aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/anyconnect-vpn.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/anyconnect-vpn.pcap.out')
-rw-r--r--test/results/flow-info/default/anyconnect-vpn.pcap.out50
1 files changed, 25 insertions, 25 deletions
diff --git a/test/results/flow-info/default/anyconnect-vpn.pcap.out b/test/results/flow-info/default/anyconnect-vpn.pcap.out
index 1f6babff7..08a489e7d 100644
--- a/test/results/flow-info/default/anyconnect-vpn.pcap.out
+++ b/test/results/flow-info/default/anyconnect-vpn.pcap.out
@@ -78,8 +78,8 @@
detection-update: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable][print.viasat.com]
RISK: Error Code
new: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53]
- detected: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Unknown][Network][Acceptable][slack.com]
- detection-update: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Unknown][Network][Acceptable][slack.com]
+ detected: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable][slack.com]
+ detection-update: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable][slack.com]
new: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443]
detected: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][AmazonAWS][Collaborative][Acceptable][slack.com]
detection-update: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][AmazonAWS][Collaborative][Acceptable][slack.com]
@@ -158,38 +158,38 @@
detected: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS][AmazonAWS][Web][Safe]
new: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [MIDSTREAM]
new: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53]
- detected: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][www.apple.com]
+ detected: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.apple.com]
new: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53]
- detected: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.push.apple.com]
+ detected: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.push.apple.com]
new: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53]
- detected: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
+ detected: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
new: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53]
- detected: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][24-courier.push.apple.com]
+ detected: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][24-courier.push.apple.com]
new: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53]
detected: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][mail.viasat.com]
- detection-update: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][www.apple.com]
- detection-update: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
- detection-update: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.push.apple.com]
+ detection-update: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.apple.com]
+ detection-update: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
+ detection-update: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.push.apple.com]
detected: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [TLS][Apple][Web][Safe]
RISK: Known Proto on Non Std Port
- detection-update: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][24-courier.push.apple.com]
+ detection-update: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][24-courier.push.apple.com]
new: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53]
- detected: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][apple.com]
+ detected: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][apple.com]
new: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] [MIDSTREAM]
- detection-update: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][apple.com]
+ detection-update: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][apple.com]
detection-update: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][mail.viasat.com]
new: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53]
- detected: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS.Outlook][Unknown][Network][Acceptable][www.outlook.com]
- detection-update: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS.Outlook][Unknown][Network][Acceptable][www.outlook.com]
+ detected: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.outlook.com]
+ detection-update: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.outlook.com]
new: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [MIDSTREAM]
new: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900]
- detected: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328]
detected: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable][]
new: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328]
detected: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable][]
new: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900]
- detected: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443]
detected: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Unknown][Web][Safe]
RISK: Obsolete TLS (v1.1 or older)
@@ -242,8 +242,8 @@
idle: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe]
idle: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable]
idle: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable]
- idle: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][apple.com]
- idle: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.push.apple.com]
+ idle: [....50] [ip4][..udp] [.....10.0.0.227][49781] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][apple.com]
+ idle: [....46] [ip4][..udp] [.....10.0.0.227][51060] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.push.apple.com]
idle: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Unknown][Web][Safe]
RISK: Known Proto on Non Std Port, Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
idle: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][mail.viasat.com]
@@ -267,14 +267,14 @@
RISK: Error Code
end: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [TLS][Apple][Web][Safe]
RISK: Known Proto on Non Std Port
- idle: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS.Outlook][Unknown][Network][Acceptable][www.outlook.com]
- idle: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS.Slack][Unknown][Network][Acceptable][slack.com]
+ idle: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.outlook.com]
+ idle: [....27] [ip4][..udp] [.....10.0.0.227][58155] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable][slack.com]
idle: [....35] [ip4][..udp] [.....10.0.0.227][59222] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][lp-rkerur-osx.hsd1.ca.comcast.net]
RISK: Error Code
- idle: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
+ idle: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][1-courier.sandbox.push.apple.com]
idle: [....19] [ip6][..udp] [...............fe80::408:3e45:3abc:1552][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_raop._tcp.local]
end: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][AmazonAWS][Collaborative][Acceptable]
- idle: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][www.apple.com]
+ idle: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][www.apple.com]
idle: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][vco.pandion.viasat.com]
idle: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable]
RISK: Error Code
@@ -284,7 +284,7 @@
idle: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][detectportal.firefox.com]
idle: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable][local]
RISK: Error Code
- idle: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable][24-courier.push.apple.com]
+ idle: [....48] [ip4][..udp] [.....10.0.0.227][64193] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable][24-courier.push.apple.com]
idle: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable]
RISK: Error Code
idle: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Unknown][Network][Acceptable]
@@ -293,10 +293,10 @@
idle: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192]
guessed: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [TLS][Google][Web][Safe]
end: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443]
- idle: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....57] [ip4][..udp] [.....10.0.0.227][57547] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable]
idle: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS][AmazonAWS][Web][Safe]
- idle: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable]
idle: [....25] [ip4][..tcp] [.....10.0.0.227][56884] -> [...184.25.56.77][...80] [HTTP][Unknown][ConnCheck][Acceptable][detectportal.firefox.com]
guessed: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] [HTTP][Unknown][Web][Acceptable][]
Powered by cgit, Themed by Ted Yin.