summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/KakaoTalk_chat.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/KakaoTalk_chat.pcap.out')
-rw-r--r--test/results/flow-info/default/KakaoTalk_chat.pcap.out27
1 files changed, 15 insertions, 12 deletions
diff --git a/test/results/flow-info/default/KakaoTalk_chat.pcap.out b/test/results/flow-info/default/KakaoTalk_chat.pcap.out
index 97503477a..5e2991efa 100644
--- a/test/results/flow-info/default/KakaoTalk_chat.pcap.out
+++ b/test/results/flow-info/default/KakaoTalk_chat.pcap.out
@@ -138,7 +138,7 @@
new: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443]
detected: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS][Facebook][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
- analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443]
+ analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.004| 3.803| 0.501| 0.832| 692202.045| 3.700]
[PKTLEN......: 40.000| 1320.000| 209.000| 352.300| 124085.100| 3.700]
@@ -179,7 +179,6 @@
[PKTLENS.....: 60,44,40,224,44,40,1320,1320,1027,40,40,40,162,40,87,40,562,40,69,40,199,312,40,40,78,40,69,40,67,116,40,40]
[ENTROPIES...: 4.7,5.0,4.9,5.2,4.7,5.0,6.5,7.1,6.7,4.8,4.9,4.9,6.5,4.9,5.9,4.8,7.7,5.0,5.6,4.8,6.9,7.1,5.0,5.0,5.8,4.9,5.5,4.9,5.6,6.3,5.0,5.0]
update: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable]
- RISK: Unidirectional Traffic
new: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223]
detected: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe][]
RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
@@ -193,8 +192,10 @@
RISK: Obsolete TLS (v1.1 or older)
idle: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
RISK: Obsolete TLS (v1.1 or older)
- end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223]
- idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223]
+ end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
idle: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
idle: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
idle: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
@@ -206,29 +207,31 @@
end: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503]
idle: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun]
idle: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable]
- RISK: Unidirectional Traffic
idle: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun]
idle: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe]
- RISK: Unidirectional Traffic
guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][]
RISK: Fully encrypted flow
idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080]
- end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443]
+ end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS.KakaoTalk][Unknown][Chat][Acceptable]
+ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable]
idle: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
idle: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
idle: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
end: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS][Facebook][Web][Safe]
- RISK: Unidirectional Traffic
- idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228]
+ idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
idle: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
guessed: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [TLS][Unknown][Web][Safe]
end: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443]
idle: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable]
- idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443]
- idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443]
- idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443]
+ idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: Obsolete TLS (v1.1 or older)
guessed: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [HTTP][Google][Web][Acceptable][]
end: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922]
guessed: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Unknown][Web][Safe]
Powered by cgit, Themed by Ted Yin.