Unknown][Unrated] + not-detected: [...254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...254] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8300] - not-detected: [...284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8300] [Unknown][Unknown][Unrated] + not-detected: [...284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8300] guessed: [..1788] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] @@ -6900,262 +6900,262 @@ guessed: [..1869] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] RISK: Unidirectional Traffic idle: [..1869] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8333] - not-detected: [..1669] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8383] [Unknown][Unknown][Unrated] + not-detected: [..1669] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8383] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1669] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8383] - not-detected: [..1733] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8383] [Unknown][Unknown][Unrated] + not-detected: [..1733] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8383] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1733] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8383] - not-detected: [...435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8400] [Unknown][Unknown][Unrated] + not-detected: [...435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8400] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...435] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8400] - not-detected: [...472] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8400] [Unknown][Unknown][Unrated] + not-detected: [...472] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8400] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...472] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8400] - not-detected: [..1096] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8402] [Unknown][Unknown][Unrated] + not-detected: [..1096] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8402] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1096] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8402] - not-detected: [..1159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8402] [Unknown][Unknown][Unrated] + not-detected: [..1159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8402] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8402] - not-detected: [..1519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8443] [Unknown][Unknown][Unrated] + not-detected: [..1519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1519] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8443] - not-detected: [..1579] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8443] [Unknown][Unknown][Unrated] + not-detected: [..1579] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1579] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8443] - not-detected: [..1470] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8500] [Unknown][Unknown][Unrated] + not-detected: [..1470] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1470] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8500] - not-detected: [..1531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8500] [Unknown][Unknown][Unrated] + not-detected: [..1531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1531] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8500] - not-detected: [..1168] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8600] [Unknown][Unknown][Unrated] + not-detected: [..1168] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1168] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8600] - not-detected: [..1239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8600] [Unknown][Unknown][Unrated] + not-detected: [..1239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8600] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1239] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8600] - not-detected: [...216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8649] [Unknown][Unknown][Unrated] + not-detected: [...216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8649] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8649] - not-detected: [...240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8649] [Unknown][Unknown][Unrated] + not-detected: [...240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8649] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...240] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8649] - not-detected: [...452] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8651] [Unknown][Unknown][Unrated] + not-detected: [...452] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8651] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...452] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8651] - not-detected: [..1100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8652] [Unknown][Unknown][Unrated] + not-detected: [..1100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8652] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1100] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8652] - not-detected: [...496] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8651] [Unknown][Unknown][Unrated] + not-detected: [...496] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8651] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...496] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8651] - not-detected: [..1155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8652] [Unknown][Unknown][Unrated] + not-detected: [..1155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8652] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1155] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8652] - not-detected: [..1793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8654] [Unknown][Unknown][Unrated] + not-detected: [..1793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8654] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8654] - not-detected: [..1864] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8654] [Unknown][Unknown][Unrated] + not-detected: [..1864] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8654] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1864] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8654] - not-detected: [...715] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8701] [Unknown][Unknown][Unrated] + not-detected: [...715] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8701] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...715] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8701] - not-detected: [...790] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8701] [Unknown][Unknown][Unrated] + not-detected: [...790] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8701] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...790] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8701] - not-detected: [..1219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][41511] [Unknown][Unknown][Unrated] + not-detected: [..1219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][41511] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][41511] - not-detected: [..1279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][41511] [Unknown][Unknown][Unrated] + not-detected: [..1279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][41511] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1279] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][41511] - not-detected: [..1933] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8800] [Unknown][Unknown][Unrated] + not-detected: [..1933] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1933] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8800] - not-detected: [..1989] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8800] [Unknown][Unknown][Unrated] + not-detected: [..1989] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1989] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8800] - not-detected: [..1041] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8873] [Unknown][Unknown][Unrated] + not-detected: [..1041] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8873] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1041] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8873] - not-detected: [..1114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8873] [Unknown][Unknown][Unrated] + not-detected: [..1114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8873] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1114] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8873] - not-detected: [....41] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8888] [Unknown][Unknown][Unrated] + not-detected: [....41] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8888] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....41] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8888] - not-detected: [....60] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8888] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8888] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....60] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8888] - not-detected: [..1214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8899] [Unknown][Unknown][Unrated] + not-detected: [..1214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8899] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1214] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8899] - not-detected: [..1284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8899] [Unknown][Unknown][Unrated] + not-detected: [..1284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8899] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1284] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8899] - not-detected: [..1037] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8994] [Unknown][Unknown][Unrated] + not-detected: [..1037] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8994] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1037] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.8994] - not-detected: [..1118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8994] [Unknown][Unknown][Unrated] + not-detected: [..1118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8994] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1118] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.8994] - not-detected: [..1635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9000] [Unknown][Unknown][Unrated] + not-detected: [..1635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1635] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9000] - not-detected: [..1706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9000] [Unknown][Unknown][Unrated] + not-detected: [..1706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1706] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9000] - not-detected: [..1182] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9001] [Unknown][Unknown][Unrated] + not-detected: [..1182] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1182] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9001] - not-detected: [..1273] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9001] [Unknown][Unknown][Unrated] + not-detected: [..1273] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1273] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9001] - not-detected: [..1063] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9002] [Unknown][Unknown][Unrated] + not-detected: [..1063] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1063] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9002] - not-detected: [..1134] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9002] [Unknown][Unknown][Unrated] + not-detected: [..1134] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1134] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9002] - not-detected: [...592] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9003] [Unknown][Unknown][Unrated] + not-detected: [...592] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...592] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9003] - not-detected: [...663] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9003] [Unknown][Unknown][Unrated] + not-detected: [...663] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...663] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9003] - not-detected: [...567] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9009] [Unknown][Unknown][Unrated] + not-detected: [...567] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...567] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9009] - not-detected: [...653] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9009] [Unknown][Unknown][Unrated] + not-detected: [...653] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...653] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9009] - not-detected: [...219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9010] [Unknown][Unknown][Unrated] + not-detected: [...219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...219] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9010] - not-detected: [..1783] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9011] [Unknown][Unknown][Unrated] + not-detected: [..1783] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1783] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9011] - not-detected: [...237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9010] [Unknown][Unknown][Unrated] + not-detected: [...237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...237] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9010] - not-detected: [..1874] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9011] [Unknown][Unknown][Unrated] + not-detected: [..1874] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9011] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1874] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9011] - not-detected: [..1477] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9040] [Unknown][Unknown][Unrated] + not-detected: [..1477] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1477] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9040] - not-detected: [..1572] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9040] [Unknown][Unknown][Unrated] + not-detected: [..1572] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1572] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9040] - not-detected: [...623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9050] [Unknown][Unknown][Unrated] + not-detected: [...623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...623] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9050] - not-detected: [...674] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9050] [Unknown][Unknown][Unrated] + not-detected: [...674] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9050] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...674] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9050] - not-detected: [...220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9071] [Unknown][Unknown][Unrated] + not-detected: [...220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...220] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9071] - not-detected: [...236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9071] [Unknown][Unknown][Unrated] + not-detected: [...236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9071] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...236] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9071] - not-detected: [..1025] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9080] [Unknown][Unknown][Unrated] + not-detected: [..1025] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1025] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9080] - not-detected: [..1080] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9080] [Unknown][Unknown][Unrated] + not-detected: [..1080] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1080] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9080] - not-detected: [...994] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9081] [Unknown][Unknown][Unrated] + not-detected: [...994] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...994] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9081] - not-detected: [..1053] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9081] [Unknown][Unknown][Unrated] + not-detected: [..1053] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9081] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1053] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9081] - not-detected: [..1097] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9090] [Unknown][Unknown][Unrated] + not-detected: [..1097] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1097] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9090] - not-detected: [..1158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9090] [Unknown][Unknown][Unrated] + not-detected: [..1158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9090] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9090] - not-detected: [...574] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9091] [Unknown][Unknown][Unrated] + not-detected: [...574] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9091] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...574] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9091] - not-detected: [...646] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9091] [Unknown][Unknown][Unrated] + not-detected: [...646] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9091] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...646] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9091] - not-detected: [..1644] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9099] [Unknown][Unknown][Unrated] + not-detected: [..1644] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1644] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9099] - not-detected: [..1727] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9099] [Unknown][Unknown][Unrated] + not-detected: [..1727] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9099] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1727] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9099] - not-detected: [..1523] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9100] [Unknown][Unknown][Unrated] + not-detected: [..1523] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1523] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9100] - not-detected: [..1600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9100] [Unknown][Unknown][Unrated] + not-detected: [..1600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1600] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9100] - not-detected: [...630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9101] [Unknown][Unknown][Unrated] + not-detected: [...630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...630] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9101] - not-detected: [...707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9101] [Unknown][Unknown][Unrated] + not-detected: [...707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...707] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9101] - not-detected: [...138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9102] [Unknown][Unknown][Unrated] + not-detected: [...138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9102] - not-detected: [..1299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9103] [Unknown][Unknown][Unrated] + not-detected: [..1299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1299] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9103] - not-detected: [...154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9102] [Unknown][Unknown][Unrated] + not-detected: [...154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9102] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...154] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9102] - not-detected: [..1351] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9103] [Unknown][Unknown][Unrated] + not-detected: [..1351] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1351] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9103] - not-detected: [...437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9110] [Unknown][Unknown][Unrated] + not-detected: [...437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...437] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9110] - not-detected: [..1671] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9111] [Unknown][Unknown][Unrated] + not-detected: [..1671] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1671] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9111] - not-detected: [...470] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9110] [Unknown][Unknown][Unrated] + not-detected: [...470] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...470] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9110] - not-detected: [..1731] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9111] [Unknown][Unknown][Unrated] + not-detected: [..1731] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1731] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9111] - not-detected: [...102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9200] [Unknown][Unknown][Unrated] + not-detected: [...102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...102] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9200] - not-detected: [...148] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9200] [Unknown][Unknown][Unrated] + not-detected: [...148] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9200] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...148] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9200] - not-detected: [..1338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9207] [Unknown][Unknown][Unrated] + not-detected: [..1338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9207] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1338] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9207] - not-detected: [..1407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9207] [Unknown][Unknown][Unrated] + not-detected: [..1407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9207] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1407] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9207] - not-detected: [...548] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9220] [Unknown][Unknown][Unrated] + not-detected: [...548] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9220] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...548] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9220] - not-detected: [...599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9220] [Unknown][Unknown][Unrated] + not-detected: [...599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9220] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9220] - not-detected: [..1934] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9290] [Unknown][Unknown][Unrated] + not-detected: [..1934] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9290] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1934] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9290] - not-detected: [..1988] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9290] [Unknown][Unknown][Unrated] + not-detected: [..1988] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9290] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1988] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9290] - not-detected: [...464] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9415] [Unknown][Unknown][Unrated] + not-detected: [...464] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9415] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...464] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9415] - not-detected: [...484] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9415] [Unknown][Unknown][Unrated] + not-detected: [...484] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9415] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...484] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9415] guessed: [...538] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9418] [Git][Unknown][Collaborative][Safe] @@ -7164,136 +7164,136 @@ guessed: [...609] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9418] [Git][Unknown][Collaborative][Safe] RISK: Unidirectional Traffic idle: [...609] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9418] - not-detected: [...797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9485] [Unknown][Unknown][Unrated] + not-detected: [...797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9485] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...797] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9485] - not-detected: [...858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9485] [Unknown][Unknown][Unrated] + not-detected: [...858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9485] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9485] - not-detected: [...171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9500] [Unknown][Unknown][Unrated] + not-detected: [...171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...171] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9500] - not-detected: [...203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9500] [Unknown][Unknown][Unrated] + not-detected: [...203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...203] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9500] - not-detected: [...943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9502] [Unknown][Unknown][Unrated] + not-detected: [...943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...943] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9502] - not-detected: [..1065] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9503] [Unknown][Unknown][Unrated] + not-detected: [..1065] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9503] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1065] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9503] - not-detected: [..1012] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9502] [Unknown][Unknown][Unrated] + not-detected: [..1012] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9502] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1012] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9502] - not-detected: [..1132] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9503] [Unknown][Unknown][Unrated] + not-detected: [..1132] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9503] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1132] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9503] - not-detected: [..1633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9535] [Unknown][Unknown][Unrated] + not-detected: [..1633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9535] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1633] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9535] - not-detected: [..1708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9535] [Unknown][Unknown][Unrated] + not-detected: [..1708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9535] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1708] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9535] - not-detected: [...184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9575] [Unknown][Unknown][Unrated] + not-detected: [...184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9575] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...184] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9575] - not-detected: [...231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9575] [Unknown][Unknown][Unrated] + not-detected: [...231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9575] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...231] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9575] - not-detected: [...423] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9593] [Unknown][Unknown][Unrated] + not-detected: [...423] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9593] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...423] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9593] - not-detected: [..1044] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9594] [Unknown][Unknown][Unrated] + not-detected: [..1044] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9594] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1044] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9594] - not-detected: [...443] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9593] [Unknown][Unknown][Unrated] + not-detected: [...443] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9593] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...443] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9593] - not-detected: [..1111] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9594] [Unknown][Unknown][Unrated] + not-detected: [..1111] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9594] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1111] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9594] - not-detected: [...511] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9595] [Unknown][Unknown][Unrated] + not-detected: [...511] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9595] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...511] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9595] - not-detected: [...560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9595] [Unknown][Unknown][Unrated] + not-detected: [...560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9595] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9595] - not-detected: [...920] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9618] [Unknown][Unknown][Unrated] + not-detected: [...920] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9618] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...920] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9618] - not-detected: [...977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9618] [Unknown][Unknown][Unrated] + not-detected: [...977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9618] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...977] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9618] - not-detected: [...264] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9666] [Unknown][Unknown][Unrated] + not-detected: [...264] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...264] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9666] - not-detected: [...315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9666] [Unknown][Unknown][Unrated] + not-detected: [...315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9666] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...315] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9666] - not-detected: [..1829] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][42510] [Unknown][Unknown][Unrated] + not-detected: [..1829] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][42510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1829] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][42510] - not-detected: [..1902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][42510] [Unknown][Unknown][Unrated] + not-detected: [..1902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][42510] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1902] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][42510] - not-detected: [...743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9876] [Unknown][Unknown][Unrated] + not-detected: [...743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9876] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...743] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9876] - not-detected: [..1893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9877] [Unknown][Unknown][Unrated] + not-detected: [..1893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1893] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9877] - not-detected: [...812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9876] [Unknown][Unknown][Unrated] + not-detected: [...812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9876] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...812] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9876] - not-detected: [..1959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9877] [Unknown][Unknown][Unrated] + not-detected: [..1959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1959] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9877] - not-detected: [..1023] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9878] [Unknown][Unknown][Unrated] + not-detected: [..1023] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9878] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1023] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9878] - not-detected: [..1082] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9878] [Unknown][Unknown][Unrated] + not-detected: [..1082] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9878] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1082] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9878] - not-detected: [...188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9898] [Unknown][Unknown][Unrated] + not-detected: [...188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9898] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...188] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9898] - not-detected: [...227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9898] [Unknown][Unknown][Unrated] + not-detected: [...227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9898] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...227] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9898] - not-detected: [...881] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9900] [Unknown][Unknown][Unrated] + not-detected: [...881] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...881] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9900] - not-detected: [...924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9900] [Unknown][Unknown][Unrated] + not-detected: [...924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9900] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...924] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9900] - not-detected: [...112] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9917] [Unknown][Unknown][Unrated] + not-detected: [...112] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9917] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...112] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9917] - not-detected: [...139] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9917] [Unknown][Unknown][Unrated] + not-detected: [...139] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9917] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...139] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9917] - not-detected: [...729] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9943] [Unknown][Unknown][Unrated] + not-detected: [...729] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9943] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...729] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9943] - not-detected: [...776] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9943] [Unknown][Unknown][Unrated] + not-detected: [...776] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9943] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...776] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9943] - not-detected: [...499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9944] [Unknown][Unknown][Unrated] + not-detected: [...499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9944] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...499] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9944] - not-detected: [...532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9944] [Unknown][Unknown][Unrated] + not-detected: [...532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9944] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...532] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9944] - not-detected: [...879] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9968] [Unknown][Unknown][Unrated] + not-detected: [...879] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9968] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...879] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9968] - not-detected: [...926] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9968] [Unknown][Unknown][Unrated] + not-detected: [...926] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9968] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...926] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9968] - not-detected: [..1691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9998] [Unknown][Unknown][Unrated] + not-detected: [..1691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1691] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9998] - not-detected: [..1766] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9998] [Unknown][Unknown][Unrated] + not-detected: [..1766] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9998] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1766] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][.9998] guessed: [...796] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][.9999] [TPLINK_SHP][Unknown][IoT-Scada][Acceptable] @@ -7308,598 +7308,598 @@ guessed: [...608] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10000] [CiscoVPN][Unknown][VPN][Acceptable] RISK: Unidirectional Traffic idle: [...608] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10000] - not-detected: [...577] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10001] [Unknown][Unknown][Unrated] + not-detected: [...577] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...577] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10001] - not-detected: [...643] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10001] [Unknown][Unknown][Unrated] + not-detected: [...643] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...643] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10001] - not-detected: [...272] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10002] [Unknown][Unknown][Unrated] + not-detected: [...272] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...272] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10002] - not-detected: [...733] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10003] [Unknown][Unknown][Unrated] + not-detected: [...733] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...733] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10003] - not-detected: [...307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10002] [Unknown][Unknown][Unrated] + not-detected: [...307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...307] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10002] - not-detected: [...822] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10003] [Unknown][Unknown][Unrated] + not-detected: [...822] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...822] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10003] - not-detected: [...626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10004] [Unknown][Unknown][Unrated] + not-detected: [...626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...626] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10004] - not-detected: [...711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10004] [Unknown][Unknown][Unrated] + not-detected: [...711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...711] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10004] - not-detected: [...421] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10009] [Unknown][Unknown][Unrated] + not-detected: [...421] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...421] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10009] - not-detected: [...803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10010] [Unknown][Unknown][Unrated] + not-detected: [...803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...803] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10010] - not-detected: [...445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10009] [Unknown][Unknown][Unrated] + not-detected: [...445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10009] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...445] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10009] - not-detected: [...852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10010] [Unknown][Unknown][Unrated] + not-detected: [...852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10010] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...852] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10010] - not-detected: [..1925] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10012] [Unknown][Unknown][Unrated] + not-detected: [..1925] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10012] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1925] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10012] - not-detected: [..1969] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10012] [Unknown][Unknown][Unrated] + not-detected: [..1969] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10012] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1969] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10012] - not-detected: [..1216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10024] [Unknown][Unknown][Unrated] + not-detected: [..1216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10024] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1216] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10024] - not-detected: [..1536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10025] [Unknown][Unknown][Unrated] + not-detected: [..1536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1536] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10025] - not-detected: [..1282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10024] [Unknown][Unknown][Unrated] + not-detected: [..1282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10024] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1282] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10024] - not-detected: [..1617] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10025] [Unknown][Unknown][Unrated] + not-detected: [..1617] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10025] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1617] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10025] - not-detected: [...513] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10082] [Unknown][Unknown][Unrated] + not-detected: [...513] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...513] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10082] - not-detected: [...558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10082] [Unknown][Unknown][Unrated] + not-detected: [...558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10082] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...558] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10082] - not-detected: [...615] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10180] [Unknown][Unknown][Unrated] + not-detected: [...615] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10180] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...615] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10180] - not-detected: [...682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10180] [Unknown][Unknown][Unrated] + not-detected: [...682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10180] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...682] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10180] - not-detected: [..1540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10215] [Unknown][Unknown][Unrated] + not-detected: [..1540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10215] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10215] - not-detected: [..1613] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10215] [Unknown][Unknown][Unrated] + not-detected: [..1613] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10215] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1613] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10215] - not-detected: [..1887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10243] [Unknown][Unknown][Unrated] + not-detected: [..1887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10243] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1887] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10243] - not-detected: [..1965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10243] [Unknown][Unknown][Unrated] + not-detected: [..1965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10243] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1965] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10243] - not-detected: [...546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10566] [Unknown][Unknown][Unrated] + not-detected: [...546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...546] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10566] - not-detected: [...601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10566] [Unknown][Unknown][Unrated] + not-detected: [...601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10566] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...601] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10566] - not-detected: [...987] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10616] [Unknown][Unknown][Unrated] + not-detected: [...987] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...987] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10616] - not-detected: [..1060] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10616] [Unknown][Unknown][Unrated] + not-detected: [..1060] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10616] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1060] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10616] - not-detected: [...731] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10617] [Unknown][Unknown][Unrated] + not-detected: [...731] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10617] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...731] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10617] - not-detected: [...774] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10617] [Unknown][Unknown][Unrated] + not-detected: [...774] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10617] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...774] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10617] - not-detected: [....46] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10621] [Unknown][Unknown][Unrated] + not-detected: [....46] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10621] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....46] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10621] - not-detected: [....82] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10621] [Unknown][Unknown][Unrated] + not-detected: [....82] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10621] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....82] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10621] - not-detected: [...131] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10626] [Unknown][Unknown][Unrated] + not-detected: [...131] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10626] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...131] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10626] - not-detected: [...161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10626] [Unknown][Unknown][Unrated] + not-detected: [...161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10626] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...161] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10626] - not-detected: [..1194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10628] [Unknown][Unknown][Unrated] + not-detected: [..1194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10628] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10628] - not-detected: [..1262] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10628] [Unknown][Unknown][Unrated] + not-detected: [..1262] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10628] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1262] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10628] - not-detected: [....44] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10629] [Unknown][Unknown][Unrated] + not-detected: [....44] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10629] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....44] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10629] - not-detected: [....84] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10629] [Unknown][Unknown][Unrated] + not-detected: [....84] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10629] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....84] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10629] - not-detected: [...720] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10778] [Unknown][Unknown][Unrated] + not-detected: [...720] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...720] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][10778] - not-detected: [...785] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10778] [Unknown][Unknown][Unrated] + not-detected: [...785] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10778] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...785] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][10778] - not-detected: [...876] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11110] [Unknown][Unknown][Unrated] + not-detected: [...876] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...876] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11110] - not-detected: [...929] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11110] [Unknown][Unknown][Unrated] + not-detected: [...929] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11110] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...929] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11110] - not-detected: [...498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11111] [Unknown][Unknown][Unrated] + not-detected: [...498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...498] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11111] - not-detected: [...533] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11111] [Unknown][Unknown][Unrated] + not-detected: [...533] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11111] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...533] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11111] - not-detected: [...251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44176] [Unknown][Unknown][Unrated] + not-detected: [...251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44176] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...251] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44176] - not-detected: [...287] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44176] [Unknown][Unknown][Unrated] + not-detected: [...287] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44176] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...287] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44176] - not-detected: [..1288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44442] [Unknown][Unknown][Unrated] + not-detected: [..1288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44442] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1288] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44442] - not-detected: [..1362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44442] [Unknown][Unknown][Unrated] + not-detected: [..1362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44442] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1362] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44442] - not-detected: [...919] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44443] [Unknown][Unknown][Unrated] + not-detected: [...919] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...919] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44443] - not-detected: [...978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44443] [Unknown][Unknown][Unrated] + not-detected: [...978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44443] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...978] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44443] - not-detected: [...370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44501] [Unknown][Unknown][Unrated] + not-detected: [...370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44501] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...370] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][44501] - not-detected: [...414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44501] [Unknown][Unknown][Unrated] + not-detected: [...414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44501] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...414] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][44501] - not-detected: [...255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11967] [Unknown][Unknown][Unrated] + not-detected: [...255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11967] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...255] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][11967] - not-detected: [...283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11967] [Unknown][Unknown][Unrated] + not-detected: [...283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11967] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...283] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][11967] - not-detected: [...986] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12000] [Unknown][Unknown][Unrated] + not-detected: [...986] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...986] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12000] - not-detected: [..1061] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12000] [Unknown][Unknown][Unrated] + not-detected: [..1061] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1061] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12000] - not-detected: [...875] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12174] [Unknown][Unknown][Unrated] + not-detected: [...875] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12174] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...875] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12174] - not-detected: [...930] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12174] [Unknown][Unknown][Unrated] + not-detected: [...930] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12174] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...930] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12174] - not-detected: [...766] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12265] [Unknown][Unknown][Unrated] + not-detected: [...766] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12265] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...766] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12265] - not-detected: [...831] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12265] [Unknown][Unknown][Unrated] + not-detected: [...831] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12265] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...831] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12265] - not-detected: [..1017] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][45100] [Unknown][Unknown][Unrated] + not-detected: [..1017] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][45100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1017] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][45100] - not-detected: [..1088] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][45100] [Unknown][Unknown][Unrated] + not-detected: [..1088] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][45100] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1088] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][45100] - not-detected: [...878] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12345] [Unknown][Unknown][Unrated] + not-detected: [...878] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12345] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...878] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][12345] - not-detected: [...927] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12345] [Unknown][Unknown][Unrated] + not-detected: [...927] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12345] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...927] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][12345] - not-detected: [...174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13456] [Unknown][Unknown][Unrated] + not-detected: [...174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13456] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...174] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13456] - not-detected: [...200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13456] [Unknown][Unknown][Unrated] + not-detected: [...200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13456] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...200] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13456] - not-detected: [..1651] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13722] [Unknown][Unknown][Unrated] + not-detected: [..1651] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13722] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1651] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13722] - not-detected: [..1720] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13722] [Unknown][Unknown][Unrated] + not-detected: [..1720] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13722] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1720] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13722] - not-detected: [..1021] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13782] [Unknown][Unknown][Unrated] + not-detected: [..1021] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1021] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13782] - not-detected: [..1175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13783] [Unknown][Unknown][Unrated] + not-detected: [..1175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1175] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][13783] - not-detected: [..1084] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13782] [Unknown][Unknown][Unrated] + not-detected: [..1084] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13782] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1084] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13782] - not-detected: [..1232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13783] [Unknown][Unknown][Unrated] + not-detected: [..1232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13783] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1232] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][13783] - not-detected: [...172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14000] [Unknown][Unknown][Unrated] + not-detected: [...172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...172] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14000] - not-detected: [...202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14000] [Unknown][Unknown][Unrated] + not-detected: [...202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...202] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14000] - not-detected: [....87] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14238] [Unknown][Unknown][Unrated] + not-detected: [....87] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14238] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....87] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14238] - not-detected: [...122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14238] [Unknown][Unknown][Unrated] + not-detected: [...122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14238] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...122] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14238] - not-detected: [...918] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14441] [Unknown][Unknown][Unrated] + not-detected: [...918] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14441] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...918] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14441] - not-detected: [...979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14441] [Unknown][Unknown][Unrated] + not-detected: [...979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14441] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...979] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14441] - not-detected: [...108] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14442] [Unknown][Unknown][Unrated] + not-detected: [...108] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14442] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...108] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][14442] - not-detected: [...142] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14442] [Unknown][Unknown][Unrated] + not-detected: [...142] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14442] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...142] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][14442] - not-detected: [..1138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15000] [Unknown][Unknown][Unrated] + not-detected: [..1138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1138] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15000] - not-detected: [..1209] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15000] [Unknown][Unknown][Unrated] + not-detected: [..1209] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1209] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15000] - not-detected: [...877] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15002] [Unknown][Unknown][Unrated] + not-detected: [...877] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...877] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15002] - not-detected: [..1183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15003] [Unknown][Unknown][Unrated] + not-detected: [..1183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1183] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15003] - not-detected: [...928] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15002] [Unknown][Unknown][Unrated] + not-detected: [...928] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...928] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15002] - not-detected: [..1272] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15003] [Unknown][Unknown][Unrated] + not-detected: [..1272] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1272] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15003] - not-detected: [...133] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15004] [Unknown][Unknown][Unrated] + not-detected: [...133] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...133] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15004] - not-detected: [...159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15004] [Unknown][Unknown][Unrated] + not-detected: [...159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15004] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...159] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15004] - not-detected: [...341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][48080] [Unknown][Unknown][Unrated] + not-detected: [...341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][48080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...341] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][48080] - not-detected: [...361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][48080] [Unknown][Unknown][Unrated] + not-detected: [...361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][48080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...361] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][48080] - not-detected: [...173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15660] [Unknown][Unknown][Unrated] + not-detected: [...173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15660] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15660] - not-detected: [...201] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15660] [Unknown][Unknown][Unrated] + not-detected: [...201] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15660] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...201] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15660] - not-detected: [...455] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15742] [Unknown][Unknown][Unrated] + not-detected: [...455] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15742] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...455] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][15742] - not-detected: [...493] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15742] [Unknown][Unknown][Unrated] + not-detected: [...493] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15742] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...493] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][15742] - not-detected: [...722] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16000] [Unknown][Unknown][Unrated] + not-detected: [...722] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...722] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16000] - not-detected: [...783] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16000] [Unknown][Unknown][Unrated] + not-detected: [...783] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...783] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16000] - not-detected: [...354] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16001] [Unknown][Unknown][Unrated] + not-detected: [...354] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...354] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16001] - not-detected: [...389] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16001] [Unknown][Unknown][Unrated] + not-detected: [...389] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...389] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16001] - not-detected: [..1472] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16012] [Unknown][Unknown][Unrated] + not-detected: [..1472] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16012] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1472] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16012] - not-detected: [..1577] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16012] [Unknown][Unknown][Unrated] + not-detected: [..1577] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16012] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1577] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16012] - not-detected: [...698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16016] [Unknown][Unknown][Unrated] + not-detected: [...698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16016] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...698] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16016] - not-detected: [...749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16016] [Unknown][Unknown][Unrated] + not-detected: [...749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16016] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...749] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16016] - not-detected: [..1738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16018] [Unknown][Unknown][Unrated] + not-detected: [..1738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16018] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1738] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16018] - not-detected: [..1816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16018] [Unknown][Unknown][Unrated] + not-detected: [..1816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16018] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1816] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16018] - not-detected: [....94] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16080] [Unknown][Unknown][Unrated] + not-detected: [....94] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....94] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16080] - not-detected: [...115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16080] [Unknown][Unknown][Unrated] + not-detected: [...115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16080] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...115] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16080] - not-detected: [..1350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16113] [Unknown][Unknown][Unrated] + not-detected: [..1350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16113] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1350] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16113] - not-detected: [..1426] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16113] [Unknown][Unknown][Unrated] + not-detected: [..1426] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16113] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1426] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16113] - not-detected: [..1935] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49152] [Unknown][Unknown][Unrated] + not-detected: [..1935] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49152] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1935] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49152] - not-detected: [..1987] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49152] [Unknown][Unknown][Unrated] + not-detected: [..1987] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49152] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1987] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49152] - not-detected: [..1343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49153] [Unknown][Unknown][Unrated] + not-detected: [..1343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49153] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1343] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49153] - not-detected: [..1402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49153] [Unknown][Unknown][Unrated] + not-detected: [..1402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49153] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1402] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49153] - not-detected: [...802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49154] [Unknown][Unknown][Unrated] + not-detected: [...802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49154] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...802] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49154] - not-detected: [...853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49154] [Unknown][Unknown][Unrated] + not-detected: [...853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49154] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...853] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49154] - not-detected: [...194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49155] [Unknown][Unknown][Unrated] + not-detected: [...194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49155] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...194] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49155] - not-detected: [...793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49156] [Unknown][Unknown][Unrated] + not-detected: [...793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49156] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...793] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49156] - not-detected: [...221] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49155] [Unknown][Unknown][Unrated] + not-detected: [...221] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49155] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...221] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49155] - not-detected: [..1951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49157] [Unknown][Unknown][Unrated] + not-detected: [..1951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49157] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1951] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49157] - not-detected: [...862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49156] [Unknown][Unknown][Unrated] + not-detected: [...862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49156] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...862] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49156] - not-detected: [..1971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49157] [Unknown][Unknown][Unrated] + not-detected: [..1971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49157] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1971] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49157] - not-detected: [...954] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49158] [Unknown][Unknown][Unrated] + not-detected: [...954] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49158] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...954] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49158] - not-detected: [..1627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49159] [Unknown][Unknown][Unrated] + not-detected: [..1627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49159] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1627] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49159] - not-detected: [..1001] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49158] [Unknown][Unknown][Unrated] + not-detected: [..1001] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49158] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1001] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49158] - not-detected: [..1848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49160] [Unknown][Unknown][Unrated] + not-detected: [..1848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49160] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1848] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49160] - not-detected: [..1714] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49159] [Unknown][Unknown][Unrated] + not-detected: [..1714] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49159] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1714] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49159] - not-detected: [..1913] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49160] [Unknown][Unknown][Unrated] + not-detected: [..1913] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49160] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1913] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49160] - not-detected: [..1489] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49161] [Unknown][Unknown][Unrated] + not-detected: [..1489] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1489] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49161] - not-detected: [..1560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49161] [Unknown][Unknown][Unrated] + not-detected: [..1560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49161] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1560] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49161] - not-detected: [...767] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49163] [Unknown][Unknown][Unrated] + not-detected: [...767] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...767] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49163] - not-detected: [...830] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49163] [Unknown][Unknown][Unrated] + not-detected: [...830] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49163] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...830] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49163] - not-detected: [...727] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49165] [Unknown][Unknown][Unrated] + not-detected: [...727] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49165] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...727] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49165] - not-detected: [...778] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49165] [Unknown][Unknown][Unrated] + not-detected: [...778] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49165] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...778] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49165] - not-detected: [..1739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49167] [Unknown][Unknown][Unrated] + not-detected: [..1739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49167] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1739] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49167] - not-detected: [..1815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49167] [Unknown][Unknown][Unrated] + not-detected: [..1815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49167] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1815] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49167] - not-detected: [..1443] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49175] [Unknown][Unknown][Unrated] + not-detected: [..1443] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49175] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1443] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49175] - not-detected: [..1503] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49175] [Unknown][Unknown][Unrated] + not-detected: [..1503] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49175] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1503] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49175] - not-detected: [...426] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49176] [Unknown][Unknown][Unrated] + not-detected: [...426] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49176] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...426] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49176] - not-detected: [...481] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49176] [Unknown][Unknown][Unrated] + not-detected: [...481] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49176] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...481] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49176] - not-detected: [..1524] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49400] [Unknown][Unknown][Unrated] + not-detected: [..1524] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49400] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1524] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49400] - not-detected: [..1599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49400] [Unknown][Unknown][Unrated] + not-detected: [..1599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49400] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1599] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49400] - not-detected: [..1019] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16992] [Unknown][Unknown][Unrated] + not-detected: [..1019] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16992] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1019] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16992] - not-detected: [..1746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16993] [Unknown][Unknown][Unrated] + not-detected: [..1746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16993] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1746] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][16993] - not-detected: [..1086] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16992] [Unknown][Unknown][Unrated] + not-detected: [..1086] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16992] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1086] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16992] - not-detected: [..1808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16993] [Unknown][Unknown][Unrated] + not-detected: [..1808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16993] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1808] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][16993] - not-detected: [...253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49999] [Unknown][Unknown][Unrated] + not-detected: [...253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...253] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][49999] - not-detected: [..1734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50000] [Unknown][Unknown][Unrated] + not-detected: [..1734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1734] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50000] - not-detected: [...285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49999] [Unknown][Unknown][Unrated] + not-detected: [...285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49999] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...285] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][49999] - not-detected: [..1820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50000] [Unknown][Unknown][Unrated] + not-detected: [..1820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50000] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1820] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50000] - not-detected: [..1068] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50001] [Unknown][Unknown][Unrated] + not-detected: [..1068] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1068] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50001] - not-detected: [..1690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50002] [Unknown][Unknown][Unrated] + not-detected: [..1690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1690] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50002] - not-detected: [..1129] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50001] [Unknown][Unknown][Unrated] + not-detected: [..1129] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50001] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1129] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50001] - not-detected: [..1767] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50002] [Unknown][Unknown][Unrated] + not-detected: [..1767] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50002] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1767] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50002] - not-detected: [..1632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50003] [Unknown][Unknown][Unrated] + not-detected: [..1632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1632] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50003] - not-detected: [..1709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50003] [Unknown][Unknown][Unrated] + not-detected: [..1709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50003] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1709] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50003] - not-detected: [..1794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50006] [Unknown][Unknown][Unrated] + not-detected: [..1794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1794] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50006] - not-detected: [..1863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50006] [Unknown][Unknown][Unrated] + not-detected: [..1863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50006] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1863] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50006] - not-detected: [..1173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50300] [Unknown][Unknown][Unrated] + not-detected: [..1173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1173] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50300] - not-detected: [..1234] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50300] [Unknown][Unknown][Unrated] + not-detected: [..1234] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50300] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1234] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50300] - not-detected: [..1806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50389] [Unknown][Unknown][Unrated] + not-detected: [..1806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1806] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50389] - not-detected: [..1882] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50389] [Unknown][Unknown][Unrated] + not-detected: [..1882] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50389] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1882] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50389] - not-detected: [...990] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50500] [Unknown][Unknown][Unrated] + not-detected: [...990] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...990] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50500] - not-detected: [..1057] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50500] [Unknown][Unknown][Unrated] + not-detected: [..1057] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50500] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1057] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50500] - not-detected: [..1799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50636] [Unknown][Unknown][Unrated] + not-detected: [..1799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50636] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1799] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50636] - not-detected: [..1858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50636] [Unknown][Unknown][Unrated] + not-detected: [..1858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50636] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1858] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50636] - not-detected: [....90] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17877] [Unknown][Unknown][Unrated] + not-detected: [....90] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....90] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17877] - not-detected: [...119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17877] [Unknown][Unknown][Unrated] + not-detected: [...119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17877] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...119] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17877] - not-detected: [...801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17988] [Unknown][Unknown][Unrated] + not-detected: [...801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...801] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][17988] - not-detected: [...854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17988] [Unknown][Unknown][Unrated] + not-detected: [...854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...854] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][17988] - not-detected: [...922] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50800] [Unknown][Unknown][Unrated] + not-detected: [...922] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...922] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][50800] - not-detected: [...975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50800] [Unknown][Unknown][Unrated] + not-detected: [...975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50800] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...975] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][50800] - not-detected: [...888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18040] [Unknown][Unknown][Unrated] + not-detected: [...888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...888] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18040] - not-detected: [...967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18040] [Unknown][Unknown][Unrated] + not-detected: [...967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18040] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...967] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18040] - not-detected: [...953] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18101] [Unknown][Unknown][Unrated] + not-detected: [...953] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...953] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18101] - not-detected: [..1002] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18101] [Unknown][Unknown][Unrated] + not-detected: [..1002] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1002] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18101] - not-detected: [..1371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51103] [Unknown][Unknown][Unrated] + not-detected: [..1371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1371] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51103] - not-detected: [..1448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51103] [Unknown][Unknown][Unrated] + not-detected: [..1448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51103] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1448] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51103] - not-detected: [...695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51493] [Unknown][Unknown][Unrated] + not-detected: [...695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51493] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...695] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][51493] - not-detected: [...752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51493] [Unknown][Unknown][Unrated] + not-detected: [...752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51493] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...752] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][51493] - not-detected: [..1638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18988] [Unknown][Unknown][Unrated] + not-detected: [..1638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1638] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][18988] - not-detected: [..1703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18988] [Unknown][Unknown][Unrated] + not-detected: [..1703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18988] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1703] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][18988] - not-detected: [...302] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19101] [Unknown][Unknown][Unrated] + not-detected: [...302] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...302] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19101] - not-detected: [...318] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19101] [Unknown][Unknown][Unrated] + not-detected: [...318] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19101] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...318] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19101] - not-detected: [..1340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19283] [Unknown][Unknown][Unrated] + not-detected: [..1340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19283] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1340] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19283] - not-detected: [..1405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19283] [Unknown][Unknown][Unrated] + not-detected: [..1405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19283] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1405] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19283] - not-detected: [...686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19315] [Unknown][Unknown][Unrated] + not-detected: [...686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19315] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...686] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19315] - not-detected: [...761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19315] [Unknown][Unknown][Unrated] + not-detected: [...761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19315] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...761] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19315] - not-detected: [..1389] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19350] [Unknown][Unknown][Unrated] + not-detected: [..1389] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19350] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1389] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19350] - not-detected: [..1460] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19350] [Unknown][Unknown][Unrated] + not-detected: [..1460] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19350] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1460] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19350] - not-detected: [...381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19780] [Unknown][Unknown][Unrated] + not-detected: [...381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19780] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...381] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19780] - not-detected: [...403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19780] [Unknown][Unknown][Unrated] + not-detected: [...403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19780] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...403] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19780] - not-detected: [...996] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19801] [Unknown][Unknown][Unrated] + not-detected: [...996] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...996] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19801] - not-detected: [..1051] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19801] [Unknown][Unknown][Unrated] + not-detected: [..1051] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19801] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1051] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19801] - not-detected: [...687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19842] [Unknown][Unknown][Unrated] + not-detected: [...687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19842] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...687] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][19842] - not-detected: [...760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19842] [Unknown][Unknown][Unrated] + not-detected: [...760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19842] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...760] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][19842] - not-detected: [..1441] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52673] [Unknown][Unknown][Unrated] + not-detected: [..1441] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52673] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1441] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52673] - not-detected: [..1505] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52673] [Unknown][Unknown][Unrated] + not-detected: [..1505] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52673] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1505] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52673] guessed: [..1328] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20000] [DNP3][Unknown][IoT-Scada][Acceptable] @@ -7908,70 +7908,70 @@ guessed: [..1417] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20000] [DNP3][Unknown][IoT-Scada][Acceptable] RISK: Unidirectional Traffic idle: [..1417] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20000] - not-detected: [...580] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20005] [Unknown][Unknown][Unrated] + not-detected: [...580] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...580] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20005] - not-detected: [...640] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20005] [Unknown][Unknown][Unrated] + not-detected: [...640] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20005] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...640] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20005] - not-detected: [...540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20031] [Unknown][Unknown][Unrated] + not-detected: [...540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...540] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20031] - not-detected: [...607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20031] [Unknown][Unknown][Unrated] + not-detected: [...607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20031] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...607] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20031] - not-detected: [..1737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52822] [Unknown][Unknown][Unrated] + not-detected: [..1737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52822] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1737] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52822] - not-detected: [..1817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52822] [Unknown][Unknown][Unrated] + not-detected: [..1817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52822] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1817] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52822] - not-detected: [...134] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52848] [Unknown][Unknown][Unrated] + not-detected: [...134] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52848] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...134] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52848] - not-detected: [...158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52848] [Unknown][Unknown][Unrated] + not-detected: [...158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52848] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...158] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52848] - not-detected: [...334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52869] [Unknown][Unknown][Unrated] + not-detected: [...334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...334] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][52869] - not-detected: [...368] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52869] [Unknown][Unknown][Unrated] + not-detected: [...368] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52869] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...368] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][52869] - not-detected: [..1674] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20221] [Unknown][Unknown][Unrated] + not-detected: [..1674] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1674] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20221] - not-detected: [..1753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20221] [Unknown][Unknown][Unrated] + not-detected: [..1753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20221] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1753] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20221] - not-detected: [...342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20222] [Unknown][Unknown][Unrated] + not-detected: [...342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...342] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20222] - not-detected: [...360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20222] [Unknown][Unknown][Unrated] + not-detected: [...360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20222] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...360] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20222] - not-detected: [..1595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20828] [Unknown][Unknown][Unrated] + not-detected: [..1595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20828] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1595] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][20828] - not-detected: [..1655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20828] [Unknown][Unknown][Unrated] + not-detected: [..1655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20828] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1655] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][20828] - not-detected: [..1502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54045] [Unknown][Unknown][Unrated] + not-detected: [..1502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1502] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54045] - not-detected: [..1578] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54045] [Unknown][Unknown][Unrated] + not-detected: [..1578] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54045] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1578] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54045] - not-detected: [...618] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54328] [Unknown][Unknown][Unrated] + not-detected: [...618] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54328] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...618] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][54328] - not-detected: [...679] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54328] [Unknown][Unknown][Unrated] + not-detected: [...679] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54328] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [...679] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][54328] - not-detected: [..1521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][21571] [Unknown][Unknown][Unrated] + not-detected: [..1521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][21571] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1521] [ip4][..tcp] [.....172.16.0.8][36050] -> [...64.13.134.52][21571] - not-detected: [..1602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][21571] [Unknown][Unknown][Unrated] + not-detected: [..1602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][21571] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [..1602] [ip4][..tcp] [.....172.16.0.8][36051] -> [...64.13.134.52][21571] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/syslog.pcap.out b/test/results/flow-info/default/syslog.pcap.out index ab29c8309..e039939c4 100644 --- a/test/results/flow-info/default/syslog.pcap.out +++ b/test/results/flow-info/default/syslog.pcap.out @@ -30,10 +30,10 @@ DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514] detected: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514] [Syslog][Unknown][System][Acceptable] - not-detected: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12] [Unknown][Unknown][Unrated] + not-detected: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12] - not-detected: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114] [Unknown][Unknown][Unrated] + not-detected: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114] new: [.....8] [ip4][..udp] [.192.168.72.140][62679] -> [192.168.178.148][..514] @@ -80,7 +80,7 @@ new: [....18][.408] [ip4][..udp] [..10.11.105.154][20627] -> [.....10.6.15.11][..514] detected: [....18][.408] [ip4][..udp] [..10.11.105.154][20627] -> [.....10.6.15.11][..514] [Syslog][Unknown][System][Acceptable] idle: [....17] [ip4][..udp] [192.168.254.157][49611] -> [.196.240.66.148][..514] [Syslog][Unknown][System][Acceptable] - not-detected: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948] [Unknown][Unknown][Unrated] + not-detected: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948] [Unknown][Unknown][Unspecified][Unrated] RISK: Unidirectional Traffic idle: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948] end: [....15][1506] [ip4][..tcp] [.10.186.117.194][49948] -> [..169.46.82.162][52173] [Syslog][Unknown][System][Acceptable] diff --git a/test/results/flow-info/default/tcp_scan.pcapng.out b/test/results/flow-info/default/tcp_scan.pcapng.out index 2f9a9c69d..bc4b01294 100644 --- a/test/results/flow-info/default/tcp_scan.pcapng.out +++ b/test/results/flow-info/default/tcp_scan.pcapng.out @@ -20,13 +20,13 @@ guessed: [.....3] [ip4][..tcp] [..192.168.1.178][56274] -> [....192.168.1.2][..445] [SMBv23][Unknown][System][Acceptable] RISK: TCP Connection Issues, Probing Attempt end: [.....3] [ip4][..tcp] [..192.168.1.178][56274] -> [....192.168.1.2][..445] - not-detected: [.....6] [ip4][..tcp] [..192.168.1.178][57916] -> [....192.168.1.2][.3391] [Unknown][Unknown][Unrated] + not-detected: [.....6] [ip4][..tcp] [..192.168.1.178][57916] -> [....192.168.1.2][.3391] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [.....6] [ip4][..tcp] [..192.168.1.178][57916] -> [....192.168.1.2][.3391] - not-detected: [.....5] [ip4][..tcp] [..192.168.1.178][62971] -> [....192.168.1.2][.3390] [Unknown][Unknown][Unrated] + not-detected: [.....5] [ip4][..tcp] [..192.168.1.178][62971] -> [....192.168.1.2][.3390] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [.....5] [ip4][..tcp] [..192.168.1.178][62971] -> [....192.168.1.2][.3390] - not-detected: [.....7] [ip4][..tcp] [..192.168.1.178][63243] -> [....192.168.1.2][.3392] [Unknown][Unknown][Unrated] + not-detected: [.....7] [ip4][..tcp] [..192.168.1.178][63243] -> [....192.168.1.2][.3392] [Unknown][Unknown][Unspecified][Unrated] RISK: TCP Connection Issues, Probing Attempt end: [.....7] [ip4][..tcp] [..192.168.1.178][63243] -> [....192.168.1.2][.3392] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/teams.pcap.out b/test/results/flow-info/default/teams.pcap.out index 45e6ad626..73e35011c 100644 --- a/test/results/flow-info/default/teams.pcap.out +++ b/test/results/flow-info/default/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Teams][Azure][Collaborative][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/default/telegram.pcap.out b/test/results/flow-info/default/telegram.pcap.out index cdc4c80e0..11122ba0a 100644 --- a/test/results/flow-info/default/telegram.pcap.out +++ b/test/results/flow-info/default/telegram.pcap.out @@ -101,7 +101,7 @@ [IATS(ms)....: 176.6,505.7,492.8,1175.3,327.6,331.9,1681.3,64.2,63.5,64.3,42.3,63.9,1998.8,63.8,58.3,64.1,69.6,64.4,57.8,43.1,58.1,62.2,58.1,63.8,58.2,64.2,58.2,62.0,69.6,66.6,57.7] [PKTLENS.....: 108,108,108,76,92,76,92,220,252,268,252,252,236,204,220,220,220,204,188,220,204,204,204,220,204,204,204,204,220,204,220,220] [ENTROPIES...: 6.4,6.1,6.3,5.8,6.0,5.8,6.0,6.9,7.1,7.2,7.1,7.1,7.1,7.0,7.0,7.1,7.0,6.9,6.8,7.0,7.0,7.0,6.9,6.9,6.9,6.9,6.9,6.9,7.0,6.9,7.0,7.1] - not-detected: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unrated] + not-detected: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy new: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -138,8 +138,6 @@ new: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] detected: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Telegram][Chat][Acceptable] detection-update: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] detected: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] @@ -195,7 +193,7 @@ idle: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][www.googletagservices.com] RISK: Minor Issues idle: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] - not-detected: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] [Unknown][Unknown][Unrated] + not-detected: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] idle: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] @@ -207,7 +205,7 @@ idle: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][in.appcenter.ms] idle: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code - idle: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unrated] + idle: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][tl-sg116e] idle: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable][www.google.com] @@ -237,7 +235,7 @@ idle: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Unknown][Network][Acceptable][_companion-link._tcp.local] idle: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable][_companion-link._tcp.local] idle: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [Unknown][Unknown][Unrated] + not-detected: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/telegram_videocall.pcapng.out b/test/results/flow-info/default/telegram_videocall.pcapng.out index a5d33e1d4..9df6d1fa3 100644 --- a/test/results/flow-info/default/telegram_videocall.pcapng.out +++ b/test/results/flow-info/default/telegram_videocall.pcapng.out @@ -109,10 +109,6 @@ new: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] detected: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] @@ -128,6 +124,10 @@ new: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] detected: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] new: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [MIDSTREAM] + detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] diff --git a/test/results/flow-info/default/telegram_videocall_2.pcapng.out b/test/results/flow-info/default/telegram_videocall_2.pcapng.out index 3d5f85e4e..837083afa 100644 --- a/test/results/flow-info/default/telegram_videocall_2.pcapng.out +++ b/test/results/flow-info/default/telegram_videocall_2.pcapng.out @@ -22,10 +22,6 @@ detected: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [Telegram][Telegram][Chat][Acceptable] detection-update: [.....3] [ip4][..udp] [..192.168.12.67][39968] -> [...91.108.9.106][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][39329] -> [....91.108.13.3][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [..192.168.12.67][44679] -> [...91.108.17.49][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [..192.168.12.67][44275] -> [....91.108.9.10][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] detection-update: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] detection-update: [.....7] [ip4][..udp] [..192.168.12.67][46675] -> [....91.108.17.8][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] @@ -51,13 +47,13 @@ [ENTROPIES...: 4.6,4.7,4.6,4.7,5.7,5.8,6.0,5.7,6.1,5.7,5.8,6.1,6.1,5.8,6.0,5.7,6.0,5.8,5.8,6.0,5.2,6.1,6.2,6.8,7.5,6.1,5.8,6.4,6.1,5.7,6.2,5.7] idle: [.....2] [ip6][..udp] [..............fe80::76da:38ff:feed:5332][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.12.67][39329] -> [....91.108.13.3][.1400] [STUN][Telegram][Network][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [..192.168.12.67][39968] -> [...91.108.9.106][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....6] [ip4][..udp] [..192.168.12.67][44275] -> [....91.108.9.10][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.12.67][44679] -> [...91.108.17.49][.1400] [STUN][Telegram][Network][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..udp] [..192.168.12.67][46675] -> [....91.108.17.8][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....1] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/telegram_voice.pcapng.out b/test/results/flow-info/default/telegram_voice.pcapng.out index 3a5d605f0..1a7c80850 100644 --- a/test/results/flow-info/default/telegram_voice.pcapng.out +++ b/test/results/flow-info/default/telegram_voice.pcapng.out @@ -26,10 +26,6 @@ detection-update: [.....6] [ip4][..udp] [..192.168.12.67][42567] -> [....91.108.9.34][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port detection-update: [.....9] [ip4][..udp] [..192.168.12.67][41011] -> [....91.108.9.68][..596] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][44405] -> [...91.108.17.41][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [..192.168.12.67][46013] -> [...91.108.13.52][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....7] [ip4][..udp] [..192.168.12.67][39027] -> [...91.108.13.51][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] analyse: [.....9] [ip4][..udp] [..192.168.12.67][41011] -> [....91.108.9.68][..596] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/default/threema.pcap.out b/test/results/flow-info/default/threema.pcap.out index 1c0ce9632..6e5da1cba 100644 --- a/test/results/flow-info/default/threema.pcap.out +++ b/test/results/flow-info/default/threema.pcap.out @@ -20,11 +20,9 @@ DAEMON-EVENT: [Flows][active: 3 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] guessed: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] - RISK: Fully Encrypted Flow end: [.....5] [ip4][..tcp] [..192.168.2.100][50718] -> [.185.88.236.110][.5222] idle: [.....1] [ip4][..tcp] [..192.168.2.100][50298] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] idle: [.....2] [ip4][..tcp] [..192.168.2.100][50484] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] guessed: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] [Threema][Threema][Chat][Fun] - RISK: Fully Encrypted Flow end: [.....6] [ip4][..tcp] [..192.168.2.100][50860] -> [.185.88.236.110][.5222] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls-appdata.pcap.out b/test/results/flow-info/default/tls-appdata.pcap.out index 64d8dba2e..5f4ae4af2 100644 --- a/test/results/flow-info/default/tls-appdata.pcap.out +++ b/test/results/flow-info/default/tls-appdata.pcap.out @@ -3,15 +3,10 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] - detection-update: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] end: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] analyse: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] min| max| avg| stddev| variance| entropy @@ -24,10 +19,10 @@ [PKTLENS.....: 1492,60,46,1492,2944,40,2944,40,40,2944,2871,40,40,40,40,1492,60,46,1492,2944,40,2944,40,2944,1492,60,46,1492,2944,40,2944,40] [ENTROPIES...: 7.9,5.5,4.7,7.9,7.9,5.0,7.9,4.9,4.9,7.9,7.9,5.0,4.9,4.9,5.0,7.9,5.5,4.6,7.9,7.9,4.9,7.9,4.9,7.9,7.9,5.6,4.5,7.9,7.9,4.9,7.9,4.9] DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] idle: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls-esni-fuzzed.pcap.out b/test/results/flow-info/default/tls-esni-fuzzed.pcap.out index fdd145143..8777061ea 100644 --- a/test/results/flow-info/default/tls-esni-fuzzed.pcap.out +++ b/test/results/flow-info/default/tls-esni-fuzzed.pcap.out @@ -3,17 +3,17 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch new: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch new: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe][] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS Susp ESNI Usage, Missing SNI TLS Extn, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, TLS Susp Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.2_unidirectional_client.pcapng.out b/test/results/flow-info/default/tls_1.2_unidirectional_client.pcapng.out index 6e5b7a799..91ff26a82 100644 --- a/test/results/flow-info/default/tls_1.2_unidirectional_client.pcapng.out +++ b/test/results/flow-info/default/tls_1.2_unidirectional_client.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] [TLS.GoogleServices][Google][Web][Acceptable][notifications-pa.googleapis.com] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][43854] -> [..216.58.209.42][..443] [TLS.GoogleServices][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.2_unidirectional_client_no_cert.pcapng.out b/test/results/flow-info/default/tls_1.2_unidirectional_client_no_cert.pcapng.out index 9b324cc4e..139e9d3ce 100644 --- a/test/results/flow-info/default/tls_1.2_unidirectional_client_no_cert.pcapng.out +++ b/test/results/flow-info/default/tls_1.2_unidirectional_client_no_cert.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] [TLS][Cloudflare][Web][Safe][sb.adtidy.org] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][39958] -> [..172.67.21.133][..443] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.2_unidirectional_server.pcapng.out b/test/results/flow-info/default/tls_1.2_unidirectional_server.pcapng.out index 1410a061a..42198a9a9 100644 --- a/test/results/flow-info/default/tls_1.2_unidirectional_server.pcapng.out +++ b/test/results/flow-info/default/tls_1.2_unidirectional_server.pcapng.out @@ -3,9 +3,6 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] detected: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..216.58.209.42][..443] -> [.192.168.12.156][43854] [TLS.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.2_unidirectional_server_no_cert.pcapng.out b/test/results/flow-info/default/tls_1.2_unidirectional_server_no_cert.pcapng.out index c54c75d01..b66d1226f 100644 --- a/test/results/flow-info/default/tls_1.2_unidirectional_server_no_cert.pcapng.out +++ b/test/results/flow-info/default/tls_1.2_unidirectional_server_no_cert.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] detected: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [..172.67.21.133][..443] -> [.192.168.12.156][39958] [TLS][Cloudflare][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.3_unidirectional_client.pcapng.out b/test/results/flow-info/default/tls_1.3_unidirectional_client.pcapng.out index be71565b2..a53dfdc23 100644 --- a/test/results/flow-info/default/tls_1.3_unidirectional_client.pcapng.out +++ b/test/results/flow-info/default/tls_1.3_unidirectional_client.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] detected: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] [TLS.Google][Google][Web][Acceptable][www.google.com] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.192.168.12.156][39750] -> [.142.250.184.68][..443] [TLS.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_1.3_unidirectional_server.pcapng.out b/test/results/flow-info/default/tls_1.3_unidirectional_server.pcapng.out index 60174db8b..ba126c5e1 100644 --- a/test/results/flow-info/default/tls_1.3_unidirectional_server.pcapng.out +++ b/test/results/flow-info/default/tls_1.3_unidirectional_server.pcapng.out @@ -3,7 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] detected: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.142.250.184.68][..443] -> [.192.168.12.156][39750] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_certificate_too_long.pcap.out b/test/results/flow-info/default/tls_certificate_too_long.pcap.out index 36f2a6da9..451da1f30 100644 --- a/test/results/flow-info/default/tls_certificate_too_long.pcap.out +++ b/test/results/flow-info/default/tls_certificate_too_long.pcap.out @@ -6,9 +6,7 @@ new: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] detected: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][121.1.168.192.in-addr.arpa] detection-update: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][60.21.149.52.in-addr.arpa] - RISK: Unidirectional Traffic detection-update: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][139.1.168.192.in-addr.arpa] - RISK: Unidirectional Traffic detection-update: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][139.1.168.192.in-addr.arpa] RISK: Error Code detection-update: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][60.21.149.52.in-addr.arpa] @@ -34,9 +32,9 @@ detection-update: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com] new: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] detection-update: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com] - detected: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detected: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detection-update: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detected: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detected: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detection-update: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long new: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com] @@ -47,18 +45,18 @@ detected: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net] new: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] detected: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net] - detection-update: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detection-update: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long detection-update: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net] new: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] detection-update: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com] - detected: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Web][Acceptable][www.microsoft.com] + detected: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Web][Safe][www.microsoft.com] detection-update: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net] - detection-update: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com] + detection-update: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com] RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt) new: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] - detected: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Web][Acceptable][www.microsoft.com] - detection-update: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com] + detected: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Web][Safe][www.microsoft.com] + detection-update: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com] RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt) new: [....20] [ip4][..tcp] [..192.168.1.121][53905] -> [..140.82.113.26][..443] [MIDSTREAM] new: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] @@ -70,16 +68,11 @@ new: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] detected: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][235.33.22.2.in-addr.arpa] detection-update: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][26.113.82.140.in-addr.arpa] - RISK: Unidirectional Traffic new: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [MIDSTREAM] detected: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] - RISK: Unidirectional Traffic new: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [MIDSTREAM] detected: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] - RISK: Unidirectional Traffic detection-update: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][235.33.22.2.in-addr.arpa] - detection-update: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] - detection-update: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] analyse: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.067| 0.004| 0.014| 198.149| 1.700] @@ -102,31 +95,31 @@ [ENTROPIES...: 7.9,7.8,7.9,4.9,7.9,7.8,6.6,7.1,7.5,5.7,5.6,4.7,5.4,4.7,4.9,7.9,7.8,7.6,4.9,7.6,7.8,7.5,4.6,6.6,7.0,7.2,6.2,5.6,5.8,5.5,4.7,5.0] new: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] new: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] - detected: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detected: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detection-update: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detected: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detected: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detection-update: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long - detection-update: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detection-update: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long new: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] detected: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] new: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] new: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] - detected: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detected: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detection-update: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detected: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detected: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detection-update: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long - detection-update: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detection-update: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long new: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] detected: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] new: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] new: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] - detected: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detected: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] - detection-update: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detected: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detected: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] + detection-update: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long - detection-update: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com] + detection-update: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe][wdcp.microsoft.com] RISK: TLS Cert Validity Too Long new: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123] detected: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] @@ -140,9 +133,9 @@ idle: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net] guessed: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443] [TLS][Azure][Web][Safe] idle: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443] - end: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com] + end: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com] RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt) - end: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com] + end: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com] RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt) idle: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com] idle: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] @@ -157,23 +150,23 @@ idle: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] idle: [....22] [ip4][..udp] [..192.168.1.121][49216] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] idle: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] - end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Web][Safe] RISK: TLS Cert Validity Too Long - not-detected: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] [Unknown][Unknown][Unrated] + not-detected: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] idle: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com] diff --git a/test/results/flow-info/default/tls_esni_sni_both.pcap.out b/test/results/flow-info/default/tls_esni_sni_both.pcap.out index 1f339b35f..9c6ab83be 100644 --- a/test/results/flow-info/default/tls_esni_sni_both.pcap.out +++ b/test/results/flow-info/default/tls_esni_sni_both.pcap.out @@ -3,16 +3,16 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] detected: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe][these-are-not-the-droids-youre-looking-for.com] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn detection-update: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe][these-are-not-the-droids-youre-looking-for.com] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn new: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] detected: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe][you-think-thats-normal-tls-traffic-youre-seeing.com] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn detection-update: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe][you-think-thats-normal-tls-traffic-youre-seeing.com] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn end: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn end: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe] - RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_false_positives.pcapng.out b/test/results/flow-info/default/tls_false_positives.pcapng.out index 2af411665..c0a10b4a1 100644 --- a/test/results/flow-info/default/tls_false_positives.pcapng.out +++ b/test/results/flow-info/default/tls_false_positives.pcapng.out @@ -2,6 +2,6 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.....10.10.10.1][.1445] -> [....192.168.0.1][20979] - not-detected: [.....1] [ip4][..tcp] [.....10.10.10.1][.1445] -> [....192.168.0.1][20979] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..tcp] [.....10.10.10.1][.1445] -> [....192.168.0.1][20979] [Unknown][Unknown][Unspecified][Unrated] idle: [.....1] [ip4][..tcp] [.....10.10.10.1][.1445] -> [....192.168.0.1][20979] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_heur__shadowsocks-tcp.pcapng.out b/test/results/flow-info/default/tls_heur__shadowsocks-tcp.pcapng.out index aeef38a2b..b1354a790 100644 --- a/test/results/flow-info/default/tls_heur__shadowsocks-tcp.pcapng.out +++ b/test/results/flow-info/default/tls_heur__shadowsocks-tcp.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] new: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][45334] -> [...............2a00:1450:4002:416::200e][..443] @@ -23,8 +22,8 @@ [PKTLENS.....: 80,80,72,589,72,1280,72,4904,631,72,72,345,720,103,103,72,1280,293,1280,72,72,72,1280,1280,1280,4948,72,72,1280,72,1280,1280] [ENTROPIES...: 4.8,5.3,5.2,4.8,5.2,7.8,5.2,8.0,7.6,5.2,5.2,7.1,7.7,5.8,5.8,5.1,7.8,7.1,7.9,5.2,5.2,5.2,7.8,7.9,7.8,8.0,5.1,5.2,7.9,5.2,7.8,7.8] idle: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unrated] - RISK: Fully Encrypted Flow + not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unspecified][Unrated] + RISK: Susp Entropy idle: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] idle: [.....1] [ip4][..tcp] [......127.0.0.1][44424] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] idle: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][45334] -> [...............2a00:1450:4002:416::200e][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com] diff --git a/test/results/flow-info/default/tls_heur__trojan-tcp-tls.pcapng.out b/test/results/flow-info/default/tls_heur__trojan-tcp-tls.pcapng.out index bd5580d15..5bbd31a96 100644 --- a/test/results/flow-info/default/tls_heur__trojan-tcp-tls.pcapng.out +++ b/test/results/flow-info/default/tls_heur__trojan-tcp-tls.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..192.168.1.183][46451] -> [..192.168.1.253][...53] detected: [.....3] [ip4][..udp] [..192.168.1.183][46451] -> [..192.168.1.253][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....4] [ip4][..udp] [..192.168.1.183][54260] -> [..192.168.1.253][...53] diff --git a/test/results/flow-info/default/tls_heur__vmess-tcp-tls.pcapng.out b/test/results/flow-info/default/tls_heur__vmess-tcp-tls.pcapng.out index 0a70f42ea..74170721f 100644 --- a/test/results/flow-info/default/tls_heur__vmess-tcp-tls.pcapng.out +++ b/test/results/flow-info/default/tls_heur__vmess-tcp-tls.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..192.168.1.183][49817] -> [..192.168.1.253][...53] detected: [.....3] [ip4][..udp] [..192.168.1.183][49817] -> [..192.168.1.253][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....4] [ip4][..udp] [..192.168.1.183][41933] -> [..192.168.1.253][...53] diff --git a/test/results/flow-info/default/tls_heur__vmess-tcp.pcapng.out b/test/results/flow-info/default/tls_heur__vmess-tcp.pcapng.out index a5f713be1..84c76a6fd 100644 --- a/test/results/flow-info/default/tls_heur__vmess-tcp.pcapng.out +++ b/test/results/flow-info/default/tls_heur__vmess-tcp.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] new: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][48302] -> [...............2a00:1450:4006:80d::200e][..443] @@ -24,8 +23,7 @@ [ENTROPIES...: 4.9,4.8,4.9,5.4,5.2,4.8,5.2,7.9,7.8,5.2,5.2,7.8,7.9,5.2,5.2,6.4,6.6,7.7,5.9,6.4,5.9,5.2,7.9,7.2,7.9,5.2,7.9,5.2,7.9,5.2,7.9,5.2] idle: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] idle: [.....1] [ip4][..tcp] [......127.0.0.1][37218] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] - not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unrated] - RISK: Fully Encrypted Flow + not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unspecified][Unrated] idle: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] idle: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][48302] -> [...............2a00:1450:4006:80d::200e][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tor-browser.pcap.out b/test/results/flow-info/default/tor-browser.pcap.out index 01dd0afa2..5da844831 100644 --- a/test/results/flow-info/default/tor-browser.pcap.out +++ b/test/results/flow-info/default/tor-browser.pcap.out @@ -5,9 +5,9 @@ detected: [.....1] [ip4][..udp] [..192.168.0.123][55566] -> [...192.168.0.16][...53] [DNS][Unknown][Network][Acceptable][checkappexec.microsoft.com] detection-update: [.....1] [ip4][..udp] [..192.168.0.123][55566] -> [...192.168.0.16][...53] [DNS][Unknown][Network][Acceptable][checkappexec.microsoft.com] new: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] - detected: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft365][Azure][Web][Acceptable][checkappexec.microsoft.com] - detection-update: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft365][Azure][Web][Acceptable][checkappexec.microsoft.com] - detection-update: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft365][Azure][Web][Acceptable][checkappexec.microsoft.com] + detected: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft][Azure][Web][Safe][checkappexec.microsoft.com] + detection-update: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft][Azure][Web][Safe][checkappexec.microsoft.com] + detection-update: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft][Azure][Web][Safe][checkappexec.microsoft.com] new: [.....3] [ip4][..tcp] [..192.168.0.123][64621] -> [....86.3.18.251][..443] new: [.....4] [ip4][..tcp] [..192.168.0.123][64622] -> [.178.17.170.254][..443] detected: [.....4] [ip4][..tcp] [..192.168.0.123][64622] -> [.178.17.170.254][..443] [TLS.Tor][Tor][VPN][Potentially Dangerous][www.v2trefdg62xsck3upw2iad5y.com] @@ -66,5 +66,5 @@ RISK: TLS (probably) Not Carrying HTTPS, Susp DGA Domain name, Unsafe Protocol idle: [.....5] [ip4][.icmp] [...192.168.0.16] -> [..192.168.0.123] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy - idle: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft365][Azure][Web][Acceptable] + idle: [.....2] [ip4][..tcp] [..192.168.0.123][64613] -> [172.211.159.152][..443] [TLS.Microsoft][Azure][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tumblr.pcap.out b/test/results/flow-info/default/tumblr.pcap.out index 05e1bbc8c..7abd4e8cd 100644 --- a/test/results/flow-info/default/tumblr.pcap.out +++ b/test/results/flow-info/default/tumblr.pcap.out @@ -8,17 +8,8 @@ detected: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] [TLS][Unknown][Web][Safe] new: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [MIDSTREAM] detected: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic new: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [MIDSTREAM] detected: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] new: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [MIDSTREAM] analyse: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy @@ -32,16 +23,10 @@ [ENTROPIES...: 7.5,6.0,6.0,5.1,5.1,5.1,5.8,5.2,7.8,5.2,5.9,6.7,5.0,5.1,7.9,5.2,5.4,7.9,7.9,7.9,7.8,7.7,7.8,7.9,5.2,5.2,5.2,5.2,5.2,5.2,5.2,5.2] new: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [MIDSTREAM] detected: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic new: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [MIDSTREAM] detected: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] - detection-update: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] new: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] - detection-update: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] - detected: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] + detected: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe][consent.cmp.oath.com] analyse: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.045| 0.004| 0.009| 88.667| 2.800] @@ -53,10 +38,10 @@ [PKTLENS.....: 184,111,183,172,72,72,72,72,1472,72,1472,72,1472,1472,72,72,1472,1472,72,72,1472,1472,72,72,1472,1472,72,72,1472,1472,72,72] [ENTROPIES...: 6.6,5.9,6.6,6.5,5.0,5.0,4.9,5.0,7.9,5.1,7.9,5.1,7.9,7.8,5.1,5.1,7.9,7.8,5.1,5.1,7.9,7.9,5.1,5.1,7.9,7.8,5.1,5.1,7.9,7.9,5.1,5.1] new: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] - detection-update: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] - detected: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] - detection-update: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] - analyse: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe] + detection-update: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe][consent.cmp.oath.com] + detected: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe][consent.cmp.oath.com] + detection-update: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe][consent.cmp.oath.com] + analyse: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.048| 0.010| 0.016| 259.261| 3.200] [PKTLEN......: 72.000| 1280.000| 300.700| 381.900| 145812.800| 4.100] @@ -73,9 +58,6 @@ detection-update: [....12] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39152] -> [......................64:ff9b::6006:749][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][sb.scorecardresearch.com] new: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [MIDSTREAM] detected: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] - detection-update: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] analyse: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.037| 0.003| 0.009| 73.545| 2.400] @@ -88,9 +70,6 @@ [ENTROPIES...: 6.8,5.7,6.6,6.7,6.3,5.8,5.0,5.0,5.0,5.0,5.0,7.8,5.1,7.9,5.1,7.8,5.3,7.9,5.1,5.0,7.9,5.3,7.9,5.6,5.1,5.1,5.7,7.9,5.1,5.3,7.9,5.1] new: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [MIDSTREAM] detected: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [TLS][Unknown][Web][Safe] - detection-update: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [TLS][Unknown][Web][Safe] detection-update: [....13] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47118] -> [.................2001:4998:14:800::1001][..443] [TLS.Yahoo][Unknown][Web][Safe][cookiex.ngd.yahoo.com] new: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56582] -> [.....................64:ff9b::9765:798c][..443] [MIDSTREAM] new: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56564] -> [.....................64:ff9b::9765:798c][..443] [MIDSTREAM] @@ -136,10 +115,8 @@ [ENTROPIES...: 4.8,5.3,5.3,4.6,5.1,7.2,5.2,7.3,7.6,5.2,5.2,7.6,5.2,6.2,6.5,7.6,5.1,5.1,5.1,7.0,6.3,5.2,5.2,5.7,5.1,7.9,5.2,7.9,5.2,7.9,5.2,7.9] new: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49548] -> [...............2a00:1450:4007:809::200e][..443] detected: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic detected: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49548] -> [...............2a00:1450:4007:809::200e][..443] [TLS.Google][Google][Web][Acceptable][apis.google.com] new: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38608] -> [...............2a00:1450:4007:80b::200a][..443] - detection-update: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] analyse: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 19.514| 1.259| 4.789| 22930555.666| 1.000] @@ -218,8 +195,8 @@ guessed: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40190] -> [...............2a00:1450:4007:80a::200a][..443] [TLS][Google][Web][Safe] idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40190] -> [...............2a00:1450:4007:80a::200a][..443] idle: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] - idle: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] - end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe] + idle: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe][consent.cmp.oath.com] + end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Unknown][Web][Safe] guessed: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50906] -> [.....................64:ff9b::d83a:d582][..443] [TLS][Unknown][Web][Safe] idle: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50906] -> [.....................64:ff9b::d83a:d582][..443] guessed: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44164] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] diff --git a/test/results/flow-info/default/tunnelbear.pcap.out b/test/results/flow-info/default/tunnelbear.pcap.out index 6a3452613..0f030dfd4 100644 --- a/test/results/flow-info/default/tunnelbear.pcap.out +++ b/test/results/flow-info/default/tunnelbear.pcap.out @@ -50,7 +50,6 @@ idle: [.....1] [ip4][..udp] [......10.0.2.15][57636] -> [...142.93.78.79][51820] [WireGuard.TunnelBear][DigitalOcean][VPN][Acceptable] new: [....10] [ip4][..tcp] [..10.158.132.91][38398] -> [..104.17.114.40][..443] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..10.158.132.91][38398] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable][api.polargrizzly.com] - RISK: Unidirectional Traffic new: [....11] [ip4][..tcp] [..10.158.132.91][51120] -> [........8.8.8.8][...53] [MIDSTREAM] new: [....12] [ip4][..tcp] [.......10.8.0.1][60224] -> [...157.240.7.32][..443] detected: [....12] [ip4][..tcp] [.......10.8.0.1][60224] -> [...157.240.7.32][..443] [TLS.FacebookMessenger][Facebook][Chat][Acceptable][mqtt-mini.facebook.com] @@ -119,7 +118,6 @@ idle: [.....7] [ip4][..tcp] [.......10.8.0.1][47496] -> [162.247.243.188][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] idle: [....21] [ip4][..tcp] [.......10.8.0.1][48222] -> [162.247.243.188][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] end: [....10] [ip4][..tcp] [..10.158.132.91][38398] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..tcp] [.......10.8.0.1][47046] -> [.74.125.200.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS idle: [.....2] [ip4][..tcp] [.......10.8.0.1][50178] -> [.104.17.154.236][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] diff --git a/test/results/flow-info/default/ubntac2.pcap.out b/test/results/flow-info/default/ubntac2.pcap.out index 523da6235..412c91054 100644 --- a/test/results/flow-info/default/ubntac2.pcap.out +++ b/test/results/flow-info/default/ubntac2.pcap.out @@ -1,33 +1,51 @@ DAEMON-EVENT: init new: [.....1] [ip4][..udp] [..192.168.1.138][60790] -> [255.255.255.255][10001] detected: [.....1] [ip4][..udp] [..192.168.1.138][60790] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - DAEMON-EVENT: [Processed: 1 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....2] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] - detected: [.....2] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....2] [ip4][..tcp] [..192.168.1.138][35726] -> [..192.168.1.204][.8080] + detected: [.....2] [ip4][..tcp] [..192.168.1.138][35726] -> [..192.168.1.204][.8080] [HTTP.UBNTAC2][Unknown][Network][Safe][192.168.1.204] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI + update: [.....1] [ip4][..udp] [..192.168.1.138][60790] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] + new: [.....3] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] + detected: [.....3] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] idle: [.....1] [ip4][..udp] [..192.168.1.138][60790] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....3] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] - detected: [.....3] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....4] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] - detected: [.....4] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....5] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] - detected: [.....5] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....6] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] - detected: [.....6] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....7] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] - detected: [.....7] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - update: [.....2] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....8] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] - detected: [.....8] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - update: [.....3] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - new: [.....9] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] - detected: [.....9] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....8] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....5] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....7] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....4] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....6] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....2] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....9] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] - idle: [.....3] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + end: [.....2] [ip4][..tcp] [..192.168.1.138][35726] -> [..192.168.1.204][.8080] [HTTP.UBNTAC2][Unknown][Network][Safe][192.168.1.204] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI + new: [.....4] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] + detected: [.....4] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....5] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] + detected: [.....5] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....6] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] + detected: [.....6] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....7] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] + detected: [.....7] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....8] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] + detected: [.....8] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + update: [.....3] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [.....9] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] + detected: [.....9] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + update: [.....4] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [....10] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] + detected: [....10] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + update: [.....5] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 8 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 4] + new: [....11] [ip4][..udp] [192.168.178.176][10001] -> [255.255.255.255][10001] + detected: [....11] [ip4][..udp] [192.168.178.176][10001] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + new: [....12] [ip4][..udp] [.192.168.178.92][10001] -> [192.168.178.176][10001] + detected: [....12] [ip4][..udp] [.192.168.178.92][10001] -> [192.168.178.176][10001] [UBNTAC2][Unknown][Network][Safe] + new: [....13] [ip4][..udp] [.192.168.178.61][10001] -> [192.168.178.176][10001] + detected: [....13] [ip4][..udp] [.192.168.178.61][10001] -> [192.168.178.176][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....9] [ip4][..udp] [....192.168.1.1][47746] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....6] [ip4][..udp] [....192.168.1.1][47871] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....8] [ip4][..udp] [....192.168.1.1][52220] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [....13] [ip4][..udp] [.192.168.178.61][10001] -> [192.168.178.176][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [....12] [ip4][..udp] [.192.168.178.92][10001] -> [192.168.178.176][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....5] [ip4][..udp] [....192.168.1.1][55321] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....7] [ip4][..udp] [....192.168.1.1][59772] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....3] [ip4][..udp] [....192.168.1.1][34085] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [....11] [ip4][..udp] [192.168.178.176][10001] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [....10] [ip4][..udp] [....192.168.1.1][42838] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] + idle: [.....4] [ip4][..udp] [....192.168.1.1][44641] -> [255.255.255.255][10001] [UBNTAC2][Unknown][Network][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/vk.pcapng.out b/test/results/flow-info/default/vk.pcapng.out index 8cd6ed8d1..460b07f95 100644 --- a/test/results/flow-info/default/vk.pcapng.out +++ b/test/results/flow-info/default/vk.pcapng.out @@ -5,14 +5,8 @@ detected: [.....1] [ip4][..tcp] [..192.168.1.249][33904] -> [.87.240.129.131][..443] [TLS][VK][Web][Safe] new: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] - detection-update: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..tcp] [..192.168.1.249][33904] -> [.87.240.129.131][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic new: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] - detection-update: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic analyse: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.010| 0.043| 0.181| 32751.438| 1.300] @@ -23,16 +17,14 @@ [IATS(ms)....: 1010.0,14.6,15.3,1.7,16.3,0.0,0.0,0.0,0.0,15.1,0.0,227.7,0.0,0.0,0.0,2.7,0.0,12.8,0.0,1.5,0.0,0.0,1.5,1.1,1.6,11.1,2.5,1.5,0.0,0.8,1.2] [PKTLENS.....: 638,758,52,596,501,52,52,52,52,52,52,52,52,52,52,52,52,52,52,52,52,64,64,64,64,64,52,52,52,52,52,52] [ENTROPIES...: 7.7,7.8,5.2,7.6,7.6,5.2,5.2,5.2,5.3,5.3,5.2,5.2,5.2,5.3,5.2,5.1,5.3,5.2,5.2,5.2,5.2,5.3,5.3,5.2,5.3,5.3,5.2,5.3,5.2,5.2,5.2,5.2] + detection-update: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic new: [.....4] [ip4][..tcp] [..192.168.1.249][59154] -> [.87.240.185.137][..443] new: [.....5] [ip4][..tcp] [..192.168.1.249][32990] -> [..87.240.169.10][..443] detected: [.....4] [ip4][..tcp] [..192.168.1.249][59154] -> [.87.240.185.137][..443] [TLS.VK][VK][SocialNetwork][Fun][sun9-10.userapi.com] - RISK: Unidirectional Traffic detected: [.....5] [ip4][..tcp] [..192.168.1.249][32990] -> [..87.240.169.10][..443] [TLS.VK][VK][SocialNetwork][Fun][sun9-87.userapi.com] - RISK: Unidirectional Traffic new: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - detection-update: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic analyse: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.007| 0.151| 0.451| 203470.717| 2.100] @@ -43,38 +35,26 @@ [IATS(ms)....: 0.0,14.3,23.0,2006.6,0.0,0.8,13.5,98.2,1614.5,0.3,0.1,0.3,0.3,13.2,1.2,18.4,1.7,0.9,6.9,22.6,0.0,179.8,0.0,14.1,67.4,0.0,0.0,579.5,0.0,1.0,13.7] [PKTLENS.....: 247,332,52,52,240,776,565,52,52,385,563,339,564,1017,52,52,52,52,52,52,52,52,243,316,52,52,52,52,250,563,429,52] [ENTROPIES...: 7.2,7.4,5.2,5.2,7.0,7.7,7.6,5.1,5.2,7.4,7.6,7.3,7.6,7.8,5.1,5.1,5.1,5.1,5.1,5.1,5.1,5.1,7.1,7.3,5.1,5.1,5.2,5.1,7.2,7.6,7.5,5.1] + detection-update: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic new: [.....7] [ip4][..tcp] [..192.168.1.249][47934] -> [...87.240.169.3][..443] new: [.....8] [ip4][..tcp] [..192.168.1.249][59722] -> [..87.240.169.11][..443] detected: [.....7] [ip4][..tcp] [..192.168.1.249][47934] -> [...87.240.169.3][..443] [TLS.VK][VK][SocialNetwork][Fun][sun9-80.userapi.com] - RISK: Unidirectional Traffic detected: [.....8] [ip4][..tcp] [..192.168.1.249][59722] -> [..87.240.169.11][..443] [TLS.VK][VK][SocialNetwork][Fun][sun9-88.userapi.com] - RISK: Unidirectional Traffic new: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - detection-update: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic new: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] [TLS][VK][Web][Safe] - detection-update: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [..192.168.1.249][59154] -> [.87.240.185.137][..443] [TLS.VK][VK][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..tcp] [..192.168.1.249][59722] -> [..87.240.169.11][..443] [TLS.VK][VK][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic idle: [.....5] [ip4][..tcp] [..192.168.1.249][32990] -> [..87.240.169.10][..443] [TLS.VK][VK][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.1.249][33904] -> [.87.240.129.131][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic idle: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [..192.168.1.249][47934] -> [...87.240.169.3][..443] [TLS.VK][VK][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wa_video.pcap.out b/test/results/flow-info/default/wa_video.pcap.out index eb312e686..79f71560c 100644 --- a/test/results/flow-info/default/wa_video.pcap.out +++ b/test/results/flow-info/default/wa_video.pcap.out @@ -6,29 +6,14 @@ new: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [MIDSTREAM] new: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] detected: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] detected: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] detected: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] detected: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] detected: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] detected: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] analyse: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] @@ -61,12 +46,6 @@ new: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] detected: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port analyse: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.979| 0.150| 0.383| 146861.081| 2.700] @@ -77,6 +56,8 @@ [IATS(ms)....: 707.1,619.8,619.1,1979.4,36.3,69.7,132.0,26.4,100.1,1.5,36.5,24.6,0.1,0.2,0.3,0.3,10.7,26.1,102.4,15.1,0.3,0.6,0.5,0.9,0.2,0.8,7.6,0.9,0.1,0.6,131.2] [PKTLENS.....: 72,72,72,72,72,72,72,156,72,165,150,130,899,899,899,898,1146,194,143,198,1022,1022,1022,1022,1022,1020,150,920,920,920,1048,210] [ENTROPIES...: 5.6,5.7,5.5,5.6,5.4,5.5,5.6,6.6,5.7,6.7,6.5,6.4,7.7,7.8,7.8,7.8,7.8,6.7,6.4,6.9,7.8,7.8,7.8,7.8,7.8,7.8,6.6,7.8,7.8,7.8,7.8,7.0] + detection-update: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] detected: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [....13] [ip4][..udp] [...192.168.2.12][65025] -> [239.255.255.250][.1900] diff --git a/test/results/flow-info/default/wa_voice.pcap.out b/test/results/flow-info/default/wa_voice.pcap.out index 741d31927..4aae12457 100644 --- a/test/results/flow-info/default/wa_voice.pcap.out +++ b/test/results/flow-info/default/wa_voice.pcap.out @@ -53,29 +53,14 @@ detected: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_raop._tcp.local] new: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] detected: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] detected: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] detected: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] detected: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] detected: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] detected: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] new: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] @@ -99,8 +84,6 @@ new: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] detected: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 12.196| 1.588| 3.050| 9304956.469| 3.200] @@ -114,12 +97,8 @@ new: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] detected: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 1.204| 0.182| 0.229| 52393.320| 4.200] @@ -130,6 +109,8 @@ [IATS(ms)....: 578.2,623.6,1203.7,72.5,167.2,11.6,115.7,158.4,0.0,172.8,173.6,169.8,156.2,136.6,155.3,179.8,99.3,157.4,38.3,163.4,181.3,166.6,142.4,3.0,26.0,115.3,6.1,171.8,106.3,56.2,143.4] [PKTLENS.....: 72,72,72,72,72,72,199,260,150,161,301,137,159,159,133,149,136,150,172,164,155,159,164,170,150,54,150,150,156,150,139,179] [ENTROPIES...: 5.5,5.6,5.5,5.6,5.5,5.6,6.9,7.1,6.7,6.6,7.3,6.5,6.7,6.6,6.5,6.6,6.5,6.6,6.7,6.8,6.7,6.7,6.7,6.7,6.5,5.2,6.6,6.6,6.7,6.6,6.6,6.8] + detection-update: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local] detection-update: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local] new: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [MIDSTREAM] @@ -154,7 +135,7 @@ end: [.....9] [ip4][..tcp] [...17.171.47.85][..443] -> [...192.168.2.12][50502] [TLS][Apple][Web][Safe] idle: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] idle: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] [ICMP][Unknown][Network][Acceptable] - not-detected: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [Unknown][Unknown][Unrated] + not-detected: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [Unknown][Unknown][Unspecified][Unrated] idle: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] idle: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][media-mxp1-1.cdn.whatsapp.net] idle: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] diff --git a/test/results/flow-info/default/waze.pcap.out b/test/results/flow-info/default/waze.pcap.out index 7209cfdc5..7f94d3908 100644 --- a/test/results/flow-info/default/waze.pcap.out +++ b/test/results/flow-info/default/waze.pcap.out @@ -210,7 +210,7 @@ end: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] guessed: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] end: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] - not-detected: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [Unknown][Unknown][Unrated] + not-detected: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [Unknown][Unknown][Unspecified][Unrated] end: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] end: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older) diff --git a/test/results/flow-info/default/websocket-chisel-ssh.pcap.out b/test/results/flow-info/default/websocket-chisel-ssh.pcap.out index 903014f48..490839869 100644 --- a/test/results/flow-info/default/websocket-chisel-ssh.pcap.out +++ b/test/results/flow-info/default/websocket-chisel-ssh.pcap.out @@ -7,10 +7,8 @@ new: [.....2] [ip4][..tcp] [..172.18.82.243][...80] -> [..172.18.82.242][51634] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..172.18.82.243][...80] -> [..172.18.82.242][51634] [HTTP.WebSocket][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [.....2] [ip4][..tcp] [..172.18.82.243][...80] -> [..172.18.82.242][51634] [HTTP.WebSocket][Unknown][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..172.18.82.242][41986] -> [..172.18.82.243][...80] [HTTP.WebSocket][Unknown][Web][Acceptable][something1.tld] RISK: Obfuscated Traffic idle: [.....2] [ip4][..tcp] [..172.18.82.243][...80] -> [..172.18.82.242][51634] [HTTP.WebSocket][Unknown][Web][Acceptable] - RISK: HTTP Susp User-Agent, Unidirectional Traffic + RISK: HTTP Susp User-Agent DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wechat.pcap.out b/test/results/flow-info/default/wechat.pcap.out index ca9ed0a32..97ffe0ef4 100644 --- a/test/results/flow-info/default/wechat.pcap.out +++ b/test/results/flow-info/default/wechat.pcap.out @@ -538,8 +538,6 @@ new: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] detected: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] - detection-update: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic new: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [MIDSTREAM] new: [....86] [ip4][..tcp] [..192.168.1.103][39195] -> [...95.101.34.34][...80] [MIDSTREAM] new: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] [MIDSTREAM] @@ -550,8 +548,6 @@ detected: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] new: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] detected: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] - detection-update: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] - RISK: Unidirectional Traffic new: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] detected: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] new: [....93] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] @@ -568,12 +564,10 @@ detected: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] update: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] update: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] update: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] update: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] detected: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic new: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] detected: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] new: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] @@ -585,31 +579,21 @@ new: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] detected: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org] detection-update: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org] - RISK: Unidirectional Traffic new: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] detected: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][giovanni-pc] - detection-update: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com] - RISK: Unidirectional Traffic new: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] detected: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][ssl.gstatic.com] - detection-update: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][ssl.gstatic.com.lan] - RISK: Unidirectional Traffic - detection-update: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] - RISK: Unidirectional Traffic new: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] detected: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org.lan] detection-update: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org.lan] - RISK: Unidirectional Traffic new: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] detected: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] new: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] detected: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][2.debian.pool.ntp.org] detection-update: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][2.debian.pool.ntp.org] - RISK: Unidirectional Traffic new: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] detected: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] idle: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] guessed: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic @@ -641,17 +625,14 @@ idle: [....94] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....93] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] idle: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [Google][Google][Web][Acceptable] idle: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] idle: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] idle: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] idle: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] end: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic idle: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][giovanni-pc] idle: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] @@ -667,16 +648,11 @@ RISK: Unidirectional Traffic idle: [....77] [ip4][..tcp] [..192.168.1.103][54205] -> [.64.233.167.188][..443] idle: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] idle: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] idle: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/whatsapp_login_call.pcap.out b/test/results/flow-info/default/whatsapp_login_call.pcap.out index 9662e8554..69eb03e72 100644 --- a/test/results/flow-info/default/whatsapp_login_call.pcap.out +++ b/test/results/flow-info/default/whatsapp_login_call.pcap.out @@ -3,8 +3,6 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] new: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [MIDSTREAM] new: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [MIDSTREAM] new: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [MIDSTREAM] @@ -73,44 +71,20 @@ new: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [MIDSTREAM] new: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] detected: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] detected: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] detected: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] detected: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] detected: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] detected: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] detected: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] detected: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] new: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [MIDSTREAM] new: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [MIDSTREAM] new: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] @@ -128,8 +102,6 @@ RISK: Known Proto on Non Std Port detection-update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.352| 0.131| 0.070| 4931.355| 4.700] @@ -140,6 +112,8 @@ [IATS(ms)....: 85.5,95.2,66.1,60.4,102.7,208.4,184.1,159.6,139.1,188.5,352.4,23.4,152.9,55.1,31.1,91.6,0.1,141.2,0.0,163.2,159.2,188.6,161.9,163.6,162.1,156.8,164.9,143.2,181.6,163.3,123.9] [PKTLENS.....: 72,72,328,72,72,301,211,297,234,301,206,134,50,235,185,134,123,54,246,54,260,120,337,103,301,103,305,229,306,317,315,291] [ENTROPIES...: 5.6,5.7,7.3,5.6,5.6,7.3,6.9,7.2,7.0,7.3,6.9,6.5,5.1,7.0,6.8,6.4,6.4,5.2,7.1,5.1,7.1,6.4,7.3,6.1,7.4,6.1,7.3,7.0,7.3,7.3,7.3,7.2] + detection-update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] detected: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] new: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] @@ -168,44 +142,20 @@ update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable] new: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] detected: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] detected: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] detected: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] detected: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] detected: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] detected: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] detected: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] detected: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] @@ -216,8 +166,6 @@ RISK: Known Proto on Non Std Port detection-update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.307| 0.114| 0.086| 7398.241| 4.500] @@ -228,6 +176,8 @@ [IATS(ms)....: 304.3,307.4,8.4,89.9,31.9,6.5,226.2,154.2,0.0,188.0,0.3,163.9,163.4,160.1,21.8,153.7,0.1,168.1,122.6,138.9,158.5,186.7,16.2,65.9,114.2,83.7,193.2,164.5,1.3,77.1,55.4] [PKTLENS.....: 72,72,72,72,72,134,124,306,167,54,232,134,228,212,103,134,151,54,172,156,161,172,156,134,114,140,205,140,209,54,134,171] [ENTROPIES...: 5.6,5.6,5.6,5.5,5.6,6.3,6.4,7.3,6.7,5.2,7.0,6.6,7.1,7.0,6.2,6.5,6.6,5.2,6.7,6.6,6.7,6.7,6.7,6.4,6.3,6.5,6.9,6.5,6.9,5.2,6.6,6.7] + detection-update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Known Proto on Non Std Port update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] diff --git a/test/results/flow-info/default/whatsapp_login_chat.pcap.out b/test/results/flow-info/default/whatsapp_login_chat.pcap.out index 7e3fa439a..0cf073534 100644 --- a/test/results/flow-info/default/whatsapp_login_chat.pcap.out +++ b/test/results/flow-info/default/whatsapp_login_chat.pcap.out @@ -10,8 +10,6 @@ detected: [.....3] [ip4][..tcp] [....192.168.2.4][49206] -> [...158.85.58.15][.5222] [WhatsApp][Unknown][Chat][Acceptable] new: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] analyse: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 3.031| 0.229| 0.711| 505750.847| 2.000] diff --git a/test/results/flow-info/default/wow.pcap.out b/test/results/flow-info/default/wow.pcap.out deleted file mode 100644 index dbe647b35..000000000 --- a/test/results/flow-info/default/wow.pcap.out +++ /dev/null @@ -1,27 +0,0 @@ - DAEMON-EVENT: init - DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] - new: [.....1] [ip4][..tcp] [.192.168.178.20][39309] -> [..12.129.222.53][...80] - new: [.....2] [ip4][..tcp] [.192.168.178.20][39312] -> [...24.105.29.21][...80] - detected: [.....1] [ip4][..tcp] [.192.168.178.20][39309] -> [..12.129.222.53][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] - RISK: HTTP Susp User-Agent - detected: [.....2] [ip4][..tcp] [.192.168.178.20][39312] -> [...24.105.29.21][...80] [HTTP.WorldOfWarcraft][Starcraft][Game][Fun][launcher.worldofwarcraft.com] - RISK: HTTP Susp User-Agent - detection-update: [.....1] [ip4][..tcp] [.192.168.178.20][39309] -> [..12.129.222.53][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] - RISK: HTTP Susp User-Agent, HTTP Obsolete Server - new: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] - detected: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - new: [.....4] [ip4][..tcp] [.192.168.178.20][39364] -> [.12.129.228.153][.3724] - detected: [.....4] [ip4][..tcp] [.192.168.178.20][39364] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - DAEMON-EVENT: [Processed: 82 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] - new: [.....5] [ip4][..tcp] [.192.168.178.20][39593] -> [.12.129.228.152][.3724] - detected: [.....5] [ip4][..tcp] [.192.168.178.20][39593] -> [.12.129.228.152][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - end: [.....2] [ip4][..tcp] [.192.168.178.20][39312] -> [...24.105.29.21][...80] [HTTP.WorldOfWarcraft][Starcraft][Game][Fun][launcher.worldofwarcraft.com] - RISK: HTTP Susp User-Agent - end: [.....1] [ip4][..tcp] [.192.168.178.20][39309] -> [..12.129.222.53][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] - RISK: HTTP Susp User-Agent, HTTP Obsolete Server - idle: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - idle: [.....4] [ip4][..tcp] [.192.168.178.20][39364] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - idle: [.....5] [ip4][..tcp] [.192.168.178.20][39593] -> [.12.129.228.152][.3724] [WorldOfWarcraft][Unknown][Game][Fun] - DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/yandex.pcapng.out b/test/results/flow-info/default/yandex.pcapng.out index 463b048ed..ff2e6c71e 100644 --- a/test/results/flow-info/default/yandex.pcapng.out +++ b/test/results/flow-info/default/yandex.pcapng.out @@ -9,13 +9,10 @@ DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] new: [.....2] [ip4][..tcp] [..192.168.1.249][57126] -> [178.154.131.216][..443] detected: [.....2] [ip4][..tcp] [..192.168.1.249][57126] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe][yastatic.net] - RISK: Unidirectional Traffic new: [.....3] [ip4][..tcp] [..192.168.1.249][42102] -> [178.154.131.216][..443] detected: [.....3] [ip4][..tcp] [..192.168.1.249][42102] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe][yastatic.net] - RISK: Unidirectional Traffic new: [.....4] [ip4][..tcp] [..192.168.1.249][40870] -> [..87.250.251.22][..443] detected: [.....4] [ip4][..tcp] [..192.168.1.249][40870] -> [..87.250.251.22][..443] [TLS.YandexMarket][Yandex][Shopping][Safe][fenek.market.yandex.ru] - RISK: Unidirectional Traffic new: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] detected: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] [TLS.YandexCloud][Yandex][Cloud][Safe][cloud.yandex.ru] detection-update: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] [TLS.YandexCloud][Yandex][Cloud][Safe][cloud.yandex.ru] @@ -30,21 +27,16 @@ detection-update: [.....7] [ip4][..tcp] [..192.168.1.249][42954] -> [...77.88.21.127][..443] [TLS.YandexDisk][Yandex][Cloud][Safe][1.downloader.disk.yandex.kz] new: [.....8] [ip4][..tcp] [..192.168.1.249][45224] -> [....77.88.21.37][..443] detected: [.....8] [ip4][..tcp] [..192.168.1.249][45224] -> [....77.88.21.37][..443] [TLS.YandexMail][Yandex][Email][Safe][mail.yandex.kz] - RISK: Unidirectional Traffic new: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] detected: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe][metrika.yandex.kz] detection-update: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe][metrika.yandex.kz] idle: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] [TLS.YandexCloud][Yandex][Cloud][Safe] idle: [.....6] [ip4][..tcp] [..192.168.1.249][58832] -> [.87.250.250.134][..443] [TLS.YandexDirect][Yandex][Advertisement][Tracker/Ads] idle: [.....2] [ip4][..tcp] [..192.168.1.249][57126] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [..192.168.1.249][42954] -> [...77.88.21.127][..443] [TLS.YandexDisk][Yandex][Cloud][Safe] idle: [.....8] [ip4][..tcp] [..192.168.1.249][45224] -> [....77.88.21.37][..443] [TLS.YandexMail][Yandex][Email][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [..192.168.1.249][40870] -> [..87.250.251.22][..443] [TLS.YandexMarket][Yandex][Shopping][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [..192.168.1.249][42102] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe] idle: [.....1] [ip4][..tcp] [..192.168.1.249][40218] -> [213.180.204.186][..443] [TLS.YandexMusic][Yandex][Music][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/zoom.pcap.out b/test/results/flow-info/default/zoom.pcap.out index 97c0573b2..19b2ace25 100644 --- a/test/results/flow-info/default/zoom.pcap.out +++ b/test/results/flow-info/default/zoom.pcap.out @@ -14,8 +14,6 @@ ERROR-EVENT: Unknown packet type [1/16] new: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - detection-update: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagmanager.com] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic new: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] detected: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] new: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] @@ -44,8 +42,6 @@ new: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] [MIDSTREAM] new: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [MIDSTREAM] detected: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] new: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] detected: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] [ICMP][Zoom][Network][Acceptable] ERROR-EVENT: Unknown packet type [2/16] @@ -118,8 +114,6 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable][zoomfrn99mmr.zoom.us] RISK: TLS (probably) Not Carrying HTTPS - detection-update: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - RISK: Unidirectional Traffic analyse: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.156| 0.028| 0.040| 1628.090| 3.800] @@ -148,7 +142,7 @@ new: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] detected: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] DAEMON-EVENT: [Processed: 697 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 33 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 26|updates: 0] + DAEMON-EVENT: [Flows][active: 33 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 23|updates: 0] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: Unknown packet type [3/16] @@ -193,7 +187,6 @@ end: [....26] [ip4][..tcp] [..192.168.1.117][54868] -> [.213.19.144.104][..443] [TLS.Zoom][Zoom][Video][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] idle: [....29] [ip4][..udp] [..192.168.1.117][51185] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][zoomfrn99mmr.zoom.us] idle: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] @@ -215,7 +208,7 @@ idle: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] idle: [.....2] [ip4][..udp] [..192.168.1.117][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) idle: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable][zoomfrn99mmr.zoom.us] RISK: TLS (probably) Not Carrying HTTPS guessed: [....11] [ip4][..tcp] [..192.168.1.117][54798] -> [..13.225.84.182][..443] [TLS][AmazonAWS][Web][Safe] diff --git a/test/results/flow-info/default/zoom2.pcap.out b/test/results/flow-info/default/zoom2.pcap.out index 71dfd8830..95b25fb54 100644 --- a/test/results/flow-info/default/zoom2.pcap.out +++ b/test/results/flow-info/default/zoom2.pcap.out @@ -10,9 +10,6 @@ RISK: TLS (probably) Not Carrying HTTPS new: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] detected: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] analyse: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.167| 0.025| 0.040| 1639.456| 3.600] @@ -25,14 +22,8 @@ [ENTROPIES...: 5.8,5.8,4.9,4.2,5.4,5.6,4.8,4.3,5.6,4.7,4.7,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,4.8,0.6,0.6,0.6,0.6,0.6,0.6,0.6] new: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] detected: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] detected: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] analyse: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.176| 0.043| 0.049| 2389.122| 4.100] diff --git a/test/results/flow-info/default/zoom_p2p.pcapng.out b/test/results/flow-info/default/zoom_p2p.pcapng.out index a18e8a561..013324721 100644 --- a/test/results/flow-info/default/zoom_p2p.pcapng.out +++ b/test/results/flow-info/default/zoom_p2p.pcapng.out @@ -93,10 +93,10 @@ RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] detected: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][.icmp] [.206.247.10.253] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] RISK: Susp Entropy + detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] + RISK: Unidirectional Traffic analyse: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] [Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.052| 0.013| 0.016| 253.890| 4.000] diff --git a/test/results/flow-info/default/zug.pcap.out b/test/results/flow-info/default/zug.pcap.out index 0a8c011b0..8e7832d46 100644 --- a/test/results/flow-info/default/zug.pcap.out +++ b/test/results/flow-info/default/zug.pcap.out @@ -20,7 +20,7 @@ DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....5] [ip4][..udp] [..173.46.102.72][41686] -> [.204.88.149.147][19000] detected: [.....5] [ip4][..udp] [..173.46.102.72][41686] -> [.204.88.149.147][19000] [ZUG][Unknown][Crypto_Currency][Acceptable] - not-detected: [.....4] [ip4][..udp] [..61.59.105.181][19000] -> [..199.24.15.231][48793] [Unknown][Unknown][Unrated] + not-detected: [.....4] [ip4][..udp] [..61.59.105.181][19000] -> [..199.24.15.231][48793] [Unknown][Unknown][Unspecified][Unrated] RISK: Susp Entropy, Unidirectional Traffic idle: [.....4] [ip4][..udp] [..61.59.105.181][19000] -> [..199.24.15.231][48793] DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/disable_aggressiveness/ookla.pcap.out b/test/results/flow-info/disable_aggressiveness/ookla.pcap.out index eeeabc4c9..5573435ae 100644 --- a/test/results/flow-info/disable_aggressiveness/ookla.pcap.out +++ b/test/results/flow-info/disable_aggressiveness/ookla.pcap.out @@ -11,6 +11,7 @@ new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [Ookla][Unknown][Network][Safe] + RISK: Susp Entropy idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] diff --git a/test/results/flow-info/disable_protocols/esp.pcapng.out b/test/results/flow-info/disable_protocols/esp.pcapng.out new file mode 100644 index 000000000..dc4f7dcdd --- /dev/null +++ b/test/results/flow-info/disable_protocols/esp.pcapng.out @@ -0,0 +1,10 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] + detected: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][Unknown][VPN][Safe] + new: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] + detected: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] + idle: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] + idle: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][Unknown][VPN][Safe] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_protocols/ospfv2_add_new_prefix.pcap.out b/test/results/flow-info/disable_protocols/ospfv2_add_new_prefix.pcap.out new file mode 100644 index 000000000..617739bac --- /dev/null +++ b/test/results/flow-info/disable_protocols/ospfv2_add_new_prefix.pcap.out @@ -0,0 +1,7 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][...89] [.....10.1.10.10] -> [......10.1.10.1] + detected: [.....1] [ip4][...89] [.....10.1.10.10] -> [......10.1.10.1] [OSPF][Unknown][Network][Acceptable] + idle: [.....1] [ip4][...89] [.....10.1.10.10] -> [......10.1.10.1] [OSPF][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_protocols/sctp.cap.out b/test/results/flow-info/disable_protocols/sctp.cap.out new file mode 100644 index 000000000..6aa8c77d7 --- /dev/null +++ b/test/results/flow-info/disable_protocols/sctp.cap.out @@ -0,0 +1,10 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..132] [.....10.28.6.43] -> [.....10.28.6.44] + detected: [.....1] [ip4][..132] [.....10.28.6.43] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] + new: [.....2] [ip4][..132] [.....10.28.6.42] -> [.....10.28.6.44] + detected: [.....2] [ip4][..132] [.....10.28.6.42] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] + idle: [.....2] [ip4][..132] [.....10.28.6.42] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] + idle: [.....1] [ip4][..132] [.....10.28.6.43] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/disable_use_client_port/iphone.pcap.out b/test/results/flow-info/disable_use_client_port/iphone.pcap.out index 5cbb578e7..65d0bb16f 100644 --- a/test/results/flow-info/disable_use_client_port/iphone.pcap.out +++ b/test/results/flow-info/disable_use_client_port/iphone.pcap.out @@ -6,11 +6,11 @@ new: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac] new: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] - detected: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] - detected: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] - detected: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + detected: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] new: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] detected: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] new: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] @@ -195,7 +195,7 @@ idle: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][bag.itunes.apple.com] idle: [....14] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [....12] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] idle: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][mesu.apple.com] idle: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][gsp85-ssl.ls.apple.com] @@ -212,14 +212,14 @@ idle: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....40] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1] [ICMP][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.17][...68] [DHCP][Unknown][Network][Acceptable] - not-detected: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] [Unknown][Unknown][Unrated] + not-detected: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] [Unknown][Unknown][Unspecified][Unrated] idle: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] idle: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] idle: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe] idle: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] idle: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local] + idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][luca���s imac._odisk._tcp.local] end: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80] [HTTP.Apple][Apple][ConnCheck][Safe][captive.apple.com] idle: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] idle: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com] diff --git a/test/results/flow-info/dns_sub_enable/dns2.pcap.out b/test/results/flow-info/dns_sub_enable/dns2.pcap.out index ab5c61670..f7fe1474c 100644 --- a/test/results/flow-info/dns_sub_enable/dns2.pcap.out +++ b/test/results/flow-info/dns_sub_enable/dns2.pcap.out @@ -4,7 +4,6 @@ new: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] detected: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] detection-update: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] - RISK: Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] idle: [.....1] [ip4][..udp] [192.168.255.251][56550] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.github.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/dns_sub_enable/dns_retransmissions.pcap.out b/test/results/flow-info/dns_sub_enable/dns_retransmissions.pcap.out index 00c4910b5..1dfda7640 100644 --- a/test/results/flow-info/dns_sub_enable/dns_retransmissions.pcap.out +++ b/test/results/flow-info/dns_sub_enable/dns_retransmissions.pcap.out @@ -4,7 +4,5 @@ new: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] detected: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] detection-update: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] - RISK: Unidirectional Traffic - detection-update: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] idle: [.....1][.103] [ip4][..udp] [..37.41.101.140][11892] -> [.208.67.222.222][...53] [DNS][OpenDNS][Network][Acceptable][api.msn.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/enable_payload_stat/1kxun.pcap.out b/test/results/flow-info/enable_payload_stat/1kxun.pcap.out index cc644d2aa..3e1a35e08 100644 --- a/test/results/flow-info/enable_payload_stat/1kxun.pcap.out +++ b/test/results/flow-info/enable_payload_stat/1kxun.pcap.out @@ -29,14 +29,10 @@ new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi] new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad] @@ -53,16 +49,12 @@ new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com] new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] @@ -155,8 +147,6 @@ new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] - RISK: Unidirectional Traffic - detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com] new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] @@ -306,9 +296,6 @@ new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -414,7 +401,7 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port @@ -454,7 +441,7 @@ idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] @@ -464,18 +451,18 @@ idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] - not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook] - not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] - not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] - not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected @@ -529,7 +516,7 @@ idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] @@ -547,7 +534,7 @@ idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] @@ -595,7 +582,7 @@ idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] @@ -603,8 +590,6 @@ detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic - detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] @@ -738,9 +723,6 @@ detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] @@ -762,22 +744,14 @@ new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - RISK: Unidirectional Traffic new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: Unidirectional Traffic new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] @@ -788,9 +762,6 @@ detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] diff --git a/test/results/flow-info/flow_risk_infos_disabled/http_invalid_server.pcap.out b/test/results/flow-info/flow_risk_infos_disabled/http_invalid_server.pcap.out index 45dff338d..200990edb 100644 --- a/test/results/flow-info/flow_risk_infos_disabled/http_invalid_server.pcap.out +++ b/test/results/flow-info/flow_risk_infos_disabled/http_invalid_server.pcap.out @@ -2,10 +2,10 @@ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] - detected: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP][AmazonAWS][Web][Acceptable][ocsp.rootg2.amazontrust.com] + detected: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent - detection-update: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Web][Safe][ocsp.rootg2.amazontrust.com] + detection-update: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent, HTTP Susp Header - end: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Web][Safe][ocsp.rootg2.amazontrust.com] + end: [.....1] [ip4][..tcp] [...192.168.1.29][51536] -> [.143.204.14.183][...80] [HTTP.OCSP][AmazonAWS][Network][Safe][ocsp.rootg2.amazontrust.com] RISK: HTTP Susp User-Agent, HTTP Susp Header DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/fpc/1kxun.pcap.out b/test/results/flow-info/fpc/1kxun.pcap.out index cc644d2aa..3e1a35e08 100644 --- a/test/results/flow-info/fpc/1kxun.pcap.out +++ b/test/results/flow-info/fpc/1kxun.pcap.out @@ -29,14 +29,10 @@ new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi] new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad] @@ -53,16 +49,12 @@ new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com] new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] @@ -155,8 +147,6 @@ new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] - RISK: Unidirectional Traffic - detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com] new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] @@ -306,9 +296,6 @@ new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -414,7 +401,7 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port @@ -454,7 +441,7 @@ idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] @@ -464,18 +451,18 @@ idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] - not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook] - not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] - not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] - not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected @@ -529,7 +516,7 @@ idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] @@ -547,7 +534,7 @@ idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] @@ -595,7 +582,7 @@ idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] @@ -603,8 +590,6 @@ detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic - detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] @@ -738,9 +723,6 @@ detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] @@ -762,22 +744,14 @@ new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - RISK: Unidirectional Traffic new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: Unidirectional Traffic new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] @@ -788,9 +762,6 @@ detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] diff --git a/test/results/flow-info/fpc/signal_videocall.pcapng.out b/test/results/flow-info/fpc/signal_videocall.pcapng.out index 626c8440d..964b3c0e5 100644 --- a/test/results/flow-info/fpc/signal_videocall.pcapng.out +++ b/test/results/flow-info/fpc/signal_videocall.pcapng.out @@ -5,13 +5,8 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] new: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] detected: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] diff --git a/test/results/flow-info/fpc_disabled/teams.pcap.out b/test/results/flow-info/fpc_disabled/teams.pcap.out index 45e6ad626..73e35011c 100644 --- a/test/results/flow-info/fpc_disabled/teams.pcap.out +++ b/test/results/flow-info/fpc_disabled/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Teams][Azure][Collaborative][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/guess_ip_before_port_enabled/1kxun.pcap.out b/test/results/flow-info/guess_ip_before_port_enabled/1kxun.pcap.out index cc644d2aa..3e1a35e08 100644 --- a/test/results/flow-info/guess_ip_before_port_enabled/1kxun.pcap.out +++ b/test/results/flow-info/guess_ip_before_port_enabled/1kxun.pcap.out @@ -29,14 +29,10 @@ new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi] new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad] @@ -53,16 +49,12 @@ new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com] new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] @@ -155,8 +147,6 @@ new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] - RISK: Unidirectional Traffic - detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com] new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] @@ -306,9 +296,6 @@ new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -414,7 +401,7 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port @@ -454,7 +441,7 @@ idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] @@ -464,18 +451,18 @@ idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] - not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook] - not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] - not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] - not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected @@ -529,7 +516,7 @@ idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] @@ -547,7 +534,7 @@ idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] @@ -595,7 +582,7 @@ idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] @@ -603,8 +590,6 @@ detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic - detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] @@ -738,9 +723,6 @@ detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] @@ -762,22 +744,14 @@ new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - RISK: Unidirectional Traffic new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: Unidirectional Traffic new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] @@ -788,9 +762,6 @@ detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] diff --git a/test/results/flow-info/http_process_response_disable/http_asymmetric.pcapng.out b/test/results/flow-info/http_process_response_disable/http_asymmetric.pcapng.out index 2c5c2af68..99f08c377 100644 --- a/test/results/flow-info/http_process_response_disable/http_asymmetric.pcapng.out +++ b/test/results/flow-info/http_process_response_disable/http_asymmetric.pcapng.out @@ -4,9 +4,10 @@ new: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] new: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] detected: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] - RISK: Unidirectional Traffic detected: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Susp Entropy, Unidirectional Traffic + RISK: HTTP Susp User-Agent, Susp Entropy + detection-update: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] + RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Susp Entropy, Error Code, Unidirectional Traffic end: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] diff --git a/test/results/flow-info/ip_lists_disable/1kxun.pcap.out b/test/results/flow-info/ip_lists_disable/1kxun.pcap.out index cc644d2aa..3e1a35e08 100644 --- a/test/results/flow-info/ip_lists_disable/1kxun.pcap.out +++ b/test/results/flow-info/ip_lists_disable/1kxun.pcap.out @@ -29,14 +29,10 @@ new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] - RISK: Unidirectional Traffic - detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi] new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi] new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM] new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad] @@ -53,16 +49,12 @@ new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com] new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com] detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com] new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] - RISK: Unidirectional Traffic - detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com] new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80] new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80] new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80] @@ -155,8 +147,6 @@ new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] - RISK: Unidirectional Traffic - detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com] new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com] new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080] @@ -306,9 +296,6 @@ new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM] detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -414,7 +401,7 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port @@ -454,7 +441,7 @@ idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] - not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] @@ -464,18 +451,18 @@ idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] - not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] + not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook] - not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] - not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] - not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] + not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated] idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected @@ -529,7 +516,7 @@ idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw] idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] @@ -547,7 +534,7 @@ idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp] idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc] - not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc] idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad] @@ -595,7 +582,7 @@ idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????] RISK: Non-Printable/Invalid Chars Detected idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c] - not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated] + not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated] idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] @@ -603,8 +590,6 @@ detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] - RISK: HTTP Susp User-Agent, Unidirectional Traffic - detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] @@ -738,9 +723,6 @@ detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] @@ -762,22 +744,14 @@ new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - RISK: Unidirectional Traffic new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM] detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] - RISK: Unidirectional Traffic new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM] detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] - detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] @@ -788,9 +762,6 @@ detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] - RISK: Unidirectional Traffic - detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] diff --git a/test/results/flow-info/monitoring/signal_audiocall.pcapng.out b/test/results/flow-info/monitoring/signal_audiocall.pcapng.out index 6008c8d4b..caa87375a 100644 --- a/test/results/flow-info/monitoring/signal_audiocall.pcapng.out +++ b/test/results/flow-info/monitoring/signal_audiocall.pcapng.out @@ -5,9 +5,6 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][45419] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][45419] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] @@ -27,10 +24,6 @@ [IATS(ms)....: 1.7,3.7,1.2,10.3,10.2,26.7,26.6,250.2,250.3,501.2,501.1,1004.0,1009.3,956.1,950.7,3.8,9.0,1.1,5.3,38.9,115.9,0.0,84.9,11.6,28.8,13.0,35.9,1.2,42.5,17.7,63.5] [PKTLENS.....: 48,56,80,112,144,112,56,108,56,108,56,108,56,108,148,80,168,148,128,80,160,168,136,128,168,168,128,168,148,80,136,136] [ENTROPIES...: 5.1,4.9,5.5,5.7,5.8,5.7,4.9,5.7,4.9,5.7,4.9,5.6,4.9,5.7,5.8,5.9,6.1,5.8,5.9,5.7,6.0,6.2,6.0,5.8,5.9,6.1,5.8,5.9,5.9,5.9,6.0,5.9] - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port analyse: [.....4] [ip4][..udp] [..192.168.12.67][45419] -> [..35.219.226.11][54116] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.008| 2.229| 0.465| 0.655| 429159.809| 3.800] diff --git a/test/results/flow-info/monitoring/signal_videocall.pcapng.out b/test/results/flow-info/monitoring/signal_videocall.pcapng.out index 626c8440d..964b3c0e5 100644 --- a/test/results/flow-info/monitoring/signal_videocall.pcapng.out +++ b/test/results/flow-info/monitoring/signal_videocall.pcapng.out @@ -5,13 +5,8 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] new: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] detected: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] diff --git a/test/results/flow-info/monitoring/stun.pcap.out b/test/results/flow-info/monitoring/stun.pcap.out index 9db02bdbf..7a844e42c 100644 --- a/test/results/flow-info/monitoring/stun.pcap.out +++ b/test/results/flow-info/monitoring/stun.pcap.out @@ -3,20 +3,19 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] detected: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN][Google][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [.192.168.12.169][43016] -> [.74.125.247.128][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com] new: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] detected: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] RISK: Susp Entropy end: [.....1][1611] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.TeamsCall][Unknown][VoIP][Acceptable] + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 24 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] detected: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][] idle: [.....3] [ip4][.icmp] [.192.168.12.169] -> [.74.125.247.128] [ICMP][Google][Network][Acceptable] @@ -36,7 +35,7 @@ [ENTROPIES...: 5.4,5.5,5.4,5.5,5.5,5.5,5.5,5.5,5.5,5.6,5.5,5.6,5.4,5.6,5.5,5.6,5.4,5.5,5.5,5.5,5.4,5.6,5.4,5.5,5.5,5.6,5.5,5.6,5.5,5.5,5.4,5.5] update: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] new: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] detected: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN][Facebook][Network][Acceptable][] RISK: Known Proto on Non Std Port @@ -54,14 +53,14 @@ [ENTROPIES...: 4.9,5.6,5.9,5.8,5.9,6.0,5.6,5.8,5.5,5.6,5.9,6.0,6.0,5.9,5.8,5.5,6.0,5.9,6.0,5.9,5.9,6.0,5.8,6.0,5.9,6.0,5.9,5.9,5.8,5.6,6.1,6.0] idle: [.....4] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 141 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 3] new: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] detected: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][] detection-update: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com] idle: [.....5] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable][turner.facebook] RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 161 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 3] new: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][] detection-update: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleCall][Google][VoIP][Acceptable] @@ -78,22 +77,17 @@ [ENTROPIES...: 5.9,5.9,5.0,5.9,7.3,6.7,5.8,5.7,7.4,5.7,6.0,6.2,6.4,5.9,6.1,5.4,5.4,5.6,5.9,5.3,5.2,5.9,5.8,5.2,6.1,5.9,6.0,6.1,6.0,5.9,6.1,5.9] idle: [.....6] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com] DAEMON-EVENT: [Processed: 194 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 3] new: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] detection-update: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] idle: [.....7] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [DTLS.GoogleCall][Google][VoIP][Acceptable] DAEMON-EVENT: [Processed: 198 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 3] new: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] detected: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] idle: [.....9] [ip6][..udp] [.............2600:1900:4160:5999:0:19::][.3478] -> [..2001:b07:a3d:c112:48a1:1094:1227:281e][48094] [STUN][GoogleCloud][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/monitoring/stun_signal.pcapng.out b/test/results/flow-info/monitoring/stun_signal.pcapng.out index 32aa70be8..0d2186390 100644 --- a/test/results/flow-info/monitoring/stun_signal.pcapng.out +++ b/test/results/flow-info/monitoring/stun_signal.pcapng.out @@ -20,25 +20,21 @@ new: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] detected: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] RISK: Susp Entropy - detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN][AmazonAWS][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN][AmazonAWS][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port + detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] new: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] @@ -55,23 +51,15 @@ RISK: Known Proto on Non Std Port new: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] detected: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] detected: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port + detection-update: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.679| 0.149| 0.201| 40331.911| 3.900] @@ -116,38 +104,25 @@ new: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] detected: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] detected: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] new: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] detected: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....21] [ip4][.icmp] [.35.158.122.211] -> [.192.168.12.169] detected: [....21] [ip4][.icmp] [.35.158.122.211] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] RISK: Susp Entropy detection-update: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - detection-update: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] - detection-update: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....16] [ip4][..udp] [.192.168.12.169][37970] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....16] [ip4][..udp] [.192.168.12.169][37970] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port - detection-update: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port new: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] detected: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port new: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] detected: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] RISK: Known Proto on Non Std Port + detection-update: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.665| 0.153| 0.189| 35784.253| 4.000] diff --git a/test/results/flow-info/monitoring/stun_wa_call.pcapng.out b/test/results/flow-info/monitoring/stun_wa_call.pcapng.out index 52241ec46..4a064300e 100644 --- a/test/results/flow-info/monitoring/stun_wa_call.pcapng.out +++ b/test/results/flow-info/monitoring/stun_wa_call.pcapng.out @@ -3,29 +3,14 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] detected: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] detected: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] detected: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] detected: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.505| 0.249| 0.601| 361608.839| 2.900] @@ -38,29 +23,14 @@ [ENTROPIES...: 7.0,7.0,5.8,5.8,5.8,7.0,7.0,7.0,7.0,5.7,5.8,5.7,5.7,5.7,5.2,5.2,5.8,7.0,7.0,5.7,5.8,5.8,4.9,6.0,6.1,5.0,5.5,5.7,6.6,5.5,6.9,7.2] new: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] detected: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] detected: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] detected: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.025| 0.011| 0.005| 24.788| 4.800] diff --git a/test/results/flow-info/monitoring/stun_zoom.pcapng.out b/test/results/flow-info/monitoring/stun_zoom.pcapng.out index 05276f928..aca5bdbb5 100644 --- a/test/results/flow-info/monitoring/stun_zoom.pcapng.out +++ b/test/results/flow-info/monitoring/stun_zoom.pcapng.out @@ -4,20 +4,12 @@ new: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] detected: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/monitoring/teams.pcap.out b/test/results/flow-info/monitoring/teams.pcap.out index 45e6ad626..73e35011c 100644 --- a/test/results/flow-info/monitoring/teams.pcap.out +++ b/test/results/flow-info/monitoring/teams.pcap.out @@ -77,8 +77,6 @@ ERROR-EVENT: Unknown packet type [11/16] ERROR-EVENT: Unknown packet type [12/16] detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] - RISK: Unidirectional Traffic - detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][b._dns-sd._udp.ntop.org] RISK: Error Code new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][] @@ -397,12 +395,6 @@ new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] - detection-update: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.TeamsCall][Azure][VoIP][Acceptable][] new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port @@ -419,10 +411,6 @@ [IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9] [PKTLENS.....: 64,52,40,227,1492,52,1492,588,52,52,1492,588,52,40,588,166,40,40,40,147,46,85,46,91,40,141,224,40,71,40,46,46] [ENTROPIES...: 4.4,4.9,4.5,5.4,7.5,4.6,7.4,6.2,4.7,4.7,7.7,7.0,4.7,4.5,7.6,6.6,4.4,4.5,4.5,6.4,4.5,5.8,4.6,5.4,4.6,6.4,6.9,4.5,5.4,4.4,4.6,4.6] - detection-update: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Teams][Azure][Collaborative][Safe][gate.hockeyapp.net] new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] @@ -480,7 +468,7 @@ RISK: Known Proto on Non Std Port idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][DigitalOcean][Network][Safe] RISK: Known Proto on Non Std Port - not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unrated] + not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unknown][Unspecified][Unrated] idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][config.teams.microsoft.com] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] @@ -520,9 +508,9 @@ idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][northeuropecns.trafficmanager.net] end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS diff --git a/test/results/flow-info/monitoring/telegram_videocall.pcapng.out b/test/results/flow-info/monitoring/telegram_videocall.pcapng.out index a5d33e1d4..9df6d1fa3 100644 --- a/test/results/flow-info/monitoring/telegram_videocall.pcapng.out +++ b/test/results/flow-info/monitoring/telegram_videocall.pcapng.out @@ -109,10 +109,6 @@ new: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] detected: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] @@ -128,6 +124,10 @@ new: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] detected: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] new: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [MIDSTREAM] + detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] diff --git a/test/results/flow-info/monitoring/telegram_videocall_2.pcapng.out b/test/results/flow-info/monitoring/telegram_videocall_2.pcapng.out index 3d5f85e4e..837083afa 100644 --- a/test/results/flow-info/monitoring/telegram_videocall_2.pcapng.out +++ b/test/results/flow-info/monitoring/telegram_videocall_2.pcapng.out @@ -22,10 +22,6 @@ detected: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [Telegram][Telegram][Chat][Acceptable] detection-update: [.....3] [ip4][..udp] [..192.168.12.67][39968] -> [...91.108.9.106][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][39329] -> [....91.108.13.3][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [..192.168.12.67][44679] -> [...91.108.17.49][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [..192.168.12.67][44275] -> [....91.108.9.10][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] detection-update: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] detection-update: [.....7] [ip4][..udp] [..192.168.12.67][46675] -> [....91.108.17.8][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] @@ -51,13 +47,13 @@ [ENTROPIES...: 4.6,4.7,4.6,4.7,5.7,5.8,6.0,5.7,6.1,5.7,5.8,6.1,6.1,5.8,6.0,5.7,6.0,5.8,5.8,6.0,5.2,6.1,6.2,6.8,7.5,6.1,5.8,6.4,6.1,5.7,6.2,5.7] idle: [.....2] [ip6][..udp] [..............fe80::76da:38ff:feed:5332][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.12.67][39329] -> [....91.108.13.3][.1400] [STUN][Telegram][Network][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [..192.168.12.67][39968] -> [...91.108.9.106][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..udp] [..192.168.12.67][42417] -> [...91.108.13.26][..598] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....6] [ip4][..udp] [..192.168.12.67][44275] -> [....91.108.9.10][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.12.67][44679] -> [...91.108.17.49][.1400] [STUN][Telegram][Network][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..udp] [..192.168.12.67][46675] -> [....91.108.17.8][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] idle: [.....1] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/monitoring/telegram_voice.pcapng.out b/test/results/flow-info/monitoring/telegram_voice.pcapng.out index 3a5d605f0..1a7c80850 100644 --- a/test/results/flow-info/monitoring/telegram_voice.pcapng.out +++ b/test/results/flow-info/monitoring/telegram_voice.pcapng.out @@ -26,10 +26,6 @@ detection-update: [.....6] [ip4][..udp] [..192.168.12.67][42567] -> [....91.108.9.34][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port detection-update: [.....9] [ip4][..udp] [..192.168.12.67][41011] -> [....91.108.9.68][..596] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [..192.168.12.67][44405] -> [...91.108.17.41][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....5] [ip4][..udp] [..192.168.12.67][46013] -> [...91.108.13.52][.1400] [STUN][Telegram][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....7] [ip4][..udp] [..192.168.12.67][39027] -> [...91.108.13.51][..597] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] analyse: [.....9] [ip4][..udp] [..192.168.12.67][41011] -> [....91.108.9.68][..596] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/ndpireader_conf_file/openvpn_obfuscated.pcapng.out b/test/results/flow-info/ndpireader_conf_file/openvpn_obfuscated.pcapng.out index d7b5b1307..2f5536349 100644 --- a/test/results/flow-info/ndpireader_conf_file/openvpn_obfuscated.pcapng.out +++ b/test/results/flow-info/ndpireader_conf_file/openvpn_obfuscated.pcapng.out @@ -13,7 +13,7 @@ [PKTLENS.....: 60,60,52,140,52,152,52,429,148,1500,1500,1500,52,52,152,164,52,52,376,873,52,52,801,52,310,172,395,176,52,199,52,148] [ENTROPIES...: 4.7,5.2,5.1,6.5,5.1,6.6,5.1,7.3,6.6,7.9,7.9,7.9,5.0,5.1,6.5,6.7,5.1,5.1,7.3,7.8,5.1,5.1,7.7,5.2,7.3,6.7,7.5,6.5,5.1,6.9,5.1,6.5] guessed: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy new: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] @@ -31,7 +31,7 @@ guessed: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy guessed: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] [NordVPN][NordVPN][VPN][Acceptable] RISK: Susp Entropy idle: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] diff --git a/test/results/flow-info/ndpireader_conf_file/shadowsocks.pcap.out b/test/results/flow-info/ndpireader_conf_file/shadowsocks.pcap.out new file mode 100644 index 000000000..6bfd135f5 --- /dev/null +++ b/test/results/flow-info/ndpireader_conf_file/shadowsocks.pcap.out @@ -0,0 +1,10 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] + detected: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] + new: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] + end: [.....1] [ip4][..tcp] [......127.0.0.1][37904] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] + not-detected: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] [Unknown][Unknown][Unspecified][Unrated] + end: [.....2] [ip4][..tcp] [......127.0.0.1][44276] -> [......127.0.0.1][.8388] + DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/ndpireader_conf_file/signal_videocall.pcapng.out b/test/results/flow-info/ndpireader_conf_file/signal_videocall.pcapng.out index 626c8440d..964b3c0e5 100644 --- a/test/results/flow-info/ndpireader_conf_file/signal_videocall.pcapng.out +++ b/test/results/flow-info/ndpireader_conf_file/signal_videocall.pcapng.out @@ -5,13 +5,8 @@ detected: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][] new: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] detected: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][] detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] new: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] detected: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][] diff --git a/test/results/flow-info/ndpireader_conf_file/stun_signal_tcp.pcapng.out b/test/results/flow-info/ndpireader_conf_file/stun_signal_tcp.pcapng.out index 1f6d126c4..54b78ec2f 100644 --- a/test/results/flow-info/ndpireader_conf_file/stun_signal_tcp.pcapng.out +++ b/test/results/flow-info/ndpireader_conf_file/stun_signal_tcp.pcapng.out @@ -3,7 +3,9 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] detected: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN][GoogleCloud][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] + RISK: Known Proto on Non Std Port analyse: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.287| 0.030| 0.068| 4621.743| 3.100] @@ -15,4 +17,5 @@ [PKTLENS.....: 52,52,40,68,46,124,156,124,40,160,160,160,160,92,92,144,40,172,46,172,46,288,140,46,172,46,172,148,46,188,40,140] [ENTROPIES...: 4.7,4.9,4.8,5.2,4.4,5.8,5.9,5.8,4.6,5.7,5.8,5.9,5.9,5.7,5.8,6.1,4.8,6.1,4.8,6.1,4.7,6.4,5.9,4.8,6.0,4.8,6.1,5.9,4.8,5.9,4.8,5.9] idle: [.....1] [ip4][..tcp] [..192.168.1.117][51296] -> [.35.219.252.146][...80] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org] + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/openvpn_heuristic_enabled/openvpn_obfuscated.pcapng.out b/test/results/flow-info/openvpn_heuristic_enabled/openvpn_obfuscated.pcapng.out index d7b5b1307..2f5536349 100644 --- a/test/results/flow-info/openvpn_heuristic_enabled/openvpn_obfuscated.pcapng.out +++ b/test/results/flow-info/openvpn_heuristic_enabled/openvpn_obfuscated.pcapng.out @@ -13,7 +13,7 @@ [PKTLENS.....: 60,60,52,140,52,152,52,429,148,1500,1500,1500,52,52,152,164,52,52,376,873,52,52,801,52,310,172,395,176,52,199,52,148] [ENTROPIES...: 4.7,5.2,5.1,6.5,5.1,6.6,5.1,7.3,6.6,7.9,7.9,7.9,5.0,5.1,6.5,6.7,5.1,5.1,7.3,7.8,5.1,5.1,7.7,5.2,7.3,6.7,7.5,6.5,5.1,6.9,5.1,6.5] guessed: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy new: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] @@ -31,7 +31,7 @@ guessed: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....3] [ip4][..tcp] [.107.161.86.131][..443] -> [.192.168.12.156][48072] [TLS][Unknown][Web][Safe] idle: [.....1] [ip4][..tcp] [.192.168.12.156][37976] -> [..185.128.25.99][..465] [SMTPS][NordVPN][Email][Safe] - RISK: Fully Encrypted Flow + RISK: Susp Entropy guessed: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] [NordVPN][NordVPN][VPN][Acceptable] RISK: Susp Entropy idle: [.....2] [ip4][..udp] [.192.168.12.156][47128] -> [149.102.238.108][.1214] diff --git a/test/results/flow-info/stun_extra_dissection/lru_ipv6_caches.pcapng.out b/test/results/flow-info/stun_extra_dissection/lru_ipv6_caches.pcapng.out index c480d8027..34b2f59dd 100644 --- a/test/results/flow-info/stun_extra_dissection/lru_ipv6_caches.pcapng.out +++ b/test/results/flow-info/stun_extra_dissection/lru_ipv6_caches.pcapng.out @@ -16,11 +16,11 @@ detected: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port detected: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port new: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] detected: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port - detection-update: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] + detection-update: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] @@ -28,39 +28,25 @@ RISK: Unidirectional Traffic new: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] detected: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic detection-update: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] detected: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] detected: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic detection-update: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] detection-update: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Unidirectional Traffic idle: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] -> [20ed:470f:6f73:ce60:60be:8b4f:df37:b080][45658] [RTCP][Unknown][VoIP][Acceptable] idle: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -69,9 +55,9 @@ idle: [.....2] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [3024:e5ee:ac2f:cd76:5dd6:a7a1:f17f:5c27][60506] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out b/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out index 05276f928..aca5bdbb5 100644 --- a/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out +++ b/test/results/flow-info/stun_extra_dissection/stun_zoom.pcapng.out @@ -4,20 +4,12 @@ new: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] detected: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] - detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] - RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [DTLS][Zoom][Network][Safe] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/stun_only_peer_address_enabled/stun_wa_call.pcapng.out b/test/results/flow-info/stun_only_peer_address_enabled/stun_wa_call.pcapng.out index 52241ec46..4a064300e 100644 --- a/test/results/flow-info/stun_only_peer_address_enabled/stun_wa_call.pcapng.out +++ b/test/results/flow-info/stun_only_peer_address_enabled/stun_wa_call.pcapng.out @@ -3,29 +3,14 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] detected: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] detected: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] detected: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] detected: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] detected: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] - detection-update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 2.505| 0.249| 0.601| 361608.839| 2.900] @@ -38,29 +23,14 @@ [ENTROPIES...: 7.0,7.0,5.8,5.8,5.8,7.0,7.0,7.0,7.0,5.7,5.8,5.7,5.7,5.7,5.2,5.2,5.8,7.0,7.0,5.7,5.8,5.8,4.9,6.0,6.1,5.0,5.5,5.7,6.6,5.5,6.9,7.2] new: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] detected: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] detected: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] detected: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] detected: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - RISK: Unidirectional Traffic - detection-update: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] - detection-update: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] analyse: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.025| 0.011| 0.005| 24.788| 4.800] diff --git a/test/results/flow-info/stun_only_peer_address_enabled/telegram_videocall.pcapng.out b/test/results/flow-info/stun_only_peer_address_enabled/telegram_videocall.pcapng.out index a5d33e1d4..9df6d1fa3 100644 --- a/test/results/flow-info/stun_only_peer_address_enabled/telegram_videocall.pcapng.out +++ b/test/results/flow-info/stun_only_peer_address_enabled/telegram_videocall.pcapng.out @@ -109,10 +109,6 @@ new: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] RISK: Known Proto on Non Std Port - detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] - RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] detected: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] @@ -128,6 +124,10 @@ new: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] detected: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] new: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [MIDSTREAM] + detection-update: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][] + RISK: Known Proto on Non Std Port, Unidirectional Traffic detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] RISK: Known Proto on Non Std Port detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][] diff --git a/test/results/flow-info/tls_heuristics_enabled/tls_heur__shadowsocks-tcp.pcapng.out b/test/results/flow-info/tls_heuristics_enabled/tls_heur__shadowsocks-tcp.pcapng.out index aeef38a2b..b1354a790 100644 --- a/test/results/flow-info/tls_heuristics_enabled/tls_heur__shadowsocks-tcp.pcapng.out +++ b/test/results/flow-info/tls_heuristics_enabled/tls_heur__shadowsocks-tcp.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] new: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][45334] -> [...............2a00:1450:4002:416::200e][..443] @@ -23,8 +22,8 @@ [PKTLENS.....: 80,80,72,589,72,1280,72,4904,631,72,72,345,720,103,103,72,1280,293,1280,72,72,72,1280,1280,1280,4948,72,72,1280,72,1280,1280] [ENTROPIES...: 4.8,5.3,5.2,4.8,5.2,7.8,5.2,8.0,7.6,5.2,5.2,7.1,7.7,5.8,5.8,5.1,7.8,7.1,7.9,5.2,5.2,5.2,7.8,7.9,7.8,8.0,5.1,5.2,7.9,5.2,7.8,7.8] idle: [.....2] [ip4][..udp] [......127.0.0.1][41182] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unrated] - RISK: Fully Encrypted Flow + not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unspecified][Unrated] + RISK: Susp Entropy idle: [.....3] [ip4][..tcp] [......127.0.0.1][40164] -> [......127.0.0.1][.1234] idle: [.....1] [ip4][..tcp] [......127.0.0.1][44424] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] idle: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][45334] -> [...............2a00:1450:4002:416::200e][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com] diff --git a/test/results/flow-info/tls_heuristics_enabled/tls_heur__trojan-tcp-tls.pcapng.out b/test/results/flow-info/tls_heuristics_enabled/tls_heur__trojan-tcp-tls.pcapng.out index bd5580d15..5bbd31a96 100644 --- a/test/results/flow-info/tls_heuristics_enabled/tls_heur__trojan-tcp-tls.pcapng.out +++ b/test/results/flow-info/tls_heuristics_enabled/tls_heur__trojan-tcp-tls.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][52786] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..192.168.1.183][46451] -> [..192.168.1.253][...53] detected: [.....3] [ip4][..udp] [..192.168.1.183][46451] -> [..192.168.1.253][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....4] [ip4][..udp] [..192.168.1.183][54260] -> [..192.168.1.253][...53] diff --git a/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp-tls.pcapng.out b/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp-tls.pcapng.out index 0a70f42ea..74170721f 100644 --- a/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp-tls.pcapng.out +++ b/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp-tls.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][46548] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..192.168.1.183][49817] -> [..192.168.1.253][...53] detected: [.....3] [ip4][..udp] [..192.168.1.183][49817] -> [..192.168.1.253][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....4] [ip4][..udp] [..192.168.1.183][41933] -> [..192.168.1.253][...53] diff --git a/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp.pcapng.out b/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp.pcapng.out index a5f713be1..84c76a6fd 100644 --- a/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp.pcapng.out +++ b/test/results/flow-info/tls_heuristics_enabled/tls_heur__vmess-tcp.pcapng.out @@ -6,7 +6,6 @@ new: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] detected: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] detection-update: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] - RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] new: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] new: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][48302] -> [...............2a00:1450:4006:80d::200e][..443] @@ -24,8 +23,7 @@ [ENTROPIES...: 4.9,4.8,4.9,5.4,5.2,4.8,5.2,7.9,7.8,5.2,5.2,7.8,7.9,5.2,5.2,6.4,6.6,7.7,5.9,6.4,5.9,5.2,7.9,7.2,7.9,5.2,7.9,5.2,7.9,5.2,7.9,5.2] idle: [.....2] [ip4][..udp] [......127.0.0.1][35957] -> [.....127.0.0.53][...53] [DNS][Unknown][Network][Acceptable][www.youtube.com] idle: [.....1] [ip4][..tcp] [......127.0.0.1][37218] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable] - not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unrated] - RISK: Fully Encrypted Flow + not-detected: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] [Unknown][Unknown][Unspecified][Unrated] idle: [.....3] [ip4][..tcp] [......127.0.0.1][40818] -> [......127.0.0.1][.1234] idle: [.....4] [ip6][..tcp] [..2001:b07:a3d:c112:8628:88aa:8b00:913c][48302] -> [...............2a00:1450:4006:80d::200e][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/zoom_extra_dissection/zoom.pcap.out b/test/results/flow-info/zoom_extra_dissection/zoom.pcap.out index 97c0573b2..19b2ace25 100644 --- a/test/results/flow-info/zoom_extra_dissection/zoom.pcap.out +++ b/test/results/flow-info/zoom_extra_dissection/zoom.pcap.out @@ -14,8 +14,6 @@ ERROR-EVENT: Unknown packet type [1/16] new: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - detection-update: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable][www.googletagmanager.com] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic new: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] detected: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250] new: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] @@ -44,8 +42,6 @@ new: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] [MIDSTREAM] new: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [MIDSTREAM] detected: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] - RISK: Unidirectional Traffic - detection-update: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] new: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] detected: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] [ICMP][Zoom][Network][Acceptable] ERROR-EVENT: Unknown packet type [2/16] @@ -118,8 +114,6 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable][zoomfrn99mmr.zoom.us] RISK: TLS (probably) Not Carrying HTTPS - detection-update: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - RISK: Unidirectional Traffic analyse: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.156| 0.028| 0.040| 1628.090| 3.800] @@ -148,7 +142,7 @@ new: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] detected: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] DAEMON-EVENT: [Processed: 697 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 33 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 26|updates: 0] + DAEMON-EVENT: [Flows][active: 33 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 23|updates: 0] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: Unknown packet type [3/16] @@ -193,7 +187,6 @@ end: [....26] [ip4][..tcp] [..192.168.1.117][54868] -> [.213.19.144.104][..443] [TLS.Zoom][Zoom][Video][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] idle: [....29] [ip4][..udp] [..192.168.1.117][51185] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][zoomfrn99mmr.zoom.us] idle: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] @@ -215,7 +208,7 @@ idle: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] idle: [.....2] [ip4][..udp] [..192.168.1.117][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable] - RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + RISK: Obsolete TLS (v1.1 or older) idle: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable][zoomfrn99mmr.zoom.us] RISK: TLS (probably) Not Carrying HTTPS guessed: [....11] [ip4][..tcp] [..192.168.1.117][54798] -> [..13.225.84.182][..443] [TLS][AmazonAWS][Web][Safe] diff --git a/test/results/flow-info/zoom_extra_dissection/zoom2.pcap.out b/test/results/flow-info/zoom_extra_dissection/zoom2.pcap.out index 71dfd8830..95b25fb54 100644 --- a/test/results/flow-info/zoom_extra_dissection/zoom2.pcap.out +++ b/test/results/flow-info/zoom_extra_dissection/zoom2.pcap.out @@ -10,9 +10,6 @@ RISK: TLS (probably) Not Carrying HTTPS new: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] detected: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] analyse: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.167| 0.025| 0.040| 1639.456| 3.600] @@ -25,14 +22,8 @@ [ENTROPIES...: 5.8,5.8,4.9,4.2,5.4,5.6,4.8,4.3,5.6,4.7,4.7,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,0.6,4.8,0.6,0.6,0.6,0.6,0.6,0.6,0.6] new: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] detected: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] detected: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - detection-update: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - detection-update: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] analyse: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [Zoom][Zoom][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.176| 0.043| 0.049| 2389.122| 4.100] diff --git a/test/results/flow-info/zoom_extra_dissection/zoom_p2p.pcapng.out b/test/results/flow-info/zoom_extra_dissection/zoom_p2p.pcapng.out index a18e8a561..013324721 100644 --- a/test/results/flow-info/zoom_extra_dissection/zoom_p2p.pcapng.out +++ b/test/results/flow-info/zoom_extra_dissection/zoom_p2p.pcapng.out @@ -93,10 +93,10 @@ RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] detected: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][.icmp] [.206.247.10.253] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] RISK: Susp Entropy + detection-update: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] + RISK: Unidirectional Traffic analyse: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] [Zoom][Unknown][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: < 0.001| 0.052| 0.013| 0.016| 253.890| 4.000] |