summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out')
-rw-r--r--test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out172
1 files changed, 172 insertions, 0 deletions
diff --git a/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out
new file mode 100644
index 000000000..c0d3a948f
--- /dev/null
+++ b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out
@@ -0,0 +1,172 @@
+ DAEMON-EVENT: init
+ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+ ERROR-EVENT: Unknown packet type [1/16]
+ new: [.....1] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2600] [MIDSTREAM]
+ ERROR-EVENT: Unknown packet type [2/16]
+ new: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601]
+ detected: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601] [HTTP][Unknown][Web][Acceptable][]
+ new: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] [MIDSTREAM]
+ new: [.....4] [ip4][..tcp] [......0.20.3.13][...80] -> [.....172.20.3.5][.2601] [MIDSTREAM]
+ ERROR-EVENT: Unknown packet type [3/16]
+ new: [.....5] [ip4][..tcp] [....172.20.3.13][53132] -> [.....172.20.3.5][...80]
+ new: [.....6] [ip4][..tcp] [.....172.20.3.1][...80] -> [....172.20.3.13][53132] [MIDSTREAM]
+ detected: [.....6] [ip4][..tcp] [.....172.20.3.1][...80] -> [....172.20.3.13][53132] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ new: [.....7] [ip4][..tcp] [.....172.20.3.5][...80] -> [....172.57.3.13][53132] [MIDSTREAM]
+ new: [.....8] [ip4][..tcp] [......172.6.3.5][...80] -> [....172.20.3.13][53132] [MIDSTREAM]
+ new: [.....9] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.21.3.13][...80]
+ ERROR-EVENT: Unknown packet type [4/16]
+ new: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170]
+ new: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [MIDSTREAM]
+ detected: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
+ new: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601] [MIDSTREAM]
+ new: [....13] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.13][...80]
+ new: [....14] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.77][...80] [MIDSTREAM]
+ new: [....15] [ip4][..tcp] [.....172.20.3.5][.2603] -> [.....72.20.3.13][...80] [MIDSTREAM]
+ new: [....16] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.82.5][.2603] [MIDSTREAM]
+ new: [....17] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....68.37.115.0][...80] [MIDSTREAM]
+ new: [....18] [ip4][..tcp] [.....172.20.3.5][.2604] -> [....172.20.3.13][...80]
+ detected: [....18] [ip4][..tcp] [.....172.20.3.5][.2604] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
+ ERROR-EVENT: Unknown packet type [1/16]
+ new: [....19] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.68.5][.2604] [MIDSTREAM]
+ new: [....20] [ip4][..tcp] [.....172.20.3.5][.2605] -> [....172.20.3.13][...80]
+ detected: [....20] [ip4][..tcp] [.....172.20.3.5][.2605] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
+ new: [....21] [ip4][..tcp] [......51.20.3.5][.2605] -> [....172.20.3.13][...80] [MIDSTREAM]
+ new: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] [MIDSTREAM]
+ new: [....23] [ip4][..tcp] [....172.20.3.13][...80] -> [......44.20.3.5][.2605] [MIDSTREAM]
+ detected: [....23] [ip4][..tcp] [....172.20.3.13][...80] -> [......44.20.3.5][.2605] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ ERROR-EVENT: Unknown L3 protocol [2/16]
+ new: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690]
+ new: [....25] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2639] [MIDSTREAM]
+ new: [....26] [ip4][..tcp] [....172.52.3.13][...80] -> [.....172.20.3.5][.2093] [MIDSTREAM]
+ new: [....27] [ip4][..tcp] [.....172.20.3.5][.2606] -> [....172.20.3.13][...80]
+ detected: [....27] [ip4][..tcp] [.....172.20.3.5][.2606] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
+ ERROR-EVENT: Unknown L3 protocol [1/16]
+ new: [....28] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.72.5][.2606] [MIDSTREAM]
+ detected: [....28] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.72.5][.2606] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ new: [....29] [ip4][..tcp] [.....172.20.3.5][.2607] -> [....172.20.3.13][...80]
+ new: [....30] [ip4][..tcp] [.....172.20.3.5][.9587] -> [....172.20.3.13][...80] [MIDSTREAM]
+ detected: [....30] [ip4][..tcp] [.....172.20.3.5][.9587] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ new: [....31] [ip4][..tcp] [....172.20.2.13][...80] -> [.....172.20.3.5][.2607] [MIDSTREAM]
+ detected: [....31] [ip4][..tcp] [....172.20.2.13][...80] -> [.....172.20.3.5][.2607] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ new: [....32] [ip4][..tcp] [....172.20.3.13][53193] -> [.....172.20.3.5][...80]
+ new: [....33] [ip4][..tcp] [.....172.20.3.5][...80] -> [...172.20.35.13][53136]
+ new: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [MIDSTREAM]
+ detected: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5]
+ RISK: Unidirectional Traffic
+ new: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [MIDSTREAM]
+ detection-update: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5]
+ new: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80] [MIDSTREAM]
+ ERROR-EVENT: Unknown packet type [2/16]
+ new: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608]
+ detected: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] [HTTP][Unknown][Web][Acceptable][]
+ RISK: HTTP Susp User-Agent
+ new: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608] [MIDSTREAM]
+ new: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5]
+ idle: [.....6] [ip4][..tcp] [.....172.20.3.1][...80] -> [....172.20.3.13][53132] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ guessed: [.....5] [ip4][..tcp] [....172.20.3.13][53132] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][]
+ end: [.....5] [ip4][..tcp] [....172.20.3.13][53132] -> [.....172.20.3.5][...80]
+ guessed: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80]
+ end: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5]
+ guessed: [....33] [ip4][..tcp] [.....172.20.3.5][...80] -> [...172.20.35.13][53136] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....33] [ip4][..tcp] [.....172.20.3.5][...80] -> [...172.20.35.13][53136]
+ guessed: [....32] [ip4][..tcp] [....172.20.3.13][53193] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....32] [ip4][..tcp] [....172.20.3.13][53193] -> [.....172.20.3.5][...80]
+ not-detected: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5] [Unknown][Unknown][Unrated]
+ RISK: Unidirectional Traffic
+ idle: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5]
+ guessed: [....26] [ip4][..tcp] [....172.52.3.13][...80] -> [.....172.20.3.5][.2093] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ end: [....26] [ip4][..tcp] [....172.52.3.13][...80] -> [.....172.20.3.5][.2093]
+ not-detected: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated]
+ idle: [....24] [ip4][..tcp] [170.170.170.170][43690] -> [170.170.170.170][43690]
+ guessed: [.....4] [ip4][..tcp] [......0.20.3.13][...80] -> [.....172.20.3.5][.2601] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [.....4] [ip4][..tcp] [......0.20.3.13][...80] -> [.....172.20.3.5][.2601]
+ guessed: [.....8] [ip4][..tcp] [......172.6.3.5][...80] -> [....172.20.3.13][53132] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [.....8] [ip4][..tcp] [......172.6.3.5][...80] -> [....172.20.3.13][53132]
+ guessed: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [HTTP][Cloudflare][Web][Acceptable][]
+ RISK: Susp Entropy, Unidirectional Traffic
+ idle: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80]
+ idle: [....23] [ip4][..tcp] [....172.20.3.13][...80] -> [......44.20.3.5][.2605] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ guessed: [....21] [ip4][..tcp] [......51.20.3.5][.2605] -> [....172.20.3.13][...80] [HTTP][AmazonAWS][Web][Acceptable][]
+ RISK: Susp Entropy, Unidirectional Traffic
+ idle: [....21] [ip4][..tcp] [......51.20.3.5][.2605] -> [....172.20.3.13][...80]
+ guessed: [....15] [ip4][..tcp] [.....172.20.3.5][.2603] -> [.....72.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ end: [....15] [ip4][..tcp] [.....172.20.3.5][.2603] -> [.....72.20.3.13][...80]
+ guessed: [.....1] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2600] [HTTP][Unknown][Web][Acceptable][]
+ end: [.....1] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2600]
+ guessed: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601]
+ end: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601] [HTTP][Unknown][Web][Acceptable]
+ end: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
+ not-detected: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] [Unknown][Unknown][Unrated]
+ RISK: Unidirectional Traffic
+ idle: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601]
+ guessed: [....16] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.82.5][.2603] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....16] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.82.5][.2603]
+ guessed: [....14] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.77][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....14] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.77][...80]
+ guessed: [....13] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][]
+ end: [....13] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.13][...80]
+ guessed: [....19] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.68.5][.2604] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic, TCP Connection Issues
+ end: [....19] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.68.5][.2604]
+ end: [....18] [ip4][..tcp] [.....172.20.3.5][.2604] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
+ end: [....20] [ip4][..tcp] [.....172.20.3.5][.2605] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP/TLS/QUIC Numeric Hostname/SNI
+ idle: [....28] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.72.5][.2606] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ end: [....27] [ip4][..tcp] [.....172.20.3.5][.2606] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13]
+ RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
+ idle: [....31] [ip4][..tcp] [....172.20.2.13][...80] -> [.....172.20.3.5][.2607] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ guessed: [....29] [ip4][..tcp] [.....172.20.3.5][.2607] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][]
+ idle: [....29] [ip4][..tcp] [.....172.20.3.5][.2607] -> [....172.20.3.13][...80]
+ guessed: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608]
+ idle: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ guessed: [....25] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2639] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....25] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2639]
+ guessed: [....17] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....68.37.115.0][...80] [HTTP][Unknown][Web][Acceptable][]
+ idle: [....17] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....68.37.115.0][...80]
+ guessed: [.....9] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.21.3.13][...80] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [.....9] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.21.3.13][...80]
+ not-detected: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170] [Unknown][Unknown][Unrated]
+ RISK: Unidirectional Traffic
+ idle: [....10] [ip4][..170] [170.170.170.170] -> [170.170.170.170]
+ guessed: [.....7] [ip4][..tcp] [.....172.20.3.5][...80] -> [....172.57.3.13][53132] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Susp Entropy, Unidirectional Traffic
+ idle: [.....7] [ip4][..tcp] [.....172.20.3.5][...80] -> [....172.57.3.13][53132]
+ idle: [....30] [ip4][..tcp] [.....172.20.3.5][.9587] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable]
+ RISK: HTTP Susp User-Agent
+ guessed: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] [HTTP][Unknown][Web][Acceptable][]
+ RISK: Unidirectional Traffic
+ idle: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069]
+ DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.