aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/tls_certificate_too_long.pcap.out
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/default/tls_certificate_too_long.pcap.out')
-rw-r--r--test/results/flow-info/default/tls_certificate_too_long.pcap.out96
1 files changed, 48 insertions, 48 deletions
diff --git a/test/results/flow-info/default/tls_certificate_too_long.pcap.out b/test/results/flow-info/default/tls_certificate_too_long.pcap.out
index a99583fa9..36f2a6da9 100644
--- a/test/results/flow-info/default/tls_certificate_too_long.pcap.out
+++ b/test/results/flow-info/default/tls_certificate_too_long.pcap.out
@@ -24,46 +24,46 @@
new: [.....8] [ip4][....2] [..192.168.1.139] -> [....224.0.0.251]
detected: [.....8] [ip4][....2] [..192.168.1.139] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable]
new: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53]
- detected: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
+ detected: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
new: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53]
- detected: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
- detection-update: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
+ detected: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
+ detection-update: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
new: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53]
- detected: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS.Azure][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
+ detected: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
new: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443]
- detection-update: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
+ detection-update: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
new: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443]
- detection-update: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS.Azure][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
- detected: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detected: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detection-update: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detection-update: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
+ detected: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detected: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detection-update: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
new: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53]
- detected: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
+ detected: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
new: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53]
- detected: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
- detection-update: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
+ detected: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
+ detection-update: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
new: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53]
detected: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
new: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53]
detected: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
- detection-update: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detection-update: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
detection-update: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
new: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80]
- detection-update: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
- detected: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Cloud][Safe][www.microsoft.com]
+ detection-update: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
+ detected: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Web][Acceptable][www.microsoft.com]
detection-update: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
- detection-update: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com]
+ detection-update: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com]
RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt)
new: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80]
- detected: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Cloud][Safe][www.microsoft.com]
- detection-update: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com]
+ detected: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Web][Acceptable][www.microsoft.com]
+ detection-update: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com]
RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt)
new: [....20] [ip4][..tcp] [..192.168.1.121][53905] -> [..140.82.113.26][..443] [MIDSTREAM]
new: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53]
- detected: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS.Apple][Google][Network][Safe][time-macos.apple.com]
- detection-update: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS.Apple][Google][Network][Safe][time-macos.apple.com]
+ detected: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][time-macos.apple.com]
+ detection-update: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][time-macos.apple.com]
new: [....22] [ip4][..udp] [..192.168.1.121][49216] -> [..17.253.54.251][..123]
detected: [....22] [ip4][..udp] [..192.168.1.121][49216] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
detected: [....20] [ip4][..tcp] [..192.168.1.121][53905] -> [..140.82.113.26][..443] [TLS][Github][Web][Safe]
@@ -102,54 +102,54 @@
[ENTROPIES...: 7.9,7.8,7.9,4.9,7.9,7.8,6.6,7.1,7.5,5.7,5.6,4.7,5.4,4.7,4.9,7.9,7.8,7.6,4.9,7.6,7.8,7.5,4.6,6.6,7.0,7.2,6.2,5.6,5.8,5.5,4.7,5.0]
new: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443]
new: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443]
- detected: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detected: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detection-update: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detected: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detected: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detection-update: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
- detection-update: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detection-update: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
new: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123]
detected: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
new: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443]
new: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443]
- detected: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detected: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detection-update: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detected: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detected: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detection-update: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
- detection-update: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detection-update: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
new: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123]
detected: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
new: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443]
new: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443]
- detected: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detected: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
- detection-update: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detected: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detected: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
+ detection-update: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
- detection-update: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe][wdcp.microsoft.com]
+ detection-update: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable][wdcp.microsoft.com]
RISK: TLS Cert Validity Too Long
new: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123]
detected: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
new: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [MIDSTREAM]
detected: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [TLS][GoogleCloud][Web][Safe]
- idle: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
+ idle: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
idle: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
idle: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
idle: [.....5] [ip6][..udp] [..............fe80::1059:a858:f9e7:cf94][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
- idle: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][wdcp.microsoft.com]
+ idle: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wdcp.microsoft.com]
idle: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][e13678.dscb.akamaiedge.net]
guessed: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443] [TLS][Azure][Web][Safe]
idle: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443]
- end: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com]
+ end: [....18] [ip4][..tcp] [..192.168.1.121][53912] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com]
RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt)
- end: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft][Unknown][Download][Safe][www.microsoft.com]
+ end: [....19] [ip4][..tcp] [..192.168.1.121][53913] -> [....2.22.33.235][...80] [HTTP.Microsoft365][Unknown][Download][Acceptable][www.microsoft.com]
RISK: HTTP Susp Header, Binary File/Data Transfer (Attempt)
- idle: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
+ idle: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
idle: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
idle: [.....8] [ip4][....2] [..192.168.1.139] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable]
idle: [.....7] [ip4][....2] [..192.168.1.139] -> [......224.0.0.2] [IGMP][Unknown][Network][Acceptable]
- idle: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS.Apple][Google][Network][Safe][time-macos.apple.com]
- idle: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS.Azure][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
+ idle: [....21] [ip4][..udp] [..192.168.1.121][65213] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][time-macos.apple.com]
+ idle: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][wd-prod-cp-eu-north-2-fe.northeurope.cloudapp.azure.com]
idle: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [TLS][GoogleCloud][Web][Safe]
end: [....20] [ip4][..tcp] [..192.168.1.121][53905] -> [..140.82.113.26][..443] [TLS][Github][Web][Safe]
idle: [.....4] [ip4][..udp] [..192.168.1.139][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
@@ -157,26 +157,26 @@
idle: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe]
idle: [....22] [ip4][..udp] [..192.168.1.121][49216] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
idle: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable]
- end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
- end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe]
+ end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft365][Azure][Web][Acceptable]
RISK: TLS Cert Validity Too Long
not-detected: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] [Unknown][Unknown][Unrated]
RISK: Susp Entropy
idle: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367]
- idle: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe][www.microsoft.com]
+ idle: [....14] [ip4][..udp] [..192.168.1.121][51364] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][www.microsoft.com]
idle: [.....6] [ip4][..udp] [..192.168.1.121][.5353] -> [..192.168.1.139][.5353] [MDNS][Unknown][Network][Acceptable][_companion-link._tcp.local]
idle: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][235.33.22.2.in-addr.arpa]
idle: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][60.21.149.52.in-addr.arpa]
Powered by cgit, Themed by Ted Yin.