1 files changed, 7 insertions, 4 deletions

diff --git a/test/results/flow-info/default/anydesk.pcapng.out b/test/results/flow-info/default/anydesk.pcapng.out
index f131d8062..95a39e005 100644
--- a/test/results/flow-info/default/anydesk.pcapng.out
+++ b/test/results/flow-info/default/anydesk.pcapng.out
@@ -4,6 +4,8 @@
               new: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [MIDSTREAM] 
          detected: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS][AnyDesk][Web][Safe]
                    RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ detection-update: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS][AnyDesk][Web][Safe]
+                   RISK: Known Proto on Non Std Port
               new: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] 
          detected: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS][AnyDesk][Web][Safe][]
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
@@ -11,7 +13,7 @@
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn
  detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable][]
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
-          analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] 
+          analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable]
                                         min|      max|      avg|   stddev|       variance| entropy
                    [IAT.........:     0.000|    1.603|    0.177|    0.394|     155451.113|   2.800]
                    [PKTLEN......:    40.000| 1500.000|  392.700|  555.200|     308238.000|   3.800]
@@ -24,7 +26,7 @@
  detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable][]
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
      DAEMON-EVENT: [Processed: 61 pkts][ZLib][compressions: 0|diff: 0 / 0]
-     DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0]
+     DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 0]
               new: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] 
          detected: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] [DNS.AnyDesk][Unknown][Network][Acceptable][relay-3185a847.net.anydesk.com]
                    RISK: Unidirectional Traffic
@@ -58,7 +60,7 @@
                    [PKTLENS.....: 52,52,40,285,46,46,1500,183,40,1326,46,954,80,40,87,46,75,74,46,74,40,3966,46,46,46,79,46,141,40,99,46,116]
                    [ENTROPIES...: 4.5,4.7,4.7,5.4,4.2,4.3,7.7,6.2,4.7,7.7,4.3,7.8,5.6,4.6,5.7,4.2,5.5,5.6,4.3,5.6,4.7,8.0,4.2,4.3,4.2,5.7,4.3,6.5,4.6,6.0,4.3,6.2]
      DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0]
-     DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 0]
+     DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 8|updates: 0]
               new: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] 
          detected: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable][]
                    RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN
@@ -76,7 +78,8 @@
                    [IATS(ms)....: 17.7,17.8,0.9,17.8,3.4,20.3,0.1,0.0,3.8,21.9,18.1,0.1,0.0,0.9,64.2,13.4,76.8,1.5,18.4,206.6,224.8,0.0,0.0,18.7,0.0,62.8,0.0,80.2,8427.9,8444.6,314.0]
                    [PKTLENS.....: 60,60,52,341,52,1500,52,1132,52,1146,103,52,92,52,199,52,198,52,137,52,145,1500,1500,1273,52,52,92,90,52,137,52,145]
                    [ENTROPIES...: 4.8,5.3,5.1,5.6,5.1,7.5,5.1,7.7,5.1,7.7,6.0,5.1,6.1,5.1,6.9,5.2,6.9,5.2,6.6,5.2,6.6,7.9,7.9,7.8,5.2,5.2,6.1,5.9,5.1,6.5,5.2,6.6]
-              end: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] 
+              end: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable]
+                   RISK: Known Proto on Non Std Port, Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
              idle: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable]
                    RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing
              idle: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] [DNS.AnyDesk][Unknown][Network][Acceptable]