summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/KakaoTalk_chat.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/KakaoTalk_chat.pcap.out')
-rw-r--r--test/results/flow-info/default/KakaoTalk_chat.pcap.out219
1 files changed, 219 insertions, 0 deletions
diff --git a/test/results/flow-info/default/KakaoTalk_chat.pcap.out b/test/results/flow-info/default/KakaoTalk_chat.pcap.out
new file mode 100644
index 000000000..85f82f865
--- /dev/null
+++ b/test/results/flow-info/default/KakaoTalk_chat.pcap.out
@@ -0,0 +1,219 @@
+ DAEMON-EVENT: init
+ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+ new: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53]
+ detected: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][auth.kakao.com]
+ new: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53]
+ detected: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][ac-talk.kakao.com]
+ new: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53]
+ detected: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][katalk.kakao.com]
+ detection-update: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][ac-talk.kakao.com]
+ detection-update: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][auth.kakao.com]
+ detection-update: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][katalk.kakao.com]
+ new: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53]
+ detected: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][booking.loco.kakao.com]
+ new: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53]
+ detected: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-m.talk.kakao.com]
+ new: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53]
+ detected: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][item.kakao.com]
+ detection-update: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][item.kakao.com]
+ detection-update: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-m.talk.kakao.com]
+ detection-update: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][booking.loco.kakao.com]
+ new: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53]
+ detected: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-p.talk.kakao.com]
+ new: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53]
+ detected: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-v.talk.kakao.com]
+ new: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53]
+ detected: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-c.talk.kakao.com]
+ detection-update: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-p.talk.kakao.com]
+ detection-update: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-v.talk.kakao.com]
+ detection-update: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-c.talk.kakao.com]
+ new: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53]
+ detected: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-a.talk.kakao.com]
+ new: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53]
+ detected: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-gp.talk.kakao.com]
+ new: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53]
+ detected: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][dn-l.talk.kakao.com]
+ detection-update: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-a.talk.kakao.com]
+ detection-update: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][dn-l.talk.kakao.com]
+ detection-update: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-gp.talk.kakao.com]
+ new: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080]
+ new: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [MIDSTREAM]
+ new: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443]
+ detected: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ new: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] [MIDSTREAM]
+ new: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53]
+ detected: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ new: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53]
+ detected: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ detection-update: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ detection-update: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ new: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1]
+ detected: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable]
+ new: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443]
+ detected: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS][Unknown][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS][Unknown][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+ detection-update: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS.KakaoTalk][Unknown][Chat][Acceptable][]
+ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+ new: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80]
+ new: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [MIDSTREAM]
+ detected: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS][Facebook][Web][Safe]
+ detected: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com]
+ new: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53]
+ detected: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][api.facebook.com]
+ detection-update: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][api.facebook.com]
+ new: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443]
+ detected: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][api.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ new: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53]
+ detected: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][graph.facebook.com]
+ detection-update: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][api.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][api.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][graph.facebook.com]
+ new: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443]
+ detected: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ new: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53]
+ detected: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][developers.facebook.com]
+ detection-update: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][developers.facebook.com]
+ new: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53]
+ detected: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][2.97.252.173.in-addr.arpa]
+ new: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443]
+ detection-update: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][2.97.252.173.in-addr.arpa]
+ detected: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][developers.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][developers.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ detection-update: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][developers.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ new: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [MIDSTREAM]
+ detected: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port
+ analyse: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 0.174| 0.038| 0.043| 1891.518| 4.000]
+ [PKTLEN......: 40.000| 1320.000| 256.100| 386.900| 149674.200| 3.800]
+ [BINS(c->s)..: 10,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 7,3,0,1,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,1,1,0,0,0,1,1,1,1,0,0,0,0,0,0,1,0,1,0,1,1,1]
+ [IATS(ms)....: 37.0,40.3,0.3,47.7,4.0,72.1,0.7,124.0,0.2,15.9,0.7,16.6,0.2,12.2,67.2,36.0,15.8,0.7,105.9,38.1,60.4,4.5,0.1,3.9,174.3,67.7,16.8,17.0,108.5,0.7,81.1]
+ [PKTLENS.....: 60,44,40,605,44,40,1320,158,40,40,1320,933,40,40,1037,40,298,97,85,40,40,93,830,87,77,85,40,461,40,40,40,40]
+ [ENTROPIES...: 4.7,5.2,4.9,6.7,4.6,5.0,6.4,5.9,4.8,4.7,7.0,7.0,4.7,4.7,7.8,4.9,7.0,6.1,6.0,4.8,4.8,6.0,7.7,5.9,5.8,6.0,4.8,7.5,4.8,5.0,4.9,5.0]
+ new: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [MIDSTREAM]
+ new: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80]
+ detected: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com]
+ new: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443]
+ detected: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.004| 3.803| 0.501| 0.832| 692202.045| 3.700]
+ [PKTLEN......: 40.000| 1320.000| 209.000| 352.300| 124085.100| 3.700]
+ [BINS(c->s)..: 11,0,1,1,1,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 9,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,0,1,0,0,1,0,1,0,1,1,0,1,0,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,0,0]
+ [IATS(ms)....: 995.9,1037.9,49.3,6.7,695.5,683.6,56.0,2329.9,2320.4,251.6,299.0,4.5,4.4,4.1,3.7,105.5,239.4,242.2,376.5,82.6,125.8,244.5,287.3,18.1,164.6,239.0,428.1,146.0,274.1,3803.0,24.7]
+ [PKTLENS.....: 60,60,44,40,224,44,40,44,224,40,1320,40,1320,40,1027,40,162,40,87,40,694,40,69,40,342,40,83,40,180,40,67,116]
+ [ENTROPIES...: 4.7,4.7,5.0,4.9,5.2,5.1,5.0,4.7,5.2,4.9,6.5,4.7,7.1,4.8,6.7,4.9,6.6,4.9,5.7,4.8,7.7,4.9,5.5,4.9,7.4,5.0,5.9,4.8,6.8,5.0,5.6,6.4]
+ new: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443]
+ detected: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS][Facebook][Web][Safe][]
+ RISK: Obsolete TLS (v1.1 or older)
+ detection-update: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][]
+ RISK: Obsolete TLS (v1.1 or older)
+ new: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [MIDSTREAM]
+ new: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [MIDSTREAM]
+ detected: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe]
+ RISK: Known Proto on Non Std Port
+ new: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [MIDSTREAM]
+ detected: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe]
+ analyse: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: < 0.001| 27.031| 1.853| 6.601| 43576507.498| 1.500]
+ [PKTLEN......: 40.000| 1320.000| 198.800| 348.100| 121165.000| 3.700]
+ [BINS(c->s)..: 10,0,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 11,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,1,1,0,0,1,1,0,0,0,1,1,1,0,1,0,0,0,1,1]
+ [IATS(ms)....: 41.7,45.8,2.2,39.5,11.3,448.4,0.2,2.9,498.7,0.2,0.1,36.9,124.2,229.9,322.0,23.0,161.8,229.9,405.3,0.2,57.4,108.2,76.0,156.0,245.1,68.0,69.5,26937.8,56.9,27030.7,8.1]
+ [PKTLENS.....: 60,44,40,224,44,40,1320,1320,1027,40,40,40,162,40,87,40,562,40,69,40,199,312,40,40,78,40,69,40,67,116,40,40]
+ [ENTROPIES...: 4.7,5.0,4.9,5.2,4.7,5.0,6.5,7.1,6.7,4.8,4.9,4.9,6.5,4.9,5.9,4.8,7.7,5.0,5.6,4.8,6.9,7.1,5.0,5.0,5.8,4.9,5.5,4.9,5.6,6.3,5.0,5.0]
+ update: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable]
+ detection-update: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223]
+ detected: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe][]
+ RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
+ idle: [.....4] [ip4][..udp] [...10.24.82.188][41909] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][booking.loco.kakao.com]
+ end: [....21] [ip4][..tcp] [...10.24.82.188][37553] -> [....31.13.68.84][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com]
+ end: [....32] [ip4][..tcp] [...10.24.82.188][37557] -> [....31.13.68.84][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com]
+ idle: [....25] [ip4][..udp] [...10.24.82.188][19582] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][graph.facebook.com]
+ idle: [....26] [ip4][..tcp] [...10.24.82.188][43581] -> [....31.13.68.70][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: Obsolete TLS (v1.1 or older)
+ idle: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: Obsolete TLS (v1.1 or older)
+ end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe]
+ RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older)
+ idle: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][item.kakao.com]
+ idle: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-c.talk.kakao.com]
+ idle: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][auth.kakao.com]
+ idle: [....18] [ip4][..udp] [...10.24.82.188][61011] -> [...10.188.191.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ idle: [....17] [ip4][..udp] [...10.24.82.188][61011] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][plus-talk.kakao.com]
+ idle: [.....7] [ip4][..udp] [...10.24.82.188][.5929] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-p.talk.kakao.com]
+ guessed: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic, TCP Connection Issues
+ end: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503]
+ idle: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][developers.facebook.com]
+ idle: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable]
+ idle: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun][api.facebook.com]
+ idle: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][dn-l.talk.kakao.com]
+ idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe]
+ guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][]
+ RISK: Fully Encrypted Flow
+ idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080]
+ end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS.KakaoTalk][Unknown][Chat][Acceptable]
+ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
+ idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable][2.97.252.173.in-addr.arpa]
+ idle: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-a.talk.kakao.com]
+ idle: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][katalk.kakao.com]
+ idle: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-gp.talk.kakao.com]
+ end: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS][Facebook][Web][Safe]
+ idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe]
+ RISK: Known Proto on Non Std Port
+ idle: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-m.talk.kakao.com]
+ guessed: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [TLS][Unknown][Web][Safe]
+ end: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443]
+ idle: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][ac-talk.kakao.com]
+ idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun]
+ RISK: Obsolete TLS (v1.1 or older)
+ guessed: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [HTTP][Google][Web][Acceptable][]
+ end: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922]
+ guessed: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Unknown][Web][Safe]
+ idle: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947]
+ idle: [.....8] [ip4][..udp] [...10.24.82.188][.9094] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable][up-v.talk.kakao.com]
+ DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.