summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/sites.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/sites.pcapng.out')
-rw-r--r--test/results/flow-info/default/sites.pcapng.out83
1 files changed, 40 insertions, 43 deletions
diff --git a/test/results/flow-info/default/sites.pcapng.out b/test/results/flow-info/default/sites.pcapng.out
index 24da00684..43dd7aba8 100644
--- a/test/results/flow-info/default/sites.pcapng.out
+++ b/test/results/flow-info/default/sites.pcapng.out
@@ -9,20 +9,20 @@
new: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443]
detected: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun][vcs-va.tiktokv.com]
detection-update: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun][vcs-va.tiktokv.com]
- idle: [.....1] [ip4][..tcp] [.192.168.12.169][46160] -> [..69.171.250.20][..443]
+ idle: [.....1] [ip4][..tcp] [.192.168.12.169][46160] -> [..69.171.250.20][..443] [TLS.Messenger][Facebook][Chat][Acceptable]
DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0]
new: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443]
detected: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com]
detection-update: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com]
detection-update: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com]
- end: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443]
+ end: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun]
DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 0]
new: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443]
detected: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org]
detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org]
- analyse: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443]
+ analyse: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.053| 0.010| 0.020| 390.951| 2.800]
[PKTLEN......: 52.000| 1500.000| 599.800| 646.400| 417856.700| 4.100]
@@ -33,7 +33,7 @@
[PKTLENS.....: 60,60,52,569,52,1500,1500,1252,152,52,52,52,52,132,222,290,355,95,83,1500,1500,1500,1500,1500,1500,1500,1500,374,52,52,52,83]
[ENTROPIES...: 4.7,5.2,5.0,5.4,5.1,7.8,7.9,7.8,6.5,5.0,5.0,5.1,5.1,6.3,6.9,7.1,7.4,6.0,5.7,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.4,5.1,5.0,5.1,5.6]
detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org]
- end: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443]
+ end: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable]
DAEMON-EVENT: [Processed: 118 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 0]
new: [.....5] [ip4][..tcp] [..192.168.1.250][39890] -> [...45.82.241.51][...80]
@@ -61,26 +61,25 @@
new: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443]
detected: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun][prod-static.disney-plus.net]
detection-update: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun][prod-static.disney-plus.net]
- end: [.....6] [ip4][..tcp] [..192.168.1.128][46724] -> [.199.232.82.109][..443]
+ end: [.....6] [ip4][..tcp] [..192.168.1.128][46724] -> [.199.232.82.109][..443] [TLS.Vimeo][Unknown][Streaming][Fun]
DAEMON-EVENT: [Processed: 284 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 9|updates: 0]
new: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443]
detected: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun][api.accuweather.com]
detection-update: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun][api.accuweather.com]
- end: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443]
+ end: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun]
DAEMON-EVENT: [Processed: 314 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 0]
new: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443]
detected: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443] [QUIC.GoogleClassroom][Google][Collaborative][Safe][classroom.google.com]
RISK: Unidirectional Traffic
- end: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443]
+ end: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun]
DAEMON-EVENT: [Processed: 315 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 0]
new: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443]
detected: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun][www.badoo.com]
detection-update: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun][www.badoo.com]
idle: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443] [QUIC.GoogleClassroom][Google][Collaborative][Safe]
- RISK: Unidirectional Traffic
new: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443]
detected: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun][www.gitlab.com]
detection-update: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun][www.gitlab.com]
@@ -164,37 +163,38 @@
new: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443]
detected: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable][guzzoni.apple.com]
detection-update: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable][guzzoni.apple.com]
- idle: [....22] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443]
+ idle: [....22] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun]
guessed: [....23] [ip4][..tcp] [..192.168.1.128][44954] -> [..34.96.123.111][...80] [HTTP][GoogleCloud][Web][Acceptable][]
idle: [....23] [ip4][..tcp] [..192.168.1.128][44954] -> [..34.96.123.111][...80]
guessed: [....25] [ip4][..tcp] [..192.168.1.128][39036] -> [..69.191.252.15][...80] [HTTP][Bloomberg][Web][Acceptable][]
idle: [....25] [ip4][..tcp] [..192.168.1.128][39036] -> [..69.191.252.15][...80]
- idle: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443]
- idle: [....26] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443]
- idle: [....12] [ip4][..tcp] [..192.168.1.128][42580] -> [...2.17.141.128][..443]
- idle: [....13] [ip4][..tcp] [..192.168.1.128][46084] -> [..146.75.62.167][..443]
- idle: [....31] [ip4][..tcp] [..192.168.1.128][46264] -> [...23.51.246.65][..443]
+ idle: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun]
+ idle: [....26] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443] [TLS.Bloomberg][Unknown][Cloud][Acceptable]
+ idle: [....12] [ip4][..tcp] [..192.168.1.128][42580] -> [...2.17.141.128][..443] [TLS.Activision][Unknown][Game][Fun]
+ idle: [....13] [ip4][..tcp] [..192.168.1.128][46084] -> [..146.75.62.167][..443] [TLS.Twitch][Unknown][Video][Fun]
+ idle: [....31] [ip4][..tcp] [..192.168.1.128][46264] -> [...23.51.246.65][..443] [TLS.Playstation][Unknown][Game][Fun]
guessed: [....14] [ip4][..tcp] [..192.168.1.128][45936] -> [..208.85.40.158][...80] [HTTP][Unknown][Web][Acceptable][]
idle: [....14] [ip4][..tcp] [..192.168.1.128][45936] -> [..208.85.40.158][...80]
- idle: [....35] [ip4][..tcp] [..192.168.1.128][48902] -> [....2.17.140.63][..443]
- idle: [....18] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443]
- idle: [....30] [ip4][..tcp] [..192.168.1.128][57336] -> [....23.1.68.189][..443]
- idle: [....28] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443]
- idle: [....24] [ip4][..tcp] [..192.168.1.128][47122] -> [.35.201.112.136][..443]
- idle: [....27] [ip4][..tcp] [..192.168.1.128][57014] -> [108.139.210.102][..443]
- idle: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443]
- idle: [....34] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443]
- idle: [....32] [ip4][..tcp] [..192.168.1.128][43150] -> [.108.138.199.67][..443]
+ idle: [....35] [ip4][..tcp] [..192.168.1.128][48902] -> [....2.17.140.63][..443] [TLS.Xbox][Unknown][Game][Fun]
+ idle: [....18] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe]
+ idle: [....30] [ip4][..tcp] [..192.168.1.128][57336] -> [....23.1.68.189][..443] [TLS.Playstation][Unknown][Game][Fun]
+ idle: [....28] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443] [TLS.LinkedIn][Azure][SocialNetwork][Fun]
+ idle: [....24] [ip4][..tcp] [..192.168.1.128][47122] -> [.35.201.112.136][..443] [TLS.LastFM][GoogleCloud][Music][Fun]
+ idle: [....27] [ip4][..tcp] [..192.168.1.128][57014] -> [108.139.210.102][..443] [TLS.Bloomberg][AmazonAWS][Cloud][Acceptable]
+ idle: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS.Vevo][Unknown][Music][Fun]
+ idle: [....34] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443] [TLS.GoogleMaps][Google][Web][Safe]
+ idle: [....32] [ip4][..tcp] [..192.168.1.128][43150] -> [.108.138.199.67][..443] [TLS.Deezer][AmazonAWS][Music][Fun]
guessed: [....33] [ip4][..tcp] [..192.168.1.128][52070] -> [....18.65.82.67][...80] [HTTP][AmazonAWS][Web][Acceptable][]
idle: [....33] [ip4][..tcp] [..192.168.1.128][52070] -> [....18.65.82.67][...80]
- idle: [....29] [ip4][..tcp] [..192.168.1.128][39934] -> [..104.23.98.190][..443]
- idle: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443]
- idle: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443]
- idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443]
- idle: [....36] [ip4][..tcp] [..192.168.1.128][39828] -> [....40.97.160.2][..443]
- idle: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443]
- idle: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443]
- idle: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443]
+ idle: [....29] [ip4][..tcp] [..192.168.1.128][39934] -> [..104.23.98.190][..443] [TLS.Pastebin][Cloudflare][Download][Potentially Dangerous]
+ RISK: Unsafe Protocol
+ idle: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable]
+ idle: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443] [TLS.SoundCloud][AmazonAWS][Music][Fun]
+ idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun]
+ idle: [....36] [ip4][..tcp] [..192.168.1.128][39828] -> [....40.97.160.2][..443] [TLS.Outlook][Outlook][Email][Acceptable]
+ idle: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable]
+ idle: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443] [TLS.CNN][Unknown][Web][Safe]
+ idle: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable]
new: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443]
detected: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][teams.office.com]
detection-update: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][teams.office.com]
@@ -224,24 +224,21 @@
detected: [....46] [ip4][..udp] [..192.168.1.128][36832] -> [142.250.181.238][..443] [QUIC.GooglePlus][Google][SocialNetwork][Fun][plus.google.com]
RISK: Unidirectional Traffic
update: [....44] [ip4][..udp] [..192.168.1.128][38642] -> [.216.58.212.142][..443] [QUIC.Google][Google][Web][Acceptable]
- RISK: Unidirectional Traffic
DAEMON-EVENT: [Processed: 512 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 10 / 46|skipped: 0|!detected: 0|guessed: 4|detection-updates: 48|updates: 1]
new: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443]
detected: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com]
detection-update: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com]
detection-update: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com]
- idle: [....39] [ip4][..tcp] [..192.168.1.128][33664] -> [108.138.185.106][..443]
- idle: [....40] [ip4][..tcp] [..192.168.1.128][56458] -> [142.250.185.142][..443]
- idle: [....45] [ip4][..tcp] [..192.168.1.128][50608] -> [142.250.185.206][..443]
- idle: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443]
- idle: [....42] [ip4][..tcp] [..192.168.1.128][56836] -> [...13.107.42.13][..443]
+ idle: [....39] [ip4][..tcp] [..192.168.1.128][33664] -> [108.138.185.106][..443] [TLS.AmazonVideo][AmazonAWS][Video][Fun]
+ idle: [....40] [ip4][..tcp] [..192.168.1.128][56458] -> [142.250.185.142][..443] [TLS.GoogleDrive][Google][Cloud][Acceptable]
+ idle: [....45] [ip4][..tcp] [..192.168.1.128][50608] -> [142.250.185.206][..443] [TLS][Google][Web][Safe]
+ idle: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun]
+ idle: [....42] [ip4][..tcp] [..192.168.1.128][56836] -> [...13.107.42.13][..443] [TLS.MS_OneDrive][Azure][Cloud][Acceptable]
idle: [....44] [ip4][..udp] [..192.168.1.128][38642] -> [.216.58.212.142][..443] [QUIC.Google][Google][Web][Acceptable]
- RISK: Unidirectional Traffic
- idle: [....43] [ip4][..tcp] [..192.168.1.128][45014] -> [129.226.107.210][..443]
- idle: [....41] [ip4][..tcp] [..192.168.1.128][33102] -> [...13.81.118.91][..443]
+ idle: [....43] [ip4][..tcp] [..192.168.1.128][45014] -> [129.226.107.210][..443] [TLS.IFLIX][Tencent][Video][Fun]
+ idle: [....41] [ip4][..tcp] [..192.168.1.128][33102] -> [...13.81.118.91][..443] [TLS.Microsoft][Azure][Cloud][Safe]
idle: [....46] [ip4][..udp] [..192.168.1.128][36832] -> [142.250.181.238][..443] [QUIC.GooglePlus][Google][SocialNetwork][Fun]
- RISK: Unidirectional Traffic
- idle: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443]
- idle: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443]
+ idle: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe]
+ idle: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable]
DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.