aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/sites.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/sites.pcapng.out')
-rw-r--r--test/results/flow-info/default/sites.pcapng.out49
1 files changed, 43 insertions, 6 deletions
diff --git a/test/results/flow-info/default/sites.pcapng.out b/test/results/flow-info/default/sites.pcapng.out
index 6b02ae237..17d817050 100644
--- a/test/results/flow-info/default/sites.pcapng.out
+++ b/test/results/flow-info/default/sites.pcapng.out
@@ -99,8 +99,8 @@
detected: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe][www.ebay.com]
detection-update: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe][www.ebay.com]
new: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443]
- detected: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com]
- detection-update: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable][assets.ubuntu.com]
+ detected: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][assets.ubuntu.com]
+ detection-update: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][assets.ubuntu.com]
new: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443]
detected: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun][hulu.com]
detection-update: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun][hulu.com]
@@ -168,7 +168,7 @@
idle: [....23] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443] [TLS.Bloomberg][Unknown][Cloud][Acceptable]
idle: [....31] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443] [TLS.GoogleMaps][Google][Web][Safe]
idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun]
- idle: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable]
+ idle: [....18] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.Canonical][Canonical][Cloud][Acceptable]
idle: [....25] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443] [TLS.LinkedIn][Azure][SocialNetwork][Fun]
idle: [....19] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun]
idle: [....17] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe]
@@ -266,8 +266,8 @@
DAEMON-EVENT: [Processed: 584 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 3 / 52|skipped: 0|!detected: 0|guessed: 4|detection-updates: 51|updates: 1]
new: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443]
- detected: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru]
- detection-update: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe][732231.ms.ok.ru]
+ detected: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe][732231.ms.ok.ru]
+ detection-update: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe][732231.ms.ok.ru]
idle: [....50] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48594] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable]
idle: [....51] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48616] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable]
idle: [....52] [ip6][..tcp] [..2001:b07:a3d:c112:9a00:ba78:86b1:e177][48624] -> [...................2001:67c:4e8:f004::9][..443] [TLS.Telegram][Telegram][Chat][Acceptable]
@@ -282,7 +282,7 @@
new: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443]
detected: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443] [TLS.iQIYI][Unknown][Streaming][Fun][msg.qy.net]
detection-update: [....56] [ip4][..tcp] [.192.168.88.171][55280] -> [.124.237.225.21][..443] [TLS.iQIYI][Unknown][Streaming][Fun][msg.qy.net]
- end: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][Unknown][Web][Safe]
+ end: [....53] [ip4][..tcp] [..192.168.1.245][46174] -> [.....5.61.23.30][..443] [TLS][VK][Web][Safe]
DAEMON-EVENT: [Processed: 623 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 3 / 56|skipped: 0|!detected: 0|guessed: 4|detection-updates: 55|updates: 1]
new: [....57] [ip4][..tcp] [.192.168.88.171][49217] -> [.54.208.106.218][..443]
@@ -342,5 +342,42 @@
[PKTLENS.....: 52,48,40,557,46,1500,1500,1216,941,40,120,2031,46,327,327,40,1500,1500,1500,1500,1500,1500,1500,1500,1500,1500,40,1500,1500,1500,1500,1500]
[ENTROPIES...: 4.5,5.0,4.7,6.6,4.7,7.8,7.9,7.9,7.7,4.7,6.2,7.9,4.7,7.3,7.3,4.7,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,4.7,7.9,7.9,7.9,7.9,7.9]
idle: [....64] [ip4][..tcp] [..192.168.1.183][44102] -> [..146.70.182.51][..443] [TLS.SurfShark][Unknown][VPN][Acceptable]
+ DAEMON-EVENT: [Processed: 798 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 1 / 65|skipped: 0|!detected: 0|guessed: 4|detection-updates: 63|updates: 1]
+ new: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443]
+ detected: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe][www.ui.com]
+ detection-update: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe][www.ui.com]
end: [....65] [ip4][..tcp] [..192.168.88.98][65086] -> [.109.238.90.239][..443] [TLS.RUTUBE][Unknown][Media][Fun][rutube.ru]
+ DAEMON-EVENT: [Processed: 816 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 1 / 66|skipped: 0|!detected: 0|guessed: 4|detection-updates: 64|updates: 1]
+ new: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443]
+ detected: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443] [TLS.VK][VK][SocialNetwork][Fun][pubsub.live.vkvideo.ru]
+ idle: [....66] [ip4][..tcp] [..192.168.1.125][60828] -> [...3.165.239.54][..443] [TLS.Ubiquity][AmazonAWS][Network][Safe]
+ DAEMON-EVENT: [Processed: 820 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 1 / 67|skipped: 0|!detected: 0|guessed: 4|detection-updates: 64|updates: 1]
+ new: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443]
+ detected: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC][AmazonAWS][Web][Acceptable]
+ detection-update: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC.Kick][AmazonAWS][Video][Fun][clips.kick.com]
+ RISK: Unidirectional Traffic
+ new: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443]
+ detected: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443] [TLS.Kick][Cloudflare][Video][Fun][kick.com]
+ idle: [....67] [ip4][..tcp] [...192.168.1.31][50095] -> [..176.112.173.3][..443] [TLS.VK][VK][SocialNetwork][Fun]
+ DAEMON-EVENT: [Processed: 828 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 2 / 69|skipped: 0|!detected: 0|guessed: 4|detection-updates: 65|updates: 1]
+ new: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80]
+ detected: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80] [HTTP.Canonical][Yandex][Cloud][Acceptable][ru.archive.ubuntu.com]
+ idle: [....68] [ip4][..udp] [...192.168.1.17][59392] -> [....3.164.68.49][..443] [QUIC.Kick][AmazonAWS][Video][Fun][clips.kick.com]
+ RISK: Unidirectional Traffic
+ idle: [....69] [ip4][..tcp] [...192.168.1.17][55956] -> [.188.114.99.224][..443] [TLS.Kick][Cloudflare][Video][Fun]
+ new: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443]
+ detected: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][api.snapcraft.io]
+ RISK: TLS (probably) Not Carrying HTTPS
+ new: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443]
+ detected: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443] [TLS.Canonical][Canonical][Cloud][Acceptable][ppa.launchpadcontent.net]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....72] [ip4][..tcp] [...192.168.1.17][57042] -> [.185.125.190.80][..443] [TLS.Canonical][Canonical][Cloud][Acceptable]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....71] [ip4][..tcp] [...192.168.1.17][60888] -> [.185.125.188.54][..443] [TLS.Canonical][Canonical][Cloud][Acceptable]
+ RISK: TLS (probably) Not Carrying HTTPS
+ idle: [....70] [ip4][..tcp] [...192.168.1.17][55718] -> [213.180.204.183][...80] [HTTP.Canonical][Yandex][Cloud][Acceptable]
DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.