summaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/telegram_videocall.pcapng.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/telegram_videocall.pcapng.out')
-rw-r--r--test/results/flow-info/default/telegram_videocall.pcapng.out210
1 files changed, 210 insertions, 0 deletions
diff --git a/test/results/flow-info/default/telegram_videocall.pcapng.out b/test/results/flow-info/default/telegram_videocall.pcapng.out
new file mode 100644
index 000000000..5298fef61
--- /dev/null
+++ b/test/results/flow-info/default/telegram_videocall.pcapng.out
@@ -0,0 +1,210 @@
+ DAEMON-EVENT: init
+ DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
+ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
+ new: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2]
+ detected: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
+ new: [.....2] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500]
+ detected: [.....2] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
+ new: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443]
+ new: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443]
+ new: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443]
+ new: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443]
+ analyse: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.127| 0.025| 0.031| 963.939| 3.900]
+ [PKTLEN......: 52.000| 1280.000| 541.900| 516.100| 266324.800| 4.300]
+ [BINS(c->s)..: 6,0,0,1,1,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 4,0,2,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,0,1,0,0,1,1,1,1,0,0,0,0,1,1,0,1,0,1,1,1,1,1,0,0,1,1,1,1,1]
+ [IATS(ms)....: 30.7,31.9,0.3,33.0,35.6,10.2,44.5,8.2,4.4,4.1,48.7,1.4,3.1,6.4,36.5,17.8,50.9,88.4,126.9,78.7,32.9,0.1,0.0,0.0,65.5,0.3,2.2,0.0,0.0,0.0,0.0]
+ [PKTLENS.....: 60,60,52,333,157,52,936,825,672,141,141,52,767,189,301,52,349,317,52,157,52,1280,1280,1280,1280,52,52,1280,1280,1280,1280,1280]
+ [ENTROPIES...: 4.8,5.2,5.2,7.3,6.7,5.1,7.8,7.7,7.7,6.6,6.6,5.1,7.7,6.9,7.2,5.2,7.4,7.3,5.3,6.7,5.3,7.9,7.8,7.9,7.8,5.2,5.2,7.8,7.8,7.9,7.9,7.8]
+ new: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443]
+ new: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443]
+ new: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443]
+ analyse: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.047| 0.009| 0.015| 220.392| 3.200]
+ [PKTLEN......: 52.000| 1280.000| 644.300| 571.900| 327061.800| 4.300]
+ [BINS(c->s)..: 9,0,0,0,0,1,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 2,0,0,1,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,0,0,1,1,1,0,0,0,1,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,1,1,1,1,1]
+ [IATS(ms)....: 30.1,31.4,0.3,0.6,31.5,0.0,0.0,35.0,0.2,6.9,41.7,13.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,0.0,46.8,0.1,0.0,0.1,0.9,6.5,31.9,0.0,0.0,0.0,0.0]
+ [PKTLENS.....: 60,60,52,630,221,52,157,262,52,52,333,221,1280,1280,1280,1280,1280,1280,1280,1280,1280,52,52,52,52,52,285,1280,1280,1280,1280,1280]
+ [ENTROPIES...: 4.8,5.2,5.2,7.7,7.0,5.2,6.8,7.1,5.2,5.2,7.4,7.1,7.9,7.9,7.8,7.9,7.8,7.8,7.8,7.8,7.8,5.1,5.2,5.1,5.1,5.2,7.1,7.9,7.8,7.9,7.8,7.8]
+ new: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443]
+ new: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353]
+ detected: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local]
+ new: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400]
+ detected: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400]
+ detected: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400]
+ detected: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400]
+ detected: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400]
+ detected: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400]
+ detected: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400]
+ detected: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400]
+ detected: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400]
+ detected: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400]
+ detected: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400]
+ detected: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400]
+ detected: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ detection-update: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org]
+ RISK: Known Proto on Non Std Port
+ new: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554]
+ detected: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554]
+ detected: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393]
+ detected: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393]
+ detected: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable][]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ new: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2]
+ detected: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
+ analyse: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 0.475| 0.052| 0.095| 9109.989| 3.600]
+ [PKTLEN......: 49.000| 265.000| 106.200| 48.900| 2396.000| 4.900]
+ [BINS(c->s)..: 3,2,11,3,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 2,3,3,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,1,0,0,0,0,0,1,1,1,0,0,1,1,1,0,0,0,0,0,0,0,0,1,1,0,0,0,1,0]
+ [IATS(ms)....: 75.7,88.0,12.8,2.3,9.0,48.9,21.7,0.2,117.5,0.1,18.9,57.5,0.3,20.7,0.0,35.1,54.6,306.4,41.6,24.8,9.9,17.7,18.1,17.4,474.7,0.1,42.1,15.5,14.1,40.1,18.5]
+ [PKTLENS.....: 128,92,51,124,92,128,128,65,71,92,92,124,54,92,64,49,124,92,265,119,119,119,119,119,265,53,64,59,119,119,79,119]
+ [ENTROPIES...: 5.4,5.7,5.3,5.6,5.6,5.5,5.4,5.7,5.8,5.8,5.7,5.6,5.5,5.8,5.7,5.3,5.6,5.8,7.1,6.5,6.4,6.4,6.5,6.4,7.2,5.5,5.7,5.6,6.3,6.4,5.9,6.5]
+ new: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353]
+ detected: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local]
+ new: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [MIDSTREAM]
+ detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ detection-update: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable][]
+ RISK: Known Proto on Non Std Port
+ update: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
+ analyse: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443]
+ min| max| avg| stddev| variance| entropy
+ [IAT.........: 0.000| 25.078| 1.818| 6.147| 37780767.900| 1.500]
+ [PKTLEN......: 52.000| 1280.000| 482.700| 530.000| 280877.200| 4.100]
+ [BINS(c->s)..: 14,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ [BINS(s->c)..: 2,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,0,0,0]
+ [DIRECTIONS..: 0,1,0,0,1,0,0,1,1,1,1,1,0,0,0,0,1,1,1,1,1,1,1,0,0,0,0,0,0,0,0,1]
+ [IATS(ms)....: 29.1,30.6,0.5,31.6,35.4,6.5,41.7,9.9,0.0,0.0,0.0,46.9,0.0,41.7,2909.6,2997.7,0.0,0.0,0.0,2.4,0.1,0.1,44.3,0.0,0.0,0.1,0.1,0.1,0.1,25044.9,25078.5]
+ [PKTLENS.....: 60,60,52,630,262,52,205,221,1280,1280,1280,700,52,52,52,381,1280,1280,1280,1280,1280,1280,680,52,52,52,52,52,52,52,52,52]
+ [ENTROPIES...: 4.9,5.3,5.2,7.6,7.1,5.1,6.9,7.0,7.8,7.8,7.8,7.7,5.2,5.1,5.1,7.5,7.8,7.9,7.8,7.9,7.8,7.8,7.7,5.2,5.0,5.1,5.1,5.2,5.2,5.1,5.1,5.2]
+ new: [....31] [ip4][.icmp] [.192.168.12.169] -> [....91.108.9.35]
+ detected: [....31] [ip4][.icmp] [.192.168.12.169] -> [....91.108.9.35] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ new: [....32] [ip4][.icmp] [.192.168.12.169] -> [...91.108.13.23]
+ detected: [....32] [ip4][.icmp] [.192.168.12.169] -> [...91.108.13.23] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ new: [....33] [ip4][.icmp] [.192.168.12.169] -> [....91.108.17.2]
+ detected: [....33] [ip4][.icmp] [.192.168.12.169] -> [....91.108.17.2] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ new: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [MIDSTREAM]
+ detected: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [TLS][AmazonAWS][Web][Safe]
+ RISK: Unidirectional Traffic
+ guessed: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe]
+ RISK: TCP Connection Issues
+ end: [.....3] [ip4][..tcp] [.192.168.12.169][37948] -> [.149.154.167.91][..443]
+ guessed: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ idle: [.....4] [ip4][..tcp] [.192.168.12.169][37950] -> [.149.154.167.91][..443]
+ guessed: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ idle: [....10] [ip4][..tcp] [.192.168.12.169][37966] -> [.149.154.167.91][..443]
+ idle: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port
+ idle: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
+ idle: [.....2] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
+ idle: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400]
+ idle: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400]
+ idle: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400]
+ idle: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353]
+ idle: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
+ idle: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353]
+ guessed: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ end: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443]
+ guessed: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ end: [.....6] [ip4][..tcp] [.192.168.12.169][46866] -> [.149.154.167.51][..443]
+ guessed: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ end: [.....7] [ip4][..tcp] [.192.168.12.169][40830] -> [149.154.167.222][..443]
+ guessed: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ end: [.....8] [ip4][..tcp] [.192.168.12.169][40832] -> [149.154.167.222][..443]
+ guessed: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443] [TLS][Telegram][Web][Safe]
+ RISK: Fully encrypted flow
+ idle: [.....9] [ip4][..tcp] [.192.168.12.169][40834] -> [149.154.167.222][..443]
+ idle: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port
+ idle: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400]
+ idle: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port
+ idle: [....33] [ip4][.icmp] [.192.168.12.169] -> [....91.108.17.2] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ idle: [....32] [ip4][.icmp] [.192.168.12.169] -> [...91.108.13.23] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ idle: [....31] [ip4][.icmp] [.192.168.12.169] -> [....91.108.9.35] [ICMP][Telegram][Network][Acceptable]
+ RISK: Unidirectional Traffic
+ idle: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400]
+ end: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [TLS][AmazonAWS][Web][Safe]
+ RISK: Unidirectional Traffic
+ guessed: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [AmazonAWS][AmazonAWS][Cloud][Acceptable]
+ idle: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222]
+ idle: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400]
+ idle: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable]
+ RISK: Known Proto on Non Std Port, Unidirectional Traffic
+ idle: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400]
+ idle: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400]
+ idle: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400]
+ DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.