diff options
Diffstat (limited to 'test/results/flow-info/default')
269 files changed, 5559 insertions, 6971 deletions
diff --git a/test/results/flow-info/default/1kxun.pcap.out b/test/results/flow-info/default/1kxun.pcap.out index 452bca122..f00121cf6 100644 --- a/test/results/flow-info/default/1kxun.pcap.out +++ b/test/results/flow-info/default/1kxun.pcap.out @@ -209,6 +209,8 @@ new: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] detected: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] new: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] + detection-update: [....59] [ip4][..tcp] [...192.168.5.16][53624] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] + RISK: Error Code new: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80] [MIDSTREAM] new: [....62] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][63659] -> [..............................ff02::1:3][.5355] detected: [....62] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][63659] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] @@ -298,6 +300,7 @@ detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] + detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75] @@ -317,6 +320,7 @@ new: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [MIDSTREAM] detected: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] new: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] detected: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [...115] [ip4][..udp] [..192.168.3.236][59730] -> [....224.0.0.252][.5355] @@ -390,7 +394,6 @@ update: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol @@ -408,16 +411,22 @@ update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 11|updates: 38] + DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 14|updates: 38] new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] + RISK: Known Proto on Non Std Port new: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [...131] [ip4][..tcp] [..192.168.2.126][60972] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] + RISK: Known Proto on Non Std Port new: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [MIDSTREAM] detected: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [...132] [ip4][..tcp] [..192.168.2.126][60984] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi] + RISK: Known Proto on Non Std Port new: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.mobi] RISK: Unidirectional Traffic @@ -426,6 +435,7 @@ RISK: Unidirectional Traffic detection-update: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Download][Fun][kankan.1kxun.mobi] RISK: Binary App Transfer + detection-update: [...134] [ip4][..tcp] [..192.168.2.126][41134] -> [.129.226.107.77][...80] [HTTP.QQ][Tencent][Chat][Fun][cgi.connect.qq.com] new: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.com] RISK: Unidirectional Traffic @@ -450,8 +460,8 @@ idle: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] - idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] + idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe] + idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe] not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated] @@ -470,7 +480,6 @@ idle: [....94] [ip4][..udp] [..192.168.119.2][43786] -> [255.255.255.255][.5678] idle: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...103] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][64568] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] @@ -498,7 +507,7 @@ not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated] idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] - idle: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] + idle: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....67] [ip4][..udp] [...192.168.5.45][59789] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable] @@ -583,7 +592,6 @@ not-detected: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] [Unknown][Unknown][Unrated] idle: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] idle: [...119] [ip4][..udp] [...192.168.5.16][..123] -> [..17.253.26.125][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun] guessed: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [TLS][Unknown][Web][Safe] idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] @@ -604,18 +612,26 @@ idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] idle: [...115] [ip4][..udp] [..192.168.3.236][59730] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable] + detection-update: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.com] + detection-update: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.com] new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] RISK: Unidirectional Traffic new: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [MIDSTREAM] detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] RISK: HTTP Susp User-Agent, Unidirectional Traffic + detection-update: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi] + detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com] + RISK: HTTP Susp User-Agent, Error Code new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] new: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [MIDSTREAM] detected: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Unknown][Streaming][Fun][android.yingshi.tcclick.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Unknown][Streaming][Fun][android.yingshi.tcclick.1kxun.com] + RISK: Error Code new: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] RISK: Unidirectional Traffic @@ -628,6 +644,10 @@ new: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] + detection-update: [...144] [ip4][..tcp] [..192.168.2.126][46212] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] + detection-update: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] + detection-update: [...143] [ip4][..tcp] [..192.168.2.126][46200] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] analyse: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.895| 0.069| 0.184| 33990.969| 2.200] @@ -641,9 +661,11 @@ new: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [MIDSTREAM] detected: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Unknown][Streaming][Fun][release.bigdata.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...145] [ip4][..tcp] [..192.168.2.126][35200] -> [...103.29.71.30][...80] [HTTP.1kxun][Unknown][Streaming][Fun][release.bigdata.1kxun.com] new: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] RISK: Unidirectional Traffic + detection-update: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] new: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] RISK: Unidirectional Traffic @@ -662,9 +684,16 @@ new: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Alibaba][Streaming][Acceptable][tcad.wedolook.com] RISK: Unidirectional Traffic + detection-update: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...148] [ip4][..tcp] [..192.168.2.126][45398] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...149] [ip4][..tcp] [..192.168.2.126][45414] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Alibaba][Streaming][Acceptable][tcad.wedolook.com] new: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [MIDSTREAM] detected: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][AmazonAWS][Web][Acceptable][google.open-js.com] RISK: Unidirectional Traffic + detection-update: [...153] [ip4][..tcp] [..192.168.2.126][41390] -> [....18.64.79.37][...80] [HTTP.Google][AmazonAWS][Web][Acceptable][google.open-js.com] analyse: [...146] [ip4][..tcp] [..192.168.2.126][45380] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.409| 0.085| 0.132| 17528.007| 3.300] @@ -681,12 +710,15 @@ new: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [MIDSTREAM] detected: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [HTTP.Google][Google][Advertisement][Acceptable][pagead2.googlesyndication.com] RISK: Unidirectional Traffic + detection-update: [...155] [ip4][..tcp] [..192.168.2.126][38354] -> [.142.250.186.34][...80] [HTTP.Google][Google][Advertisement][Acceptable][pagead2.googlesyndication.com] new: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [MIDSTREAM] detected: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [HTTP.Google][Google][Advertisement][Acceptable][www.google-analytics.com] RISK: Unidirectional Traffic + detection-update: [...156] [ip4][..tcp] [..192.168.2.126][36732] -> [142.250.186.174][...80] [HTTP.Google][Google][Advertisement][Acceptable][www.google-analytics.com] new: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [MIDSTREAM] detected: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...157] [ip4][..tcp] [..192.168.2.126][49354] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] new: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [MIDSTREAM] detected: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] RISK: Unidirectional Traffic @@ -702,6 +734,11 @@ new: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [MIDSTREAM] detected: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...158] [ip4][..tcp] [..192.168.2.126][49372] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] + detection-update: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] + detection-update: [...159] [ip4][..tcp] [..192.168.2.126][49370] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] + detection-update: [...162] [ip4][..tcp] [..192.168.2.126][49396] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] + detection-update: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun][hkbn.content.1kxun.com] analyse: [...160] [ip4][..tcp] [..192.168.2.126][49380] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.887| 0.071| 0.171| 29312.068| 2.600] @@ -725,6 +762,7 @@ new: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [MIDSTREAM] detected: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Google][Web][Acceptable][www.googletagservices.com] RISK: Unidirectional Traffic + detection-update: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Google][Web][Acceptable][www.googletagservices.com] new: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] RISK: Unidirectional Traffic @@ -740,6 +778,7 @@ new: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [MIDSTREAM] detected: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] RISK: Unidirectional Traffic + detection-update: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] analyse: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 6.045| 1.047| 1.982| 3926937.043| 3.000] @@ -750,6 +789,10 @@ [IATS(ms)....: 188.5,0.0,1.4,179.4,1.4,0.7,0.4,2.4,0.7,270.1,0.1,0.0,0.6,0.0,3892.8,3428.9,186.1,186.3,192.6,209.0,367.2,352.3,5253.8,5339.0,3.6,6045.0,5959.1,0.4,0.5,194.9,189.4] [PKTLENS.....: 486,2932,2932,8692,2932,7252,1492,1492,14452,1492,2932,2932,7252,7252,4078,803,695,805,1511,807,1401,803,1516,1065,2932,1130,1155,1492,1492,1575,1166,1083] [ENTROPIES...: 5.9,7.8,7.9,8.0,7.9,8.0,7.9,7.9,8.0,7.9,7.9,7.9,8.0,8.0,8.0,5.9,6.4,5.9,7.5,5.9,6.2,5.9,6.5,5.8,6.5,6.8,5.8,6.4,7.8,7.9,5.8,6.9] + detection-update: [...165] [ip4][..tcp] [..192.168.2.126][50148] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...166] [ip4][..tcp] [..192.168.2.126][50164] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...167] [ip4][..tcp] [..192.168.2.126][50166] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] + detection-update: [...168] [ip4][..tcp] [..192.168.2.126][50176] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][mangaweb.1kxun.mobi] new: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] RISK: Unidirectional Traffic @@ -759,9 +802,13 @@ new: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [MIDSTREAM] detected: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] RISK: Unidirectional Traffic + detection-update: [...169] [ip4][..tcp] [..192.168.2.126][38326] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] + detection-update: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] + detection-update: [...171] [ip4][..tcp] [..192.168.2.126][38316] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com] new: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [MIDSTREAM] detected: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Unknown][Web][Acceptable][m.vpon.com] RISK: Unidirectional Traffic + detection-update: [...172] [ip4][..tcp] [..192.168.2.126][59324] -> [.104.117.221.10][...80] [HTTP][Unknown][Web][Acceptable][m.vpon.com] new: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [MIDSTREAM] detected: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] RISK: Unidirectional Traffic @@ -771,18 +818,24 @@ new: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [MIDSTREAM] detected: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...173] [ip4][..tcp] [..192.168.2.126][56094] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] + detection-update: [...174] [ip4][..tcp] [..192.168.2.126][56098] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] + detection-update: [...175] [ip4][..tcp] [..192.168.2.126][56096] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] new: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [MIDSTREAM] detected: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...176] [ip4][..tcp] [..192.168.2.126][56104] -> [....3.72.69.158][...80] [HTTP][AmazonAWS][Web][Acceptable][setting.rayjump.com] new: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] RISK: Unidirectional Traffic new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM] detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM] detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM] detected: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [HTTP][Unknown][Web][Acceptable][tw.api.vpon.com] RISK: Unidirectional Traffic @@ -798,15 +851,22 @@ new: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [MIDSTREAM] detected: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP][AmazonAWS][Web][Acceptable][cdn.liftoff.io] new: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [MIDSTREAM] detected: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] RISK: Unidirectional Traffic new: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [MIDSTREAM] detected: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] + detection-update: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] + detection-update: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] new: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [MIDSTREAM] detected: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable][hybird.rayjump.com] + detection-update: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [HTTP][Unknown][Web][Acceptable][tw.api.vpon.com] + detection-update: [...181] [ip4][..tcp] [..192.168.2.126][58760] -> [.202.153.196.53][...80] [HTTP][Unknown][Web][Acceptable][tw.api.vpon.com] new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM] detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: HTTP Susp User-Agent, Unidirectional Traffic @@ -823,24 +883,34 @@ RISK: Unidirectional Traffic detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] + detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com] + detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com] + detection-update: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com] new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM] detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] RISK: Unidirectional Traffic new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM] detected: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [HTTP][AmazonAWS][Web][Acceptable][adexp.liftoff.io] RISK: Unidirectional Traffic + detection-update: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io] + detection-update: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [HTTP][AmazonAWS][Web][Acceptable][adexp.liftoff.io] new: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [MIDSTREAM] detected: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Google][Web][Acceptable][play.google.com] RISK: Unidirectional Traffic new: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [MIDSTREAM] detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] RISK: Unidirectional Traffic + detection-update: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Google][Web][Acceptable][play.google.com] + detection-update: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io] new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM] detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com] new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM] detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] RISK: Unidirectional Traffic + detection-update: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com] idle: [...147] [ip4][..tcp] [..192.168.2.126][45388] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] idle: [...148] [ip4][..tcp] [..192.168.2.126][45398] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] idle: [...163] [ip4][..tcp] [..192.168.2.126][44368] -> [..172.217.18.98][...80] [HTTP.GoogleServices][Google][Web][Acceptable] @@ -849,12 +919,13 @@ idle: [...150] [ip4][..tcp] [..192.168.2.126][45416] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] idle: [...151] [ip4][..tcp] [..192.168.2.126][45422] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] idle: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Alibaba][Streaming][Acceptable] - idle: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] + idle: [...154] [ip4][..tcp] [..192.168.2.126][51888] -> [.119.28.164.143][...80] [HTTP][Tencent][Web][Acceptable] + RISK: Unidirectional Traffic idle: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable] idle: [...184] [ip4][..tcp] [..192.168.2.126][36636] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable] idle: [...185] [ip4][..tcp] [..192.168.2.126][36640] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable] idle: [...186] [ip4][..tcp] [..192.168.2.126][36654] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable] - idle: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] + idle: [...187] [ip4][..tcp] [..192.168.2.126][36660] -> [...18.64.103.30][...80] [HTTP][AmazonAWS][Web][Acceptable] idle: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [HTTP][Unknown][Web][Acceptable] idle: [...181] [ip4][..tcp] [..192.168.2.126][58760] -> [.202.153.196.53][...80] [HTTP][Unknown][Web][Acceptable] idle: [...170] [ip4][..tcp] [..192.168.2.126][38314] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun] @@ -870,7 +941,8 @@ idle: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Unknown][Streaming][Fun] RISK: Error Code idle: [...161] [ip4][..tcp] [..192.168.2.126][49412] -> [.14.136.136.108][...80] [HTTP.1kxun][Unknown][Streaming][Fun] - idle: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] + idle: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable] + RISK: Unidirectional Traffic idle: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable] idle: [...164] [ip4][..tcp] [..192.168.2.126][50140] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] idle: [...165] [ip4][..tcp] [..192.168.2.126][50148] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun] @@ -902,7 +974,8 @@ idle: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun] RISK: HTTP Susp User-Agent, Error Code idle: [...182] [ip4][..tcp] [..192.168.2.126][35664] -> [.....18.66.2.90][...80] [HTTP][AmazonAWS][Web][Acceptable] - idle: [...183] [ip4][..tcp] [..192.168.2.126][35666] -> [.....18.66.2.90][...80] + idle: [...183] [ip4][..tcp] [..192.168.2.126][35666] -> [.....18.66.2.90][...80] [HTTP.MpegDash][AmazonAWS][Media][Fun] + RISK: Unidirectional Traffic idle: [...142] [ip4][..tcp] [..192.168.2.126][46170] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun] idle: [...141] [ip4][..tcp] [..192.168.2.126][46184] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun] idle: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Download][Fun] diff --git a/test/results/flow-info/default/4in6tunnel.pcap.out b/test/results/flow-info/default/4in6tunnel.pcap.out index 63fc5a99b..469485612 100644 --- a/test/results/flow-info/default/4in6tunnel.pcap.out +++ b/test/results/flow-info/default/4in6tunnel.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip6][....4] [22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8] -> [................344a:ba94:152a:ac34::2a] [IP_in_IP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip6][....4] [22e0:1685:eda7:38cc:58bd:f3f1:aa3f:22d8] -> [................344a:ba94:152a:ac34::2a] [IP_in_IP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/BGP_redist.pcap.out b/test/results/flow-info/default/BGP_redist.pcap.out index e81281a10..dc342d0ae 100644 --- a/test/results/flow-info/default/BGP_redist.pcap.out +++ b/test/results/flow-info/default/BGP_redist.pcap.out @@ -6,5 +6,4 @@ detected: [.....1] [ip4][..tcp] [........2.2.2.2][..179] -> [........5.5.5.5][49433] [BGP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [........2.2.2.2][..179] -> [........5.5.5.5][49433] [BGP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out b/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out index 8eea83ba1..9f185ac50 100644 --- a/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out +++ b/test/results/flow-info/default/FAX-Call-t38-CA-TDM-SIP-FB-1.pcap.out @@ -36,7 +36,6 @@ [PKTLENS.....: 200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200,200] [ENTROPIES...: 1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,1.7,2.4,2.4,2.4,2.5,2.4,2.5,2.5,2.5,2.5,2.5,2.4,2.4,2.4,2.4,2.5,2.5,2.5,2.5,2.4,2.4,2.5] update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic analyse: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 27.628| 2.809| 6.896| 47549159.309| 2.500] @@ -49,20 +48,12 @@ [ENTROPIES...: 5.7,5.7,5.6,5.6,5.6,5.6,5.7,5.7,5.6,5.6,5.7,5.7,5.6,5.6,5.8,5.8,5.6,5.6,5.6,5.6,5.7,5.7,5.7,5.7,5.6,5.6,5.6,5.6,5.6,5.6,5.7,5.7] update: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Unknown][Media][Acceptable] update: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [...10.35.60.100][15580] -> [.....10.23.1.52][16756] [RTP][Unknown][Media][Acceptable] idle: [.....1] [ip4][..udp] [....10.35.40.22][.2944] -> [.....10.23.1.42][.2944] [Megaco][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [138.132.169.101][.5060] -> [192.168.100.219][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [....10.35.40.25][.5060] -> [...10.35.40.200][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [....10.35.60.72][.5060] -> [...10.35.60.100][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/KakaoTalk_chat.pcap.out b/test/results/flow-info/default/KakaoTalk_chat.pcap.out index 97503477a..5e2991efa 100644 --- a/test/results/flow-info/default/KakaoTalk_chat.pcap.out +++ b/test/results/flow-info/default/KakaoTalk_chat.pcap.out @@ -138,7 +138,7 @@ new: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] detected: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS][Facebook][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) - analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] + analyse: [....15] [ip4][..tcp] [...10.24.82.188][35503] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.004| 3.803| 0.501| 0.832| 692202.045| 3.700] [PKTLEN......: 40.000| 1320.000| 209.000| 352.300| 124085.100| 3.700] @@ -179,7 +179,6 @@ [PKTLENS.....: 60,44,40,224,44,40,1320,1320,1027,40,40,40,162,40,87,40,562,40,69,40,199,312,40,40,78,40,69,40,67,116,40,40] [ENTROPIES...: 4.7,5.0,4.9,5.2,4.7,5.0,6.5,7.1,6.7,4.8,4.9,4.9,6.5,4.9,5.9,4.8,7.7,5.0,5.6,4.8,6.9,7.1,5.0,5.0,5.8,4.9,5.5,4.9,5.6,6.3,5.0,5.0] update: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] detected: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe][] RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older) @@ -193,8 +192,10 @@ RISK: Obsolete TLS (v1.1 or older) idle: [....34] [ip4][..tcp] [...10.24.82.188][35511] -> [...173.252.97.2][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] RISK: Obsolete TLS (v1.1 or older) - end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] - idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] + end: [....30] [ip4][..tcp] [...10.24.82.188][58927] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....38] [ip4][..tcp] [...10.24.82.188][58964] -> [.54.255.253.199][.5223] [TLS][AmazonAWS][Web][Safe] + RISK: Known Proto on Non Std Port, Obsolete TLS (v1.1 or older) idle: [.....6] [ip4][..udp] [...10.24.82.188][58810] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] idle: [.....9] [ip4][..udp] [...10.24.82.188][56820] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] idle: [.....1] [ip4][..udp] [...10.24.82.188][38448] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] @@ -206,29 +207,31 @@ end: [....16] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34503] idle: [....27] [ip4][..udp] [...10.24.82.188][.4017] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun] idle: [....19] [ip4][.icmp] [...10.24.82.188] -> [...10.188.191.1] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [...10.24.82.188][24596] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun] idle: [....12] [ip4][..udp] [...10.24.82.188][43077] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] idle: [....37] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic guessed: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] RISK: Fully encrypted flow idle: [....13] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] - end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] + end: [....20] [ip4][..tcp] [...10.24.82.188][37821] -> [.210.103.240.15][..443] [TLS.KakaoTalk][Unknown][Chat][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [....28] [ip4][..udp] [...10.24.82.188][14650] -> [.....10.188.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [...10.24.82.188][29029] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] idle: [.....3] [ip4][..udp] [...10.24.82.188][57816] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [...10.24.82.188][25117] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] end: [....22] [ip4][..tcp] [....31.13.68.73][..443] -> [...10.24.82.188][47007] [TLS][Facebook][Web][Safe] - RISK: Unidirectional Traffic - idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] + idle: [....36] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....5] [ip4][..udp] [...10.24.82.188][12908] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] guessed: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] [TLS][Unknown][Web][Safe] end: [....31] [ip4][..tcp] [...10.24.82.188][42332] -> [.210.103.240.15][..443] idle: [.....2] [ip4][..udp] [...10.24.82.188][35603] -> [.....10.188.1.1][...53] [DNS.KakaoTalk][Unknown][Network][Acceptable] - idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] - idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] - idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] + idle: [....24] [ip4][..tcp] [...10.24.82.188][45209] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....29] [ip4][..tcp] [...10.24.82.188][45211] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....33] [ip4][..tcp] [...10.24.82.188][45213] -> [....31.13.68.84][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] + RISK: Obsolete TLS (v1.1 or older) guessed: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] [HTTP][Google][Web][Acceptable][] end: [....14] [ip4][..tcp] [..216.58.221.10][...80] -> [...10.24.82.188][35922] guessed: [....35] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Unknown][Web][Safe] diff --git a/test/results/flow-info/default/KakaoTalk_talk.pcap.out b/test/results/flow-info/default/KakaoTalk_talk.pcap.out index d4e318097..77fc73904 100644 --- a/test/results/flow-info/default/KakaoTalk_talk.pcap.out +++ b/test/results/flow-info/default/KakaoTalk_talk.pcap.out @@ -109,23 +109,22 @@ end: [....17] [ip4][..tcp] [173.194.117.229][..443] -> [...10.24.82.188][38380] idle: [....13] [ip4][..udp] [...10.24.82.188][10268] -> [....1.201.1.174][23046] [RTP][Unknown][Media][Acceptable] idle: [....11] [ip4][..udp] [...10.24.82.188][10269] -> [....1.201.1.174][23047] [KakaoTalk_Voice][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - end: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] + end: [.....4] [ip4][..tcp] [...10.24.82.188][48489] -> [203.205.147.215][...80] [HTTP_Proxy.QQ][Tencent][Chat][Fun] + RISK: Known Proto on Non Std Port guessed: [.....2] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34533] [HTTP][Unknown][Web][Acceptable][] end: [.....2] [ip4][..tcp] [..120.28.26.242][...80] -> [...10.24.82.188][34533] idle: [.....6] [ip4][..tcp] [...10.24.82.188][32968] -> [..110.76.143.50][.8080] [TLS.KakaoTalk][Unknown][Chat][Acceptable] RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [....14] [ip4][..tcp] [...10.24.82.188][49217] -> [.216.58.220.174][..443] [TLS][Google][Web][Safe] - RISK: Unidirectional Traffic guessed: [.....1] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] idle: [.....1] [ip4][..tcp] [...10.24.82.188][51021] -> [.103.246.57.251][.8080] idle: [.....8] [ip4][..tcp] [...10.24.82.188][58857] -> [..110.76.143.50][.9001] [TLS.KakaoTalk][Unknown][Chat][Acceptable] RISK: Known Proto on Non Std Port, Self-signed Cert, Obsolete TLS (v1.1 or older), Weak TLS Cipher - idle: [.....9] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] + idle: [.....9] [ip4][..tcp] [...10.24.82.188][34686] -> [.173.194.72.188][.5228] [TLS][Google][Web][Safe] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....20] [ip4][..udp] [...10.24.82.188][25223] -> [.....10.188.1.1][...53] [DNS.Facebook][Unknown][Network][Fun] idle: [....12] [ip4][..udp] [...10.24.82.188][11320] -> [....1.201.1.174][23044] [RTP][Unknown][Media][Acceptable] idle: [....10] [ip4][..udp] [...10.24.82.188][11321] -> [....1.201.1.174][23045] [KakaoTalk_Voice][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [.....7] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] [TLS][Unknown][Web][Safe] idle: [.....7] [ip4][..tcp] [..139.150.0.125][..443] -> [...10.24.82.188][46947] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/NTPv2.pcap.out b/test/results/flow-info/default/NTPv2.pcap.out index 8f0bbc57a..353a0608c 100644 --- a/test/results/flow-info/default/NTPv2.pcap.out +++ b/test/results/flow-info/default/NTPv2.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..208.104.95.10][..123] -> [.....78.46.76.2][...80] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..208.104.95.10][..123] -> [.....78.46.76.2][...80] [NTP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/NTPv3.pcap.out b/test/results/flow-info/default/NTPv3.pcap.out index da9edc910..3b219f002 100644 --- a/test/results/flow-info/default/NTPv3.pcap.out +++ b/test/results/flow-info/default/NTPv3.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.175.144.140.29][..123] -> [.....78.46.76.2][...80] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.175.144.140.29][..123] -> [.....78.46.76.2][...80] [NTP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/NTPv4.pcap.out b/test/results/flow-info/default/NTPv4.pcap.out index 3a0962543..c2049d185 100644 --- a/test/results/flow-info/default/NTPv4.pcap.out +++ b/test/results/flow-info/default/NTPv4.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [...85.22.62.120][..123] -> [....78.46.76.11][..123] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...85.22.62.120][..123] -> [....78.46.76.11][..123] [NTP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/WebattackRCE.pcap.out b/test/results/flow-info/default/WebattackRCE.pcap.out index 5a2023cfe..f45ffff1d 100644 --- a/test/results/flow-info/default/WebattackRCE.pcap.out +++ b/test/results/flow-info/default/WebattackRCE.pcap.out @@ -2392,801 +2392,1598 @@ new: [...797] [ip4][..tcp] [......127.0.0.1][51204] -> [......127.0.0.1][.8080] [MIDSTREAM] detected: [...797] [ip4][..tcp] [......127.0.0.1][51204] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable][127.0.0.1] RISK: RCE Injection, Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic - idle: [...745] [ip4][..tcp] [......127.0.0.1][51052] -> [......127.0.0.1][.8080] - idle: [...746] [ip4][..tcp] [......127.0.0.1][51054] -> [......127.0.0.1][.8080] - idle: [...747] [ip4][..tcp] [......127.0.0.1][51056] -> [......127.0.0.1][.8080] - idle: [...748] [ip4][..tcp] [......127.0.0.1][51058] -> [......127.0.0.1][.8080] - idle: [...749] [ip4][..tcp] [......127.0.0.1][51060] -> [......127.0.0.1][.8080] - idle: [...750] [ip4][..tcp] [......127.0.0.1][51062] -> [......127.0.0.1][.8080] - idle: [...751] [ip4][..tcp] [......127.0.0.1][51064] -> [......127.0.0.1][.8080] - idle: [...752] [ip4][..tcp] [......127.0.0.1][51066] -> [......127.0.0.1][.8080] - idle: [...753] [ip4][..tcp] [......127.0.0.1][51068] -> [......127.0.0.1][.8080] - idle: [...754] [ip4][..tcp] [......127.0.0.1][51070] -> [......127.0.0.1][.8080] - idle: [...755] [ip4][..tcp] [......127.0.0.1][51072] -> [......127.0.0.1][.8080] - idle: [...756] [ip4][..tcp] [......127.0.0.1][51074] -> [......127.0.0.1][.8080] - idle: [...757] [ip4][..tcp] [......127.0.0.1][51076] -> [......127.0.0.1][.8080] - idle: [...758] [ip4][..tcp] [......127.0.0.1][51078] -> [......127.0.0.1][.8080] - idle: [...759] [ip4][..tcp] [......127.0.0.1][51080] -> [......127.0.0.1][.8080] - idle: [...760] [ip4][..tcp] [......127.0.0.1][51082] -> [......127.0.0.1][.8080] - idle: [...761] [ip4][..tcp] [......127.0.0.1][51084] -> [......127.0.0.1][.8080] - idle: [...762] [ip4][..tcp] [......127.0.0.1][51086] -> [......127.0.0.1][.8080] - idle: [...763] [ip4][..tcp] [......127.0.0.1][51088] -> [......127.0.0.1][.8080] - idle: [...764] [ip4][..tcp] [......127.0.0.1][51090] -> [......127.0.0.1][.8080] - idle: [...765] [ip4][..tcp] [......127.0.0.1][51092] -> [......127.0.0.1][.8080] - idle: [...766] [ip4][..tcp] [......127.0.0.1][51094] -> [......127.0.0.1][.8080] - idle: [...767] [ip4][..tcp] [......127.0.0.1][51096] -> [......127.0.0.1][.8080] - idle: [...768] [ip4][..tcp] [......127.0.0.1][51098] -> [......127.0.0.1][.8080] - idle: [...769] [ip4][..tcp] [......127.0.0.1][51100] -> [......127.0.0.1][.8080] - idle: [...770] [ip4][..tcp] [......127.0.0.1][51148] -> [......127.0.0.1][.8080] - idle: [...771] [ip4][..tcp] [......127.0.0.1][51150] -> [......127.0.0.1][.8080] - idle: [...772] [ip4][..tcp] [......127.0.0.1][51152] -> [......127.0.0.1][.8080] - idle: [...773] [ip4][..tcp] [......127.0.0.1][51154] -> [......127.0.0.1][.8080] - idle: [...774] [ip4][..tcp] [......127.0.0.1][51156] -> [......127.0.0.1][.8080] - idle: [...775] [ip4][..tcp] [......127.0.0.1][51158] -> [......127.0.0.1][.8080] - idle: [...776] [ip4][..tcp] [......127.0.0.1][51160] -> [......127.0.0.1][.8080] - idle: [...777] [ip4][..tcp] [......127.0.0.1][51162] -> [......127.0.0.1][.8080] - idle: [...778] [ip4][..tcp] [......127.0.0.1][51164] -> [......127.0.0.1][.8080] - idle: [...779] [ip4][..tcp] [......127.0.0.1][51166] -> [......127.0.0.1][.8080] - idle: [...780] [ip4][..tcp] [......127.0.0.1][51168] -> [......127.0.0.1][.8080] - idle: [...781] [ip4][..tcp] [......127.0.0.1][51170] -> [......127.0.0.1][.8080] - idle: [...782] [ip4][..tcp] [......127.0.0.1][51172] -> [......127.0.0.1][.8080] - idle: [...783] [ip4][..tcp] [......127.0.0.1][51174] -> [......127.0.0.1][.8080] - idle: [...784] [ip4][..tcp] [......127.0.0.1][51176] -> [......127.0.0.1][.8080] - idle: [...785] [ip4][..tcp] [......127.0.0.1][51178] -> [......127.0.0.1][.8080] - idle: [...786] [ip4][..tcp] [......127.0.0.1][51182] -> [......127.0.0.1][.8080] - idle: [...787] [ip4][..tcp] [......127.0.0.1][51184] -> [......127.0.0.1][.8080] - idle: [...788] [ip4][..tcp] [......127.0.0.1][51186] -> [......127.0.0.1][.8080] - idle: [...789] [ip4][..tcp] [......127.0.0.1][51188] -> [......127.0.0.1][.8080] - idle: [...790] [ip4][..tcp] [......127.0.0.1][51190] -> [......127.0.0.1][.8080] - idle: [...791] [ip4][..tcp] [......127.0.0.1][51192] -> [......127.0.0.1][.8080] - idle: [...792] [ip4][..tcp] [......127.0.0.1][51194] -> [......127.0.0.1][.8080] - idle: [...793] [ip4][..tcp] [......127.0.0.1][51196] -> [......127.0.0.1][.8080] - idle: [...794] [ip4][..tcp] [......127.0.0.1][51198] -> [......127.0.0.1][.8080] - idle: [...795] [ip4][..tcp] [......127.0.0.1][51200] -> [......127.0.0.1][.8080] - idle: [...796] [ip4][..tcp] [......127.0.0.1][51202] -> [......127.0.0.1][.8080] - idle: [...797] [ip4][..tcp] [......127.0.0.1][51204] -> [......127.0.0.1][.8080] - idle: [.....1] [ip4][..tcp] [......127.0.0.1][49544] -> [......127.0.0.1][.8080] - idle: [.....2] [ip4][..tcp] [......127.0.0.1][49546] -> [......127.0.0.1][.8080] - idle: [.....3] [ip4][..tcp] [......127.0.0.1][49548] -> [......127.0.0.1][.8080] - idle: [.....4] [ip4][..tcp] [......127.0.0.1][49550] -> [......127.0.0.1][.8080] - idle: [.....5] [ip4][..tcp] [......127.0.0.1][49552] -> [......127.0.0.1][.8080] - idle: [.....6] [ip4][..tcp] [......127.0.0.1][49554] -> [......127.0.0.1][.8080] - idle: [.....7] [ip4][..tcp] [......127.0.0.1][49556] -> [......127.0.0.1][.8080] - idle: [.....8] [ip4][..tcp] [......127.0.0.1][49558] -> [......127.0.0.1][.8080] - idle: [.....9] [ip4][..tcp] [......127.0.0.1][49560] -> [......127.0.0.1][.8080] - idle: [....10] [ip4][..tcp] [......127.0.0.1][49562] -> [......127.0.0.1][.8080] - idle: [....11] [ip4][..tcp] [......127.0.0.1][49564] -> [......127.0.0.1][.8080] - idle: [....12] [ip4][..tcp] [......127.0.0.1][49566] -> [......127.0.0.1][.8080] - idle: [....13] [ip4][..tcp] [......127.0.0.1][49568] -> [......127.0.0.1][.8080] - idle: [....14] [ip4][..tcp] [......127.0.0.1][49570] -> [......127.0.0.1][.8080] - idle: [....15] [ip4][..tcp] [......127.0.0.1][49572] -> [......127.0.0.1][.8080] - idle: [....16] [ip4][..tcp] [......127.0.0.1][49574] -> [......127.0.0.1][.8080] - idle: [....17] [ip4][..tcp] [......127.0.0.1][49576] -> [......127.0.0.1][.8080] - idle: [....18] [ip4][..tcp] [......127.0.0.1][49578] -> [......127.0.0.1][.8080] - idle: [....19] [ip4][..tcp] [......127.0.0.1][49580] -> [......127.0.0.1][.8080] - idle: [....20] [ip4][..tcp] [......127.0.0.1][49582] -> [......127.0.0.1][.8080] - idle: [....21] [ip4][..tcp] [......127.0.0.1][49584] -> [......127.0.0.1][.8080] - idle: [....22] [ip4][..tcp] [......127.0.0.1][49586] -> [......127.0.0.1][.8080] - idle: [....23] [ip4][..tcp] [......127.0.0.1][49588] -> [......127.0.0.1][.8080] - idle: [....24] [ip4][..tcp] [......127.0.0.1][49590] -> [......127.0.0.1][.8080] - idle: [....25] [ip4][..tcp] [......127.0.0.1][49592] -> [......127.0.0.1][.8080] - idle: [....26] [ip4][..tcp] [......127.0.0.1][49594] -> [......127.0.0.1][.8080] - idle: [....27] [ip4][..tcp] [......127.0.0.1][49596] -> [......127.0.0.1][.8080] - idle: [....28] [ip4][..tcp] [......127.0.0.1][49598] -> [......127.0.0.1][.8080] - idle: [....29] [ip4][..tcp] [......127.0.0.1][49600] -> [......127.0.0.1][.8080] - idle: [....30] [ip4][..tcp] [......127.0.0.1][49602] -> [......127.0.0.1][.8080] - idle: [....31] [ip4][..tcp] [......127.0.0.1][49604] -> [......127.0.0.1][.8080] - idle: [....32] [ip4][..tcp] [......127.0.0.1][49606] -> [......127.0.0.1][.8080] - idle: [....33] [ip4][..tcp] [......127.0.0.1][49608] -> [......127.0.0.1][.8080] - idle: [....34] [ip4][..tcp] [......127.0.0.1][49610] -> [......127.0.0.1][.8080] - idle: [....35] [ip4][..tcp] [......127.0.0.1][49612] -> [......127.0.0.1][.8080] - idle: [....36] [ip4][..tcp] [......127.0.0.1][49614] -> [......127.0.0.1][.8080] - idle: [....37] [ip4][..tcp] [......127.0.0.1][49616] -> [......127.0.0.1][.8080] - idle: [....38] [ip4][..tcp] [......127.0.0.1][49618] -> [......127.0.0.1][.8080] - idle: [....39] [ip4][..tcp] [......127.0.0.1][49620] -> [......127.0.0.1][.8080] - idle: [....40] [ip4][..tcp] [......127.0.0.1][49622] -> [......127.0.0.1][.8080] - idle: [....41] [ip4][..tcp] [......127.0.0.1][49624] -> [......127.0.0.1][.8080] - idle: [....42] [ip4][..tcp] [......127.0.0.1][49626] -> [......127.0.0.1][.8080] - idle: [....43] [ip4][..tcp] [......127.0.0.1][49628] -> [......127.0.0.1][.8080] - idle: [....44] [ip4][..tcp] [......127.0.0.1][49630] -> [......127.0.0.1][.8080] - idle: [....45] [ip4][..tcp] [......127.0.0.1][49632] -> [......127.0.0.1][.8080] - idle: [....46] [ip4][..tcp] [......127.0.0.1][49634] -> [......127.0.0.1][.8080] - idle: [....47] [ip4][..tcp] [......127.0.0.1][49636] -> [......127.0.0.1][.8080] - idle: [....48] [ip4][..tcp] [......127.0.0.1][49638] -> [......127.0.0.1][.8080] - idle: [....49] [ip4][..tcp] [......127.0.0.1][49640] -> [......127.0.0.1][.8080] - idle: [....50] [ip4][..tcp] [......127.0.0.1][49642] -> [......127.0.0.1][.8080] - idle: [....51] [ip4][..tcp] [......127.0.0.1][49644] -> [......127.0.0.1][.8080] - idle: [....52] [ip4][..tcp] [......127.0.0.1][49646] -> [......127.0.0.1][.8080] - idle: [....53] [ip4][..tcp] [......127.0.0.1][49648] -> [......127.0.0.1][.8080] - idle: [....54] [ip4][..tcp] [......127.0.0.1][49650] -> [......127.0.0.1][.8080] - idle: [....55] [ip4][..tcp] [......127.0.0.1][49652] -> [......127.0.0.1][.8080] - idle: [....56] [ip4][..tcp] [......127.0.0.1][49654] -> [......127.0.0.1][.8080] - idle: [....57] [ip4][..tcp] [......127.0.0.1][49656] -> [......127.0.0.1][.8080] - idle: [....58] [ip4][..tcp] [......127.0.0.1][49658] -> [......127.0.0.1][.8080] - idle: [....59] [ip4][..tcp] [......127.0.0.1][49660] -> [......127.0.0.1][.8080] - idle: [....60] [ip4][..tcp] [......127.0.0.1][49662] -> [......127.0.0.1][.8080] - idle: [....61] [ip4][..tcp] [......127.0.0.1][49664] -> [......127.0.0.1][.8080] - idle: [....62] [ip4][..tcp] [......127.0.0.1][49666] -> [......127.0.0.1][.8080] - idle: [....63] [ip4][..tcp] [......127.0.0.1][49668] -> [......127.0.0.1][.8080] - idle: [....64] [ip4][..tcp] [......127.0.0.1][49670] -> [......127.0.0.1][.8080] - idle: [....65] [ip4][..tcp] [......127.0.0.1][49672] -> [......127.0.0.1][.8080] - idle: [....66] [ip4][..tcp] [......127.0.0.1][49674] -> [......127.0.0.1][.8080] - idle: [....67] [ip4][..tcp] [......127.0.0.1][49676] -> [......127.0.0.1][.8080] - idle: [....68] [ip4][..tcp] [......127.0.0.1][49678] -> [......127.0.0.1][.8080] - idle: [....69] [ip4][..tcp] [......127.0.0.1][49680] -> [......127.0.0.1][.8080] - idle: [....70] [ip4][..tcp] [......127.0.0.1][49682] -> [......127.0.0.1][.8080] - idle: [....71] [ip4][..tcp] [......127.0.0.1][49684] -> [......127.0.0.1][.8080] - idle: [....72] [ip4][..tcp] [......127.0.0.1][49686] -> [......127.0.0.1][.8080] - idle: [....73] [ip4][..tcp] [......127.0.0.1][49688] -> [......127.0.0.1][.8080] - idle: [....74] [ip4][..tcp] [......127.0.0.1][49690] -> [......127.0.0.1][.8080] - idle: [....75] [ip4][..tcp] [......127.0.0.1][49692] -> [......127.0.0.1][.8080] - idle: [....76] [ip4][..tcp] [......127.0.0.1][49694] -> [......127.0.0.1][.8080] - idle: [....77] [ip4][..tcp] [......127.0.0.1][49696] -> [......127.0.0.1][.8080] - idle: [....78] [ip4][..tcp] [......127.0.0.1][49698] -> [......127.0.0.1][.8080] - idle: [....79] [ip4][..tcp] [......127.0.0.1][49700] -> [......127.0.0.1][.8080] - idle: [....80] [ip4][..tcp] [......127.0.0.1][49702] -> [......127.0.0.1][.8080] - idle: [....81] [ip4][..tcp] [......127.0.0.1][49704] -> [......127.0.0.1][.8080] - idle: [....82] [ip4][..tcp] [......127.0.0.1][49706] -> [......127.0.0.1][.8080] - idle: [....83] [ip4][..tcp] [......127.0.0.1][49708] -> [......127.0.0.1][.8080] - idle: [....84] [ip4][..tcp] [......127.0.0.1][49710] -> [......127.0.0.1][.8080] - idle: [....85] [ip4][..tcp] [......127.0.0.1][49712] -> [......127.0.0.1][.8080] - idle: [....86] [ip4][..tcp] [......127.0.0.1][49714] -> [......127.0.0.1][.8080] - idle: [....87] [ip4][..tcp] [......127.0.0.1][49716] -> [......127.0.0.1][.8080] - idle: [....88] [ip4][..tcp] [......127.0.0.1][49718] -> [......127.0.0.1][.8080] - idle: [....89] [ip4][..tcp] [......127.0.0.1][49720] -> [......127.0.0.1][.8080] - idle: [....90] [ip4][..tcp] [......127.0.0.1][49722] -> [......127.0.0.1][.8080] - idle: [....91] [ip4][..tcp] [......127.0.0.1][49724] -> [......127.0.0.1][.8080] - idle: [....92] [ip4][..tcp] [......127.0.0.1][49726] -> [......127.0.0.1][.8080] - idle: [....93] [ip4][..tcp] [......127.0.0.1][49728] -> [......127.0.0.1][.8080] - idle: [....94] [ip4][..tcp] [......127.0.0.1][49730] -> [......127.0.0.1][.8080] - idle: [....95] [ip4][..tcp] [......127.0.0.1][49732] -> [......127.0.0.1][.8080] - idle: [....96] [ip4][..tcp] [......127.0.0.1][49734] -> [......127.0.0.1][.8080] - idle: [....97] [ip4][..tcp] [......127.0.0.1][49736] -> [......127.0.0.1][.8080] - idle: [....98] [ip4][..tcp] [......127.0.0.1][49738] -> [......127.0.0.1][.8080] - idle: [....99] [ip4][..tcp] [......127.0.0.1][49740] -> [......127.0.0.1][.8080] - idle: [...100] [ip4][..tcp] [......127.0.0.1][49742] -> [......127.0.0.1][.8080] - idle: [...101] [ip4][..tcp] [......127.0.0.1][49744] -> [......127.0.0.1][.8080] - idle: [...102] [ip4][..tcp] [......127.0.0.1][49746] -> [......127.0.0.1][.8080] - idle: [...103] [ip4][..tcp] [......127.0.0.1][49748] -> [......127.0.0.1][.8080] - idle: [...104] [ip4][..tcp] [......127.0.0.1][49750] -> [......127.0.0.1][.8080] - idle: [...105] [ip4][..tcp] [......127.0.0.1][49752] -> [......127.0.0.1][.8080] - idle: [...106] [ip4][..tcp] [......127.0.0.1][49754] -> [......127.0.0.1][.8080] - idle: [...107] [ip4][..tcp] [......127.0.0.1][49756] -> [......127.0.0.1][.8080] - idle: [...108] [ip4][..tcp] [......127.0.0.1][49758] -> [......127.0.0.1][.8080] - idle: [...109] [ip4][..tcp] [......127.0.0.1][49760] -> [......127.0.0.1][.8080] - idle: [...110] [ip4][..tcp] [......127.0.0.1][49764] -> [......127.0.0.1][.8080] - idle: [...111] [ip4][..tcp] [......127.0.0.1][49766] -> [......127.0.0.1][.8080] - idle: [...112] [ip4][..tcp] [......127.0.0.1][49768] -> [......127.0.0.1][.8080] - idle: [...113] [ip4][..tcp] [......127.0.0.1][49770] -> [......127.0.0.1][.8080] - idle: [...114] [ip4][..tcp] [......127.0.0.1][49772] -> [......127.0.0.1][.8080] - idle: [...115] [ip4][..tcp] [......127.0.0.1][49774] -> [......127.0.0.1][.8080] - idle: [...116] [ip4][..tcp] [......127.0.0.1][49776] -> [......127.0.0.1][.8080] - idle: [...117] [ip4][..tcp] [......127.0.0.1][49778] -> [......127.0.0.1][.8080] - idle: [...118] [ip4][..tcp] [......127.0.0.1][49780] -> [......127.0.0.1][.8080] - idle: [...119] [ip4][..tcp] [......127.0.0.1][49782] -> [......127.0.0.1][.8080] - idle: [...120] [ip4][..tcp] [......127.0.0.1][49784] -> [......127.0.0.1][.8080] - idle: [...121] [ip4][..tcp] [......127.0.0.1][49786] -> [......127.0.0.1][.8080] - idle: [...122] [ip4][..tcp] [......127.0.0.1][49788] -> [......127.0.0.1][.8080] - idle: [...123] [ip4][..tcp] [......127.0.0.1][49790] -> [......127.0.0.1][.8080] - idle: [...124] [ip4][..tcp] [......127.0.0.1][49792] -> [......127.0.0.1][.8080] - idle: [...125] [ip4][..tcp] [......127.0.0.1][49794] -> [......127.0.0.1][.8080] - idle: [...126] [ip4][..tcp] [......127.0.0.1][49796] -> [......127.0.0.1][.8080] - idle: [...127] [ip4][..tcp] [......127.0.0.1][49798] -> [......127.0.0.1][.8080] - idle: [...128] [ip4][..tcp] [......127.0.0.1][49800] -> [......127.0.0.1][.8080] - idle: [...129] [ip4][..tcp] [......127.0.0.1][49802] -> [......127.0.0.1][.8080] - idle: [...130] [ip4][..tcp] [......127.0.0.1][49804] -> [......127.0.0.1][.8080] - idle: [...131] [ip4][..tcp] [......127.0.0.1][49806] -> [......127.0.0.1][.8080] - idle: [...132] [ip4][..tcp] [......127.0.0.1][49808] -> [......127.0.0.1][.8080] - idle: [...133] [ip4][..tcp] [......127.0.0.1][49810] -> [......127.0.0.1][.8080] - idle: [...134] [ip4][..tcp] [......127.0.0.1][49812] -> [......127.0.0.1][.8080] - idle: [...135] [ip4][..tcp] [......127.0.0.1][49814] -> [......127.0.0.1][.8080] - idle: [...136] [ip4][..tcp] [......127.0.0.1][49816] -> [......127.0.0.1][.8080] - idle: [...137] [ip4][..tcp] [......127.0.0.1][49818] -> [......127.0.0.1][.8080] - idle: [...138] [ip4][..tcp] [......127.0.0.1][49820] -> [......127.0.0.1][.8080] - idle: [...139] [ip4][..tcp] [......127.0.0.1][49822] -> [......127.0.0.1][.8080] - idle: [...140] [ip4][..tcp] [......127.0.0.1][49824] -> [......127.0.0.1][.8080] - idle: [...141] [ip4][..tcp] [......127.0.0.1][49826] -> [......127.0.0.1][.8080] - idle: [...142] [ip4][..tcp] [......127.0.0.1][49828] -> [......127.0.0.1][.8080] - idle: [...143] [ip4][..tcp] [......127.0.0.1][49830] -> [......127.0.0.1][.8080] - idle: [...144] [ip4][..tcp] [......127.0.0.1][49832] -> [......127.0.0.1][.8080] - idle: [...145] [ip4][..tcp] [......127.0.0.1][49834] -> [......127.0.0.1][.8080] - idle: [...146] [ip4][..tcp] [......127.0.0.1][49836] -> [......127.0.0.1][.8080] - idle: [...147] [ip4][..tcp] [......127.0.0.1][49838] -> [......127.0.0.1][.8080] - idle: [...148] [ip4][..tcp] [......127.0.0.1][49840] -> [......127.0.0.1][.8080] - idle: [...149] [ip4][..tcp] [......127.0.0.1][49842] -> [......127.0.0.1][.8080] - idle: [...150] [ip4][..tcp] [......127.0.0.1][49844] -> [......127.0.0.1][.8080] - idle: [...151] [ip4][..tcp] [......127.0.0.1][49846] -> [......127.0.0.1][.8080] - idle: [...152] [ip4][..tcp] [......127.0.0.1][49848] -> [......127.0.0.1][.8080] - idle: [...153] [ip4][..tcp] [......127.0.0.1][49850] -> [......127.0.0.1][.8080] - idle: [...154] [ip4][..tcp] [......127.0.0.1][49852] -> [......127.0.0.1][.8080] - idle: [...155] [ip4][..tcp] [......127.0.0.1][49854] -> [......127.0.0.1][.8080] - idle: [...156] [ip4][..tcp] [......127.0.0.1][49856] -> [......127.0.0.1][.8080] - idle: [...157] [ip4][..tcp] [......127.0.0.1][49858] -> [......127.0.0.1][.8080] - idle: [...158] [ip4][..tcp] [......127.0.0.1][49860] -> [......127.0.0.1][.8080] - idle: [...159] [ip4][..tcp] [......127.0.0.1][49862] -> [......127.0.0.1][.8080] - idle: [...160] [ip4][..tcp] [......127.0.0.1][49864] -> [......127.0.0.1][.8080] - idle: [...161] [ip4][..tcp] [......127.0.0.1][49866] -> [......127.0.0.1][.8080] - idle: [...162] [ip4][..tcp] [......127.0.0.1][49868] -> [......127.0.0.1][.8080] - idle: [...163] [ip4][..tcp] [......127.0.0.1][49870] -> [......127.0.0.1][.8080] - idle: [...164] [ip4][..tcp] [......127.0.0.1][49872] -> [......127.0.0.1][.8080] - idle: [...165] [ip4][..tcp] [......127.0.0.1][49874] -> [......127.0.0.1][.8080] - idle: [...166] [ip4][..tcp] [......127.0.0.1][49876] -> [......127.0.0.1][.8080] - idle: [...167] [ip4][..tcp] [......127.0.0.1][49878] -> [......127.0.0.1][.8080] - idle: [...168] [ip4][..tcp] [......127.0.0.1][49880] -> [......127.0.0.1][.8080] - idle: [...169] [ip4][..tcp] [......127.0.0.1][49882] -> [......127.0.0.1][.8080] - idle: [...170] [ip4][..tcp] [......127.0.0.1][49884] -> [......127.0.0.1][.8080] - idle: [...171] [ip4][..tcp] [......127.0.0.1][49886] -> [......127.0.0.1][.8080] - idle: [...172] [ip4][..tcp] [......127.0.0.1][49888] -> [......127.0.0.1][.8080] - idle: [...173] [ip4][..tcp] [......127.0.0.1][49890] -> [......127.0.0.1][.8080] - idle: [...174] [ip4][..tcp] [......127.0.0.1][49892] -> [......127.0.0.1][.8080] - idle: [...175] [ip4][..tcp] [......127.0.0.1][49894] -> [......127.0.0.1][.8080] - idle: [...176] [ip4][..tcp] [......127.0.0.1][49896] -> [......127.0.0.1][.8080] - idle: [...177] [ip4][..tcp] [......127.0.0.1][49898] -> [......127.0.0.1][.8080] - idle: [...178] [ip4][..tcp] [......127.0.0.1][49900] -> [......127.0.0.1][.8080] - idle: [...179] [ip4][..tcp] [......127.0.0.1][49902] -> [......127.0.0.1][.8080] - idle: [...180] [ip4][..tcp] [......127.0.0.1][49904] -> [......127.0.0.1][.8080] - idle: [...181] [ip4][..tcp] [......127.0.0.1][49906] -> [......127.0.0.1][.8080] - idle: [...182] [ip4][..tcp] [......127.0.0.1][49908] -> [......127.0.0.1][.8080] - idle: [...183] [ip4][..tcp] [......127.0.0.1][49910] -> [......127.0.0.1][.8080] - idle: [...184] [ip4][..tcp] [......127.0.0.1][49912] -> [......127.0.0.1][.8080] - idle: [...185] [ip4][..tcp] [......127.0.0.1][49914] -> [......127.0.0.1][.8080] - idle: [...186] [ip4][..tcp] [......127.0.0.1][49916] -> [......127.0.0.1][.8080] - idle: [...187] [ip4][..tcp] [......127.0.0.1][49918] -> [......127.0.0.1][.8080] - idle: [...188] [ip4][..tcp] [......127.0.0.1][49920] -> [......127.0.0.1][.8080] - idle: [...189] [ip4][..tcp] [......127.0.0.1][49922] -> [......127.0.0.1][.8080] - idle: [...190] [ip4][..tcp] [......127.0.0.1][49924] -> [......127.0.0.1][.8080] - idle: [...191] [ip4][..tcp] [......127.0.0.1][49926] -> [......127.0.0.1][.8080] - idle: [...192] [ip4][..tcp] [......127.0.0.1][49928] -> [......127.0.0.1][.8080] - idle: [...193] [ip4][..tcp] [......127.0.0.1][49930] -> [......127.0.0.1][.8080] - idle: [...194] [ip4][..tcp] [......127.0.0.1][49932] -> [......127.0.0.1][.8080] - idle: [...195] [ip4][..tcp] [......127.0.0.1][49934] -> [......127.0.0.1][.8080] - idle: [...196] [ip4][..tcp] [......127.0.0.1][49936] -> [......127.0.0.1][.8080] - idle: [...197] [ip4][..tcp] [......127.0.0.1][49938] -> [......127.0.0.1][.8080] - idle: [...198] [ip4][..tcp] [......127.0.0.1][49940] -> [......127.0.0.1][.8080] - idle: [...199] [ip4][..tcp] [......127.0.0.1][49942] -> [......127.0.0.1][.8080] - idle: [...200] [ip4][..tcp] [......127.0.0.1][49944] -> [......127.0.0.1][.8080] - idle: [...201] [ip4][..tcp] [......127.0.0.1][49946] -> [......127.0.0.1][.8080] - idle: [...202] [ip4][..tcp] [......127.0.0.1][49948] -> [......127.0.0.1][.8080] - idle: [...203] [ip4][..tcp] [......127.0.0.1][49950] -> [......127.0.0.1][.8080] - idle: [...204] [ip4][..tcp] [......127.0.0.1][49952] -> [......127.0.0.1][.8080] - idle: [...205] [ip4][..tcp] [......127.0.0.1][49954] -> [......127.0.0.1][.8080] - idle: [...206] [ip4][..tcp] [......127.0.0.1][49956] -> [......127.0.0.1][.8080] - idle: [...207] [ip4][..tcp] [......127.0.0.1][49958] -> [......127.0.0.1][.8080] - idle: [...208] [ip4][..tcp] [......127.0.0.1][49960] -> [......127.0.0.1][.8080] - idle: [...209] [ip4][..tcp] [......127.0.0.1][49962] -> [......127.0.0.1][.8080] - idle: [...210] [ip4][..tcp] [......127.0.0.1][49964] -> [......127.0.0.1][.8080] - idle: [...211] [ip4][..tcp] [......127.0.0.1][49966] -> [......127.0.0.1][.8080] - idle: [...212] [ip4][..tcp] [......127.0.0.1][49968] -> [......127.0.0.1][.8080] - idle: [...213] [ip4][..tcp] [......127.0.0.1][49970] -> [......127.0.0.1][.8080] - idle: [...214] [ip4][..tcp] [......127.0.0.1][49972] -> [......127.0.0.1][.8080] - idle: [...215] [ip4][..tcp] [......127.0.0.1][49974] -> [......127.0.0.1][.8080] - idle: [...216] [ip4][..tcp] [......127.0.0.1][49976] -> [......127.0.0.1][.8080] - idle: [...217] [ip4][..tcp] [......127.0.0.1][49978] -> [......127.0.0.1][.8080] - idle: [...218] [ip4][..tcp] [......127.0.0.1][49980] -> [......127.0.0.1][.8080] - idle: [...219] [ip4][..tcp] [......127.0.0.1][49982] -> [......127.0.0.1][.8080] - idle: [...220] [ip4][..tcp] [......127.0.0.1][49984] -> [......127.0.0.1][.8080] - idle: [...221] [ip4][..tcp] [......127.0.0.1][49986] -> [......127.0.0.1][.8080] - idle: [...222] [ip4][..tcp] [......127.0.0.1][49988] -> [......127.0.0.1][.8080] - idle: [...223] [ip4][..tcp] [......127.0.0.1][49990] -> [......127.0.0.1][.8080] - idle: [...224] [ip4][..tcp] [......127.0.0.1][49992] -> [......127.0.0.1][.8080] - idle: [...225] [ip4][..tcp] [......127.0.0.1][49994] -> [......127.0.0.1][.8080] - idle: [...226] [ip4][..tcp] [......127.0.0.1][49996] -> [......127.0.0.1][.8080] - idle: [...227] [ip4][..tcp] [......127.0.0.1][49998] -> [......127.0.0.1][.8080] - idle: [...228] [ip4][..tcp] [......127.0.0.1][50000] -> [......127.0.0.1][.8080] - idle: [...229] [ip4][..tcp] [......127.0.0.1][50002] -> [......127.0.0.1][.8080] - idle: [...230] [ip4][..tcp] [......127.0.0.1][50004] -> [......127.0.0.1][.8080] - idle: [...231] [ip4][..tcp] [......127.0.0.1][50006] -> [......127.0.0.1][.8080] - idle: [...232] [ip4][..tcp] [......127.0.0.1][50008] -> [......127.0.0.1][.8080] - idle: [...233] [ip4][..tcp] [......127.0.0.1][50010] -> [......127.0.0.1][.8080] - idle: [...234] [ip4][..tcp] [......127.0.0.1][50012] -> [......127.0.0.1][.8080] - idle: [...235] [ip4][..tcp] [......127.0.0.1][50014] -> [......127.0.0.1][.8080] - idle: [...236] [ip4][..tcp] [......127.0.0.1][50016] -> [......127.0.0.1][.8080] - idle: [...237] [ip4][..tcp] [......127.0.0.1][50018] -> [......127.0.0.1][.8080] - idle: [...238] [ip4][..tcp] [......127.0.0.1][50020] -> [......127.0.0.1][.8080] - idle: [...239] [ip4][..tcp] [......127.0.0.1][50022] -> [......127.0.0.1][.8080] - idle: [...240] [ip4][..tcp] [......127.0.0.1][50024] -> [......127.0.0.1][.8080] - idle: [...241] [ip4][..tcp] [......127.0.0.1][50026] -> [......127.0.0.1][.8080] - idle: [...242] [ip4][..tcp] [......127.0.0.1][50028] -> [......127.0.0.1][.8080] - idle: [...243] [ip4][..tcp] [......127.0.0.1][50030] -> [......127.0.0.1][.8080] - idle: [...244] [ip4][..tcp] [......127.0.0.1][50032] -> [......127.0.0.1][.8080] - idle: [...245] [ip4][..tcp] [......127.0.0.1][50034] -> [......127.0.0.1][.8080] - idle: [...246] [ip4][..tcp] [......127.0.0.1][50036] -> [......127.0.0.1][.8080] - idle: [...247] [ip4][..tcp] [......127.0.0.1][50038] -> [......127.0.0.1][.8080] - idle: [...248] [ip4][..tcp] [......127.0.0.1][50040] -> [......127.0.0.1][.8080] - idle: [...249] [ip4][..tcp] [......127.0.0.1][50042] -> [......127.0.0.1][.8080] - idle: [...250] [ip4][..tcp] [......127.0.0.1][50044] -> [......127.0.0.1][.8080] - idle: [...251] [ip4][..tcp] [......127.0.0.1][50046] -> [......127.0.0.1][.8080] - idle: [...252] [ip4][..tcp] [......127.0.0.1][50048] -> [......127.0.0.1][.8080] - idle: [...253] [ip4][..tcp] [......127.0.0.1][50050] -> [......127.0.0.1][.8080] - idle: [...254] [ip4][..tcp] [......127.0.0.1][50052] -> [......127.0.0.1][.8080] - idle: [...255] [ip4][..tcp] [......127.0.0.1][50054] -> [......127.0.0.1][.8080] - idle: [...256] [ip4][..tcp] [......127.0.0.1][50056] -> [......127.0.0.1][.8080] - idle: [...257] [ip4][..tcp] [......127.0.0.1][50058] -> [......127.0.0.1][.8080] - idle: [...258] [ip4][..tcp] [......127.0.0.1][50060] -> [......127.0.0.1][.8080] - idle: [...259] [ip4][..tcp] [......127.0.0.1][50062] -> [......127.0.0.1][.8080] - idle: [...260] [ip4][..tcp] [......127.0.0.1][50064] -> [......127.0.0.1][.8080] - idle: [...261] [ip4][..tcp] [......127.0.0.1][50066] -> [......127.0.0.1][.8080] - idle: [...262] [ip4][..tcp] [......127.0.0.1][50068] -> [......127.0.0.1][.8080] - idle: [...263] [ip4][..tcp] [......127.0.0.1][50070] -> [......127.0.0.1][.8080] - idle: [...264] [ip4][..tcp] [......127.0.0.1][50072] -> [......127.0.0.1][.8080] - idle: [...265] [ip4][..tcp] [......127.0.0.1][50074] -> [......127.0.0.1][.8080] - idle: [...266] [ip4][..tcp] [......127.0.0.1][50076] -> [......127.0.0.1][.8080] - idle: [...267] [ip4][..tcp] [......127.0.0.1][50078] -> [......127.0.0.1][.8080] - idle: [...268] [ip4][..tcp] [......127.0.0.1][50080] -> [......127.0.0.1][.8080] - idle: [...269] [ip4][..tcp] [......127.0.0.1][50082] -> [......127.0.0.1][.8080] - idle: [...270] [ip4][..tcp] [......127.0.0.1][50084] -> [......127.0.0.1][.8080] - idle: [...271] [ip4][..tcp] [......127.0.0.1][50086] -> [......127.0.0.1][.8080] - idle: [...272] [ip4][..tcp] [......127.0.0.1][50088] -> [......127.0.0.1][.8080] - idle: [...273] [ip4][..tcp] [......127.0.0.1][50090] -> [......127.0.0.1][.8080] - idle: [...274] [ip4][..tcp] [......127.0.0.1][50092] -> [......127.0.0.1][.8080] - idle: [...275] [ip4][..tcp] [......127.0.0.1][50094] -> [......127.0.0.1][.8080] - idle: [...276] [ip4][..tcp] [......127.0.0.1][50096] -> [......127.0.0.1][.8080] - idle: [...277] [ip4][..tcp] [......127.0.0.1][50098] -> [......127.0.0.1][.8080] - idle: [...278] [ip4][..tcp] [......127.0.0.1][50100] -> [......127.0.0.1][.8080] - idle: [...279] [ip4][..tcp] [......127.0.0.1][50102] -> [......127.0.0.1][.8080] - idle: [...280] [ip4][..tcp] [......127.0.0.1][50104] -> [......127.0.0.1][.8080] - idle: [...281] [ip4][..tcp] [......127.0.0.1][50106] -> [......127.0.0.1][.8080] - idle: [...282] [ip4][..tcp] [......127.0.0.1][50108] -> [......127.0.0.1][.8080] - idle: [...283] [ip4][..tcp] [......127.0.0.1][50110] -> [......127.0.0.1][.8080] - idle: [...284] [ip4][..tcp] [......127.0.0.1][50112] -> [......127.0.0.1][.8080] - idle: [...285] [ip4][..tcp] [......127.0.0.1][50114] -> [......127.0.0.1][.8080] - idle: [...286] [ip4][..tcp] [......127.0.0.1][50116] -> [......127.0.0.1][.8080] - idle: [...287] [ip4][..tcp] [......127.0.0.1][50118] -> [......127.0.0.1][.8080] - idle: [...288] [ip4][..tcp] [......127.0.0.1][50120] -> [......127.0.0.1][.8080] - idle: [...289] [ip4][..tcp] [......127.0.0.1][50122] -> [......127.0.0.1][.8080] - idle: [...290] [ip4][..tcp] [......127.0.0.1][50124] -> [......127.0.0.1][.8080] - idle: [...291] [ip4][..tcp] [......127.0.0.1][50126] -> [......127.0.0.1][.8080] - idle: [...292] [ip4][..tcp] [......127.0.0.1][50128] -> [......127.0.0.1][.8080] - idle: [...293] [ip4][..tcp] [......127.0.0.1][50130] -> [......127.0.0.1][.8080] - idle: [...294] [ip4][..tcp] [......127.0.0.1][50132] -> [......127.0.0.1][.8080] - idle: [...295] [ip4][..tcp] [......127.0.0.1][50134] -> [......127.0.0.1][.8080] - idle: [...296] [ip4][..tcp] [......127.0.0.1][50136] -> [......127.0.0.1][.8080] - idle: [...297] [ip4][..tcp] [......127.0.0.1][50138] -> [......127.0.0.1][.8080] - idle: [...298] [ip4][..tcp] [......127.0.0.1][50140] -> [......127.0.0.1][.8080] - idle: [...299] [ip4][..tcp] [......127.0.0.1][50142] -> [......127.0.0.1][.8080] - idle: [...300] [ip4][..tcp] [......127.0.0.1][50144] -> [......127.0.0.1][.8080] - idle: [...301] [ip4][..tcp] [......127.0.0.1][50146] -> [......127.0.0.1][.8080] - idle: [...302] [ip4][..tcp] [......127.0.0.1][50148] -> [......127.0.0.1][.8080] - idle: [...303] [ip4][..tcp] [......127.0.0.1][50150] -> [......127.0.0.1][.8080] - idle: [...304] [ip4][..tcp] [......127.0.0.1][50152] -> [......127.0.0.1][.8080] - idle: [...305] [ip4][..tcp] [......127.0.0.1][50154] -> [......127.0.0.1][.8080] - idle: [...306] [ip4][..tcp] [......127.0.0.1][50156] -> [......127.0.0.1][.8080] - idle: [...307] [ip4][..tcp] [......127.0.0.1][50158] -> [......127.0.0.1][.8080] - idle: [...308] [ip4][..tcp] [......127.0.0.1][50160] -> [......127.0.0.1][.8080] - idle: [...309] [ip4][..tcp] [......127.0.0.1][50162] -> [......127.0.0.1][.8080] - idle: [...310] [ip4][..tcp] [......127.0.0.1][50164] -> [......127.0.0.1][.8080] - idle: [...311] [ip4][..tcp] [......127.0.0.1][50166] -> [......127.0.0.1][.8080] - idle: [...312] [ip4][..tcp] [......127.0.0.1][50168] -> [......127.0.0.1][.8080] - idle: [...313] [ip4][..tcp] [......127.0.0.1][50170] -> [......127.0.0.1][.8080] - idle: [...314] [ip4][..tcp] [......127.0.0.1][50172] -> [......127.0.0.1][.8080] - idle: [...315] [ip4][..tcp] [......127.0.0.1][50174] -> [......127.0.0.1][.8080] - idle: [...316] [ip4][..tcp] [......127.0.0.1][50176] -> [......127.0.0.1][.8080] - idle: [...317] [ip4][..tcp] [......127.0.0.1][50178] -> [......127.0.0.1][.8080] - idle: [...318] [ip4][..tcp] [......127.0.0.1][50180] -> [......127.0.0.1][.8080] - idle: [...319] [ip4][..tcp] [......127.0.0.1][50182] -> [......127.0.0.1][.8080] - idle: [...320] [ip4][..tcp] [......127.0.0.1][50184] -> [......127.0.0.1][.8080] - idle: [...321] [ip4][..tcp] [......127.0.0.1][50186] -> [......127.0.0.1][.8080] - idle: [...322] [ip4][..tcp] [......127.0.0.1][50188] -> [......127.0.0.1][.8080] - idle: [...323] [ip4][..tcp] [......127.0.0.1][50190] -> [......127.0.0.1][.8080] - idle: [...324] [ip4][..tcp] [......127.0.0.1][50192] -> [......127.0.0.1][.8080] - idle: [...325] [ip4][..tcp] [......127.0.0.1][50194] -> [......127.0.0.1][.8080] - idle: [...326] [ip4][..tcp] [......127.0.0.1][50196] -> [......127.0.0.1][.8080] - idle: [...327] [ip4][..tcp] [......127.0.0.1][50198] -> [......127.0.0.1][.8080] - idle: [...328] [ip4][..tcp] [......127.0.0.1][50200] -> [......127.0.0.1][.8080] - idle: [...329] [ip4][..tcp] [......127.0.0.1][50202] -> [......127.0.0.1][.8080] - idle: [...330] [ip4][..tcp] [......127.0.0.1][50204] -> [......127.0.0.1][.8080] - idle: [...331] [ip4][..tcp] [......127.0.0.1][50206] -> [......127.0.0.1][.8080] - idle: [...332] [ip4][..tcp] [......127.0.0.1][50208] -> [......127.0.0.1][.8080] - idle: [...333] [ip4][..tcp] [......127.0.0.1][50210] -> [......127.0.0.1][.8080] - idle: [...334] [ip4][..tcp] [......127.0.0.1][50212] -> [......127.0.0.1][.8080] - idle: [...335] [ip4][..tcp] [......127.0.0.1][50214] -> [......127.0.0.1][.8080] - idle: [...336] [ip4][..tcp] [......127.0.0.1][50216] -> [......127.0.0.1][.8080] - idle: [...337] [ip4][..tcp] [......127.0.0.1][50218] -> [......127.0.0.1][.8080] - idle: [...338] [ip4][..tcp] [......127.0.0.1][50220] -> [......127.0.0.1][.8080] - idle: [...339] [ip4][..tcp] [......127.0.0.1][50222] -> [......127.0.0.1][.8080] - idle: [...340] [ip4][..tcp] [......127.0.0.1][50224] -> [......127.0.0.1][.8080] - idle: [...341] [ip4][..tcp] [......127.0.0.1][50226] -> [......127.0.0.1][.8080] - idle: [...342] [ip4][..tcp] [......127.0.0.1][50228] -> [......127.0.0.1][.8080] - idle: [...343] [ip4][..tcp] [......127.0.0.1][50230] -> [......127.0.0.1][.8080] - idle: [...344] [ip4][..tcp] [......127.0.0.1][50232] -> [......127.0.0.1][.8080] - idle: [...345] [ip4][..tcp] [......127.0.0.1][50234] -> [......127.0.0.1][.8080] - idle: [...346] [ip4][..tcp] [......127.0.0.1][50236] -> [......127.0.0.1][.8080] - idle: [...347] [ip4][..tcp] [......127.0.0.1][50238] -> [......127.0.0.1][.8080] - idle: [...348] [ip4][..tcp] [......127.0.0.1][50240] -> [......127.0.0.1][.8080] - idle: [...349] [ip4][..tcp] [......127.0.0.1][50242] -> [......127.0.0.1][.8080] - idle: [...350] [ip4][..tcp] [......127.0.0.1][50244] -> [......127.0.0.1][.8080] - idle: [...351] [ip4][..tcp] [......127.0.0.1][50246] -> [......127.0.0.1][.8080] - idle: [...352] [ip4][..tcp] [......127.0.0.1][50248] -> [......127.0.0.1][.8080] - idle: [...353] [ip4][..tcp] [......127.0.0.1][50250] -> [......127.0.0.1][.8080] - idle: [...354] [ip4][..tcp] [......127.0.0.1][50252] -> [......127.0.0.1][.8080] - idle: [...355] [ip4][..tcp] [......127.0.0.1][50254] -> [......127.0.0.1][.8080] - idle: [...356] [ip4][..tcp] [......127.0.0.1][50256] -> [......127.0.0.1][.8080] - idle: [...357] [ip4][..tcp] [......127.0.0.1][50258] -> [......127.0.0.1][.8080] - idle: [...358] [ip4][..tcp] [......127.0.0.1][50260] -> [......127.0.0.1][.8080] - idle: [...359] [ip4][..tcp] [......127.0.0.1][50262] -> [......127.0.0.1][.8080] - idle: [...360] [ip4][..tcp] [......127.0.0.1][50264] -> [......127.0.0.1][.8080] - idle: [...361] [ip4][..tcp] [......127.0.0.1][50266] -> [......127.0.0.1][.8080] - idle: [...362] [ip4][..tcp] [......127.0.0.1][50268] -> [......127.0.0.1][.8080] - idle: [...363] [ip4][..tcp] [......127.0.0.1][50270] -> [......127.0.0.1][.8080] - idle: [...364] [ip4][..tcp] [......127.0.0.1][50272] -> [......127.0.0.1][.8080] - idle: [...365] [ip4][..tcp] [......127.0.0.1][50274] -> [......127.0.0.1][.8080] - idle: [...366] [ip4][..tcp] [......127.0.0.1][50276] -> [......127.0.0.1][.8080] - idle: [...367] [ip4][..tcp] [......127.0.0.1][50278] -> [......127.0.0.1][.8080] - idle: [...368] [ip4][..tcp] [......127.0.0.1][50280] -> [......127.0.0.1][.8080] - idle: [...369] [ip4][..tcp] [......127.0.0.1][50282] -> [......127.0.0.1][.8080] - idle: [...370] [ip4][..tcp] [......127.0.0.1][50284] -> [......127.0.0.1][.8080] - idle: [...371] [ip4][..tcp] [......127.0.0.1][50286] -> [......127.0.0.1][.8080] - idle: [...372] [ip4][..tcp] [......127.0.0.1][50288] -> [......127.0.0.1][.8080] - idle: [...373] [ip4][..tcp] [......127.0.0.1][50290] -> [......127.0.0.1][.8080] - idle: [...374] [ip4][..tcp] [......127.0.0.1][50292] -> [......127.0.0.1][.8080] - idle: [...375] [ip4][..tcp] [......127.0.0.1][50294] -> [......127.0.0.1][.8080] - idle: [...376] [ip4][..tcp] [......127.0.0.1][50296] -> [......127.0.0.1][.8080] - idle: [...377] [ip4][..tcp] [......127.0.0.1][50298] -> [......127.0.0.1][.8080] - idle: [...378] [ip4][..tcp] [......127.0.0.1][50300] -> [......127.0.0.1][.8080] - idle: [...379] [ip4][..tcp] [......127.0.0.1][50302] -> [......127.0.0.1][.8080] - idle: [...380] [ip4][..tcp] [......127.0.0.1][50304] -> [......127.0.0.1][.8080] - idle: [...381] [ip4][..tcp] [......127.0.0.1][50306] -> [......127.0.0.1][.8080] - idle: [...382] [ip4][..tcp] [......127.0.0.1][50308] -> [......127.0.0.1][.8080] - idle: [...383] [ip4][..tcp] [......127.0.0.1][50310] -> [......127.0.0.1][.8080] - idle: [...384] [ip4][..tcp] [......127.0.0.1][50312] -> [......127.0.0.1][.8080] - idle: [...385] [ip4][..tcp] [......127.0.0.1][50314] -> [......127.0.0.1][.8080] - idle: [...386] [ip4][..tcp] [......127.0.0.1][50316] -> [......127.0.0.1][.8080] - idle: [...387] [ip4][..tcp] [......127.0.0.1][50318] -> [......127.0.0.1][.8080] - idle: [...388] [ip4][..tcp] [......127.0.0.1][50320] -> [......127.0.0.1][.8080] - idle: [...389] [ip4][..tcp] [......127.0.0.1][50322] -> [......127.0.0.1][.8080] - idle: [...390] [ip4][..tcp] [......127.0.0.1][50324] -> [......127.0.0.1][.8080] - idle: [...391] [ip4][..tcp] [......127.0.0.1][50326] -> [......127.0.0.1][.8080] - idle: [...392] [ip4][..tcp] [......127.0.0.1][50328] -> [......127.0.0.1][.8080] - idle: [...393] [ip4][..tcp] [......127.0.0.1][50330] -> [......127.0.0.1][.8080] - idle: [...394] [ip4][..tcp] [......127.0.0.1][50332] -> [......127.0.0.1][.8080] - idle: [...395] [ip4][..tcp] [......127.0.0.1][50334] -> [......127.0.0.1][.8080] - idle: [...396] [ip4][..tcp] [......127.0.0.1][50336] -> [......127.0.0.1][.8080] - idle: [...397] [ip4][..tcp] [......127.0.0.1][50338] -> [......127.0.0.1][.8080] - idle: [...398] [ip4][..tcp] [......127.0.0.1][50340] -> [......127.0.0.1][.8080] - idle: [...399] [ip4][..tcp] [......127.0.0.1][50342] -> [......127.0.0.1][.8080] - idle: [...400] [ip4][..tcp] [......127.0.0.1][50344] -> [......127.0.0.1][.8080] - idle: [...401] [ip4][..tcp] [......127.0.0.1][50346] -> [......127.0.0.1][.8080] - idle: [...402] [ip4][..tcp] [......127.0.0.1][50348] -> [......127.0.0.1][.8080] - idle: [...403] [ip4][..tcp] [......127.0.0.1][50350] -> [......127.0.0.1][.8080] - idle: [...404] [ip4][..tcp] [......127.0.0.1][50352] -> [......127.0.0.1][.8080] - idle: [...405] [ip4][..tcp] [......127.0.0.1][50354] -> [......127.0.0.1][.8080] - idle: [...406] [ip4][..tcp] [......127.0.0.1][50356] -> [......127.0.0.1][.8080] - idle: [...407] [ip4][..tcp] [......127.0.0.1][50358] -> [......127.0.0.1][.8080] - idle: [...408] [ip4][..tcp] [......127.0.0.1][50360] -> [......127.0.0.1][.8080] - idle: [...409] [ip4][..tcp] [......127.0.0.1][50362] -> [......127.0.0.1][.8080] - idle: [...410] [ip4][..tcp] [......127.0.0.1][50364] -> [......127.0.0.1][.8080] - idle: [...411] [ip4][..tcp] [......127.0.0.1][50366] -> [......127.0.0.1][.8080] - idle: [...412] [ip4][..tcp] [......127.0.0.1][50368] -> [......127.0.0.1][.8080] - idle: [...413] [ip4][..tcp] [......127.0.0.1][50370] -> [......127.0.0.1][.8080] - idle: [...414] [ip4][..tcp] [......127.0.0.1][50372] -> [......127.0.0.1][.8080] - idle: [...415] [ip4][..tcp] [......127.0.0.1][50374] -> [......127.0.0.1][.8080] - idle: [...416] [ip4][..tcp] [......127.0.0.1][50376] -> [......127.0.0.1][.8080] - idle: [...417] [ip4][..tcp] [......127.0.0.1][50378] -> [......127.0.0.1][.8080] - idle: [...418] [ip4][..tcp] [......127.0.0.1][50380] -> [......127.0.0.1][.8080] - idle: [...419] [ip4][..tcp] [......127.0.0.1][50382] -> [......127.0.0.1][.8080] - idle: [...420] [ip4][..tcp] [......127.0.0.1][50384] -> [......127.0.0.1][.8080] - idle: [...421] [ip4][..tcp] [......127.0.0.1][50386] -> [......127.0.0.1][.8080] - idle: [...422] [ip4][..tcp] [......127.0.0.1][50388] -> [......127.0.0.1][.8080] - idle: [...423] [ip4][..tcp] [......127.0.0.1][50390] -> [......127.0.0.1][.8080] - idle: [...424] [ip4][..tcp] [......127.0.0.1][50392] -> [......127.0.0.1][.8080] - idle: [...425] [ip4][..tcp] [......127.0.0.1][50394] -> [......127.0.0.1][.8080] - idle: [...426] [ip4][..tcp] [......127.0.0.1][50396] -> [......127.0.0.1][.8080] - idle: [...427] [ip4][..tcp] [......127.0.0.1][50398] -> [......127.0.0.1][.8080] - idle: [...428] [ip4][..tcp] [......127.0.0.1][50400] -> [......127.0.0.1][.8080] - idle: [...429] [ip4][..tcp] [......127.0.0.1][50402] -> [......127.0.0.1][.8080] - idle: [...430] [ip4][..tcp] [......127.0.0.1][50404] -> [......127.0.0.1][.8080] - idle: [...431] [ip4][..tcp] [......127.0.0.1][50406] -> [......127.0.0.1][.8080] - idle: [...432] [ip4][..tcp] [......127.0.0.1][50408] -> [......127.0.0.1][.8080] - idle: [...433] [ip4][..tcp] [......127.0.0.1][50410] -> [......127.0.0.1][.8080] - idle: [...434] [ip4][..tcp] [......127.0.0.1][50412] -> [......127.0.0.1][.8080] - idle: [...435] [ip4][..tcp] [......127.0.0.1][50414] -> [......127.0.0.1][.8080] - idle: [...436] [ip4][..tcp] [......127.0.0.1][50416] -> [......127.0.0.1][.8080] - idle: [...437] [ip4][..tcp] [......127.0.0.1][50418] -> [......127.0.0.1][.8080] - idle: [...438] [ip4][..tcp] [......127.0.0.1][50438] -> [......127.0.0.1][.8080] - idle: [...439] [ip4][..tcp] [......127.0.0.1][50440] -> [......127.0.0.1][.8080] - idle: [...440] [ip4][..tcp] [......127.0.0.1][50442] -> [......127.0.0.1][.8080] - idle: [...441] [ip4][..tcp] [......127.0.0.1][50444] -> [......127.0.0.1][.8080] - idle: [...442] [ip4][..tcp] [......127.0.0.1][50446] -> [......127.0.0.1][.8080] - idle: [...443] [ip4][..tcp] [......127.0.0.1][50448] -> [......127.0.0.1][.8080] - idle: [...444] [ip4][..tcp] [......127.0.0.1][50450] -> [......127.0.0.1][.8080] - idle: [...445] [ip4][..tcp] [......127.0.0.1][50452] -> [......127.0.0.1][.8080] - idle: [...446] [ip4][..tcp] [......127.0.0.1][50454] -> [......127.0.0.1][.8080] - idle: [...447] [ip4][..tcp] [......127.0.0.1][50456] -> [......127.0.0.1][.8080] - idle: [...448] [ip4][..tcp] [......127.0.0.1][50458] -> [......127.0.0.1][.8080] - idle: [...449] [ip4][..tcp] [......127.0.0.1][50460] -> [......127.0.0.1][.8080] - idle: [...450] [ip4][..tcp] [......127.0.0.1][50462] -> [......127.0.0.1][.8080] - idle: [...451] [ip4][..tcp] [......127.0.0.1][50464] -> [......127.0.0.1][.8080] - idle: [...452] [ip4][..tcp] [......127.0.0.1][50466] -> [......127.0.0.1][.8080] - idle: [...453] [ip4][..tcp] [......127.0.0.1][50468] -> [......127.0.0.1][.8080] - idle: [...454] [ip4][..tcp] [......127.0.0.1][50470] -> [......127.0.0.1][.8080] - idle: [...455] [ip4][..tcp] [......127.0.0.1][50472] -> [......127.0.0.1][.8080] - idle: [...456] [ip4][..tcp] [......127.0.0.1][50474] -> [......127.0.0.1][.8080] - idle: [...457] [ip4][..tcp] [......127.0.0.1][50476] -> [......127.0.0.1][.8080] - idle: [...458] [ip4][..tcp] [......127.0.0.1][50478] -> [......127.0.0.1][.8080] - idle: [...459] [ip4][..tcp] [......127.0.0.1][50480] -> [......127.0.0.1][.8080] - idle: [...460] [ip4][..tcp] [......127.0.0.1][50482] -> [......127.0.0.1][.8080] - idle: [...461] [ip4][..tcp] [......127.0.0.1][50484] -> [......127.0.0.1][.8080] - idle: [...462] [ip4][..tcp] [......127.0.0.1][50486] -> [......127.0.0.1][.8080] - idle: [...463] [ip4][..tcp] [......127.0.0.1][50488] -> [......127.0.0.1][.8080] - idle: [...464] [ip4][..tcp] [......127.0.0.1][50490] -> [......127.0.0.1][.8080] - idle: [...465] [ip4][..tcp] [......127.0.0.1][50492] -> [......127.0.0.1][.8080] - idle: [...466] [ip4][..tcp] [......127.0.0.1][50494] -> [......127.0.0.1][.8080] - idle: [...467] [ip4][..tcp] [......127.0.0.1][50496] -> [......127.0.0.1][.8080] - idle: [...468] [ip4][..tcp] [......127.0.0.1][50498] -> [......127.0.0.1][.8080] - idle: [...469] [ip4][..tcp] [......127.0.0.1][50500] -> [......127.0.0.1][.8080] - idle: [...470] [ip4][..tcp] [......127.0.0.1][50502] -> [......127.0.0.1][.8080] - idle: [...471] [ip4][..tcp] [......127.0.0.1][50504] -> [......127.0.0.1][.8080] - idle: [...472] [ip4][..tcp] [......127.0.0.1][50506] -> [......127.0.0.1][.8080] - idle: [...473] [ip4][..tcp] [......127.0.0.1][50508] -> [......127.0.0.1][.8080] - idle: [...474] [ip4][..tcp] [......127.0.0.1][50510] -> [......127.0.0.1][.8080] - idle: [...475] [ip4][..tcp] [......127.0.0.1][50512] -> [......127.0.0.1][.8080] - idle: [...476] [ip4][..tcp] [......127.0.0.1][50514] -> [......127.0.0.1][.8080] - idle: [...477] [ip4][..tcp] [......127.0.0.1][50516] -> [......127.0.0.1][.8080] - idle: [...478] [ip4][..tcp] [......127.0.0.1][50518] -> [......127.0.0.1][.8080] - idle: [...479] [ip4][..tcp] [......127.0.0.1][50520] -> [......127.0.0.1][.8080] - idle: [...480] [ip4][..tcp] [......127.0.0.1][50522] -> [......127.0.0.1][.8080] - idle: [...481] [ip4][..tcp] [......127.0.0.1][50524] -> [......127.0.0.1][.8080] - idle: [...482] [ip4][..tcp] [......127.0.0.1][50526] -> [......127.0.0.1][.8080] - idle: [...483] [ip4][..tcp] [......127.0.0.1][50528] -> [......127.0.0.1][.8080] - idle: [...484] [ip4][..tcp] [......127.0.0.1][50530] -> [......127.0.0.1][.8080] - idle: [...485] [ip4][..tcp] [......127.0.0.1][50532] -> [......127.0.0.1][.8080] - idle: [...486] [ip4][..tcp] [......127.0.0.1][50534] -> [......127.0.0.1][.8080] - idle: [...487] [ip4][..tcp] [......127.0.0.1][50536] -> [......127.0.0.1][.8080] - idle: [...488] [ip4][..tcp] [......127.0.0.1][50538] -> [......127.0.0.1][.8080] - idle: [...489] [ip4][..tcp] [......127.0.0.1][50540] -> [......127.0.0.1][.8080] - idle: [...490] [ip4][..tcp] [......127.0.0.1][50542] -> [......127.0.0.1][.8080] - idle: [...491] [ip4][..tcp] [......127.0.0.1][50544] -> [......127.0.0.1][.8080] - idle: [...492] [ip4][..tcp] [......127.0.0.1][50546] -> [......127.0.0.1][.8080] - idle: [...493] [ip4][..tcp] [......127.0.0.1][50548] -> [......127.0.0.1][.8080] - idle: [...494] [ip4][..tcp] [......127.0.0.1][50550] -> [......127.0.0.1][.8080] - idle: [...495] [ip4][..tcp] [......127.0.0.1][50552] -> [......127.0.0.1][.8080] - idle: [...496] [ip4][..tcp] [......127.0.0.1][50554] -> [......127.0.0.1][.8080] - idle: [...497] [ip4][..tcp] [......127.0.0.1][50556] -> [......127.0.0.1][.8080] - idle: [...498] [ip4][..tcp] [......127.0.0.1][50558] -> [......127.0.0.1][.8080] - idle: [...499] [ip4][..tcp] [......127.0.0.1][50560] -> [......127.0.0.1][.8080] - idle: [...500] [ip4][..tcp] [......127.0.0.1][50562] -> [......127.0.0.1][.8080] - idle: [...501] [ip4][..tcp] [......127.0.0.1][50564] -> [......127.0.0.1][.8080] - idle: [...502] [ip4][..tcp] [......127.0.0.1][50566] -> [......127.0.0.1][.8080] - idle: [...503] [ip4][..tcp] [......127.0.0.1][50568] -> [......127.0.0.1][.8080] - idle: [...504] [ip4][..tcp] [......127.0.0.1][50570] -> [......127.0.0.1][.8080] - idle: [...505] [ip4][..tcp] [......127.0.0.1][50572] -> [......127.0.0.1][.8080] - idle: [...506] [ip4][..tcp] [......127.0.0.1][50574] -> [......127.0.0.1][.8080] - idle: [...507] [ip4][..tcp] [......127.0.0.1][50576] -> [......127.0.0.1][.8080] - idle: [...508] [ip4][..tcp] [......127.0.0.1][50578] -> [......127.0.0.1][.8080] - idle: [...509] [ip4][..tcp] [......127.0.0.1][50580] -> [......127.0.0.1][.8080] - idle: [...510] [ip4][..tcp] [......127.0.0.1][50582] -> [......127.0.0.1][.8080] - idle: [...511] [ip4][..tcp] [......127.0.0.1][50584] -> [......127.0.0.1][.8080] - idle: [...512] [ip4][..tcp] [......127.0.0.1][50586] -> [......127.0.0.1][.8080] - idle: [...513] [ip4][..tcp] [......127.0.0.1][50588] -> [......127.0.0.1][.8080] - idle: [...514] [ip4][..tcp] [......127.0.0.1][50590] -> [......127.0.0.1][.8080] - idle: [...515] [ip4][..tcp] [......127.0.0.1][50592] -> [......127.0.0.1][.8080] - idle: [...516] [ip4][..tcp] [......127.0.0.1][50594] -> [......127.0.0.1][.8080] - idle: [...517] [ip4][..tcp] [......127.0.0.1][50596] -> [......127.0.0.1][.8080] - idle: [...518] [ip4][..tcp] [......127.0.0.1][50598] -> [......127.0.0.1][.8080] - idle: [...519] [ip4][..tcp] [......127.0.0.1][50600] -> [......127.0.0.1][.8080] - idle: [...520] [ip4][..tcp] [......127.0.0.1][50602] -> [......127.0.0.1][.8080] - idle: [...521] [ip4][..tcp] [......127.0.0.1][50604] -> [......127.0.0.1][.8080] - idle: [...522] [ip4][..tcp] [......127.0.0.1][50606] -> [......127.0.0.1][.8080] - idle: [...523] [ip4][..tcp] [......127.0.0.1][50608] -> [......127.0.0.1][.8080] - idle: [...524] [ip4][..tcp] [......127.0.0.1][50610] -> [......127.0.0.1][.8080] - idle: [...525] [ip4][..tcp] [......127.0.0.1][50612] -> [......127.0.0.1][.8080] - idle: [...526] [ip4][..tcp] [......127.0.0.1][50614] -> [......127.0.0.1][.8080] - idle: [...527] [ip4][..tcp] [......127.0.0.1][50616] -> [......127.0.0.1][.8080] - idle: [...528] [ip4][..tcp] [......127.0.0.1][50618] -> [......127.0.0.1][.8080] - idle: [...529] [ip4][..tcp] [......127.0.0.1][50620] -> [......127.0.0.1][.8080] - idle: [...530] [ip4][..tcp] [......127.0.0.1][50622] -> [......127.0.0.1][.8080] - idle: [...531] [ip4][..tcp] [......127.0.0.1][50624] -> [......127.0.0.1][.8080] - idle: [...532] [ip4][..tcp] [......127.0.0.1][50626] -> [......127.0.0.1][.8080] - idle: [...533] [ip4][..tcp] [......127.0.0.1][50628] -> [......127.0.0.1][.8080] - idle: [...534] [ip4][..tcp] [......127.0.0.1][50630] -> [......127.0.0.1][.8080] - idle: [...535] [ip4][..tcp] [......127.0.0.1][50632] -> [......127.0.0.1][.8080] - idle: [...536] [ip4][..tcp] [......127.0.0.1][50634] -> [......127.0.0.1][.8080] - idle: [...537] [ip4][..tcp] [......127.0.0.1][50636] -> [......127.0.0.1][.8080] - idle: [...538] [ip4][..tcp] [......127.0.0.1][50638] -> [......127.0.0.1][.8080] - idle: [...539] [ip4][..tcp] [......127.0.0.1][50640] -> [......127.0.0.1][.8080] - idle: [...540] [ip4][..tcp] [......127.0.0.1][50642] -> [......127.0.0.1][.8080] - idle: [...541] [ip4][..tcp] [......127.0.0.1][50644] -> [......127.0.0.1][.8080] - idle: [...542] [ip4][..tcp] [......127.0.0.1][50646] -> [......127.0.0.1][.8080] - idle: [...543] [ip4][..tcp] [......127.0.0.1][50648] -> [......127.0.0.1][.8080] - idle: [...544] [ip4][..tcp] [......127.0.0.1][50650] -> [......127.0.0.1][.8080] - idle: [...545] [ip4][..tcp] [......127.0.0.1][50652] -> [......127.0.0.1][.8080] - idle: [...546] [ip4][..tcp] [......127.0.0.1][50654] -> [......127.0.0.1][.8080] - idle: [...547] [ip4][..tcp] [......127.0.0.1][50656] -> [......127.0.0.1][.8080] - idle: [...548] [ip4][..tcp] [......127.0.0.1][50658] -> [......127.0.0.1][.8080] - idle: [...549] [ip4][..tcp] [......127.0.0.1][50660] -> [......127.0.0.1][.8080] - idle: [...550] [ip4][..tcp] [......127.0.0.1][50662] -> [......127.0.0.1][.8080] - idle: [...551] [ip4][..tcp] [......127.0.0.1][50664] -> [......127.0.0.1][.8080] - idle: [...552] [ip4][..tcp] [......127.0.0.1][50666] -> [......127.0.0.1][.8080] - idle: [...553] [ip4][..tcp] [......127.0.0.1][50668] -> [......127.0.0.1][.8080] - idle: [...554] [ip4][..tcp] [......127.0.0.1][50670] -> [......127.0.0.1][.8080] - idle: [...555] [ip4][..tcp] [......127.0.0.1][50672] -> [......127.0.0.1][.8080] - idle: [...556] [ip4][..tcp] [......127.0.0.1][50674] -> [......127.0.0.1][.8080] - idle: [...557] [ip4][..tcp] [......127.0.0.1][50676] -> [......127.0.0.1][.8080] - idle: [...558] [ip4][..tcp] [......127.0.0.1][50678] -> [......127.0.0.1][.8080] - idle: [...559] [ip4][..tcp] [......127.0.0.1][50680] -> [......127.0.0.1][.8080] - idle: [...560] [ip4][..tcp] [......127.0.0.1][50682] -> [......127.0.0.1][.8080] - idle: [...561] [ip4][..tcp] [......127.0.0.1][50684] -> [......127.0.0.1][.8080] - idle: [...562] [ip4][..tcp] [......127.0.0.1][50686] -> [......127.0.0.1][.8080] - idle: [...563] [ip4][..tcp] [......127.0.0.1][50688] -> [......127.0.0.1][.8080] - idle: [...564] [ip4][..tcp] [......127.0.0.1][50690] -> [......127.0.0.1][.8080] - idle: [...565] [ip4][..tcp] [......127.0.0.1][50692] -> [......127.0.0.1][.8080] - idle: [...566] [ip4][..tcp] [......127.0.0.1][50694] -> [......127.0.0.1][.8080] - idle: [...567] [ip4][..tcp] [......127.0.0.1][50696] -> [......127.0.0.1][.8080] - idle: [...568] [ip4][..tcp] [......127.0.0.1][50698] -> [......127.0.0.1][.8080] - idle: [...569] [ip4][..tcp] [......127.0.0.1][50700] -> [......127.0.0.1][.8080] - idle: [...570] [ip4][..tcp] [......127.0.0.1][50702] -> [......127.0.0.1][.8080] - idle: [...571] [ip4][..tcp] [......127.0.0.1][50704] -> [......127.0.0.1][.8080] - idle: [...572] [ip4][..tcp] [......127.0.0.1][50706] -> [......127.0.0.1][.8080] - idle: [...573] [ip4][..tcp] [......127.0.0.1][50708] -> [......127.0.0.1][.8080] - idle: [...574] [ip4][..tcp] [......127.0.0.1][50710] -> [......127.0.0.1][.8080] - idle: [...575] [ip4][..tcp] [......127.0.0.1][50712] -> [......127.0.0.1][.8080] - idle: [...576] [ip4][..tcp] [......127.0.0.1][50714] -> [......127.0.0.1][.8080] - idle: [...577] [ip4][..tcp] [......127.0.0.1][50716] -> [......127.0.0.1][.8080] - idle: [...578] [ip4][..tcp] [......127.0.0.1][50718] -> [......127.0.0.1][.8080] - idle: [...579] [ip4][..tcp] [......127.0.0.1][50720] -> [......127.0.0.1][.8080] - idle: [...580] [ip4][..tcp] [......127.0.0.1][50722] -> [......127.0.0.1][.8080] - idle: [...581] [ip4][..tcp] [......127.0.0.1][50724] -> [......127.0.0.1][.8080] - idle: [...582] [ip4][..tcp] [......127.0.0.1][50726] -> [......127.0.0.1][.8080] - idle: [...583] [ip4][..tcp] [......127.0.0.1][50728] -> [......127.0.0.1][.8080] - idle: [...584] [ip4][..tcp] [......127.0.0.1][50730] -> [......127.0.0.1][.8080] - idle: [...585] [ip4][..tcp] [......127.0.0.1][50732] -> [......127.0.0.1][.8080] - idle: [...586] [ip4][..tcp] [......127.0.0.1][50734] -> [......127.0.0.1][.8080] - idle: [...587] [ip4][..tcp] [......127.0.0.1][50736] -> [......127.0.0.1][.8080] - idle: [...588] [ip4][..tcp] [......127.0.0.1][50738] -> [......127.0.0.1][.8080] - idle: [...589] [ip4][..tcp] [......127.0.0.1][50740] -> [......127.0.0.1][.8080] - idle: [...590] [ip4][..tcp] [......127.0.0.1][50742] -> [......127.0.0.1][.8080] - idle: [...591] [ip4][..tcp] [......127.0.0.1][50744] -> [......127.0.0.1][.8080] - idle: [...592] [ip4][..tcp] [......127.0.0.1][50746] -> [......127.0.0.1][.8080] - idle: [...593] [ip4][..tcp] [......127.0.0.1][50748] -> [......127.0.0.1][.8080] - idle: [...594] [ip4][..tcp] [......127.0.0.1][50750] -> [......127.0.0.1][.8080] - idle: [...595] [ip4][..tcp] [......127.0.0.1][50752] -> [......127.0.0.1][.8080] - idle: [...596] [ip4][..tcp] [......127.0.0.1][50754] -> [......127.0.0.1][.8080] - idle: [...597] [ip4][..tcp] [......127.0.0.1][50756] -> [......127.0.0.1][.8080] - idle: [...598] [ip4][..tcp] [......127.0.0.1][50758] -> [......127.0.0.1][.8080] - idle: [...599] [ip4][..tcp] [......127.0.0.1][50760] -> [......127.0.0.1][.8080] - idle: [...600] [ip4][..tcp] [......127.0.0.1][50762] -> [......127.0.0.1][.8080] - idle: [...601] [ip4][..tcp] [......127.0.0.1][50764] -> [......127.0.0.1][.8080] - idle: [...602] [ip4][..tcp] [......127.0.0.1][50766] -> [......127.0.0.1][.8080] - idle: [...603] [ip4][..tcp] [......127.0.0.1][50768] -> [......127.0.0.1][.8080] - idle: [...604] [ip4][..tcp] [......127.0.0.1][50770] -> [......127.0.0.1][.8080] - idle: [...605] [ip4][..tcp] [......127.0.0.1][50772] -> [......127.0.0.1][.8080] - idle: [...606] [ip4][..tcp] [......127.0.0.1][50774] -> [......127.0.0.1][.8080] - idle: [...607] [ip4][..tcp] [......127.0.0.1][50776] -> [......127.0.0.1][.8080] - idle: [...608] [ip4][..tcp] [......127.0.0.1][50778] -> [......127.0.0.1][.8080] - idle: [...609] [ip4][..tcp] [......127.0.0.1][50780] -> [......127.0.0.1][.8080] - idle: [...610] [ip4][..tcp] [......127.0.0.1][50782] -> [......127.0.0.1][.8080] - idle: [...611] [ip4][..tcp] [......127.0.0.1][50784] -> [......127.0.0.1][.8080] - idle: [...612] [ip4][..tcp] [......127.0.0.1][50786] -> [......127.0.0.1][.8080] - idle: [...613] [ip4][..tcp] [......127.0.0.1][50788] -> [......127.0.0.1][.8080] - idle: [...614] [ip4][..tcp] [......127.0.0.1][50790] -> [......127.0.0.1][.8080] - idle: [...615] [ip4][..tcp] [......127.0.0.1][50792] -> [......127.0.0.1][.8080] - idle: [...616] [ip4][..tcp] [......127.0.0.1][50794] -> [......127.0.0.1][.8080] - idle: [...617] [ip4][..tcp] [......127.0.0.1][50796] -> [......127.0.0.1][.8080] - idle: [...618] [ip4][..tcp] [......127.0.0.1][50798] -> [......127.0.0.1][.8080] - idle: [...619] [ip4][..tcp] [......127.0.0.1][50800] -> [......127.0.0.1][.8080] - idle: [...620] [ip4][..tcp] [......127.0.0.1][50802] -> [......127.0.0.1][.8080] - idle: [...621] [ip4][..tcp] [......127.0.0.1][50804] -> [......127.0.0.1][.8080] - idle: [...622] [ip4][..tcp] [......127.0.0.1][50806] -> [......127.0.0.1][.8080] - idle: [...623] [ip4][..tcp] [......127.0.0.1][50808] -> [......127.0.0.1][.8080] - idle: [...624] [ip4][..tcp] [......127.0.0.1][50810] -> [......127.0.0.1][.8080] - idle: [...625] [ip4][..tcp] [......127.0.0.1][50812] -> [......127.0.0.1][.8080] - idle: [...626] [ip4][..tcp] [......127.0.0.1][50814] -> [......127.0.0.1][.8080] - idle: [...627] [ip4][..tcp] [......127.0.0.1][50816] -> [......127.0.0.1][.8080] - idle: [...628] [ip4][..tcp] [......127.0.0.1][50818] -> [......127.0.0.1][.8080] - idle: [...629] [ip4][..tcp] [......127.0.0.1][50820] -> [......127.0.0.1][.8080] - idle: [...630] [ip4][..tcp] [......127.0.0.1][50822] -> [......127.0.0.1][.8080] - idle: [...631] [ip4][..tcp] [......127.0.0.1][50824] -> [......127.0.0.1][.8080] - idle: [...632] [ip4][..tcp] [......127.0.0.1][50826] -> [......127.0.0.1][.8080] - idle: [...633] [ip4][..tcp] [......127.0.0.1][50828] -> [......127.0.0.1][.8080] - idle: [...634] [ip4][..tcp] [......127.0.0.1][50830] -> [......127.0.0.1][.8080] - idle: [...635] [ip4][..tcp] [......127.0.0.1][50832] -> [......127.0.0.1][.8080] - idle: [...636] [ip4][..tcp] [......127.0.0.1][50834] -> [......127.0.0.1][.8080] - idle: [...637] [ip4][..tcp] [......127.0.0.1][50836] -> [......127.0.0.1][.8080] - idle: [...638] [ip4][..tcp] [......127.0.0.1][50838] -> [......127.0.0.1][.8080] - idle: [...639] [ip4][..tcp] [......127.0.0.1][50840] -> [......127.0.0.1][.8080] - idle: [...640] [ip4][..tcp] [......127.0.0.1][50842] -> [......127.0.0.1][.8080] - idle: [...641] [ip4][..tcp] [......127.0.0.1][50844] -> [......127.0.0.1][.8080] - idle: [...642] [ip4][..tcp] [......127.0.0.1][50846] -> [......127.0.0.1][.8080] - idle: [...643] [ip4][..tcp] [......127.0.0.1][50848] -> [......127.0.0.1][.8080] - idle: [...644] [ip4][..tcp] [......127.0.0.1][50850] -> [......127.0.0.1][.8080] - idle: [...645] [ip4][..tcp] [......127.0.0.1][50852] -> [......127.0.0.1][.8080] - idle: [...646] [ip4][..tcp] [......127.0.0.1][50854] -> [......127.0.0.1][.8080] - idle: [...647] [ip4][..tcp] [......127.0.0.1][50856] -> [......127.0.0.1][.8080] - idle: [...648] [ip4][..tcp] [......127.0.0.1][50858] -> [......127.0.0.1][.8080] - idle: [...649] [ip4][..tcp] [......127.0.0.1][50860] -> [......127.0.0.1][.8080] - idle: [...650] [ip4][..tcp] [......127.0.0.1][50862] -> [......127.0.0.1][.8080] - idle: [...651] [ip4][..tcp] [......127.0.0.1][50864] -> [......127.0.0.1][.8080] - idle: [...652] [ip4][..tcp] [......127.0.0.1][50866] -> [......127.0.0.1][.8080] - idle: [...653] [ip4][..tcp] [......127.0.0.1][50868] -> [......127.0.0.1][.8080] - idle: [...654] [ip4][..tcp] [......127.0.0.1][50870] -> [......127.0.0.1][.8080] - idle: [...655] [ip4][..tcp] [......127.0.0.1][50872] -> [......127.0.0.1][.8080] - idle: [...656] [ip4][..tcp] [......127.0.0.1][50874] -> [......127.0.0.1][.8080] - idle: [...657] [ip4][..tcp] [......127.0.0.1][50876] -> [......127.0.0.1][.8080] - idle: [...658] [ip4][..tcp] [......127.0.0.1][50878] -> [......127.0.0.1][.8080] - idle: [...659] [ip4][..tcp] [......127.0.0.1][50880] -> [......127.0.0.1][.8080] - idle: [...660] [ip4][..tcp] [......127.0.0.1][50882] -> [......127.0.0.1][.8080] - idle: [...661] [ip4][..tcp] [......127.0.0.1][50884] -> [......127.0.0.1][.8080] - idle: [...662] [ip4][..tcp] [......127.0.0.1][50886] -> [......127.0.0.1][.8080] - idle: [...663] [ip4][..tcp] [......127.0.0.1][50888] -> [......127.0.0.1][.8080] - idle: [...664] [ip4][..tcp] [......127.0.0.1][50890] -> [......127.0.0.1][.8080] - idle: [...665] [ip4][..tcp] [......127.0.0.1][50892] -> [......127.0.0.1][.8080] - idle: [...666] [ip4][..tcp] [......127.0.0.1][50894] -> [......127.0.0.1][.8080] - idle: [...667] [ip4][..tcp] [......127.0.0.1][50896] -> [......127.0.0.1][.8080] - idle: [...668] [ip4][..tcp] [......127.0.0.1][50898] -> [......127.0.0.1][.8080] - idle: [...669] [ip4][..tcp] [......127.0.0.1][50900] -> [......127.0.0.1][.8080] - idle: [...670] [ip4][..tcp] [......127.0.0.1][50902] -> [......127.0.0.1][.8080] - idle: [...671] [ip4][..tcp] [......127.0.0.1][50904] -> [......127.0.0.1][.8080] - idle: [...672] [ip4][..tcp] [......127.0.0.1][50906] -> [......127.0.0.1][.8080] - idle: [...673] [ip4][..tcp] [......127.0.0.1][50908] -> [......127.0.0.1][.8080] - idle: [...674] [ip4][..tcp] [......127.0.0.1][50910] -> [......127.0.0.1][.8080] - idle: [...675] [ip4][..tcp] [......127.0.0.1][50912] -> [......127.0.0.1][.8080] - idle: [...676] [ip4][..tcp] [......127.0.0.1][50914] -> [......127.0.0.1][.8080] - idle: [...677] [ip4][..tcp] [......127.0.0.1][50916] -> [......127.0.0.1][.8080] - idle: [...678] [ip4][..tcp] [......127.0.0.1][50918] -> [......127.0.0.1][.8080] - idle: [...679] [ip4][..tcp] [......127.0.0.1][50920] -> [......127.0.0.1][.8080] - idle: [...680] [ip4][..tcp] [......127.0.0.1][50922] -> [......127.0.0.1][.8080] - idle: [...681] [ip4][..tcp] [......127.0.0.1][50924] -> [......127.0.0.1][.8080] - idle: [...682] [ip4][..tcp] [......127.0.0.1][50926] -> [......127.0.0.1][.8080] - idle: [...683] [ip4][..tcp] [......127.0.0.1][50928] -> [......127.0.0.1][.8080] - idle: [...684] [ip4][..tcp] [......127.0.0.1][50930] -> [......127.0.0.1][.8080] - idle: [...685] [ip4][..tcp] [......127.0.0.1][50932] -> [......127.0.0.1][.8080] - idle: [...686] [ip4][..tcp] [......127.0.0.1][50934] -> [......127.0.0.1][.8080] - idle: [...687] [ip4][..tcp] [......127.0.0.1][50936] -> [......127.0.0.1][.8080] - idle: [...688] [ip4][..tcp] [......127.0.0.1][50938] -> [......127.0.0.1][.8080] - idle: [...689] [ip4][..tcp] [......127.0.0.1][50940] -> [......127.0.0.1][.8080] - idle: [...690] [ip4][..tcp] [......127.0.0.1][50942] -> [......127.0.0.1][.8080] - idle: [...691] [ip4][..tcp] [......127.0.0.1][50944] -> [......127.0.0.1][.8080] - idle: [...692] [ip4][..tcp] [......127.0.0.1][50946] -> [......127.0.0.1][.8080] - idle: [...693] [ip4][..tcp] [......127.0.0.1][50948] -> [......127.0.0.1][.8080] - idle: [...694] [ip4][..tcp] [......127.0.0.1][50950] -> [......127.0.0.1][.8080] - idle: [...695] [ip4][..tcp] [......127.0.0.1][50952] -> [......127.0.0.1][.8080] - idle: [...696] [ip4][..tcp] [......127.0.0.1][50954] -> [......127.0.0.1][.8080] - idle: [...697] [ip4][..tcp] [......127.0.0.1][50956] -> [......127.0.0.1][.8080] - idle: [...698] [ip4][..tcp] [......127.0.0.1][50958] -> [......127.0.0.1][.8080] - idle: [...699] [ip4][..tcp] [......127.0.0.1][50960] -> [......127.0.0.1][.8080] - idle: [...700] [ip4][..tcp] [......127.0.0.1][50962] -> [......127.0.0.1][.8080] - idle: [...701] [ip4][..tcp] [......127.0.0.1][50964] -> [......127.0.0.1][.8080] - idle: [...702] [ip4][..tcp] [......127.0.0.1][50966] -> [......127.0.0.1][.8080] - idle: [...703] [ip4][..tcp] [......127.0.0.1][50968] -> [......127.0.0.1][.8080] - idle: [...704] [ip4][..tcp] [......127.0.0.1][50970] -> [......127.0.0.1][.8080] - idle: [...705] [ip4][..tcp] [......127.0.0.1][50972] -> [......127.0.0.1][.8080] - idle: [...706] [ip4][..tcp] [......127.0.0.1][50974] -> [......127.0.0.1][.8080] - idle: [...707] [ip4][..tcp] [......127.0.0.1][50976] -> [......127.0.0.1][.8080] - idle: [...708] [ip4][..tcp] [......127.0.0.1][50978] -> [......127.0.0.1][.8080] - idle: [...709] [ip4][..tcp] [......127.0.0.1][50980] -> [......127.0.0.1][.8080] - idle: [...710] [ip4][..tcp] [......127.0.0.1][50982] -> [......127.0.0.1][.8080] - idle: [...711] [ip4][..tcp] [......127.0.0.1][50984] -> [......127.0.0.1][.8080] - idle: [...712] [ip4][..tcp] [......127.0.0.1][50986] -> [......127.0.0.1][.8080] - idle: [...713] [ip4][..tcp] [......127.0.0.1][50988] -> [......127.0.0.1][.8080] - idle: [...714] [ip4][..tcp] [......127.0.0.1][50990] -> [......127.0.0.1][.8080] - idle: [...715] [ip4][..tcp] [......127.0.0.1][50992] -> [......127.0.0.1][.8080] - idle: [...716] [ip4][..tcp] [......127.0.0.1][50994] -> [......127.0.0.1][.8080] - idle: [...717] [ip4][..tcp] [......127.0.0.1][50996] -> [......127.0.0.1][.8080] - idle: [...718] [ip4][..tcp] [......127.0.0.1][50998] -> [......127.0.0.1][.8080] - idle: [...719] [ip4][..tcp] [......127.0.0.1][51000] -> [......127.0.0.1][.8080] - idle: [...720] [ip4][..tcp] [......127.0.0.1][51002] -> [......127.0.0.1][.8080] - idle: [...721] [ip4][..tcp] [......127.0.0.1][51004] -> [......127.0.0.1][.8080] - idle: [...722] [ip4][..tcp] [......127.0.0.1][51006] -> [......127.0.0.1][.8080] - idle: [...723] [ip4][..tcp] [......127.0.0.1][51008] -> [......127.0.0.1][.8080] - idle: [...724] [ip4][..tcp] [......127.0.0.1][51010] -> [......127.0.0.1][.8080] - idle: [...725] [ip4][..tcp] [......127.0.0.1][51012] -> [......127.0.0.1][.8080] - idle: [...726] [ip4][..tcp] [......127.0.0.1][51014] -> [......127.0.0.1][.8080] - idle: [...727] [ip4][..tcp] [......127.0.0.1][51016] -> [......127.0.0.1][.8080] - idle: [...728] [ip4][..tcp] [......127.0.0.1][51018] -> [......127.0.0.1][.8080] - idle: [...729] [ip4][..tcp] [......127.0.0.1][51020] -> [......127.0.0.1][.8080] - idle: [...730] [ip4][..tcp] [......127.0.0.1][51022] -> [......127.0.0.1][.8080] - idle: [...731] [ip4][..tcp] [......127.0.0.1][51024] -> [......127.0.0.1][.8080] - idle: [...732] [ip4][..tcp] [......127.0.0.1][51026] -> [......127.0.0.1][.8080] - idle: [...733] [ip4][..tcp] [......127.0.0.1][51028] -> [......127.0.0.1][.8080] - idle: [...734] [ip4][..tcp] [......127.0.0.1][51030] -> [......127.0.0.1][.8080] - idle: [...735] [ip4][..tcp] [......127.0.0.1][51032] -> [......127.0.0.1][.8080] - idle: [...736] [ip4][..tcp] [......127.0.0.1][51034] -> [......127.0.0.1][.8080] - idle: [...737] [ip4][..tcp] [......127.0.0.1][51036] -> [......127.0.0.1][.8080] - idle: [...738] [ip4][..tcp] [......127.0.0.1][51038] -> [......127.0.0.1][.8080] - idle: [...739] [ip4][..tcp] [......127.0.0.1][51040] -> [......127.0.0.1][.8080] - idle: [...740] [ip4][..tcp] [......127.0.0.1][51042] -> [......127.0.0.1][.8080] - idle: [...741] [ip4][..tcp] [......127.0.0.1][51044] -> [......127.0.0.1][.8080] - idle: [...742] [ip4][..tcp] [......127.0.0.1][51046] -> [......127.0.0.1][.8080] - idle: [...743] [ip4][..tcp] [......127.0.0.1][51048] -> [......127.0.0.1][.8080] - idle: [...744] [ip4][..tcp] [......127.0.0.1][51050] -> [......127.0.0.1][.8080] + idle: [...745] [ip4][..tcp] [......127.0.0.1][51052] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...746] [ip4][..tcp] [......127.0.0.1][51054] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...747] [ip4][..tcp] [......127.0.0.1][51056] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...748] [ip4][..tcp] [......127.0.0.1][51058] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...749] [ip4][..tcp] [......127.0.0.1][51060] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...750] [ip4][..tcp] [......127.0.0.1][51062] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...751] [ip4][..tcp] [......127.0.0.1][51064] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...752] [ip4][..tcp] [......127.0.0.1][51066] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...753] [ip4][..tcp] [......127.0.0.1][51068] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...754] [ip4][..tcp] [......127.0.0.1][51070] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...755] [ip4][..tcp] [......127.0.0.1][51072] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...756] [ip4][..tcp] [......127.0.0.1][51074] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...757] [ip4][..tcp] [......127.0.0.1][51076] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...758] [ip4][..tcp] [......127.0.0.1][51078] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...759] [ip4][..tcp] [......127.0.0.1][51080] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...760] [ip4][..tcp] [......127.0.0.1][51082] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...761] [ip4][..tcp] [......127.0.0.1][51084] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...762] [ip4][..tcp] [......127.0.0.1][51086] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...763] [ip4][..tcp] [......127.0.0.1][51088] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...764] [ip4][..tcp] [......127.0.0.1][51090] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...765] [ip4][..tcp] [......127.0.0.1][51092] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...766] [ip4][..tcp] [......127.0.0.1][51094] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...767] [ip4][..tcp] [......127.0.0.1][51096] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...768] [ip4][..tcp] [......127.0.0.1][51098] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...769] [ip4][..tcp] [......127.0.0.1][51100] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...770] [ip4][..tcp] [......127.0.0.1][51148] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...771] [ip4][..tcp] [......127.0.0.1][51150] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...772] [ip4][..tcp] [......127.0.0.1][51152] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...773] [ip4][..tcp] [......127.0.0.1][51154] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...774] [ip4][..tcp] [......127.0.0.1][51156] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...775] [ip4][..tcp] [......127.0.0.1][51158] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...776] [ip4][..tcp] [......127.0.0.1][51160] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...777] [ip4][..tcp] [......127.0.0.1][51162] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...778] [ip4][..tcp] [......127.0.0.1][51164] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...779] [ip4][..tcp] [......127.0.0.1][51166] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...780] [ip4][..tcp] [......127.0.0.1][51168] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...781] [ip4][..tcp] [......127.0.0.1][51170] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...782] [ip4][..tcp] [......127.0.0.1][51172] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...783] [ip4][..tcp] [......127.0.0.1][51174] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...784] [ip4][..tcp] [......127.0.0.1][51176] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...785] [ip4][..tcp] [......127.0.0.1][51178] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...786] [ip4][..tcp] [......127.0.0.1][51182] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...787] [ip4][..tcp] [......127.0.0.1][51184] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...788] [ip4][..tcp] [......127.0.0.1][51186] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: RCE Injection, Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...789] [ip4][..tcp] [......127.0.0.1][51188] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...790] [ip4][..tcp] [......127.0.0.1][51190] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...791] [ip4][..tcp] [......127.0.0.1][51192] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...792] [ip4][..tcp] [......127.0.0.1][51194] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...793] [ip4][..tcp] [......127.0.0.1][51196] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...794] [ip4][..tcp] [......127.0.0.1][51198] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...795] [ip4][..tcp] [......127.0.0.1][51200] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...796] [ip4][..tcp] [......127.0.0.1][51202] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...797] [ip4][..tcp] [......127.0.0.1][51204] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: RCE Injection, Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....1] [ip4][..tcp] [......127.0.0.1][49544] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....2] [ip4][..tcp] [......127.0.0.1][49546] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [......127.0.0.1][49548] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....4] [ip4][..tcp] [......127.0.0.1][49550] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....5] [ip4][..tcp] [......127.0.0.1][49552] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Possible Exploit, Unidirectional Traffic + idle: [.....6] [ip4][..tcp] [......127.0.0.1][49554] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....7] [ip4][..tcp] [......127.0.0.1][49556] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....8] [ip4][..tcp] [......127.0.0.1][49558] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [.....9] [ip4][..tcp] [......127.0.0.1][49560] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....10] [ip4][..tcp] [......127.0.0.1][49562] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....11] [ip4][..tcp] [......127.0.0.1][49564] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....12] [ip4][..tcp] [......127.0.0.1][49566] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....13] [ip4][..tcp] [......127.0.0.1][49568] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....14] [ip4][..tcp] [......127.0.0.1][49570] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....15] [ip4][..tcp] [......127.0.0.1][49572] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....16] [ip4][..tcp] [......127.0.0.1][49574] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....17] [ip4][..tcp] [......127.0.0.1][49576] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....18] [ip4][..tcp] [......127.0.0.1][49578] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....19] [ip4][..tcp] [......127.0.0.1][49580] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....20] [ip4][..tcp] [......127.0.0.1][49582] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....21] [ip4][..tcp] [......127.0.0.1][49584] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....22] [ip4][..tcp] [......127.0.0.1][49586] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....23] [ip4][..tcp] [......127.0.0.1][49588] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....24] [ip4][..tcp] [......127.0.0.1][49590] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....25] [ip4][..tcp] [......127.0.0.1][49592] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....26] [ip4][..tcp] [......127.0.0.1][49594] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....27] [ip4][..tcp] [......127.0.0.1][49596] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....28] [ip4][..tcp] [......127.0.0.1][49598] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....29] [ip4][..tcp] [......127.0.0.1][49600] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....30] [ip4][..tcp] [......127.0.0.1][49602] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....31] [ip4][..tcp] [......127.0.0.1][49604] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....32] [ip4][..tcp] [......127.0.0.1][49606] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....33] [ip4][..tcp] [......127.0.0.1][49608] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....34] [ip4][..tcp] [......127.0.0.1][49610] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....35] [ip4][..tcp] [......127.0.0.1][49612] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....36] [ip4][..tcp] [......127.0.0.1][49614] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....37] [ip4][..tcp] [......127.0.0.1][49616] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....38] [ip4][..tcp] [......127.0.0.1][49618] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....39] [ip4][..tcp] [......127.0.0.1][49620] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....40] [ip4][..tcp] [......127.0.0.1][49622] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....41] [ip4][..tcp] [......127.0.0.1][49624] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....42] [ip4][..tcp] [......127.0.0.1][49626] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....43] [ip4][..tcp] [......127.0.0.1][49628] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....44] [ip4][..tcp] [......127.0.0.1][49630] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....45] [ip4][..tcp] [......127.0.0.1][49632] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....46] [ip4][..tcp] [......127.0.0.1][49634] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....47] [ip4][..tcp] [......127.0.0.1][49636] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....48] [ip4][..tcp] [......127.0.0.1][49638] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....49] [ip4][..tcp] [......127.0.0.1][49640] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....50] [ip4][..tcp] [......127.0.0.1][49642] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....51] [ip4][..tcp] [......127.0.0.1][49644] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....52] [ip4][..tcp] [......127.0.0.1][49646] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....53] [ip4][..tcp] [......127.0.0.1][49648] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Crawler/Bot, Unidirectional Traffic + idle: [....54] [ip4][..tcp] [......127.0.0.1][49650] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....55] [ip4][..tcp] [......127.0.0.1][49652] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....56] [ip4][..tcp] [......127.0.0.1][49654] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....57] [ip4][..tcp] [......127.0.0.1][49656] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....58] [ip4][..tcp] [......127.0.0.1][49658] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....59] [ip4][..tcp] [......127.0.0.1][49660] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....60] [ip4][..tcp] [......127.0.0.1][49662] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....61] [ip4][..tcp] [......127.0.0.1][49664] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....62] [ip4][..tcp] [......127.0.0.1][49666] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....63] [ip4][..tcp] [......127.0.0.1][49668] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....64] [ip4][..tcp] [......127.0.0.1][49670] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....65] [ip4][..tcp] [......127.0.0.1][49672] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....66] [ip4][..tcp] [......127.0.0.1][49674] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....67] [ip4][..tcp] [......127.0.0.1][49676] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....68] [ip4][..tcp] [......127.0.0.1][49678] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....69] [ip4][..tcp] [......127.0.0.1][49680] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....70] [ip4][..tcp] [......127.0.0.1][49682] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....71] [ip4][..tcp] [......127.0.0.1][49684] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....72] [ip4][..tcp] [......127.0.0.1][49686] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....73] [ip4][..tcp] [......127.0.0.1][49688] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....74] [ip4][..tcp] [......127.0.0.1][49690] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....75] [ip4][..tcp] [......127.0.0.1][49692] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....76] [ip4][..tcp] [......127.0.0.1][49694] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....77] [ip4][..tcp] [......127.0.0.1][49696] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....78] [ip4][..tcp] [......127.0.0.1][49698] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....79] [ip4][..tcp] [......127.0.0.1][49700] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....80] [ip4][..tcp] [......127.0.0.1][49702] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....81] [ip4][..tcp] [......127.0.0.1][49704] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....82] [ip4][..tcp] [......127.0.0.1][49706] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....83] [ip4][..tcp] [......127.0.0.1][49708] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....84] [ip4][..tcp] [......127.0.0.1][49710] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....85] [ip4][..tcp] [......127.0.0.1][49712] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....86] [ip4][..tcp] [......127.0.0.1][49714] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....87] [ip4][..tcp] [......127.0.0.1][49716] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....88] [ip4][..tcp] [......127.0.0.1][49718] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....89] [ip4][..tcp] [......127.0.0.1][49720] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....90] [ip4][..tcp] [......127.0.0.1][49722] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....91] [ip4][..tcp] [......127.0.0.1][49724] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....92] [ip4][..tcp] [......127.0.0.1][49726] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....93] [ip4][..tcp] [......127.0.0.1][49728] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....94] [ip4][..tcp] [......127.0.0.1][49730] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....95] [ip4][..tcp] [......127.0.0.1][49732] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....96] [ip4][..tcp] [......127.0.0.1][49734] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....97] [ip4][..tcp] [......127.0.0.1][49736] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....98] [ip4][..tcp] [......127.0.0.1][49738] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [....99] [ip4][..tcp] [......127.0.0.1][49740] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...100] [ip4][..tcp] [......127.0.0.1][49742] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...101] [ip4][..tcp] [......127.0.0.1][49744] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...102] [ip4][..tcp] [......127.0.0.1][49746] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...103] [ip4][..tcp] [......127.0.0.1][49748] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...104] [ip4][..tcp] [......127.0.0.1][49750] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...105] [ip4][..tcp] [......127.0.0.1][49752] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...106] [ip4][..tcp] [......127.0.0.1][49754] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...107] [ip4][..tcp] [......127.0.0.1][49756] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...108] [ip4][..tcp] [......127.0.0.1][49758] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...109] [ip4][..tcp] [......127.0.0.1][49760] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...110] [ip4][..tcp] [......127.0.0.1][49764] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...111] [ip4][..tcp] [......127.0.0.1][49766] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...112] [ip4][..tcp] [......127.0.0.1][49768] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...113] [ip4][..tcp] [......127.0.0.1][49770] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...114] [ip4][..tcp] [......127.0.0.1][49772] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...115] [ip4][..tcp] [......127.0.0.1][49774] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...116] [ip4][..tcp] [......127.0.0.1][49776] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...117] [ip4][..tcp] [......127.0.0.1][49778] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...118] [ip4][..tcp] [......127.0.0.1][49780] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...119] [ip4][..tcp] [......127.0.0.1][49782] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...120] [ip4][..tcp] [......127.0.0.1][49784] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...121] [ip4][..tcp] [......127.0.0.1][49786] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...122] [ip4][..tcp] [......127.0.0.1][49788] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...123] [ip4][..tcp] [......127.0.0.1][49790] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...124] [ip4][..tcp] [......127.0.0.1][49792] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...125] [ip4][..tcp] [......127.0.0.1][49794] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...126] [ip4][..tcp] [......127.0.0.1][49796] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...127] [ip4][..tcp] [......127.0.0.1][49798] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...128] [ip4][..tcp] [......127.0.0.1][49800] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...129] [ip4][..tcp] [......127.0.0.1][49802] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...130] [ip4][..tcp] [......127.0.0.1][49804] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...131] [ip4][..tcp] [......127.0.0.1][49806] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...132] [ip4][..tcp] [......127.0.0.1][49808] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...133] [ip4][..tcp] [......127.0.0.1][49810] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...134] [ip4][..tcp] [......127.0.0.1][49812] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...135] [ip4][..tcp] [......127.0.0.1][49814] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...136] [ip4][..tcp] [......127.0.0.1][49816] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...137] [ip4][..tcp] [......127.0.0.1][49818] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...138] [ip4][..tcp] [......127.0.0.1][49820] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...139] [ip4][..tcp] [......127.0.0.1][49822] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...140] [ip4][..tcp] [......127.0.0.1][49824] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...141] [ip4][..tcp] [......127.0.0.1][49826] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...142] [ip4][..tcp] [......127.0.0.1][49828] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...143] [ip4][..tcp] [......127.0.0.1][49830] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...144] [ip4][..tcp] [......127.0.0.1][49832] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...145] [ip4][..tcp] [......127.0.0.1][49834] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...146] [ip4][..tcp] [......127.0.0.1][49836] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...147] [ip4][..tcp] [......127.0.0.1][49838] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...148] [ip4][..tcp] [......127.0.0.1][49840] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...149] [ip4][..tcp] [......127.0.0.1][49842] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...150] [ip4][..tcp] [......127.0.0.1][49844] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...151] [ip4][..tcp] [......127.0.0.1][49846] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...152] [ip4][..tcp] [......127.0.0.1][49848] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...153] [ip4][..tcp] [......127.0.0.1][49850] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...154] [ip4][..tcp] [......127.0.0.1][49852] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...155] [ip4][..tcp] [......127.0.0.1][49854] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...156] [ip4][..tcp] [......127.0.0.1][49856] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...157] [ip4][..tcp] [......127.0.0.1][49858] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...158] [ip4][..tcp] [......127.0.0.1][49860] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...159] [ip4][..tcp] [......127.0.0.1][49862] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...160] [ip4][..tcp] [......127.0.0.1][49864] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...161] [ip4][..tcp] [......127.0.0.1][49866] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...162] [ip4][..tcp] [......127.0.0.1][49868] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...163] [ip4][..tcp] [......127.0.0.1][49870] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...164] [ip4][..tcp] [......127.0.0.1][49872] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...165] [ip4][..tcp] [......127.0.0.1][49874] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...166] [ip4][..tcp] [......127.0.0.1][49876] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...167] [ip4][..tcp] [......127.0.0.1][49878] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...168] [ip4][..tcp] [......127.0.0.1][49880] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...169] [ip4][..tcp] [......127.0.0.1][49882] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...170] [ip4][..tcp] [......127.0.0.1][49884] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...171] [ip4][..tcp] [......127.0.0.1][49886] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...172] [ip4][..tcp] [......127.0.0.1][49888] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...173] [ip4][..tcp] [......127.0.0.1][49890] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...174] [ip4][..tcp] [......127.0.0.1][49892] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...175] [ip4][..tcp] [......127.0.0.1][49894] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...176] [ip4][..tcp] [......127.0.0.1][49896] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...177] [ip4][..tcp] [......127.0.0.1][49898] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...178] [ip4][..tcp] [......127.0.0.1][49900] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...179] [ip4][..tcp] [......127.0.0.1][49902] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...180] [ip4][..tcp] [......127.0.0.1][49904] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...181] [ip4][..tcp] [......127.0.0.1][49906] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...182] [ip4][..tcp] [......127.0.0.1][49908] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...183] [ip4][..tcp] [......127.0.0.1][49910] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...184] [ip4][..tcp] [......127.0.0.1][49912] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...185] [ip4][..tcp] [......127.0.0.1][49914] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...186] [ip4][..tcp] [......127.0.0.1][49916] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...187] [ip4][..tcp] [......127.0.0.1][49918] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...188] [ip4][..tcp] [......127.0.0.1][49920] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...189] [ip4][..tcp] [......127.0.0.1][49922] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...190] [ip4][..tcp] [......127.0.0.1][49924] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...191] [ip4][..tcp] [......127.0.0.1][49926] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...192] [ip4][..tcp] [......127.0.0.1][49928] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...193] [ip4][..tcp] [......127.0.0.1][49930] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...194] [ip4][..tcp] [......127.0.0.1][49932] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...195] [ip4][..tcp] [......127.0.0.1][49934] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...196] [ip4][..tcp] [......127.0.0.1][49936] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...197] [ip4][..tcp] [......127.0.0.1][49938] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...198] [ip4][..tcp] [......127.0.0.1][49940] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...199] [ip4][..tcp] [......127.0.0.1][49942] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...200] [ip4][..tcp] [......127.0.0.1][49944] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...201] [ip4][..tcp] [......127.0.0.1][49946] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...202] [ip4][..tcp] [......127.0.0.1][49948] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...203] [ip4][..tcp] [......127.0.0.1][49950] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...204] [ip4][..tcp] [......127.0.0.1][49952] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...205] [ip4][..tcp] [......127.0.0.1][49954] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...206] [ip4][..tcp] [......127.0.0.1][49956] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...207] [ip4][..tcp] [......127.0.0.1][49958] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...208] [ip4][..tcp] [......127.0.0.1][49960] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...209] [ip4][..tcp] [......127.0.0.1][49962] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...210] [ip4][..tcp] [......127.0.0.1][49964] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...211] [ip4][..tcp] [......127.0.0.1][49966] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...212] [ip4][..tcp] [......127.0.0.1][49968] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...213] [ip4][..tcp] [......127.0.0.1][49970] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...214] [ip4][..tcp] [......127.0.0.1][49972] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...215] [ip4][..tcp] [......127.0.0.1][49974] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...216] [ip4][..tcp] [......127.0.0.1][49976] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...217] [ip4][..tcp] [......127.0.0.1][49978] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...218] [ip4][..tcp] [......127.0.0.1][49980] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...219] [ip4][..tcp] [......127.0.0.1][49982] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...220] [ip4][..tcp] [......127.0.0.1][49984] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...221] [ip4][..tcp] [......127.0.0.1][49986] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...222] [ip4][..tcp] [......127.0.0.1][49988] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...223] [ip4][..tcp] [......127.0.0.1][49990] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...224] [ip4][..tcp] [......127.0.0.1][49992] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...225] [ip4][..tcp] [......127.0.0.1][49994] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...226] [ip4][..tcp] [......127.0.0.1][49996] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...227] [ip4][..tcp] [......127.0.0.1][49998] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...228] [ip4][..tcp] [......127.0.0.1][50000] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...229] [ip4][..tcp] [......127.0.0.1][50002] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...230] [ip4][..tcp] [......127.0.0.1][50004] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...231] [ip4][..tcp] [......127.0.0.1][50006] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...232] [ip4][..tcp] [......127.0.0.1][50008] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...233] [ip4][..tcp] [......127.0.0.1][50010] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...234] [ip4][..tcp] [......127.0.0.1][50012] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...235] [ip4][..tcp] [......127.0.0.1][50014] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...236] [ip4][..tcp] [......127.0.0.1][50016] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...237] [ip4][..tcp] [......127.0.0.1][50018] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...238] [ip4][..tcp] [......127.0.0.1][50020] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...239] [ip4][..tcp] [......127.0.0.1][50022] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...240] [ip4][..tcp] [......127.0.0.1][50024] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...241] [ip4][..tcp] [......127.0.0.1][50026] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...242] [ip4][..tcp] [......127.0.0.1][50028] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...243] [ip4][..tcp] [......127.0.0.1][50030] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...244] [ip4][..tcp] [......127.0.0.1][50032] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...245] [ip4][..tcp] [......127.0.0.1][50034] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...246] [ip4][..tcp] [......127.0.0.1][50036] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...247] [ip4][..tcp] [......127.0.0.1][50038] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...248] [ip4][..tcp] [......127.0.0.1][50040] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...249] [ip4][..tcp] [......127.0.0.1][50042] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...250] [ip4][..tcp] [......127.0.0.1][50044] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...251] [ip4][..tcp] [......127.0.0.1][50046] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...252] [ip4][..tcp] [......127.0.0.1][50048] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...253] [ip4][..tcp] [......127.0.0.1][50050] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...254] [ip4][..tcp] [......127.0.0.1][50052] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...255] [ip4][..tcp] [......127.0.0.1][50054] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...256] [ip4][..tcp] [......127.0.0.1][50056] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...257] [ip4][..tcp] [......127.0.0.1][50058] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...258] [ip4][..tcp] [......127.0.0.1][50060] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...259] [ip4][..tcp] [......127.0.0.1][50062] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...260] [ip4][..tcp] [......127.0.0.1][50064] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...261] [ip4][..tcp] [......127.0.0.1][50066] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...262] [ip4][..tcp] [......127.0.0.1][50068] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...263] [ip4][..tcp] [......127.0.0.1][50070] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...264] [ip4][..tcp] [......127.0.0.1][50072] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...265] [ip4][..tcp] [......127.0.0.1][50074] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...266] [ip4][..tcp] [......127.0.0.1][50076] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...267] [ip4][..tcp] [......127.0.0.1][50078] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...268] [ip4][..tcp] [......127.0.0.1][50080] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...269] [ip4][..tcp] [......127.0.0.1][50082] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...270] [ip4][..tcp] [......127.0.0.1][50084] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...271] [ip4][..tcp] [......127.0.0.1][50086] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...272] [ip4][..tcp] [......127.0.0.1][50088] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...273] [ip4][..tcp] [......127.0.0.1][50090] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...274] [ip4][..tcp] [......127.0.0.1][50092] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...275] [ip4][..tcp] [......127.0.0.1][50094] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...276] [ip4][..tcp] [......127.0.0.1][50096] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...277] [ip4][..tcp] [......127.0.0.1][50098] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...278] [ip4][..tcp] [......127.0.0.1][50100] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...279] [ip4][..tcp] [......127.0.0.1][50102] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...280] [ip4][..tcp] [......127.0.0.1][50104] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...281] [ip4][..tcp] [......127.0.0.1][50106] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...282] [ip4][..tcp] [......127.0.0.1][50108] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...283] [ip4][..tcp] [......127.0.0.1][50110] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...284] [ip4][..tcp] [......127.0.0.1][50112] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...285] [ip4][..tcp] [......127.0.0.1][50114] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...286] [ip4][..tcp] [......127.0.0.1][50116] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...287] [ip4][..tcp] [......127.0.0.1][50118] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...288] [ip4][..tcp] [......127.0.0.1][50120] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...289] [ip4][..tcp] [......127.0.0.1][50122] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...290] [ip4][..tcp] [......127.0.0.1][50124] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...291] [ip4][..tcp] [......127.0.0.1][50126] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...292] [ip4][..tcp] [......127.0.0.1][50128] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...293] [ip4][..tcp] [......127.0.0.1][50130] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...294] [ip4][..tcp] [......127.0.0.1][50132] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...295] [ip4][..tcp] [......127.0.0.1][50134] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...296] [ip4][..tcp] [......127.0.0.1][50136] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...297] [ip4][..tcp] [......127.0.0.1][50138] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...298] [ip4][..tcp] [......127.0.0.1][50140] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...299] [ip4][..tcp] [......127.0.0.1][50142] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...300] [ip4][..tcp] [......127.0.0.1][50144] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...301] [ip4][..tcp] [......127.0.0.1][50146] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...302] [ip4][..tcp] [......127.0.0.1][50148] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...303] [ip4][..tcp] [......127.0.0.1][50150] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...304] [ip4][..tcp] [......127.0.0.1][50152] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...305] [ip4][..tcp] [......127.0.0.1][50154] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...306] [ip4][..tcp] [......127.0.0.1][50156] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...307] [ip4][..tcp] [......127.0.0.1][50158] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...308] [ip4][..tcp] [......127.0.0.1][50160] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...309] [ip4][..tcp] [......127.0.0.1][50162] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...310] [ip4][..tcp] [......127.0.0.1][50164] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...311] [ip4][..tcp] [......127.0.0.1][50166] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...312] [ip4][..tcp] [......127.0.0.1][50168] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...313] [ip4][..tcp] [......127.0.0.1][50170] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...314] [ip4][..tcp] [......127.0.0.1][50172] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...315] [ip4][..tcp] [......127.0.0.1][50174] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...316] [ip4][..tcp] [......127.0.0.1][50176] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...317] [ip4][..tcp] [......127.0.0.1][50178] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...318] [ip4][..tcp] [......127.0.0.1][50180] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...319] [ip4][..tcp] [......127.0.0.1][50182] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...320] [ip4][..tcp] [......127.0.0.1][50184] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...321] [ip4][..tcp] [......127.0.0.1][50186] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...322] [ip4][..tcp] [......127.0.0.1][50188] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...323] [ip4][..tcp] [......127.0.0.1][50190] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...324] [ip4][..tcp] [......127.0.0.1][50192] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...325] [ip4][..tcp] [......127.0.0.1][50194] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...326] [ip4][..tcp] [......127.0.0.1][50196] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...327] [ip4][..tcp] [......127.0.0.1][50198] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...328] [ip4][..tcp] [......127.0.0.1][50200] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...329] [ip4][..tcp] [......127.0.0.1][50202] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...330] [ip4][..tcp] [......127.0.0.1][50204] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...331] [ip4][..tcp] [......127.0.0.1][50206] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...332] [ip4][..tcp] [......127.0.0.1][50208] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...333] [ip4][..tcp] [......127.0.0.1][50210] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...334] [ip4][..tcp] [......127.0.0.1][50212] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...335] [ip4][..tcp] [......127.0.0.1][50214] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...336] [ip4][..tcp] [......127.0.0.1][50216] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...337] [ip4][..tcp] [......127.0.0.1][50218] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...338] [ip4][..tcp] [......127.0.0.1][50220] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...339] [ip4][..tcp] [......127.0.0.1][50222] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...340] [ip4][..tcp] [......127.0.0.1][50224] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...341] [ip4][..tcp] [......127.0.0.1][50226] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...342] [ip4][..tcp] [......127.0.0.1][50228] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...343] [ip4][..tcp] [......127.0.0.1][50230] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...344] [ip4][..tcp] [......127.0.0.1][50232] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...345] [ip4][..tcp] [......127.0.0.1][50234] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...346] [ip4][..tcp] [......127.0.0.1][50236] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...347] [ip4][..tcp] [......127.0.0.1][50238] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...348] [ip4][..tcp] [......127.0.0.1][50240] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...349] [ip4][..tcp] [......127.0.0.1][50242] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...350] [ip4][..tcp] [......127.0.0.1][50244] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...351] [ip4][..tcp] [......127.0.0.1][50246] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...352] [ip4][..tcp] [......127.0.0.1][50248] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...353] [ip4][..tcp] [......127.0.0.1][50250] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...354] [ip4][..tcp] [......127.0.0.1][50252] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...355] [ip4][..tcp] [......127.0.0.1][50254] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...356] [ip4][..tcp] [......127.0.0.1][50256] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...357] [ip4][..tcp] [......127.0.0.1][50258] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...358] [ip4][..tcp] [......127.0.0.1][50260] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...359] [ip4][..tcp] [......127.0.0.1][50262] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...360] [ip4][..tcp] [......127.0.0.1][50264] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...361] [ip4][..tcp] [......127.0.0.1][50266] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...362] [ip4][..tcp] [......127.0.0.1][50268] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...363] [ip4][..tcp] [......127.0.0.1][50270] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...364] [ip4][..tcp] [......127.0.0.1][50272] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...365] [ip4][..tcp] [......127.0.0.1][50274] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...366] [ip4][..tcp] [......127.0.0.1][50276] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...367] [ip4][..tcp] [......127.0.0.1][50278] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...368] [ip4][..tcp] [......127.0.0.1][50280] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...369] [ip4][..tcp] [......127.0.0.1][50282] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...370] [ip4][..tcp] [......127.0.0.1][50284] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...371] [ip4][..tcp] [......127.0.0.1][50286] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...372] [ip4][..tcp] [......127.0.0.1][50288] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...373] [ip4][..tcp] [......127.0.0.1][50290] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...374] [ip4][..tcp] [......127.0.0.1][50292] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...375] [ip4][..tcp] [......127.0.0.1][50294] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...376] [ip4][..tcp] [......127.0.0.1][50296] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...377] [ip4][..tcp] [......127.0.0.1][50298] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...378] [ip4][..tcp] [......127.0.0.1][50300] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...379] [ip4][..tcp] [......127.0.0.1][50302] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...380] [ip4][..tcp] [......127.0.0.1][50304] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...381] [ip4][..tcp] [......127.0.0.1][50306] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...382] [ip4][..tcp] [......127.0.0.1][50308] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...383] [ip4][..tcp] [......127.0.0.1][50310] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...384] [ip4][..tcp] [......127.0.0.1][50312] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...385] [ip4][..tcp] [......127.0.0.1][50314] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...386] [ip4][..tcp] [......127.0.0.1][50316] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...387] [ip4][..tcp] [......127.0.0.1][50318] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...388] [ip4][..tcp] [......127.0.0.1][50320] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...389] [ip4][..tcp] [......127.0.0.1][50322] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...390] [ip4][..tcp] [......127.0.0.1][50324] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...391] [ip4][..tcp] [......127.0.0.1][50326] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...392] [ip4][..tcp] [......127.0.0.1][50328] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...393] [ip4][..tcp] [......127.0.0.1][50330] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...394] [ip4][..tcp] [......127.0.0.1][50332] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...395] [ip4][..tcp] [......127.0.0.1][50334] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...396] [ip4][..tcp] [......127.0.0.1][50336] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...397] [ip4][..tcp] [......127.0.0.1][50338] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...398] [ip4][..tcp] [......127.0.0.1][50340] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...399] [ip4][..tcp] [......127.0.0.1][50342] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...400] [ip4][..tcp] [......127.0.0.1][50344] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...401] [ip4][..tcp] [......127.0.0.1][50346] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...402] [ip4][..tcp] [......127.0.0.1][50348] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...403] [ip4][..tcp] [......127.0.0.1][50350] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...404] [ip4][..tcp] [......127.0.0.1][50352] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...405] [ip4][..tcp] [......127.0.0.1][50354] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...406] [ip4][..tcp] [......127.0.0.1][50356] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...407] [ip4][..tcp] [......127.0.0.1][50358] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...408] [ip4][..tcp] [......127.0.0.1][50360] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...409] [ip4][..tcp] [......127.0.0.1][50362] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...410] [ip4][..tcp] [......127.0.0.1][50364] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...411] [ip4][..tcp] [......127.0.0.1][50366] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...412] [ip4][..tcp] [......127.0.0.1][50368] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...413] [ip4][..tcp] [......127.0.0.1][50370] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...414] [ip4][..tcp] [......127.0.0.1][50372] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...415] [ip4][..tcp] [......127.0.0.1][50374] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...416] [ip4][..tcp] [......127.0.0.1][50376] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...417] [ip4][..tcp] [......127.0.0.1][50378] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...418] [ip4][..tcp] [......127.0.0.1][50380] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...419] [ip4][..tcp] [......127.0.0.1][50382] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...420] [ip4][..tcp] [......127.0.0.1][50384] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...421] [ip4][..tcp] [......127.0.0.1][50386] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...422] [ip4][..tcp] [......127.0.0.1][50388] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...423] [ip4][..tcp] [......127.0.0.1][50390] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...424] [ip4][..tcp] [......127.0.0.1][50392] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...425] [ip4][..tcp] [......127.0.0.1][50394] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...426] [ip4][..tcp] [......127.0.0.1][50396] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...427] [ip4][..tcp] [......127.0.0.1][50398] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...428] [ip4][..tcp] [......127.0.0.1][50400] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...429] [ip4][..tcp] [......127.0.0.1][50402] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...430] [ip4][..tcp] [......127.0.0.1][50404] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...431] [ip4][..tcp] [......127.0.0.1][50406] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...432] [ip4][..tcp] [......127.0.0.1][50408] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...433] [ip4][..tcp] [......127.0.0.1][50410] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...434] [ip4][..tcp] [......127.0.0.1][50412] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...435] [ip4][..tcp] [......127.0.0.1][50414] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...436] [ip4][..tcp] [......127.0.0.1][50416] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...437] [ip4][..tcp] [......127.0.0.1][50418] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...438] [ip4][..tcp] [......127.0.0.1][50438] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...439] [ip4][..tcp] [......127.0.0.1][50440] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...440] [ip4][..tcp] [......127.0.0.1][50442] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...441] [ip4][..tcp] [......127.0.0.1][50444] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...442] [ip4][..tcp] [......127.0.0.1][50446] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...443] [ip4][..tcp] [......127.0.0.1][50448] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...444] [ip4][..tcp] [......127.0.0.1][50450] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...445] [ip4][..tcp] [......127.0.0.1][50452] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...446] [ip4][..tcp] [......127.0.0.1][50454] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...447] [ip4][..tcp] [......127.0.0.1][50456] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...448] [ip4][..tcp] [......127.0.0.1][50458] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...449] [ip4][..tcp] [......127.0.0.1][50460] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...450] [ip4][..tcp] [......127.0.0.1][50462] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...451] [ip4][..tcp] [......127.0.0.1][50464] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...452] [ip4][..tcp] [......127.0.0.1][50466] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...453] [ip4][..tcp] [......127.0.0.1][50468] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...454] [ip4][..tcp] [......127.0.0.1][50470] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...455] [ip4][..tcp] [......127.0.0.1][50472] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...456] [ip4][..tcp] [......127.0.0.1][50474] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...457] [ip4][..tcp] [......127.0.0.1][50476] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...458] [ip4][..tcp] [......127.0.0.1][50478] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...459] [ip4][..tcp] [......127.0.0.1][50480] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...460] [ip4][..tcp] [......127.0.0.1][50482] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...461] [ip4][..tcp] [......127.0.0.1][50484] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...462] [ip4][..tcp] [......127.0.0.1][50486] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...463] [ip4][..tcp] [......127.0.0.1][50488] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...464] [ip4][..tcp] [......127.0.0.1][50490] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...465] [ip4][..tcp] [......127.0.0.1][50492] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...466] [ip4][..tcp] [......127.0.0.1][50494] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...467] [ip4][..tcp] [......127.0.0.1][50496] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...468] [ip4][..tcp] [......127.0.0.1][50498] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...469] [ip4][..tcp] [......127.0.0.1][50500] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...470] [ip4][..tcp] [......127.0.0.1][50502] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...471] [ip4][..tcp] [......127.0.0.1][50504] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...472] [ip4][..tcp] [......127.0.0.1][50506] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...473] [ip4][..tcp] [......127.0.0.1][50508] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...474] [ip4][..tcp] [......127.0.0.1][50510] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...475] [ip4][..tcp] [......127.0.0.1][50512] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...476] [ip4][..tcp] [......127.0.0.1][50514] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...477] [ip4][..tcp] [......127.0.0.1][50516] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...478] [ip4][..tcp] [......127.0.0.1][50518] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...479] [ip4][..tcp] [......127.0.0.1][50520] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...480] [ip4][..tcp] [......127.0.0.1][50522] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...481] [ip4][..tcp] [......127.0.0.1][50524] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...482] [ip4][..tcp] [......127.0.0.1][50526] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...483] [ip4][..tcp] [......127.0.0.1][50528] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...484] [ip4][..tcp] [......127.0.0.1][50530] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...485] [ip4][..tcp] [......127.0.0.1][50532] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...486] [ip4][..tcp] [......127.0.0.1][50534] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...487] [ip4][..tcp] [......127.0.0.1][50536] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...488] [ip4][..tcp] [......127.0.0.1][50538] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...489] [ip4][..tcp] [......127.0.0.1][50540] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...490] [ip4][..tcp] [......127.0.0.1][50542] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...491] [ip4][..tcp] [......127.0.0.1][50544] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...492] [ip4][..tcp] [......127.0.0.1][50546] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...493] [ip4][..tcp] [......127.0.0.1][50548] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...494] [ip4][..tcp] [......127.0.0.1][50550] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...495] [ip4][..tcp] [......127.0.0.1][50552] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...496] [ip4][..tcp] [......127.0.0.1][50554] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...497] [ip4][..tcp] [......127.0.0.1][50556] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...498] [ip4][..tcp] [......127.0.0.1][50558] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...499] [ip4][..tcp] [......127.0.0.1][50560] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...500] [ip4][..tcp] [......127.0.0.1][50562] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Possible Exploit, Unidirectional Traffic + idle: [...501] [ip4][..tcp] [......127.0.0.1][50564] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...502] [ip4][..tcp] [......127.0.0.1][50566] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...503] [ip4][..tcp] [......127.0.0.1][50568] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...504] [ip4][..tcp] [......127.0.0.1][50570] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...505] [ip4][..tcp] [......127.0.0.1][50572] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...506] [ip4][..tcp] [......127.0.0.1][50574] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...507] [ip4][..tcp] [......127.0.0.1][50576] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...508] [ip4][..tcp] [......127.0.0.1][50578] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...509] [ip4][..tcp] [......127.0.0.1][50580] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...510] [ip4][..tcp] [......127.0.0.1][50582] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...511] [ip4][..tcp] [......127.0.0.1][50584] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...512] [ip4][..tcp] [......127.0.0.1][50586] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...513] [ip4][..tcp] [......127.0.0.1][50588] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...514] [ip4][..tcp] [......127.0.0.1][50590] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...515] [ip4][..tcp] [......127.0.0.1][50592] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...516] [ip4][..tcp] [......127.0.0.1][50594] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...517] [ip4][..tcp] [......127.0.0.1][50596] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...518] [ip4][..tcp] [......127.0.0.1][50598] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...519] [ip4][..tcp] [......127.0.0.1][50600] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...520] [ip4][..tcp] [......127.0.0.1][50602] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...521] [ip4][..tcp] [......127.0.0.1][50604] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...522] [ip4][..tcp] [......127.0.0.1][50606] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...523] [ip4][..tcp] [......127.0.0.1][50608] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...524] [ip4][..tcp] [......127.0.0.1][50610] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...525] [ip4][..tcp] [......127.0.0.1][50612] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...526] [ip4][..tcp] [......127.0.0.1][50614] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...527] [ip4][..tcp] [......127.0.0.1][50616] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...528] [ip4][..tcp] [......127.0.0.1][50618] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...529] [ip4][..tcp] [......127.0.0.1][50620] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...530] [ip4][..tcp] [......127.0.0.1][50622] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...531] [ip4][..tcp] [......127.0.0.1][50624] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...532] [ip4][..tcp] [......127.0.0.1][50626] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...533] [ip4][..tcp] [......127.0.0.1][50628] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...534] [ip4][..tcp] [......127.0.0.1][50630] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...535] [ip4][..tcp] [......127.0.0.1][50632] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...536] [ip4][..tcp] [......127.0.0.1][50634] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...537] [ip4][..tcp] [......127.0.0.1][50636] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...538] [ip4][..tcp] [......127.0.0.1][50638] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...539] [ip4][..tcp] [......127.0.0.1][50640] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...540] [ip4][..tcp] [......127.0.0.1][50642] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...541] [ip4][..tcp] [......127.0.0.1][50644] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...542] [ip4][..tcp] [......127.0.0.1][50646] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...543] [ip4][..tcp] [......127.0.0.1][50648] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...544] [ip4][..tcp] [......127.0.0.1][50650] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...545] [ip4][..tcp] [......127.0.0.1][50652] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...546] [ip4][..tcp] [......127.0.0.1][50654] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...547] [ip4][..tcp] [......127.0.0.1][50656] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...548] [ip4][..tcp] [......127.0.0.1][50658] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...549] [ip4][..tcp] [......127.0.0.1][50660] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...550] [ip4][..tcp] [......127.0.0.1][50662] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...551] [ip4][..tcp] [......127.0.0.1][50664] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...552] [ip4][..tcp] [......127.0.0.1][50666] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...553] [ip4][..tcp] [......127.0.0.1][50668] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...554] [ip4][..tcp] [......127.0.0.1][50670] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...555] [ip4][..tcp] [......127.0.0.1][50672] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...556] [ip4][..tcp] [......127.0.0.1][50674] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...557] [ip4][..tcp] [......127.0.0.1][50676] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...558] [ip4][..tcp] [......127.0.0.1][50678] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...559] [ip4][..tcp] [......127.0.0.1][50680] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...560] [ip4][..tcp] [......127.0.0.1][50682] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...561] [ip4][..tcp] [......127.0.0.1][50684] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...562] [ip4][..tcp] [......127.0.0.1][50686] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...563] [ip4][..tcp] [......127.0.0.1][50688] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...564] [ip4][..tcp] [......127.0.0.1][50690] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...565] [ip4][..tcp] [......127.0.0.1][50692] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...566] [ip4][..tcp] [......127.0.0.1][50694] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...567] [ip4][..tcp] [......127.0.0.1][50696] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...568] [ip4][..tcp] [......127.0.0.1][50698] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...569] [ip4][..tcp] [......127.0.0.1][50700] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...570] [ip4][..tcp] [......127.0.0.1][50702] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...571] [ip4][..tcp] [......127.0.0.1][50704] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...572] [ip4][..tcp] [......127.0.0.1][50706] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...573] [ip4][..tcp] [......127.0.0.1][50708] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...574] [ip4][..tcp] [......127.0.0.1][50710] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...575] [ip4][..tcp] [......127.0.0.1][50712] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...576] [ip4][..tcp] [......127.0.0.1][50714] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...577] [ip4][..tcp] [......127.0.0.1][50716] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...578] [ip4][..tcp] [......127.0.0.1][50718] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...579] [ip4][..tcp] [......127.0.0.1][50720] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...580] [ip4][..tcp] [......127.0.0.1][50722] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...581] [ip4][..tcp] [......127.0.0.1][50724] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...582] [ip4][..tcp] [......127.0.0.1][50726] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...583] [ip4][..tcp] [......127.0.0.1][50728] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...584] [ip4][..tcp] [......127.0.0.1][50730] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...585] [ip4][..tcp] [......127.0.0.1][50732] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...586] [ip4][..tcp] [......127.0.0.1][50734] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...587] [ip4][..tcp] [......127.0.0.1][50736] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...588] [ip4][..tcp] [......127.0.0.1][50738] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...589] [ip4][..tcp] [......127.0.0.1][50740] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...590] [ip4][..tcp] [......127.0.0.1][50742] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...591] [ip4][..tcp] [......127.0.0.1][50744] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...592] [ip4][..tcp] [......127.0.0.1][50746] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...593] [ip4][..tcp] [......127.0.0.1][50748] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...594] [ip4][..tcp] [......127.0.0.1][50750] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...595] [ip4][..tcp] [......127.0.0.1][50752] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...596] [ip4][..tcp] [......127.0.0.1][50754] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...597] [ip4][..tcp] [......127.0.0.1][50756] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...598] [ip4][..tcp] [......127.0.0.1][50758] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...599] [ip4][..tcp] [......127.0.0.1][50760] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...600] [ip4][..tcp] [......127.0.0.1][50762] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...601] [ip4][..tcp] [......127.0.0.1][50764] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...602] [ip4][..tcp] [......127.0.0.1][50766] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...603] [ip4][..tcp] [......127.0.0.1][50768] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...604] [ip4][..tcp] [......127.0.0.1][50770] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...605] [ip4][..tcp] [......127.0.0.1][50772] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...606] [ip4][..tcp] [......127.0.0.1][50774] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...607] [ip4][..tcp] [......127.0.0.1][50776] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...608] [ip4][..tcp] [......127.0.0.1][50778] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...609] [ip4][..tcp] [......127.0.0.1][50780] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...610] [ip4][..tcp] [......127.0.0.1][50782] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...611] [ip4][..tcp] [......127.0.0.1][50784] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...612] [ip4][..tcp] [......127.0.0.1][50786] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...613] [ip4][..tcp] [......127.0.0.1][50788] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...614] [ip4][..tcp] [......127.0.0.1][50790] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...615] [ip4][..tcp] [......127.0.0.1][50792] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...616] [ip4][..tcp] [......127.0.0.1][50794] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...617] [ip4][..tcp] [......127.0.0.1][50796] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...618] [ip4][..tcp] [......127.0.0.1][50798] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...619] [ip4][..tcp] [......127.0.0.1][50800] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...620] [ip4][..tcp] [......127.0.0.1][50802] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...621] [ip4][..tcp] [......127.0.0.1][50804] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...622] [ip4][..tcp] [......127.0.0.1][50806] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...623] [ip4][..tcp] [......127.0.0.1][50808] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...624] [ip4][..tcp] [......127.0.0.1][50810] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...625] [ip4][..tcp] [......127.0.0.1][50812] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...626] [ip4][..tcp] [......127.0.0.1][50814] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...627] [ip4][..tcp] [......127.0.0.1][50816] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...628] [ip4][..tcp] [......127.0.0.1][50818] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...629] [ip4][..tcp] [......127.0.0.1][50820] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...630] [ip4][..tcp] [......127.0.0.1][50822] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...631] [ip4][..tcp] [......127.0.0.1][50824] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...632] [ip4][..tcp] [......127.0.0.1][50826] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...633] [ip4][..tcp] [......127.0.0.1][50828] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...634] [ip4][..tcp] [......127.0.0.1][50830] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...635] [ip4][..tcp] [......127.0.0.1][50832] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...636] [ip4][..tcp] [......127.0.0.1][50834] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...637] [ip4][..tcp] [......127.0.0.1][50836] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...638] [ip4][..tcp] [......127.0.0.1][50838] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...639] [ip4][..tcp] [......127.0.0.1][50840] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...640] [ip4][..tcp] [......127.0.0.1][50842] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...641] [ip4][..tcp] [......127.0.0.1][50844] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...642] [ip4][..tcp] [......127.0.0.1][50846] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...643] [ip4][..tcp] [......127.0.0.1][50848] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...644] [ip4][..tcp] [......127.0.0.1][50850] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...645] [ip4][..tcp] [......127.0.0.1][50852] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...646] [ip4][..tcp] [......127.0.0.1][50854] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...647] [ip4][..tcp] [......127.0.0.1][50856] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...648] [ip4][..tcp] [......127.0.0.1][50858] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...649] [ip4][..tcp] [......127.0.0.1][50860] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...650] [ip4][..tcp] [......127.0.0.1][50862] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...651] [ip4][..tcp] [......127.0.0.1][50864] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...652] [ip4][..tcp] [......127.0.0.1][50866] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...653] [ip4][..tcp] [......127.0.0.1][50868] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...654] [ip4][..tcp] [......127.0.0.1][50870] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...655] [ip4][..tcp] [......127.0.0.1][50872] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...656] [ip4][..tcp] [......127.0.0.1][50874] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...657] [ip4][..tcp] [......127.0.0.1][50876] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...658] [ip4][..tcp] [......127.0.0.1][50878] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...659] [ip4][..tcp] [......127.0.0.1][50880] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...660] [ip4][..tcp] [......127.0.0.1][50882] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...661] [ip4][..tcp] [......127.0.0.1][50884] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...662] [ip4][..tcp] [......127.0.0.1][50886] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...663] [ip4][..tcp] [......127.0.0.1][50888] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...664] [ip4][..tcp] [......127.0.0.1][50890] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...665] [ip4][..tcp] [......127.0.0.1][50892] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...666] [ip4][..tcp] [......127.0.0.1][50894] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...667] [ip4][..tcp] [......127.0.0.1][50896] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...668] [ip4][..tcp] [......127.0.0.1][50898] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...669] [ip4][..tcp] [......127.0.0.1][50900] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...670] [ip4][..tcp] [......127.0.0.1][50902] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...671] [ip4][..tcp] [......127.0.0.1][50904] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...672] [ip4][..tcp] [......127.0.0.1][50906] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...673] [ip4][..tcp] [......127.0.0.1][50908] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...674] [ip4][..tcp] [......127.0.0.1][50910] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...675] [ip4][..tcp] [......127.0.0.1][50912] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...676] [ip4][..tcp] [......127.0.0.1][50914] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...677] [ip4][..tcp] [......127.0.0.1][50916] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...678] [ip4][..tcp] [......127.0.0.1][50918] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...679] [ip4][..tcp] [......127.0.0.1][50920] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...680] [ip4][..tcp] [......127.0.0.1][50922] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...681] [ip4][..tcp] [......127.0.0.1][50924] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...682] [ip4][..tcp] [......127.0.0.1][50926] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...683] [ip4][..tcp] [......127.0.0.1][50928] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...684] [ip4][..tcp] [......127.0.0.1][50930] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...685] [ip4][..tcp] [......127.0.0.1][50932] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...686] [ip4][..tcp] [......127.0.0.1][50934] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...687] [ip4][..tcp] [......127.0.0.1][50936] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...688] [ip4][..tcp] [......127.0.0.1][50938] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...689] [ip4][..tcp] [......127.0.0.1][50940] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...690] [ip4][..tcp] [......127.0.0.1][50942] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...691] [ip4][..tcp] [......127.0.0.1][50944] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...692] [ip4][..tcp] [......127.0.0.1][50946] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...693] [ip4][..tcp] [......127.0.0.1][50948] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...694] [ip4][..tcp] [......127.0.0.1][50950] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...695] [ip4][..tcp] [......127.0.0.1][50952] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...696] [ip4][..tcp] [......127.0.0.1][50954] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...697] [ip4][..tcp] [......127.0.0.1][50956] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...698] [ip4][..tcp] [......127.0.0.1][50958] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...699] [ip4][..tcp] [......127.0.0.1][50960] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...700] [ip4][..tcp] [......127.0.0.1][50962] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...701] [ip4][..tcp] [......127.0.0.1][50964] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...702] [ip4][..tcp] [......127.0.0.1][50966] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...703] [ip4][..tcp] [......127.0.0.1][50968] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...704] [ip4][..tcp] [......127.0.0.1][50970] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...705] [ip4][..tcp] [......127.0.0.1][50972] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...706] [ip4][..tcp] [......127.0.0.1][50974] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...707] [ip4][..tcp] [......127.0.0.1][50976] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...708] [ip4][..tcp] [......127.0.0.1][50978] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...709] [ip4][..tcp] [......127.0.0.1][50980] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...710] [ip4][..tcp] [......127.0.0.1][50982] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...711] [ip4][..tcp] [......127.0.0.1][50984] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...712] [ip4][..tcp] [......127.0.0.1][50986] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...713] [ip4][..tcp] [......127.0.0.1][50988] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...714] [ip4][..tcp] [......127.0.0.1][50990] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...715] [ip4][..tcp] [......127.0.0.1][50992] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...716] [ip4][..tcp] [......127.0.0.1][50994] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...717] [ip4][..tcp] [......127.0.0.1][50996] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...718] [ip4][..tcp] [......127.0.0.1][50998] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...719] [ip4][..tcp] [......127.0.0.1][51000] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...720] [ip4][..tcp] [......127.0.0.1][51002] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...721] [ip4][..tcp] [......127.0.0.1][51004] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...722] [ip4][..tcp] [......127.0.0.1][51006] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...723] [ip4][..tcp] [......127.0.0.1][51008] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...724] [ip4][..tcp] [......127.0.0.1][51010] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...725] [ip4][..tcp] [......127.0.0.1][51012] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...726] [ip4][..tcp] [......127.0.0.1][51014] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...727] [ip4][..tcp] [......127.0.0.1][51016] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...728] [ip4][..tcp] [......127.0.0.1][51018] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...729] [ip4][..tcp] [......127.0.0.1][51020] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...730] [ip4][..tcp] [......127.0.0.1][51022] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...731] [ip4][..tcp] [......127.0.0.1][51024] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...732] [ip4][..tcp] [......127.0.0.1][51026] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...733] [ip4][..tcp] [......127.0.0.1][51028] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...734] [ip4][..tcp] [......127.0.0.1][51030] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...735] [ip4][..tcp] [......127.0.0.1][51032] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...736] [ip4][..tcp] [......127.0.0.1][51034] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...737] [ip4][..tcp] [......127.0.0.1][51036] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...738] [ip4][..tcp] [......127.0.0.1][51038] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...739] [ip4][..tcp] [......127.0.0.1][51040] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...740] [ip4][..tcp] [......127.0.0.1][51042] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...741] [ip4][..tcp] [......127.0.0.1][51044] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...742] [ip4][..tcp] [......127.0.0.1][51046] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + idle: [...743] [ip4][..tcp] [......127.0.0.1][51048] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic + idle: [...744] [ip4][..tcp] [......127.0.0.1][51050] -> [......127.0.0.1][.8080] [HTTP][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, HTTP Susp URL, Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/activision.pcap.out b/test/results/flow-info/default/activision.pcap.out index 156415ceb..7fef5e1a7 100644 --- a/test/results/flow-info/default/activision.pcap.out +++ b/test/results/flow-info/default/activision.pcap.out @@ -8,23 +8,18 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][.3074] -> [...45.63.112.54][34741] [Activision][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] [Activision][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] detected: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] [Activision][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][.3074] -> [...45.63.112.54][34741] [Activision][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][.3074] -> [..108.61.235.31][33441] [Activision][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] detected: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] [Activision][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][.3074] -> [.148.72.173.162][34311] [Activision][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][.3074] -> [...173.199.67.5][37081] [Activision][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/adult_content.pcap.out b/test/results/flow-info/default/adult_content.pcap.out index 6cd27ac93..062e3b222 100644 --- a/test/results/flow-info/default/adult_content.pcap.out +++ b/test/results/flow-info/default/adult_content.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [..192.168.1.199][42759] -> [...31.220.27.69][...80] detected: [.....1] [ip4][..udp] [..192.168.1.199][42759] -> [...31.220.27.69][...80] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [..192.168.1.199][42759] -> [...31.220.27.69][...80] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [..192.168.1.199][42759] -> [...31.220.27.69][...80] [STUN.AdultContent][Unknown][AdultContent][Acceptable][b-eu14.stripcdn.com] RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..udp] [..192.168.1.199][42759] -> [...31.220.27.69][...80] [STUN.AdultContent][Unknown][AdultContent][Acceptable] diff --git a/test/results/flow-info/default/afp.pcap.out b/test/results/flow-info/default/afp.pcap.out index e44670927..9a9a21eb0 100644 --- a/test/results/flow-info/default/afp.pcap.out +++ b/test/results/flow-info/default/afp.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..tcp] [..192.168.27.57][64987] -> [.192.168.27.139][..548] [AFP][Unknown][DataTransfer][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.27.57][64987] -> [.192.168.27.139][..548] [AFP][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/agora-sd-rtn.pcap.out b/test/results/flow-info/default/agora-sd-rtn.pcap.out index 18e8c1a88..c28ec878e 100644 --- a/test/results/flow-info/default/agora-sd-rtn.pcap.out +++ b/test/results/flow-info/default/agora-sd-rtn.pcap.out @@ -14,9 +14,7 @@ detected: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Unknown][Media][Acceptable][104-166-161-19.edge.agora.io] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] detected: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Unknown][Media][Acceptable][128-1-77-66.edge.agora.io] RISK: Unidirectional Traffic @@ -27,32 +25,20 @@ detected: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable][23-248-186-179.edge.agora.io] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] detected: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable][23-248-186-180.edge.agora.io] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][35778] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][35778] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] new: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] @@ -65,17 +51,11 @@ detected: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable][104-166-161-75.edge.agora.io] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.19][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][44131] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][44131] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][44131] -> [....128.1.77.66][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][46798] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] detected: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable][104-166-161-75.edge.agora.io] RISK: Unidirectional Traffic @@ -86,25 +66,16 @@ detected: [....14] [ip4][..udp] [..192.168.2.100][55322] -> [.193.118.52.182][.8130] [SD-RTN][Unknown][Media][Acceptable][193-118-52-182.edge.agora.io] RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 210 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15] idle: [....10] [ip4][..udp] [..192.168.2.100][47453] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.233.218][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..192.168.2.100][40393] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.2.100][40393] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..192.168.2.100][55322] -> [.193.118.52.182][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] detected: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable][128-1-193-223.edge.agora.io] RISK: Unidirectional Traffic @@ -112,23 +83,17 @@ detected: [....16] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable][23-248-186-180.edge.agora.io] RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] detected: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Unknown][Media][Acceptable][128-1-193-224.edge.agora.io] RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] detected: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable][23-248-186-179.edge.agora.io] RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..192.168.2.100][55322] -> [.104.166.161.75][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 285 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 19] new: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] @@ -138,9 +103,7 @@ detected: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Unknown][Media][Acceptable][202-226-25-166.edge.agora.io] RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [..192.168.2.100][55322] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [..192.168.2.100][55322] -> [..128.1.193.224][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] detected: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Unknown][Media][Acceptable][103-104-168-244.edge.agora.io] RISK: Unidirectional Traffic @@ -157,32 +120,20 @@ detected: [....25] [ip4][..udp] [..192.168.2.100][55094] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable][128-1-193-223.edge.agora.io] RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic new: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] detected: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable][23-248-186-180.edge.agora.io] RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 400 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 8 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 23] idle: [....25] [ip4][..udp] [..192.168.2.100][55094] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..192.168.2.100][47805] -> [.199.190.44.135][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.180][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [..192.168.2.100][47805] -> [.23.248.186.179][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..192.168.2.100][47805] -> [103.104.168.244][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.224][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..192.168.2.100][47805] -> [..128.1.193.223][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [..192.168.2.100][47805] -> [.202.226.25.166][.8130] [SD-RTN][Unknown][Media][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ah.pcapng.out b/test/results/flow-info/default/ah.pcapng.out index 24662408f..9d4f781c9 100644 --- a/test/results/flow-info/default/ah.pcapng.out +++ b/test/results/flow-info/default/ah.pcapng.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][...51] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][...51] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/alexa-app.pcapng.out b/test/results/flow-info/default/alexa-app.pcapng.out index f58d692d0..ce5135375 100644 --- a/test/results/flow-info/default/alexa-app.pcapng.out +++ b/test/results/flow-info/default/alexa-app.pcapng.out @@ -136,7 +136,7 @@ detection-update: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] detection-update: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][www.amazon.com] - analyse: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] + analyse: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.091| 0.022| 0.031| 964.249| 3.600] [PKTLEN......: 52.000| 1500.000| 580.300| 637.000| 405792.100| 4.100] @@ -198,7 +198,9 @@ RISK: Weak TLS Cipher detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] - analyse: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] + detection-update: [....45] [ip4][..tcp] [..172.16.42.216][49589] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] + RISK: Error Code + analyse: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.836| 0.167| 0.244| 59552.047| 3.700] [PKTLEN......: 40.000| 1500.000| 387.000| 534.600| 285800.000| 3.900] @@ -257,7 +259,6 @@ detected: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] detection-update: [....60] [ip4][..tcp] [..172.16.42.216][34041] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] @@ -292,7 +293,7 @@ [IATS(ms)....: 52.9,67.2,1.0,63.2,9.6,59.8,0.3,20.9,0.5,0.2,0.2,1.1,0.2,97.5,0.1,7.3,15.9,484.6,0.2,0.2,116.0,306.3,538.3,1116.6,2896.8,0.3,0.2,0.1,0.1,583.2,913.8] [PKTLENS.....: 60,60,52,569,52,208,52,103,1500,1500,125,1500,1500,1481,52,52,52,52,1500,1500,1209,1209,1500,1500,1500,52,64,64,64,64,52,52] [ENTROPIES...: 4.7,5.3,5.0,6.1,5.0,6.6,5.1,5.6,7.9,7.9,6.4,7.9,7.9,7.9,5.0,5.0,5.0,4.9,7.9,7.9,7.8,7.8,7.9,7.9,7.9,4.9,5.0,5.1,5.1,5.1,5.1,5.0] - analyse: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] + analyse: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.486| 0.102| 0.138| 19130.661| 3.700] [PKTLEN......: 40.000| 1500.000| 686.300| 682.000| 465082.800| 4.200] @@ -342,7 +343,6 @@ update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] @@ -418,6 +418,8 @@ RISK: Weak TLS Cipher detection-update: [....91] [ip4][..tcp] [..172.16.42.216][45714] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][pitangui.amazon.com] RISK: Weak TLS Cipher + detection-update: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable][alexa.amazon.com] + RISK: Error Code new: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] detected: [....94] [ip4][..tcp] [..172.16.42.216][34069] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable][mobileanalytics.us-east-1.amazonaws.com] new: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] @@ -462,7 +464,6 @@ ERROR-EVENT: Unknown packet type [1/16] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] update: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] @@ -527,7 +528,7 @@ [IATS(ms)....: 992.4,1100.5,1.1,243.6,0.8,17.2,3008.6,6019.8,9247.0,0.1,67.2,0.3,0.3,66.7,669.5,0.3,275.2,528.0,1079.9,2835.2,350.0,114.6,72.1,219.3,5051.1,0.3,5193.9,65.0,174.2,2275.4,2411.2] [PKTLENS.....: 60,60,48,48,40,40,279,279,279,125,93,40,40,99,46,1500,1118,1500,1500,1500,46,1118,46,941,40,1500,222,46,845,40,40,46] [ENTROPIES...: 4.7,4.7,5.2,5.1,4.9,4.9,5.8,5.8,5.8,6.0,5.9,4.7,4.8,6.0,4.6,7.9,7.8,7.9,7.9,7.9,4.6,7.8,4.6,7.8,4.7,7.9,6.9,4.7,7.7,4.9,4.9,4.5] - analyse: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] + analyse: [....99] [ip4][..tcp] [..172.16.42.216][44001] -> [..176.32.101.52][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 19.096| 0.770| 3.358| 11273140.961| 1.400] [PKTLEN......: 40.000| 1500.000| 267.500| 412.900| 170449.200| 3.900] @@ -577,7 +578,6 @@ update: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [..172.16.42.216][.3440] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] @@ -650,7 +650,6 @@ [ENTROPIES...: 4.7,5.3,4.8,6.0,5.0,7.1,7.7,7.6,7.6,7.7,7.7,7.7,7.5,7.5,5.1,5.0,5.1,5.1,5.1,5.1,5.1,5.1,5.2,6.0,7.1,7.8,5.1,7.8,7.8,7.8,7.8,5.0] update: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] update: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] update: [....40] [ip4][..udp] [..172.16.42.216][43350] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] @@ -685,7 +684,7 @@ RISK: Weak TLS Cipher idle: [.....2] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffd3:fbc2] [ICMPV6][Unknown][Network][Acceptable] - analyse: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] + analyse: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 120.003| 3.968| 21.185| 448816230.695| 0.300] [PKTLEN......: 52.000| 1500.000| 436.500| 570.000| 324877.800| 3.900] @@ -703,10 +702,9 @@ RISK: Weak TLS Cipher end: [....22] [ip4][..tcp] [..172.16.42.216][49572] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] idle: [....14] [ip4][.icmp] [....172.16.42.1] -> [..172.16.42.216] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....5] [ip6][icmp6] [..............fe80::7af8:82ff:fed3:fbc2] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - end: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] + end: [....25] [ip4][..tcp] [..172.16.42.216][38363] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] update: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] update: [...108] [ip4][..udp] [..172.16.42.216][20922] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] new: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] @@ -747,15 +745,15 @@ end: [....53] [ip4][..tcp] [..172.16.42.216][45683] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....37] [ip4][..tcp] [..172.16.42.216][54411] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] - end: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] + end: [....38] [ip4][..tcp] [..172.16.42.216][54412] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] guessed: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] [TLS][AmazonAWS][Web][Safe] end: [....39] [ip4][..tcp] [..172.16.42.216][54413] -> [..52.85.209.216][..443] end: [....54] [ip4][..tcp] [..172.16.42.216][54427] -> [..52.85.209.216][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] - end: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] + end: [....41] [ip4][..tcp] [..172.16.42.216][42129] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....42] [ip4][..tcp] [..172.16.42.216][42130] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....55] [ip4][..tcp] [..172.16.42.216][42143] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] end: [....56] [ip4][..tcp] [..172.16.42.216][42144] -> [..72.21.206.135][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] - end: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] + end: [....36] [ip4][..tcp] [..172.16.42.216][34019] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....51] [ip4][..tcp] [..172.16.42.216][34033] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....52] [ip4][..tcp] [..172.16.42.216][34034] -> [..54.239.24.186][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [....32] [ip4][..tcp] [..172.16.42.216][38391] -> [...192.168.11.1][.8080] [HTTP_Proxy][Unknown][Web][Acceptable][] @@ -766,7 +764,6 @@ update: [.....9] [ip4][..udp] [..172.16.42.216][53188] -> [....172.16.42.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] update: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [.....7] [ip4][..udp] [..172.16.42.216][55619] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] @@ -814,7 +811,7 @@ RISK: Unidirectional Traffic detection-update: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable][alexa.amazon.com] new: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] - analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] + analyse: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 8.001| 0.664| 1.905| 3629965.115| 2.500] [PKTLEN......: 40.000| 1500.000| 424.700| 584.700| 341856.600| 3.800] @@ -849,7 +846,7 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe][android.clients.google.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] + analyse: [...149] [ip4][..tcp] [..172.16.42.216][41828] -> [..52.85.209.143][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.106| 0.022| 0.031| 964.869| 3.600] [PKTLEN......: 52.000| 1500.000| 525.800| 600.400| 360465.600| 4.100] @@ -884,7 +881,8 @@ end: [....66] [ip4][..tcp] [..172.16.42.216][49606] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] end: [....67] [ip4][..tcp] [..172.16.42.216][45693] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher - end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] + end: [....68] [ip4][..tcp] [..172.16.42.216][45694] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher end: [....70] [ip4][..tcp] [..172.16.42.216][45695] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [....71] [ip4][..tcp] [..172.16.42.216][45696] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] @@ -926,7 +924,7 @@ new: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] detected: [...158] [ip4][..udp] [..172.16.42.216][.2707] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable][fls-na.amazon.com] RISK: Unidirectional Traffic - analyse: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] + analyse: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.264| 0.057| 0.086| 7393.244| 3.600] [PKTLEN......: 52.000| 1500.000| 532.200| 595.200| 354289.100| 4.100] @@ -941,7 +939,7 @@ new: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] detected: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] new: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] - analyse: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] + analyse: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.471| 0.614| 1.478| 2183643.136| 2.800] [PKTLEN......: 40.000| 1500.000| 526.200| 637.500| 406420.100| 3.900] @@ -958,13 +956,16 @@ detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] detection-update: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable][fls-na.amazon.com] idle: [....27] [ip4][..udp] [..172.16.42.216][54886] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] - idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] - idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] + idle: [...139] [ip4][..tcp] [..172.16.42.216][50796] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher + idle: [...140] [ip4][..tcp] [..172.16.42.216][50797] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher guessed: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] [TLS][AmazonAWS][Web][Safe] end: [...141] [ip4][..tcp] [..172.16.42.216][50798] -> [..54.239.28.178][..443] end: [...142] [ip4][..tcp] [..172.16.42.216][50799] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher - idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] + idle: [...143] [ip4][..tcp] [..172.16.42.216][50800] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher end: [...119] [ip4][..tcp] [..172.16.42.216][51985] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable] end: [...120] [ip4][..tcp] [..172.16.42.216][51986] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable] end: [...121] [ip4][..tcp] [..172.16.42.216][51987] -> [....52.84.63.56][...80] [HTTP.Amazon][AmazonAWS][Web][Acceptable] @@ -980,13 +981,15 @@ idle: [.....3] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....58] [ip4][....2] [........0.0.0.0] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] end: [....76] [ip4][..tcp] [..172.16.42.216][49613] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] - idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] + idle: [...147] [ip4][..tcp] [..172.16.42.216][38757] -> [..54.239.28.178][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher guessed: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] [HTTP][AmazonAWS][Web][Acceptable][] end: [....90] [ip4][..tcp] [..172.16.42.216][49627] -> [..52.94.232.134][...80] end: [...145] [ip4][..tcp] [..172.16.42.216][44912] -> [...54.239.23.94][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] end: [....93] [ip4][..tcp] [..172.16.42.216][49630] -> [..52.94.232.134][...80] [HTTP.AmazonAlexa][AmazonAWS][VirtAssistant][Acceptable] RISK: Error Code - end: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] + end: [...104] [ip4][..tcp] [..172.16.42.216][40853] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher end: [...105] [ip4][..tcp] [..172.16.42.216][40854] -> [..54.239.29.253][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher guessed: [...106] [ip4][..tcp] [..172.16.42.216][40855] -> [..54.239.29.253][..443] [TLS][AmazonAWS][Web][Safe] @@ -1003,15 +1006,15 @@ idle: [...114] [ip4][..udp] [..172.16.42.216][28614] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Unknown][Network][Acceptable] end: [....75] [ip4][..tcp] [..172.16.42.216][37113] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher - idle: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] - idle: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] - end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] + idle: [...159] [ip4][..tcp] [..172.16.42.216][47605] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...160] [ip4][..tcp] [..172.16.42.216][47606] -> [..72.21.206.121][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + end: [....73] [ip4][..tcp] [..172.16.42.216][59698] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn idle: [....21] [ip4][..udp] [..172.16.42.216][41030] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [....172.16.42.1][...67] -> [..172.16.42.216][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [..172.16.42.216][14476] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] - idle: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] - idle: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] + idle: [...153] [ip4][..tcp] [..172.16.42.216][41912] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + idle: [...154] [ip4][..tcp] [..172.16.42.216][41913] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] idle: [...155] [ip4][..tcp] [..172.16.42.216][41914] -> [...52.84.62.115][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] idle: [...138] [ip4][..udp] [..172.16.42.216][.4312] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] idle: [....12] [ip4][..udp] [..172.16.42.216][10462] -> [....172.16.42.1][...53] [DNS.Google][Unknown][Network][Acceptable] @@ -1048,7 +1051,8 @@ RISK: Weak TLS Cipher end: [...113] [ip4][..tcp] [..172.16.42.216][45732] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher - idle: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] + idle: [....20] [ip4][..tcp] [..172.16.42.216][53682] -> [..54.239.22.185][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS end: [...133] [ip4][..tcp] [..172.16.42.216][45750] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: Weak TLS Cipher end: [...134] [ip4][..tcp] [..172.16.42.216][45751] -> [..52.94.232.134][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] @@ -1060,7 +1064,8 @@ idle: [....69] [ip4][..udp] [..172.16.42.216][25081] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] idle: [...152] [ip4][..udp] [..172.16.42.216][.4612] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] idle: [...146] [ip4][..udp] [..172.16.42.216][59908] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] - end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] + end: [....18] [ip4][..tcp] [..172.16.42.216][33556] -> [....52.94.232.0][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS end: [...136] [ip4][..tcp] [..172.16.42.216][39750] -> [..52.94.232.134][..443] [TLS][AmazonAWS][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [...135] [ip4][..udp] [..172.16.42.216][64073] -> [....172.16.42.1][...53] [DNS.AmazonAlexa][Unknown][Network][Acceptable] @@ -1075,11 +1080,12 @@ end: [....65] [ip4][..tcp] [..172.16.42.216][41691] -> [..54.239.29.146][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [...118] [ip4][..udp] [..172.16.42.216][.4920] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] - idle: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] - end: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] + idle: [...151] [ip4][..tcp] [..172.16.42.216][49067] -> [..216.58.194.78][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe] + RISK: TLS (probably) Not Carrying HTTPS + end: [....96] [ip4][..tcp] [..172.16.42.216][41820] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] guessed: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] [TLS][AmazonAWS][Web][Safe] end: [....97] [ip4][..tcp] [..172.16.42.216][41821] -> [...54.231.72.88][..443] - end: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] + end: [...102] [ip4][..tcp] [..172.16.42.216][41825] -> [...54.231.72.88][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [....35] [ip4][..udp] [..172.16.42.216][52077] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] idle: [....95] [ip4][..udp] [..172.16.42.216][35726] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Unknown][Network][Acceptable] idle: [....34] [ip4][..udp] [..172.16.42.216][21391] -> [....172.16.42.1][...53] [DNS.AmazonAWS][Unknown][Network][Acceptable] @@ -1120,6 +1126,6 @@ end: [....16] [ip4][..tcp] [..172.16.42.216][55242] -> [..52.85.209.197][..443] [TLS.Amazon][AmazonAWS][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [...150] [ip4][..udp] [..172.16.42.216][40425] -> [....172.16.42.1][...53] [DNS.PlayStore][Unknown][Network][Safe] - end: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] + end: [....77] [ip4][..tcp] [..172.16.42.216][38404] -> [..34.199.52.240][..443] [TLS.AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [....17] [ip4][..udp] [..172.16.42.216][19967] -> [....172.16.42.1][...53] [DNS.Amazon][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/among_us.pcap.out b/test/results/flow-info/default/among_us.pcap.out index cf0a1a5d6..ea9ca8b22 100644 --- a/test/results/flow-info/default/among_us.pcap.out +++ b/test/results/flow-info/default/among_us.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.......10.0.0.1][64260] -> [172.105.251.170][22023] [AmongUs][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.0.0.1][64260] -> [172.105.251.170][22023] [AmongUs][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/amqp.pcap.out b/test/results/flow-info/default/amqp.pcap.out index 5f03e65ce..60ee43a70 100644 --- a/test/results/flow-info/default/amqp.pcap.out +++ b/test/results/flow-info/default/amqp.pcap.out @@ -21,7 +21,5 @@ [ENTROPIES...: 4.9,4.6,5.1,4.6,5.4,4.6,4.9,4.6,5.2,4.6,5.4,4.6,4.9,4.6,5.1,4.5,5.4,4.6,4.9,4.6,5.1,4.6,5.5,4.5,4.8,4.5,5.1,4.6,5.5,4.6,4.9,4.6] idle: [.....2] [ip4][..tcp] [......127.0.1.1][.5672] -> [......127.0.0.1][44204] [AMQP][Unknown][RPC][Acceptable] idle: [.....1] [ip4][..tcp] [......127.0.0.1][44205] -> [......127.0.1.1][.5672] [AMQP][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [......127.0.0.1][44206] -> [......127.0.1.1][.5672] [AMQP][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/android.pcap.out b/test/results/flow-info/default/android.pcap.out index feaed873b..aab01d04d 100644 --- a/test/results/flow-info/default/android.pcap.out +++ b/test/results/flow-info/default/android.pcap.out @@ -227,39 +227,42 @@ idle: [.....4] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....18] [ip4][..udp] [...192.168.2.16][52953] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] end: [.....5] [ip4][..tcp] [..17.248.185.10][..443] -> [...192.168.2.17][50702] [TLS][Apple][Web][Safe] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [...192.168.2.16][34540] -> [....192.168.2.1][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....33] [ip4][..udp] [...192.168.2.16][36613] -> [....192.168.2.1][...53] [DNS.PlayStore][Unknown][Network][Safe] - idle: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] + idle: [....31] [ip4][..tcp] [...192.168.2.16][50384] -> [172.217.168.206][..443] [TLS.Google][Google][Web][Acceptable] idle: [....11] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] - idle: [....51] [ip4][..tcp] [...192.168.2.16][52514] -> [..172.217.20.74][..443] - idle: [.....8] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] - idle: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] + idle: [....25] [ip4][..tcp] [...192.168.2.16][52486] -> [..172.217.20.74][..443] [TLS.GoogleServices][Google][Web][Acceptable] + idle: [....51] [ip4][..tcp] [...192.168.2.16][52514] -> [..172.217.20.74][..443] [TLS.GoogleServices][Google][Web][Acceptable] + idle: [.....8] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] + idle: [....61] [ip4][..tcp] [...192.168.2.16][44374] -> [..172.217.22.10][..443] [TLS.GoogleServices][Google][Web][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [....54] [ip4][..udp] [...192.168.2.16][18379] -> [....192.168.2.1][...53] [DNS.DataSaver][Unknown][Network][Fun] idle: [....26] [ip4][..udp] [...192.168.2.16][47081] -> [....192.168.2.1][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....57] [ip4][..udp] [...192.168.2.16][32832] -> [....192.168.2.1][...53] [DNS.Google][Unknown][Network][Acceptable] end: [....19] [ip4][..tcp] [...192.168.2.16][58338] -> [..17.253.53.201][...80] [HTTP.Apple][Apple][ConnCheck][Safe] idle: [....14] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.16][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [...192.168.2.16][39008] -> [....192.168.2.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] idle: [.....6] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....10] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....15] [ip6][..udp] [..............fe80::4e6a:f6ff:fe9f:f627][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [....29] [ip4][..udp] [...192.168.2.16][51430] -> [....192.168.2.1][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....46] [ip4][..udp] [...192.168.2.16][22850] -> [....192.168.2.1][...53] [DNS.DataSaver][Unknown][Network][Fun] - end: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] - idle: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] - idle: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] - idle: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] + end: [....23] [ip4][..tcp] [...192.168.2.16][32974] -> [.216.239.38.120][..443] [TLS.Google][Google][Web][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....34] [ip4][..tcp] [...192.168.2.16][32986] -> [.216.239.38.120][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....37] [ip4][..tcp] [...192.168.2.16][32988] -> [.216.239.38.120][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....38] [ip4][..tcp] [...192.168.2.16][32990] -> [.216.239.38.120][..443] [TLS.PlayStore][Google][SoftwareUpdate][Safe] + RISK: TLS (probably) Not Carrying HTTPS idle: [....13] [ip6][icmp6] [.....................................::] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [....12] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff9f:f627] [ICMPV6][Unknown][Network][Acceptable] idle: [....42] [ip4][..tcp] [...192.168.2.16][32996] -> [.216.239.38.120][..443] [TLS.Google][Google][Web][Acceptable] - end: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] + end: [....44] [ip4][..tcp] [...192.168.2.16][32998] -> [.216.239.38.120][..443] [TLS.Google][Google][Web][Acceptable] idle: [....49] [ip4][..tcp] [...192.168.2.16][33002] -> [.216.239.38.120][..443] [TLS.Google][Google][Web][Acceptable] - idle: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] + idle: [....59] [ip4][..tcp] [...192.168.2.16][33014] -> [.216.239.38.120][..443] [TLS.Google][Google][Web][Acceptable] idle: [....56] [ip4][..udp] [...192.168.2.16][10677] -> [....192.168.2.1][...53] [DNS.DataSaver][Unknown][Network][Fun] - idle: [.....9] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] + idle: [.....9] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....50] [ip4][..udp] [...192.168.2.16][33240] -> [....192.168.2.1][...53] [DNS.DataSaver][Unknown][Network][Fun] end: [....39] [ip4][..tcp] [...192.168.2.16][36834] -> [.173.194.79.114][...80] [HTTP.DataSaver][Google][Web][Fun] idle: [....52] [ip4][..tcp] [...192.168.2.16][36848] -> [.173.194.79.114][...80] [HTTP.DataSaver][Google][Web][Fun] @@ -267,21 +270,21 @@ idle: [....53] [ip4][..tcp] [...192.168.2.16][36850] -> [.173.194.79.114][...80] idle: [.....7] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [....27] [ip4][..tcp] [...192.168.2.16][36888] -> [...172.217.18.3][..443] [TLS.Google][Google][ConnCheck][Acceptable] - idle: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] + idle: [....28] [ip4][..tcp] [...192.168.2.16][36890] -> [...172.217.18.3][..443] [TLS.Google][Google][ConnCheck][Acceptable] idle: [....21] [ip4][..udp] [...192.168.2.16][45863] -> [...216.239.35.8][..123] [NTP][Google][System][Acceptable] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [...192.168.2.16][39760] -> [....192.168.2.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] idle: [....45] [ip4][..udp] [...192.168.2.16][35689] -> [....192.168.2.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] idle: [....20] [ip4][..udp] [...192.168.2.16][35825] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....62] [ip4][..udp] [...192.168.2.16][56312] -> [....192.168.2.1][...53] [DNS.DataSaver][Unknown][Network][Fun] - idle: [.....1] [ip4][..tcp] [...95.101.24.53][..443] -> [...192.168.2.17][50677] + idle: [.....1] [ip4][..tcp] [...95.101.24.53][..443] -> [...192.168.2.17][50677] [TLS][Unknown][Web][Safe] + RISK: Unidirectional Traffic guessed: [....32] [ip4][..tcp] [...192.168.2.16][49510] -> [.216.239.38.120][.5228] [Google][Google][Web][Acceptable] RISK: Unidirectional Traffic idle: [....32] [ip4][..tcp] [...192.168.2.16][49510] -> [.216.239.38.120][.5228] idle: [....17] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] idle: [....16] [ip6][icmp6] [..............fe80::4e6a:f6ff:fe9f:f627] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] - end: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] - end: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] + end: [....47] [ip4][..tcp] [...192.168.2.16][43634] -> [..172.217.20.76][..443] [TLS.DataSaver][Google][Web][Fun] + end: [....58] [ip4][..tcp] [...192.168.2.16][43646] -> [..172.217.20.76][..443] [TLS.DataSaver][Google][Web][Fun] guessed: [....63] [ip4][..tcp] [...192.168.2.16][43652] -> [..172.217.20.76][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic idle: [....63] [ip4][..tcp] [...192.168.2.16][43652] -> [..172.217.20.76][..443] diff --git a/test/results/flow-info/default/anyconnect-vpn.pcap.out b/test/results/flow-info/default/anyconnect-vpn.pcap.out index 5c44ce98e..8f80551e1 100644 --- a/test/results/flow-info/default/anyconnect-vpn.pcap.out +++ b/test/results/flow-info/default/anyconnect-vpn.pcap.out @@ -6,6 +6,8 @@ new: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port new: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] detected: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] @@ -41,6 +43,8 @@ new: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [MIDSTREAM] detected: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe] + detection-update: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe] new: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] detected: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe][] RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch @@ -48,7 +52,7 @@ RISK: Weak TLS Cipher, Missing SNI TLS Extn, ALPN/SNI Mismatch detection-update: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe][] RISK: Weak TLS Cipher, Missing SNI TLS Extn, ALPN/SNI Mismatch - analyse: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] + analyse: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.072| 0.021| 0.022| 465.190| 4.000] [PKTLEN......: 52.000| 1500.000| 490.700| 597.200| 356597.600| 4.000] @@ -98,6 +102,7 @@ new: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [MIDSTREAM] detected: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [TLS][GoogleCloud][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [TLS][GoogleCloud][Web][Safe] new: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] detected: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Unknown][Web][Safe][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn @@ -153,7 +158,7 @@ RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe][] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - analyse: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] + analyse: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.138| 0.023| 0.032| 1035.918| 3.600] [PKTLEN......: 52.000| 1500.000| 517.300| 619.300| 383541.000| 4.000] @@ -180,6 +185,7 @@ new: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [MIDSTREAM] detected: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS][AmazonAWS][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS][AmazonAWS][Web][Safe] new: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [MIDSTREAM] new: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] detected: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe][www.apple.com] @@ -231,6 +237,8 @@ RISK: Unidirectional Traffic detection-update: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) + detection-update: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Unknown][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) new: [....60] [ip4][..udp] [.....10.0.0.227][52595] -> [.......10.0.0.1][..192] new: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] detected: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable][] @@ -254,7 +262,6 @@ detected: [....67] [ip4][..udp] [.....10.0.0.227][..137] -> [.....10.0.0.255][..137] [NetBIOS][Unknown][System][Acceptable][lp-rkerur-osx] update: [.....5] [ip6][icmp6] [..............fe80::2e7e:81ff:feb0:4aa1] -> [................................ff02::1] [ICMPV6][Unknown][Network][Acceptable] update: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] detected: [....68] [ip4][..udp] [.....10.0.0.149][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlezone._tcp.local] @@ -269,7 +276,6 @@ guessed: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....1] [ip4][..tcp] [.....10.0.0.227][56885] -> [...184.25.56.53][...80] idle: [....61] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..tcp] [.....10.0.0.227][56917] -> [...184.25.56.77][...80] [HTTP][Unknown][ConnCheck][Acceptable] idle: [....69] [ip4][.icmp] [.......10.0.0.1] -> [......224.0.0.1] [ICMP][Unknown][Network][Acceptable] idle: [....21] [ip4][....2] [.....10.0.0.213] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] @@ -277,20 +283,19 @@ idle: [.....6] [ip4][....2] [.....10.0.0.149] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] idle: [.....4] [ip4][....2] [.......10.0.0.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] idle: [....67] [ip4][..udp] [.....10.0.0.227][..137] -> [.....10.0.0.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] - idle: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] + idle: [....29] [ip4][..tcp] [.....10.0.0.227][56910] -> [...35.201.124.9][..443] [TLS][GoogleCloud][Web][Safe] + idle: [....31] [ip4][..udp] [.....10.0.0.227][64972] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] + RISK: Error Code idle: [....66] [ip4][..udp] [.....10.0.0.149][51382] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [.....10.0.0.227][54851] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [....22] [ip4][..udp] [.....10.0.0.227][.5353] -> [.....10.0.0.213][.5353] [MDNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [.....10.0.0.227][63107] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [....34] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [.....9] [ip4][..udp] [.....10.0.0.227][52879] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable] - idle: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] + idle: [....43] [ip4][..tcp] [.....10.0.0.227][56879] -> [..52.10.115.210][..443] [TLS][AmazonAWS][Web][Safe] idle: [....58] [ip4][..udp] [.....10.0.0.227][54107] -> [....8.37.102.91][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) idle: [....36] [ip4][..udp] [.....10.0.0.227][57017] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] @@ -306,34 +311,32 @@ idle: [....33] [ip4][..udp] [.....10.0.0.227][57261] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [....17] [ip4][.icmp] [.....10.0.0.227] -> [....75.75.76.76] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [.....10.0.0.227][56320] -> [.....10.0.0.149][.8009] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port idle: [....10] [ip4][..udp] [.....10.0.0.227][61387] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] idle: [....64] [ip4][..udp] [.....10.0.0.149][49816] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic end: [....44] [ip4][..tcp] [.....10.0.0.227][56886] -> [..17.57.144.116][.5223] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port idle: [....30] [ip4][..tcp] [.....10.0.0.227][56921] -> [....8.37.96.194][.4287] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port, Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, TLS Cert About To Expire idle: [....23] [ip6][icmp6] [...............fe80::408:3e45:3abc:1552] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] - idle: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] + idle: [....32] [ip4][..udp] [.....10.0.0.227][61613] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] + RISK: Error Code idle: [....47] [ip4][..udp] [.....10.0.0.227][59582] -> [....75.75.75.75][...53] [DNS.ApplePush][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [.....10.0.0.149][50081] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic guessed: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] [TLS][Unknown][Web][Safe] end: [....51] [ip4][..tcp] [.....10.0.0.227][56871] -> [...8.37.103.196][..443] idle: [....65] [ip4][..udp] [.....10.0.0.149][48166] -> [.....10.0.0.227][57547] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic - end: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] + end: [....12] [ip4][..tcp] [.....10.0.0.227][56918] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe] + RISK: Weak TLS Cipher, Missing SNI TLS Extn, ALPN/SNI Mismatch end: [....15] [ip4][..tcp] [.....10.0.0.227][56919] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe] RISK: Weak TLS Cipher, Missing SNI TLS Extn, ALPN/SNI Mismatch idle: [....38] [ip4][..tcp] [.....10.0.0.227][56929] -> [....8.37.102.91][..443] [TLS][Unknown][Web][Safe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn guessed: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] [TLS][Google][Web][Safe] end: [....53] [ip4][..tcp] [.....10.0.0.227][56874] -> [.74.125.197.188][..443] - idle: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] - idle: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] + idle: [....14] [ip4][..tcp] [.....10.0.0.227][56914] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe] + idle: [....13] [ip4][..tcp] [.....10.0.0.227][56915] -> [..52.37.243.173][..443] [TLS][AmazonAWS][Web][Safe] guessed: [....39] [ip4][..tcp] [.....10.0.0.227][56865] -> [.....10.0.0.149][.8008] [CiscoVPN][Unknown][VPN][Acceptable] end: [....39] [ip4][..tcp] [.....10.0.0.227][56865] -> [.....10.0.0.149][.8008] guessed: [.....2] [ip4][..tcp] [.....10.0.0.227][56916] -> [.....10.0.0.151][.8009] [AJP][Unknown][Web][Acceptable] @@ -355,7 +358,6 @@ idle: [....52] [ip4][..udp] [.....10.0.0.227][58074] -> [....75.75.75.75][...53] [DNS.Outlook][Unknown][Network][Acceptable] end: [....28] [ip4][..tcp] [.....10.0.0.227][56920] -> [...99.86.34.156][..443] [TLS.Slack][AmazonAWS][Collaborative][Acceptable] idle: [....55] [ip4][..udp] [.....10.0.0.149][38616] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic guessed: [....37] [ip4][..tcp] [.....10.0.0.227][56881] -> [.162.222.43.153][..443] [TLS][Unknown][Web][Safe] idle: [....37] [ip4][..tcp] [.....10.0.0.227][56881] -> [.162.222.43.153][..443] idle: [....49] [ip4][..udp] [.....10.0.0.227][51990] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] @@ -363,7 +365,6 @@ idle: [....54] [ip4][..udp] [.....10.0.0.227][61328] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....11] [ip4][..udp] [.....10.0.0.227][62322] -> [....75.75.76.76][...53] [DNS][Unknown][Network][Acceptable] idle: [....56] [ip4][..udp] [.....10.0.0.151][.1900] -> [.....10.0.0.227][61328] [SSDP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [.....10.0.0.227][60341] -> [....75.75.75.75][...53] [DNS.Apple][Unknown][Network][Safe] idle: [....42] [ip4][..udp] [.....10.0.0.227][62427] -> [....75.75.75.75][...53] [DNS][Unknown][Network][Acceptable] idle: [.....8] [ip4][....2] [.....10.0.0.149] -> [239.255.255.250] [IGMP][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/anydesk.pcapng.out b/test/results/flow-info/default/anydesk.pcapng.out index f131d8062..95a39e005 100644 --- a/test/results/flow-info/default/anydesk.pcapng.out +++ b/test/results/flow-info/default/anydesk.pcapng.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS][AnyDesk][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [192.168.149.129][36351] -> [..51.83.239.144][...80] [TLS][AnyDesk][Web][Safe] + RISK: Known Proto on Non Std Port new: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] detected: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS][AnyDesk][Web][Safe][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn @@ -11,7 +13,7 @@ RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing - analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] + analyse: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.603| 0.177| 0.394| 155451.113| 2.800] [PKTLEN......: 40.000| 1500.000| 392.700| 555.200| 308238.000| 3.800] @@ -24,7 +26,7 @@ detection-update: [.....2] [ip4][..tcp] [192.168.149.129][43535] -> [..51.83.238.219][...80] [TLS.AnyDesk][AnyDesk][RemoteAccess][Acceptable][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing DAEMON-EVENT: [Processed: 61 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 0] new: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] detected: [.....3] [ip4][..udp] [..192.168.1.187][59511] -> [....192.168.1.1][...53] [DNS.AnyDesk][Unknown][Network][Acceptable][relay-3185a847.net.anydesk.com] RISK: Unidirectional Traffic @@ -58,7 +60,7 @@ [PKTLENS.....: 52,52,40,285,46,46,1500,183,40,1326,46,954,80,40,87,46,75,74,46,74,40,3966,46,46,46,79,46,141,40,99,46,116] [ENTROPIES...: 4.5,4.7,4.7,5.4,4.2,4.3,7.7,6.2,4.7,7.7,4.3,7.8,5.6,4.6,5.7,4.2,5.5,5.6,4.3,5.6,4.7,8.0,4.2,4.3,4.2,5.7,4.3,6.5,4.6,6.0,4.3,6.2] DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 7|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 8|updates: 0] new: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] detected: [.....7] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable][] RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN @@ -76,7 +78,8 @@ [IATS(ms)....: 17.7,17.8,0.9,17.8,3.4,20.3,0.1,0.0,3.8,21.9,18.1,0.1,0.0,0.9,64.2,13.4,76.8,1.5,18.4,206.6,224.8,0.0,0.0,18.7,0.0,62.8,0.0,80.2,8427.9,8444.6,314.0] [PKTLENS.....: 60,60,52,341,52,1500,52,1132,52,1146,103,52,92,52,199,52,198,52,137,52,145,1500,1500,1273,52,52,92,90,52,137,52,145] [ENTROPIES...: 4.8,5.3,5.1,5.6,5.1,7.5,5.1,7.7,5.1,7.7,6.0,5.1,6.1,5.1,6.9,5.2,6.9,5.2,6.6,5.2,6.6,7.9,7.9,7.8,5.2,5.2,6.1,5.9,5.1,6.5,5.2,6.6] - end: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] + end: [.....6] [ip4][..tcp] [..192.168.1.178][52039] -> [..192.168.1.187][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable] + RISK: Known Proto on Non Std Port, Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing idle: [.....5] [ip4][..tcp] [..192.168.1.187][54164] -> [..192.168.1.178][.7070] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Desktop/File Sharing idle: [.....4] [ip4][..udp] [..192.168.1.187][55376] -> [....192.168.1.1][...53] [DNS.AnyDesk][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/avast_securedns.pcapng.out b/test/results/flow-info/default/avast_securedns.pcapng.out index 42496ba4a..f88f53f8d 100644 --- a/test/results/flow-info/default/avast_securedns.pcapng.out +++ b/test/results/flow-info/default/avast_securedns.pcapng.out @@ -13,7 +13,6 @@ detected: [.....3] [ip4][..udp] [..192.168.2.100][60835] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][57970] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] detected: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -26,11 +25,8 @@ detected: [.....6] [ip4][..udp] [..192.168.2.100][56765] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][61201] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][62775] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][60835] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 12 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..udp] [..192.168.2.100][50581] -> [.181.214.35.149][..443] @@ -40,9 +36,7 @@ detected: [.....8] [ip4][..udp] [..192.168.2.100][61107] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][56581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][56765] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..udp] [..192.168.2.100][64954] -> [.181.214.35.149][..443] @@ -52,9 +46,7 @@ detected: [....10] [ip4][..udp] [..192.168.2.100][59621] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][50581] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][61107] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 20 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....11] [ip4][..udp] [..192.168.2.100][52485] -> [.181.214.35.149][..443] @@ -64,18 +56,14 @@ detected: [....12] [ip4][..udp] [..192.168.2.100][54938] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..192.168.2.100][59621] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.2.100][64954] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 24 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] detected: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..192.168.2.100][52485] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..192.168.2.100][54938] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 26 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....14] [ip4][..udp] [..192.168.2.100][58155] -> [.181.214.35.149][..443] @@ -88,7 +76,6 @@ detected: [....16] [ip4][..udp] [..192.168.2.100][49704] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..192.168.2.100][56839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] detected: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -104,15 +91,10 @@ detected: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [..192.168.2.100][55311] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..192.168.2.100][49704] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..192.168.2.100][58155] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [..192.168.2.100][56111] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [..192.168.2.100][64487] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] detected: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -123,9 +105,7 @@ detected: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] detected: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -136,36 +116,23 @@ detected: [....26] [ip4][..udp] [..192.168.2.100][54546] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 52 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 8 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 7] new: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] detected: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [..192.168.2.100][51415] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..192.168.2.100][63776] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [..192.168.2.100][49737] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [..192.168.2.100][51887] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [..192.168.2.100][60127] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..192.168.2.100][50008] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..192.168.2.100][64494] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [..192.168.2.100][54546] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] detected: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -179,9 +146,7 @@ detected: [....31] [ip4][..udp] [..192.168.2.100][52417] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 5 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....32] [ip4][..udp] [..192.168.2.100][59474] -> [.181.214.35.149][..443] @@ -191,15 +156,10 @@ detected: [....33] [ip4][..udp] [..192.168.2.100][53839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [..192.168.2.100][59613] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [..192.168.2.100][51929] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [..192.168.2.100][64432] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [..192.168.2.100][52417] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [..192.168.2.100][65063] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 33|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....34] [ip4][..udp] [..192.168.2.100][55948] -> [.181.214.35.149][..443] @@ -209,9 +169,7 @@ detected: [....35] [ip4][..udp] [..192.168.2.100][51383] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [..192.168.2.100][59474] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [..192.168.2.100][53839] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic new: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] detected: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic @@ -227,15 +185,9 @@ detected: [....39] [ip4][..udp] [..192.168.2.100][49152] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [..192.168.2.100][49152] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [..192.168.2.100][51383] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [..192.168.2.100][55948] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [..192.168.2.100][64700] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [..192.168.2.100][54549] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [..192.168.2.100][54760] -> [.181.214.35.149][..443] [AVASTSecureDNS][Unknown][Network][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bacnet.pcap.out b/test/results/flow-info/default/bacnet.pcap.out index 4880c731c..5af96d383 100644 --- a/test/results/flow-info/default/bacnet.pcap.out +++ b/test/results/flow-info/default/bacnet.pcap.out @@ -8,7 +8,6 @@ detected: [.....2] [ip4][..udp] [.198.235.24.166][56883] -> [..90.147.69.222][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....65.49.20.98][53234] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [...64.62.197.26][36992] -> [..90.147.69.221][47808] detected: [.....3] [ip4][..udp] [...64.62.197.26][36992] -> [..90.147.69.221][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic @@ -16,59 +15,45 @@ detected: [.....4] [ip4][..udp] [..64.62.197.166][36664] -> [..90.147.69.213][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.198.235.24.166][56883] -> [..90.147.69.222][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 4 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....5] [ip4][..udp] [..198.235.24.39][54587] -> [..90.147.69.210][47808] detected: [.....5] [ip4][..udp] [..198.235.24.39][54587] -> [..90.147.69.210][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.198.235.24.166][56883] -> [..90.147.69.222][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..64.62.197.166][36664] -> [..90.147.69.213][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...64.62.197.26][36992] -> [..90.147.69.221][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....6] [ip4][..udp] [.167.94.138.111][27041] -> [..90.147.69.212][47808] detected: [.....6] [ip4][..udp] [.167.94.138.111][27041] -> [..90.147.69.212][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..198.235.24.39][54587] -> [..90.147.69.210][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....7] [ip4][..udp] [162.142.125.140][63852] -> [..90.147.69.217][47808] detected: [.....7] [ip4][..udp] [162.142.125.140][63852] -> [..90.147.69.217][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.167.94.138.111][27041] -> [..90.147.69.212][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....8] [ip4][..udp] [..198.235.24.45][51922] -> [..90.147.69.219][47808] detected: [.....8] [ip4][..udp] [..198.235.24.45][51922] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [162.142.125.140][63852] -> [..90.147.69.217][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [162.142.125.132][29782] -> [..90.147.69.219][47808] detected: [.....9] [ip4][..udp] [162.142.125.132][29782] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..198.235.24.45][51922] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 9 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] detected: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] [BACnet][Unknown][IoT-Scada][Safe] RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [162.142.125.132][29782] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..198.235.24.45][51922] -> [..90.147.69.219][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [204.172.177.255][47808] -> [204.172.177.159][47808] [BACnet][Unknown][IoT-Scada][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bets.pcapng.out b/test/results/flow-info/default/bets.pcapng.out index 4a7c2817c..0622a2f1b 100644 --- a/test/results/flow-info/default/bets.pcapng.out +++ b/test/results/flow-info/default/bets.pcapng.out @@ -4,7 +4,7 @@ new: [.....1] [ip4][..tcp] [...192.168.10.2][60099] -> [..13.224.103.22][..443] detected: [.....1] [ip4][..tcp] [...192.168.10.2][60099] -> [..13.224.103.22][..443] [TLS][AmazonAWS][Web][Safe][www.1084bets10.com] detection-update: [.....1] [ip4][..tcp] [...192.168.10.2][60099] -> [..13.224.103.22][..443] [TLS][AmazonAWS][Web][Safe][www.1084bets10.com] - analyse: [.....1] [ip4][..tcp] [...192.168.10.2][60099] -> [..13.224.103.22][..443] + analyse: [.....1] [ip4][..tcp] [...192.168.10.2][60099] -> [..13.224.103.22][..443] [TLS][AmazonAWS][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.047| 0.011| 0.018| 331.618| 3.200] [PKTLEN......: 52.000| 1420.000| 286.800| 477.200| 227739.300| 3.600] diff --git a/test/results/flow-info/default/bitcoin.pcap.out b/test/results/flow-info/default/bitcoin.pcap.out index 547ca0bd9..be7955a7c 100644 --- a/test/results/flow-info/default/bitcoin.pcap.out +++ b/test/results/flow-info/default/bitcoin.pcap.out @@ -66,15 +66,9 @@ DAEMON-EVENT: [Processed: 621 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] idle: [.....3] [ip4][..tcp] [..192.168.1.142][55348] -> [..74.89.181.229][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..tcp] [..192.168.1.142][55400] -> [.195.218.16.178][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [..192.168.1.142][55487] -> [.184.58.165.119][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [..192.168.1.142][55383] -> [....66.68.83.22][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.1.142][55317] -> [188.165.213.169][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..192.168.1.142][55328] -> [..69.118.54.122][.8333] [BITCOIN][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bittorrent.pcap.out b/test/results/flow-info/default/bittorrent.pcap.out index c9cd5b620..009455bf7 100644 --- a/test/results/flow-info/default/bittorrent.pcap.out +++ b/test/results/flow-info/default/bittorrent.pcap.out @@ -84,51 +84,49 @@ detected: [....24] [ip4][..tcp] [....192.168.1.3][52925] -> [..93.65.227.100][19116] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic end: [.....2] [ip4][..tcp] [....192.168.1.3][52887] -> [....82.57.97.83][53137] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....11] [ip4][..tcp] [....192.168.1.3][52906] -> [....82.57.97.83][53137] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [.....3] [ip4][..tcp] [....192.168.1.3][52895] -> [.83.216.184.241][51413] [BitTorrent][Unknown][Download][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..tcp] [....192.168.1.3][52927] -> [.83.216.184.241][51413] [BitTorrent][Unknown][Download][Acceptable] - RISK: Unidirectional Traffic end: [....21] [ip4][..tcp] [....192.168.1.3][52922] -> [..95.237.193.34][11321] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....13] [ip4][..tcp] [....192.168.1.3][52912] -> [.151.72.255.163][59928] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....6] [ip4][..tcp] [....192.168.1.3][52897] -> [...151.26.95.30][22673] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..tcp] [....192.168.1.3][52911] -> [...151.26.95.30][22673] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....20] [ip4][..tcp] [....192.168.1.3][52921] -> [..95.234.159.16][41205] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....23] [ip4][..tcp] [....192.168.1.3][52926] -> [..93.65.249.100][31336] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....24] [ip4][..tcp] [....192.168.1.3][52925] -> [..93.65.227.100][19116] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [.....9] [ip4][..tcp] [....192.168.1.3][52902] -> [.190.103.195.56][46633] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....18] [ip4][..tcp] [....192.168.1.3][52914] -> [.190.103.195.56][46633] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [.....4] [ip4][..tcp] [....192.168.1.3][52896] -> [....79.53.228.2][14627] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....14] [ip4][..tcp] [....192.168.1.3][52909] -> [....79.53.228.2][14627] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..tcp] [....192.168.1.3][52893] -> [...79.55.129.22][12097] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....16] [ip4][..tcp] [....192.168.1.3][52908] -> [...79.55.129.22][12097] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....19] [ip4][..tcp] [....192.168.1.3][52917] -> [..151.15.48.189][47001] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..tcp] [....192.168.1.3][52903] -> [..198.100.146.9][60163] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....17] [ip4][..tcp] [....192.168.1.3][52915] -> [..198.100.146.9][60163] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [.....1] [ip4][..tcp] [....192.168.1.3][52888] -> [..82.58.216.115][38305] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....10] [ip4][..tcp] [....192.168.1.3][52907] -> [..82.58.216.115][38305] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip4][..tcp] [....192.168.1.3][52894] -> [..120.62.33.241][39332] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....15] [ip4][..tcp] [....192.168.1.3][52910] -> [..120.62.33.241][39332] [BitTorrent][Unknown][Download][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bittorrent_utp.pcap.out b/test/results/flow-info/default/bittorrent_utp.pcap.out index d4f3b0662..a09a8b73c 100644 --- a/test/results/flow-info/default/bittorrent_utp.pcap.out +++ b/test/results/flow-info/default/bittorrent_utp.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] detected: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port analyse: [.....1] [ip4][..udp] [..82.243.113.43][64969] -> [....192.168.1.5][40959] [BitTorrent][Unknown][Download][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 5.430| 0.412| 1.202| 1445669.503| 2.400] diff --git a/test/results/flow-info/default/bjnp.pcap.out b/test/results/flow-info/default/bjnp.pcap.out index 3adb8cb11..6f3ac1210 100644 --- a/test/results/flow-info/default/bjnp.pcap.out +++ b/test/results/flow-info/default/bjnp.pcap.out @@ -32,23 +32,13 @@ detected: [....10] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.9][.8612] [BJNP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [192.168.185.141][50087] -> [...192.168.1.17][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.9][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.8][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.7][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.6][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.5][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.4][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.3][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.2][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [192.168.185.141][50089] -> [....192.168.1.1][.8612] [BJNP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/bt_search.pcap.out b/test/results/flow-info/default/bt_search.pcap.out index ce44bb95e..84bb2d94f 100644 --- a/test/results/flow-info/default/bt_search.pcap.out +++ b/test/results/flow-info/default/bt_search.pcap.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] detected: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] [BitTorrent][Unknown][Download][Acceptable] - idle: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] + idle: [.....1] [ip4][..udp] [..192.168.0.102][.6771] -> [239.192.152.143][.6771] [BitTorrent][Unknown][Download][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/cachefly.pcapng.out b/test/results/flow-info/default/cachefly.pcapng.out index 60bc5684e..28d5f3bd8 100644 --- a/test/results/flow-info/default/cachefly.pcapng.out +++ b/test/results/flow-info/default/cachefly.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Unknown][Web][Safe][apptv.cachefly.net] detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS][Unknown][Web][Safe][apptv.cachefly.net] detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable][apptv.cachefly.net] - idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] + idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][43766] [TLS.Cachefly][Unknown][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/can.pcap.out b/test/results/flow-info/default/can.pcap.out index 6d1c3ee6a..10c6743e3 100644 --- a/test/results/flow-info/default/can.pcap.out +++ b/test/results/flow-info/default/can.pcap.out @@ -8,7 +8,6 @@ detected: [.....2] [ip4][..udp] [....55.97.32.36][56551] -> [....61.40.63.42][25353] [Controller_Area_Network][Unknown][System][Safe] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..207.134.64.89][36251] -> [..48.220.224.78][11898] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..128.244.36.46][34952] -> [.196.77.109.252][11898] detected: [.....3] [ip4][..udp] [..128.244.36.46][34952] -> [.196.77.109.252][11898] [Controller_Area_Network][Unknown][System][Safe] RISK: Unidirectional Traffic @@ -28,19 +27,11 @@ detected: [.....8] [ip4][..udp] [..140.194.231.1][58665] -> [....89.92.174.8][32367] [Controller_Area_Network][Unknown][System][Safe] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..128.244.36.46][34952] -> [.196.77.109.252][11898] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.248.12.123.236][39411] -> [..69.120.47.124][..540] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [....55.97.32.36][56551] -> [....61.40.63.42][25353] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..140.194.231.1][58665] -> [....89.92.174.8][32367] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..247.111.83.65][53276] -> [..172.44.102.53][11898] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [156.187.243.113][52611] -> [.211.116.172.72][11898] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [103.183.191.240][46565] -> [..73.121.85.123][63575] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..207.134.64.89][36251] -> [..48.220.224.78][11898] [Controller_Area_Network][Unknown][System][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/capwap.pcap.out b/test/results/flow-info/default/capwap.pcap.out index 189988f2c..da2bdd79c 100644 --- a/test/results/flow-info/default/capwap.pcap.out +++ b/test/results/flow-info/default/capwap.pcap.out @@ -18,7 +18,6 @@ detected: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic analyse: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 10.093| 0.703| 2.456| 6029719.372| 1.600] @@ -32,7 +31,7 @@ new: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] detected: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] + update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Unknown][Network][Acceptable] ERROR-EVENT: Unknown packet type [1/16] analyse: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy @@ -46,33 +45,22 @@ [ENTROPIES...: 4.3,4.8,5.2,4.7,4.9,4.8,4.4,5.0,5.1,4.6,4.4,4.4,4.8,5.0,4.6,4.9,4.9,5.0,4.6,4.9,4.4,4.9,4.8,5.1,4.9,4.8,5.0,4.7,4.3,4.9,4.9,4.7] update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] + update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Unknown][Network][Acceptable] ERROR-EVENT: Unknown packet type [1/16] update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] + update: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Unknown][Network][Acceptable] ERROR-EVENT: Unknown packet type [1/16] idle: [.....1] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12379] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] + idle: [.....2] [ip4][..udp] [..192.168.10.10][49259] -> [255.255.255.255][...53] [DNS][Unknown][Network][Acceptable] update: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.10.10][12380] -> [255.255.255.255][.5246] [CAPWAP][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [...192.168.10.9][.5246] -> [..192.168.10.10][12380] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.10.10][12380] -> [...192.168.10.9][.5247] [CAPWAP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/chrome.pcap.out b/test/results/flow-info/default/chrome.pcap.out index 6e7d531ef..cf650214b 100644 --- a/test/results/flow-info/default/chrome.pcap.out +++ b/test/results/flow-info/default/chrome.pcap.out @@ -19,10 +19,10 @@ detection-update: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] - idle: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] - idle: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] - idle: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] - idle: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] - idle: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] - idle: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.178][64393] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....2] [ip4][..tcp] [..192.168.1.178][64394] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....3] [ip4][..tcp] [..192.168.1.178][64408] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....4] [ip4][..tcp] [..192.168.1.178][64409] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....5] [ip4][..tcp] [..192.168.1.178][64410] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....6] [ip4][..tcp] [..192.168.1.178][64411] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/cloudflare-warp.pcap.out b/test/results/flow-info/default/cloudflare-warp.pcap.out index 6178405f4..622f94a00 100644 --- a/test/results/flow-info/default/cloudflare-warp.pcap.out +++ b/test/results/flow-info/default/cloudflare-warp.pcap.out @@ -27,8 +27,9 @@ RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [..10.158.134.93][55512] -> [.142.251.42.106][..443] idle: [.....2] [ip4][..tcp] [.......10.8.0.1][42344] -> [..159.138.85.48][.5223] [Jabber][Unknown][Web][Acceptable] - idle: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] - idle: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] - idle: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] - idle: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] + idle: [.....7] [ip4][..tcp] [.......10.8.0.1][51296] -> [142.250.183.163][..443] [TLS.GoogleServices][Google][Web][Acceptable] + idle: [.....5] [ip4][..tcp] [.......10.8.0.1][45606] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][Cloudflare][VPN][Acceptable] + idle: [.....6] [ip4][..tcp] [.......10.8.0.1][45610] -> [..104.18.47.234][..443] [TLS.CloudflareWarp][Cloudflare][VPN][Acceptable] + idle: [.....3] [ip4][..tcp] [.......10.8.0.1][40214] -> [..157.240.16.32][..443] [TLS.Messenger][Facebook][Chat][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/coap_mqtt.pcap.out b/test/results/flow-info/default/coap_mqtt.pcap.out index 569ff5342..c67ac6146 100644 --- a/test/results/flow-info/default/coap_mqtt.pcap.out +++ b/test/results/flow-info/default/coap_mqtt.pcap.out @@ -22,15 +22,10 @@ detected: [.....6] [ip6][..udp] [................................bbbb::1][33499] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61043] -> [....................2001:620:8:35d9::10][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61044] -> [....................2001:620:8:35d9::10][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61045] -> [....................2001:620:8:35d9::10][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61046] -> [....................2001:620:8:35d9::10][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....5] [ip6][..udp] [..2001:da8:215:1171:a10b:cb48:8f83:57f6][61047] -> [....................2001:620:8:35d9::10][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic new: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] detected: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] RISK: Unidirectional Traffic @@ -38,20 +33,15 @@ detected: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] RISK: Unidirectional Traffic idle: [.....6] [ip6][..udp] [................................bbbb::1][33499] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic update: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic update: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MQTT][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....7] [ip6][..udp] [................................bbbb::1][50250] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....8] [ip6][..udp] [................................bbbb::1][46819] -> [................................bbbb::3][.5683] [COAP][Unknown][RPC][Safe] - RISK: Unidirectional Traffic new: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MIDSTREAM] detected: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MQTT][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -154,19 +144,15 @@ [PKTLENS.....: 127,50,128,51,123,46,123,46,126,49,123,46,122,45,127,50,125,48,129,52,126,49,124,47,125,48,129,52,124,47,128,51] [ENTROPIES...: 5.6,5.1,5.6,5.1,5.5,5.1,5.5,5.1,5.6,5.1,5.5,5.1,5.5,5.0,5.6,5.2,5.6,5.1,5.7,5.3,5.6,5.1,5.6,5.1,5.5,5.1,5.6,5.2,5.5,5.0,5.6,5.2] idle: [....12] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..tcp] [...192.168.56.1][53522] -> [.192.168.56.101][17501] [MQTT][Unknown][RPC][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....10] [ip4][..tcp] [...192.168.56.1][53523] -> [.192.168.56.101][17501] [MQTT][Unknown][RPC][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....13] [ip4][..tcp] [.192.168.56.101][17501] -> [...192.168.56.1][53524] [MQTT][Unknown][RPC][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....11] [ip4][..tcp] [...192.168.56.1][53528] -> [.192.168.56.101][17501] [MQTT][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/crynet.pcap.out b/test/results/flow-info/default/crynet.pcap.out index fb93f9d11..5d380e668 100644 --- a/test/results/flow-info/default/crynet.pcap.out +++ b/test/results/flow-info/default/crynet.pcap.out @@ -10,40 +10,33 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][56333] -> [...37.58.56.245][20250] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][61837] -> [..78.159.118.97][25383] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] detected: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][56333] -> [...37.58.56.245][20250] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] detected: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][56970] -> [..84.16.230.222][28665] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..udp] [..192.168.2.100][60751] -> [..84.16.248.143][30098] detected: [.....5] [ip4][..udp] [..192.168.2.100][60751] -> [..84.16.248.143][30098] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][55645] -> [...78.159.98.94][28375] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....6] [ip4][..udp] [..192.168.2.100][60224] -> [.78.159.106.139][28343] detected: [.....6] [ip4][..udp] [..192.168.2.100][60224] -> [.78.159.106.139][28343] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][60751] -> [..84.16.248.143][30098] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..udp] [..192.168.2.100][55460] -> [.78.159.118.143][21931] detected: [.....7] [ip4][..udp] [..192.168.2.100][55460] -> [.78.159.118.143][21931] [CryNetwork][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][60224] -> [.78.159.106.139][28343] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][55460] -> [.78.159.118.143][21931] [CryNetwork][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/custom_rules_ipv6.pcapng.out b/test/results/flow-info/default/custom_rules_ipv6.pcapng.out index 2617333bf..89839c83d 100644 --- a/test/results/flow-info/default/custom_rules_ipv6.pcapng.out +++ b/test/results/flow-info/default/custom_rules_ipv6.pcapng.out @@ -17,9 +17,7 @@ new: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] new: [.....5] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] idle: [.....2] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][..100] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][.1991] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip6][..udp] [247f:855b:5e16:3caf:3f2c:4134:9592:661b][36098] -> [.21bc:b273:7f68:88d7:77a8:585:3990:927b][50621] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic not-detected: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] [Unknown][Unknown][Unrated] idle: [.....4] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12718] -> [................................ff02::1][26993] not-detected: [.....5] [ip6][..udp] [..............fe80::76ac:b9ff:fe6c:c124][12717] -> [................................ff02::1][64315] [Unknown][Unknown][Unrated] diff --git a/test/results/flow-info/default/dazn.pcapng.out b/test/results/flow-info/default/dazn.pcapng.out index 381d39f52..f067af3f8 100644 --- a/test/results/flow-info/default/dazn.pcapng.out +++ b/test/results/flow-info/default/dazn.pcapng.out @@ -10,7 +10,7 @@ new: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] detected: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] [TLS.Dazn][AmazonAWS][Streaming][Fun][subscriptions-service.dazn-api.com] detection-update: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] [TLS.Dazn][AmazonAWS][Streaming][Fun][subscriptions-service.dazn-api.com] - idle: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] - idle: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] - idle: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] + idle: [.....2] [ip4][..tcp] [..192.168.1.128][46036] -> [..13.226.244.27][..443] [TLS.Dazn][AmazonAWS][Streaming][Fun] + idle: [.....1] [ip4][..tcp] [..192.168.1.128][54020] -> [...52.84.223.58][..443] [TLS.Dazn][AmazonAWS][Streaming][Fun] + idle: [.....3] [ip4][..tcp] [..192.168.1.128][40882] -> [..13.226.244.30][..443] [TLS.Dazn][AmazonAWS][Streaming][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dcerpc.pcap.out b/test/results/flow-info/default/dcerpc.pcap.out index 2b13cee00..f1cf52bb7 100644 --- a/test/results/flow-info/default/dcerpc.pcap.out +++ b/test/results/flow-info/default/dcerpc.pcap.out @@ -14,11 +14,7 @@ detected: [.....4] [ip4][..udp] [...192.168.1.11][49154] -> [...192.168.1.20][49162] [RPC][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...192.168.1.11][49154] -> [...192.168.1.20][49162] [RPC][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...192.168.1.20][49161] -> [...192.168.1.11][49155] [RPC][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...192.168.1.11][49155] -> [...192.168.1.20][34964] [RPC][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...192.168.1.20][49162] -> [...192.168.1.11][34964] [RPC][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/diameter.pcap.out b/test/results/flow-info/default/diameter.pcap.out index 98d38fe25..bc146e7a4 100644 --- a/test/results/flow-info/default/diameter.pcap.out +++ b/test/results/flow-info/default/diameter.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..tcp] [...10.201.9.245][50957] -> [....10.201.9.11][.3868] [Diameter][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [...10.201.9.245][50957] -> [....10.201.9.11][.3868] [Diameter][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/discord.pcap.out b/test/results/flow-info/default/discord.pcap.out index faff579ed..89745b900 100644 --- a/test/results/flow-info/default/discord.pcap.out +++ b/test/results/flow-info/default/discord.pcap.out @@ -24,23 +24,18 @@ new: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] detected: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] [Discord][Discord][Collaborative][Fun] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] + idle: [.....1] [ip4][..tcp] [......10.0.2.15][42834] -> [162.159.128.233][..443] [TLS.Discord][Cloudflare][Collaborative][Fun] + RISK: TLS Cert Expired DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] new: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] detected: [.....8] [ip4][..udp] [..192.168.2.100][57955] -> [..66.22.196.173][50004] [Discord][Discord][Collaborative][Fun] idle: [.....7] [ip4][..udp] [..192.168.2.100][56271] -> [...66.22.237.11][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.5][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][56271] -> [....66.22.241.7][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.237.138][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.139][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][56271] -> [..66.22.244.154][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] detected: [.....9] [ip4][..udp] [..192.168.2.100][64837] -> [.35.214.238.161][50001] [Discord][GoogleCloud][Collaborative][Fun] new: [....10] [ip4][..udp] [..192.168.2.100][55085] -> [..66.22.196.173][50004] diff --git a/test/results/flow-info/default/dns_dot.pcap.out b/test/results/flow-info/default/dns_dot.pcap.out index 66468fa6c..e32784bca 100644 --- a/test/results/flow-info/default/dns_dot.pcap.out +++ b/test/results/flow-info/default/dns_dot.pcap.out @@ -6,5 +6,6 @@ RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - idle: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] + idle: [.....1] [ip4][..tcp] [..192.168.1.185][58290] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dns_fragmented.pcap.out b/test/results/flow-info/default/dns_fragmented.pcap.out index 14bae7c26..c3f1f018a 100644 --- a/test/results/flow-info/default/dns_fragmented.pcap.out +++ b/test/results/flow-info/default/dns_fragmented.pcap.out @@ -127,7 +127,8 @@ idle: [....16] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][55729] -> [..................2001:470:765b::a25:53][...53] [DNS][Unknown][Network][Acceptable] RISK: Large DNS Packet (512+ bytes), Fragmented DNS Message idle: [....20] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][54590] -> [...................2606:4700:4700::1111][...53] [DNS][Cloudflare][Network][Acceptable] - idle: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] + idle: [....13] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][52814] -> [...................2606:4700:4700::1111][...53] [DNS][Cloudflare][Network][Acceptable] + RISK: Error Code idle: [....12] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][48758] -> [...................2606:4700:4700::1111][...53] [DNS][Cloudflare][Network][Acceptable] idle: [....14] [ip6][..udp] [..2001:470:1f0b:16b0:20c:29ff:fe7c:a4cb][42344] -> [............................2620:fe::fe][...53] [DNS][Unknown][Network][Acceptable] idle: [....17] [ip4][..udp] [....194.247.5.6][51791] -> [.193.24.227.238][...53] [DNS][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/dns_invert_query.pcapng.out b/test/results/flow-info/default/dns_invert_query.pcapng.out index f5414bcb1..91025acdf 100644 --- a/test/results/flow-info/default/dns_invert_query.pcapng.out +++ b/test/results/flow-info/default/dns_invert_query.pcapng.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] detected: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] [DNS][Unknown][Network][Acceptable][216.58.202.4] - idle: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] + idle: [.....1] [ip4][..udp] [173.147.108.174][18427] -> [...244.187.95.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dnscrypt-v1-and-resolver-pings.pcap.out b/test/results/flow-info/default/dnscrypt-v1-and-resolver-pings.pcap.out index 525a2c35a..daf3ded59 100644 --- a/test/results/flow-info/default/dnscrypt-v1-and-resolver-pings.pcap.out +++ b/test/results/flow-info/default/dnscrypt-v1-and-resolver-pings.pcap.out @@ -239,17 +239,11 @@ detected: [....72] [ip4][..udp] [.......10.0.0.1][56902] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [.......10.0.0.1][38388] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [.......10.0.0.1][35228] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.......10.0.0.1][45722] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.......10.0.0.1][35495] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [.......10.0.0.1][33565] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.......10.0.0.1][60301] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....73] [ip4][..udp] [.......10.0.0.1][38349] -> [205.185.116.116][..553] detected: [....73] [ip4][..udp] [.......10.0.0.1][38349] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -590,17 +584,11 @@ RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [6/16] update: [....10] [ip4][..udp] [.......10.0.0.1][43748] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.......10.0.0.1][52636] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [.......10.0.0.1][51004] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [.......10.0.0.1][57395] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [.......10.0.0.1][53299] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.......10.0.0.1][49518] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...181] [ip4][..udp] [.......10.0.0.1][38371] -> [.212.47.228.136][..443] detected: [...181] [ip4][..udp] [.......10.0.0.1][38371] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -644,293 +632,149 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [5/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [6/16] update: [....51] [ip4][..udp] [.......10.0.0.1][34885] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [.......10.0.0.1][37595] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [.......10.0.0.1][40451] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [.......10.0.0.1][36668] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...123] [ip4][..udp] [.......10.0.0.1][53117] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [.......10.0.0.1][43505] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [.......10.0.0.1][38388] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [.......10.0.0.1][47432] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [.......10.0.0.1][35005] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...110] [ip4][..udp] [.......10.0.0.1][47257] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....85] [ip4][..udp] [.......10.0.0.1][38812] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [.......10.0.0.1][37035] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [.......10.0.0.1][38867] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...138] [ip4][..udp] [.......10.0.0.1][38511] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [.......10.0.0.1][37950] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...130] [ip4][..udp] [.......10.0.0.1][43776] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...149] [ip4][..udp] [.......10.0.0.1][49040] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....23] [ip4][..udp] [.......10.0.0.1][59641] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...142] [ip4][..udp] [.......10.0.0.1][51935] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...104] [ip4][..udp] [.......10.0.0.1][49186] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [.......10.0.0.1][39007] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...132] [ip4][..udp] [.......10.0.0.1][52069] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....97] [ip4][..udp] [.......10.0.0.1][55896] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...150] [ip4][..udp] [.......10.0.0.1][49115] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [.......10.0.0.1][55046] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [.......10.0.0.1][53697] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [.......10.0.0.1][38278] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....69] [ip4][..udp] [.......10.0.0.1][41800] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...143] [ip4][..udp] [.......10.0.0.1][54096] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [.......10.0.0.1][52911] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [...118] [ip4][..udp] [.......10.0.0.1][36676] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [.......10.0.0.1][38349] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [.......10.0.0.1][37413] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...119] [ip4][..udp] [.......10.0.0.1][49008] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....45] [ip4][..udp] [.......10.0.0.1][50335] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [.......10.0.0.1][53811] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....65] [ip4][..udp] [.......10.0.0.1][57465] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....50] [ip4][..udp] [.......10.0.0.1][33369] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [.......10.0.0.1][59709] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...102] [ip4][..udp] [.......10.0.0.1][35634] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [.......10.0.0.1][43365] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....66] [ip4][..udp] [.......10.0.0.1][55482] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...101] [ip4][..udp] [.......10.0.0.1][54112] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....59] [ip4][..udp] [.......10.0.0.1][52284] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...144] [ip4][..udp] [.......10.0.0.1][35903] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [.......10.0.0.1][43129] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [.......10.0.0.1][34324] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [.......10.0.0.1][47865] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [.......10.0.0.1][39655] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...117] [ip4][..udp] [.......10.0.0.1][51363] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...141] [ip4][..udp] [.......10.0.0.1][40138] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...140] [ip4][..udp] [.......10.0.0.1][50387] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....31] [ip4][..udp] [.......10.0.0.1][43609] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...145] [ip4][..udp] [.......10.0.0.1][37328] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [.......10.0.0.1][55409] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [...121] [ip4][..udp] [.......10.0.0.1][60091] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...137] [ip4][..udp] [.......10.0.0.1][57636] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...147] [ip4][..udp] [.......10.0.0.1][33279] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...113] [ip4][..udp] [.......10.0.0.1][60334] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....99] [ip4][..udp] [.......10.0.0.1][40099] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...114] [ip4][..udp] [.......10.0.0.1][48065] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....89] [ip4][..udp] [.......10.0.0.1][43714] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [.......10.0.0.1][45767] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [.......10.0.0.1][56043] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [.......10.0.0.1][38879] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....70] [ip4][..udp] [.......10.0.0.1][38283] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....88] [ip4][..udp] [.......10.0.0.1][33521] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [.......10.0.0.1][46066] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [.......10.0.0.1][35228] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [.......10.0.0.1][44093] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...134] [ip4][..udp] [.......10.0.0.1][45497] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...105] [ip4][..udp] [.......10.0.0.1][58113] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....98] [ip4][..udp] [.......10.0.0.1][48448] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [.......10.0.0.1][56177] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....63] [ip4][..udp] [.......10.0.0.1][56022] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [.......10.0.0.1][60962] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [.......10.0.0.1][59367] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....48] [ip4][..udp] [.......10.0.0.1][59194] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [.......10.0.0.1][56902] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [.......10.0.0.1][45993] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...112] [ip4][..udp] [.......10.0.0.1][56494] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [.......10.0.0.1][32793] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [.......10.0.0.1][52221] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [.......10.0.0.1][50435] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [.......10.0.0.1][44282] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...135] [ip4][..udp] [.......10.0.0.1][47729] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...133] [ip4][..udp] [.......10.0.0.1][53876] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...139] [ip4][..udp] [.......10.0.0.1][59011] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.......10.0.0.1][45722] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.......10.0.0.1][35495] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [.......10.0.0.1][50035] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [.......10.0.0.1][55834] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [.......10.0.0.1][50913] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [.......10.0.0.1][47685] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [...122] [ip4][..udp] [.......10.0.0.1][52356] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...148] [ip4][..udp] [.......10.0.0.1][54215] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....60] [ip4][..udp] [.......10.0.0.1][46856] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...115] [ip4][..udp] [.......10.0.0.1][41717] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [.......10.0.0.1][33565] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....32] [ip4][..udp] [.......10.0.0.1][46229] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [.......10.0.0.1][37123] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....43] [ip4][..udp] [.......10.0.0.1][59476] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...136] [ip4][..udp] [.......10.0.0.1][52040] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [.......10.0.0.1][55979] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [...146] [ip4][..udp] [.......10.0.0.1][35885] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...106] [ip4][..udp] [.......10.0.0.1][42156] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....93] [ip4][..udp] [.......10.0.0.1][45987] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...103] [ip4][..udp] [.......10.0.0.1][46255] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...128] [ip4][..udp] [.......10.0.0.1][55267] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [.......10.0.0.1][40009] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....34] [ip4][..udp] [.......10.0.0.1][38136] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.......10.0.0.1][60301] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [.......10.0.0.1][41913] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [.......10.0.0.1][44491] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [.......10.0.0.1][43528] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [.......10.0.0.1][55822] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....94] [ip4][..udp] [.......10.0.0.1][46063] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....92] [ip4][..udp] [.......10.0.0.1][37890] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...126] [ip4][..udp] [.......10.0.0.1][58740] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....90] [ip4][..udp] [.......10.0.0.1][60735] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [.......10.0.0.1][51770] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....44] [ip4][..udp] [.......10.0.0.1][47341] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....87] [ip4][..udp] [.......10.0.0.1][56688] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....71] [ip4][..udp] [.......10.0.0.1][59489] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...127] [ip4][..udp] [.......10.0.0.1][43224] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [.......10.0.0.1][56997] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....42] [ip4][..udp] [.......10.0.0.1][38362] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [.......10.0.0.1][44712] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....18] [ip4][..udp] [.......10.0.0.1][55123] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [.......10.0.0.1][32970] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...131] [ip4][..udp] [.......10.0.0.1][59707] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...120] [ip4][..udp] [.......10.0.0.1][48325] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...107] [ip4][..udp] [.......10.0.0.1][58936] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...129] [ip4][..udp] [.......10.0.0.1][51589] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [.......10.0.0.1][56035] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [.......10.0.0.1][33071] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...125] [ip4][..udp] [.......10.0.0.1][38594] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [.......10.0.0.1][59261] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...108] [ip4][..udp] [.......10.0.0.1][40595] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [.......10.0.0.1][43633] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [.......10.0.0.1][49512] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [.......10.0.0.1][59405] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [.......10.0.0.1][46313] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [....64] [ip4][..udp] [.......10.0.0.1][42570] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...193] [ip4][..udp] [.......10.0.0.1][50601] -> [..139.99.222.72][.8443] detected: [...193] [ip4][..udp] [.......10.0.0.1][50601] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1056,77 +900,41 @@ detected: [...228] [ip4][..udp] [.......10.0.0.1][57109] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...159] [ip4][..udp] [.......10.0.0.1][39816] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...175] [ip4][..udp] [.......10.0.0.1][51647] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...168] [ip4][..udp] [.......10.0.0.1][59749] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...180] [ip4][..udp] [.......10.0.0.1][47621] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...172] [ip4][..udp] [.......10.0.0.1][43540] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [.......10.0.0.1][43748] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...151] [ip4][..udp] [.......10.0.0.1][45375] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...171] [ip4][..udp] [.......10.0.0.1][45815] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...165] [ip4][..udp] [.......10.0.0.1][58104] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...177] [ip4][..udp] [.......10.0.0.1][41895] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...154] [ip4][..udp] [.......10.0.0.1][55768] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...163] [ip4][..udp] [.......10.0.0.1][35734] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...156] [ip4][..udp] [.......10.0.0.1][53887] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...158] [ip4][..udp] [.......10.0.0.1][38508] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...173] [ip4][..udp] [.......10.0.0.1][48159] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [.......10.0.0.1][49975] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...178] [ip4][..udp] [.......10.0.0.1][46363] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...167] [ip4][..udp] [.......10.0.0.1][58650] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.......10.0.0.1][52636] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...155] [ip4][..udp] [.......10.0.0.1][39910] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...170] [ip4][..udp] [.......10.0.0.1][44469] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...157] [ip4][..udp] [.......10.0.0.1][36930] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...164] [ip4][..udp] [.......10.0.0.1][44496] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...174] [ip4][..udp] [.......10.0.0.1][38482] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...161] [ip4][..udp] [.......10.0.0.1][59589] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [.......10.0.0.1][51004] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...176] [ip4][..udp] [.......10.0.0.1][59224] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...179] [ip4][..udp] [.......10.0.0.1][57180] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...153] [ip4][..udp] [.......10.0.0.1][38310] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...169] [ip4][..udp] [.......10.0.0.1][38709] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...166] [ip4][..udp] [.......10.0.0.1][40748] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [.......10.0.0.1][57395] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [.......10.0.0.1][53299] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...160] [ip4][..udp] [.......10.0.0.1][45613] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...162] [ip4][..udp] [.......10.0.0.1][45747] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.......10.0.0.1][49518] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...229] [ip4][..udp] [.......10.0.0.1][59587] -> [..23.111.74.205][..443] detected: [...229] [ip4][..udp] [.......10.0.0.1][59587] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1156,473 +964,239 @@ new: [...239] [ip4][..udp] [.......10.0.0.1][37711] -> [.144.91.106.227][..443] detected: [...239] [ip4][..udp] [.......10.0.0.1][37711] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] idle: [...159] [ip4][..udp] [.......10.0.0.1][39816] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [.......10.0.0.1][34885] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...232] [ip4][..udp] [.......10.0.0.1][53045] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...175] [ip4][..udp] [.......10.0.0.1][51647] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [.......10.0.0.1][37595] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....96] [ip4][..udp] [.......10.0.0.1][40451] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [.......10.0.0.1][36668] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...123] [ip4][..udp] [.......10.0.0.1][53117] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [.......10.0.0.1][43505] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...168] [ip4][..udp] [.......10.0.0.1][59749] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...224] [ip4][..udp] [.......10.0.0.1][46140] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.0.0.1][38388] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [.......10.0.0.1][47432] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...180] [ip4][..udp] [.......10.0.0.1][47621] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...221] [ip4][..udp] [.......10.0.0.1][46314] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [.......10.0.0.1][35005] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...110] [ip4][..udp] [.......10.0.0.1][47257] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....85] [ip4][..udp] [.......10.0.0.1][38812] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...211] [ip4][..udp] [.......10.0.0.1][54375] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...208] [ip4][..udp] [.......10.0.0.1][50277] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...109] [ip4][..udp] [.......10.0.0.1][37035] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...209] [ip4][..udp] [.......10.0.0.1][44161] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...138] [ip4][..udp] [.......10.0.0.1][38511] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [.......10.0.0.1][38867] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...191] [ip4][..udp] [.......10.0.0.1][51826] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...216] [ip4][..udp] [.......10.0.0.1][42141] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...172] [ip4][..udp] [.......10.0.0.1][43540] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [.......10.0.0.1][37950] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...184] [ip4][..udp] [.......10.0.0.1][40775] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...130] [ip4][..udp] [.......10.0.0.1][43776] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...204] [ip4][..udp] [.......10.0.0.1][54204] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...149] [ip4][..udp] [.......10.0.0.1][49040] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...225] [ip4][..udp] [.......10.0.0.1][40209] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [.......10.0.0.1][59641] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...142] [ip4][..udp] [.......10.0.0.1][51935] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [.......10.0.0.1][49186] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [.......10.0.0.1][43748] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...132] [ip4][..udp] [.......10.0.0.1][52069] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [.......10.0.0.1][39007] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....97] [ip4][..udp] [.......10.0.0.1][55896] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...150] [ip4][..udp] [.......10.0.0.1][49115] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...151] [ip4][..udp] [.......10.0.0.1][45375] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...202] [ip4][..udp] [.......10.0.0.1][54305] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...116] [ip4][..udp] [.......10.0.0.1][55046] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [.......10.0.0.1][53697] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [.......10.0.0.1][38278] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...206] [ip4][..udp] [.......10.0.0.1][38242] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...229] [ip4][..udp] [.......10.0.0.1][59587] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....69] [ip4][..udp] [.......10.0.0.1][41800] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...143] [ip4][..udp] [.......10.0.0.1][54096] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [.......10.0.0.1][52911] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...171] [ip4][..udp] [.......10.0.0.1][45815] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...118] [ip4][..udp] [.......10.0.0.1][36676] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...201] [ip4][..udp] [.......10.0.0.1][48237] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....73] [ip4][..udp] [.......10.0.0.1][38349] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...165] [ip4][..udp] [.......10.0.0.1][58104] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [.......10.0.0.1][37413] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...119] [ip4][..udp] [.......10.0.0.1][49008] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [.......10.0.0.1][50335] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...177] [ip4][..udp] [.......10.0.0.1][41895] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [.......10.0.0.1][53811] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...199] [ip4][..udp] [.......10.0.0.1][48300] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...220] [ip4][..udp] [.......10.0.0.1][54920] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...154] [ip4][..udp] [.......10.0.0.1][55768] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....65] [ip4][..udp] [.......10.0.0.1][57465] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...217] [ip4][..udp] [.......10.0.0.1][56988] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...213] [ip4][..udp] [.......10.0.0.1][36335] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [.......10.0.0.1][33369] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [.......10.0.0.1][59709] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...193] [ip4][..udp] [.......10.0.0.1][50601] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...102] [ip4][..udp] [.......10.0.0.1][35634] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...194] [ip4][..udp] [.......10.0.0.1][40374] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [.......10.0.0.1][43365] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [.......10.0.0.1][55482] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...227] [ip4][..udp] [.......10.0.0.1][50757] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...101] [ip4][..udp] [.......10.0.0.1][54112] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...163] [ip4][..udp] [.......10.0.0.1][35734] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....59] [ip4][..udp] [.......10.0.0.1][52284] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...144] [ip4][..udp] [.......10.0.0.1][35903] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....95] [ip4][..udp] [.......10.0.0.1][43129] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [.......10.0.0.1][34324] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...156] [ip4][..udp] [.......10.0.0.1][53887] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [.......10.0.0.1][47865] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...158] [ip4][..udp] [.......10.0.0.1][38508] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [.......10.0.0.1][48159] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [.......10.0.0.1][39655] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...117] [ip4][..udp] [.......10.0.0.1][51363] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...141] [ip4][..udp] [.......10.0.0.1][40138] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...140] [ip4][..udp] [.......10.0.0.1][50387] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...228] [ip4][..udp] [.......10.0.0.1][57109] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...188] [ip4][..udp] [.......10.0.0.1][50403] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [.......10.0.0.1][43609] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...145] [ip4][..udp] [.......10.0.0.1][37328] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...219] [ip4][..udp] [.......10.0.0.1][59354] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [.......10.0.0.1][55409] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [.......10.0.0.1][49975] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...178] [ip4][..udp] [.......10.0.0.1][46363] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...121] [ip4][..udp] [.......10.0.0.1][60091] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...137] [ip4][..udp] [.......10.0.0.1][57636] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...147] [ip4][..udp] [.......10.0.0.1][33279] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...113] [ip4][..udp] [.......10.0.0.1][60334] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....99] [ip4][..udp] [.......10.0.0.1][40099] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...234] [ip4][..udp] [.......10.0.0.1][60113] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...114] [ip4][..udp] [.......10.0.0.1][48065] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....89] [ip4][..udp] [.......10.0.0.1][43714] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [.......10.0.0.1][45767] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...212] [ip4][..udp] [.......10.0.0.1][55185] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [.......10.0.0.1][56043] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [.......10.0.0.1][38879] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [.......10.0.0.1][38283] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [.......10.0.0.1][33521] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...111] [ip4][..udp] [.......10.0.0.1][46066] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.......10.0.0.1][35228] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...167] [ip4][..udp] [.......10.0.0.1][58650] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.......10.0.0.1][52636] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [.......10.0.0.1][44093] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...134] [ip4][..udp] [.......10.0.0.1][45497] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...155] [ip4][..udp] [.......10.0.0.1][39910] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...105] [ip4][..udp] [.......10.0.0.1][58113] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....98] [ip4][..udp] [.......10.0.0.1][48448] -> [...66.85.30.115][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...210] [ip4][..udp] [.......10.0.0.1][49177] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [.......10.0.0.1][56177] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...170] [ip4][..udp] [.......10.0.0.1][44469] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [.......10.0.0.1][56022] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....56] [ip4][..udp] [.......10.0.0.1][60962] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [.......10.0.0.1][59367] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [.......10.0.0.1][59194] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...189] [ip4][..udp] [.......10.0.0.1][46646] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...197] [ip4][..udp] [.......10.0.0.1][59400] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...187] [ip4][..udp] [.......10.0.0.1][58948] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [.......10.0.0.1][56902] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....86] [ip4][..udp] [.......10.0.0.1][45993] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...112] [ip4][..udp] [.......10.0.0.1][56494] -> [..51.158.166.97][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...157] [ip4][..udp] [.......10.0.0.1][36930] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [.......10.0.0.1][32793] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...164] [ip4][..udp] [.......10.0.0.1][44496] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...124] [ip4][..udp] [.......10.0.0.1][52221] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [.......10.0.0.1][50435] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [.......10.0.0.1][44282] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [.......10.0.0.1][47729] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...133] [ip4][..udp] [.......10.0.0.1][53876] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...139] [ip4][..udp] [.......10.0.0.1][59011] -> [...142.4.205.47][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...183] [ip4][..udp] [.......10.0.0.1][52056] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.......10.0.0.1][45722] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.......10.0.0.1][35495] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...174] [ip4][..udp] [.......10.0.0.1][38482] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....61] [ip4][..udp] [.......10.0.0.1][50035] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....79] [ip4][..udp] [.......10.0.0.1][55834] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...161] [ip4][..udp] [.......10.0.0.1][59589] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [.......10.0.0.1][50913] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [.......10.0.0.1][47685] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...122] [ip4][..udp] [.......10.0.0.1][52356] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...148] [ip4][..udp] [.......10.0.0.1][54215] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [.......10.0.0.1][46856] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...190] [ip4][..udp] [.......10.0.0.1][57090] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...115] [ip4][..udp] [.......10.0.0.1][41717] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.......10.0.0.1][33565] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [.......10.0.0.1][46229] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [.......10.0.0.1][37123] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.......10.0.0.1][51004] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....83] [ip4][..udp] [.......10.0.0.1][55979] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...136] [ip4][..udp] [.......10.0.0.1][52040] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [.......10.0.0.1][59476] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...215] [ip4][..udp] [.......10.0.0.1][33143] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...185] [ip4][..udp] [.......10.0.0.1][56335] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...176] [ip4][..udp] [.......10.0.0.1][59224] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...179] [ip4][..udp] [.......10.0.0.1][57180] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...223] [ip4][..udp] [.......10.0.0.1][49568] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...146] [ip4][..udp] [.......10.0.0.1][35885] -> [193.191.187.107][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...233] [ip4][..udp] [.......10.0.0.1][34024] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...195] [ip4][..udp] [.......10.0.0.1][51509] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [.......10.0.0.1][42156] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [.......10.0.0.1][46255] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....93] [ip4][..udp] [.......10.0.0.1][45987] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...128] [ip4][..udp] [.......10.0.0.1][55267] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...214] [ip4][..udp] [.......10.0.0.1][37287] -> [..107.170.57.34][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...153] [ip4][..udp] [.......10.0.0.1][38310] -> [..51.15.124.208][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [.......10.0.0.1][40009] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [.......10.0.0.1][38136] -> [....41.79.69.13][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [.......10.0.0.1][41913] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.......10.0.0.1][60301] -> [..149.56.228.45][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...200] [ip4][..udp] [.......10.0.0.1][41108] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...169] [ip4][..udp] [.......10.0.0.1][38709] -> [.185.253.154.66][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [.......10.0.0.1][44491] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...203] [ip4][..udp] [.......10.0.0.1][55469] -> [.144.91.106.227][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [.......10.0.0.1][43528] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...166] [ip4][..udp] [.......10.0.0.1][40748] -> [..5.189.170.196][..465] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [.......10.0.0.1][55822] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...207] [ip4][..udp] [.......10.0.0.1][33246] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....94] [ip4][..udp] [.......10.0.0.1][46063] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....92] [ip4][..udp] [.......10.0.0.1][37890] -> [..45.153.187.96][.4343] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...126] [ip4][..udp] [.......10.0.0.1][58740] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [.......10.0.0.1][60735] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....76] [ip4][..udp] [.......10.0.0.1][51770] -> [205.185.116.116][..553] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [.......10.0.0.1][47341] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...205] [ip4][..udp] [.......10.0.0.1][33293] -> [..46.227.200.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...226] [ip4][..udp] [.......10.0.0.1][49732] -> [...77.66.84.233][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....87] [ip4][..udp] [.......10.0.0.1][56688] -> [....51.15.62.65][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...230] [ip4][..udp] [.......10.0.0.1][60852] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [.......10.0.0.1][53299] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [.......10.0.0.1][57395] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...160] [ip4][..udp] [.......10.0.0.1][45613] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....71] [ip4][..udp] [.......10.0.0.1][59489] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...127] [ip4][..udp] [.......10.0.0.1][43224] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [.......10.0.0.1][38362] -> [..51.15.122.250][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [.......10.0.0.1][56997] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [.......10.0.0.1][44712] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...222] [ip4][..udp] [.......10.0.0.1][47971] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...196] [ip4][..udp] [.......10.0.0.1][45682] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...218] [ip4][..udp] [.......10.0.0.1][50062] -> [185.193.127.244][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [.......10.0.0.1][55123] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...198] [ip4][..udp] [.......10.0.0.1][49796] -> [..139.99.222.72][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [.......10.0.0.1][32970] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...162] [ip4][..udp] [.......10.0.0.1][45747] -> [167.114.220.125][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...131] [ip4][..udp] [.......10.0.0.1][59707] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...120] [ip4][..udp] [.......10.0.0.1][48325] -> [.176.56.237.171][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...182] [ip4][..udp] [.......10.0.0.1][34228] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [.......10.0.0.1][58936] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...186] [ip4][..udp] [.......10.0.0.1][60885] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...129] [ip4][..udp] [.......10.0.0.1][51589] -> [...45.76.113.31][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [.......10.0.0.1][56035] -> [.209.250.241.25][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...181] [ip4][..udp] [.......10.0.0.1][38371] -> [.212.47.228.136][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [.......10.0.0.1][33071] -> [..142.4.204.111][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...125] [ip4][..udp] [.......10.0.0.1][38594] -> [178.216.201.222][.2053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [.......10.0.0.1][59261] -> [104.238.186.192][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...192] [ip4][..udp] [.......10.0.0.1][39259] -> [....85.5.93.230][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...108] [ip4][..udp] [.......10.0.0.1][40595] -> [..93.95.226.165][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [.......10.0.0.1][49512] -> [..172.104.93.80][.1443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [.......10.0.0.1][43633] -> [.139.59.200.116][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [.......10.0.0.1][59405] -> [.185.134.196.55][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.......10.0.0.1][49518] -> [..62.210.180.71][.1053] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...231] [ip4][..udp] [.......10.0.0.1][44793] -> [..23.111.74.205][..443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [.......10.0.0.1][46313] -> [..52.65.235.129][..443] [DNScrypt][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....64] [ip4][..udp] [.......10.0.0.1][42570] -> [.149.112.112.10][.8443] [DNScrypt][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...240] [ip4][..udp] [.......10.0.0.1][40958] -> [...195.30.94.28][.8443] detected: [...240] [ip4][..udp] [.......10.0.0.1][40958] -> [...195.30.94.28][.8443] [DNScrypt][Unknown][Network][Acceptable] update: [...235] [ip4][..udp] [.......10.0.0.1][47545] -> [..151.80.222.79][..443] [DNScrypt][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/dnscrypt-v2-doh.pcap.out b/test/results/flow-info/default/dnscrypt-v2-doh.pcap.out index b945dd465..a07459095 100644 --- a/test/results/flow-info/default/dnscrypt-v2-doh.pcap.out +++ b/test/results/flow-info/default/dnscrypt-v2-doh.pcap.out @@ -174,8 +174,8 @@ idle: [....19] [ip4][..tcp] [.......10.0.0.1][59026] -> [....85.5.93.230][..443] [TLS.DoH_DoT][Unknown][Network][Acceptable] idle: [....23] [ip4][..tcp] [.......10.0.0.1][52176] -> [136.144.215.158][..443] [TLS.DoH_DoT][Unknown][Network][Acceptable] idle: [....22] [ip4][..tcp] [.......10.0.0.1][33338] -> [.....45.90.28.0][..443] [TLS.DoH_DoT][Unknown][Network][Acceptable] - idle: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] - idle: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] + idle: [.....1] [ip4][..tcp] [.......10.0.0.1][53674] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Unknown][Network][Acceptable] + idle: [.....2] [ip4][..tcp] [.......10.0.0.1][53676] -> [..139.99.222.72][..443] [TLS.DoH_DoT][Unknown][Network][Acceptable] idle: [....15] [ip4][..tcp] [.......10.0.0.1][36012] -> [..149.56.228.45][..453] [TLS.DoH_DoT][Unknown][Network][Acceptable] RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..tcp] [.......10.0.0.1][37530] -> [167.114.220.125][..453] [TLS.DoH_DoT][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/doq.pcapng.out b/test/results/flow-info/default/doq.pcapng.out index 68d4ff5e2..3b24c1274 100644 --- a/test/results/flow-info/default/doq.pcapng.out +++ b/test/results/flow-info/default/doq.pcapng.out @@ -8,7 +8,6 @@ detected: [.....2] [ip6][icmp6] [....................................::1] -> [....................................::1] [ICMPV6][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip6][icmp6] [....................................::1] -> [....................................::1] [ICMPV6][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....................................::1][47826] -> [....................................::1][..784] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Missing SNI TLS Extn, Unidirectional Traffic + RISK: Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/doq_adguard.pcapng.out b/test/results/flow-info/default/doq_adguard.pcapng.out index 36e9f24ca..6bd23feb8 100644 --- a/test/results/flow-info/default/doq_adguard.pcapng.out +++ b/test/results/flow-info/default/doq_adguard.pcapng.out @@ -15,5 +15,4 @@ [PKTLENS.....: 1260,168,1260,1280,1280,1270,83,84,184,81,1270,1270,1270,1270,255,59,83,84,69,292,140,86,59,69,423,59,70,59,87,89,89,69] [ENTROPIES...: 7.8,6.7,7.9,7.8,7.8,7.8,5.8,5.7,6.8,5.8,7.8,7.8,7.8,7.8,7.2,5.6,5.8,5.8,5.7,7.2,6.7,6.0,5.6,5.7,7.4,5.5,5.7,5.4,6.0,6.1,6.1,5.6] idle: [.....1] [ip4][..udp] [.192.168.12.169][41070] -> [...94.140.14.14][..784] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dos_win98_smb_netbeui.pcap.out b/test/results/flow-info/default/dos_win98_smb_netbeui.pcap.out index 256d51760..18b6f1fb5 100644 --- a/test/results/flow-info/default/dos_win98_smb_netbeui.pcap.out +++ b/test/results/flow-info/default/dos_win98_smb_netbeui.pcap.out @@ -29,7 +29,6 @@ ERROR-EVENT: Unknown packet type [16/16] update: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][Unknown][System][Acceptable] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] @@ -51,7 +50,6 @@ RISK: Unsafe Protocol update: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol @@ -71,7 +69,6 @@ idle: [.....2] [ip4][.icmp] [192.168.239.129] -> [......224.0.0.2] [ICMP][Unknown][Network][Acceptable] idle: [.....3] [ip4][..udp] [192.168.239.129][..137] -> [192.168.239.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [.....1] [ip4][..udp] [192.168.239.129][..137] -> [..192.168.239.2][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [192.168.239.129][..138] -> [192.168.239.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dropbox.pcap.out b/test/results/flow-info/default/dropbox.pcap.out index bf603ed34..f06444011 100644 --- a/test/results/flow-info/default/dropbox.pcap.out +++ b/test/results/flow-info/default/dropbox.pcap.out @@ -68,13 +68,9 @@ detection-update: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Unknown][Network][Acceptable][client-cf.dropbox.com] detection-update: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Unknown][Network][Acceptable][d.dropbox.com] idle: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] detected: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Unknown][Network][Acceptable][log.getdropbox.com] RISK: Unidirectional Traffic diff --git a/test/results/flow-info/default/dtls.pcap.out b/test/results/flow-info/default/dtls.pcap.out index 9510d4bdb..faafc29b6 100644 --- a/test/results/flow-info/default/dtls.pcap.out +++ b/test/results/flow-info/default/dtls.pcap.out @@ -4,5 +4,6 @@ new: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] detected: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic - idle: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] + idle: [.....1] [ip4][..udp] [.192.168.13.203][40739] -> [..192.168.13.57][56515] [DTLS][Unknown][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dtls2.pcap.out b/test/results/flow-info/default/dtls2.pcap.out index 80a02cb40..ca371fd7e 100644 --- a/test/results/flow-info/default/dtls2.pcap.out +++ b/test/results/flow-info/default/dtls2.pcap.out @@ -5,6 +5,8 @@ detected: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + detection-update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn update: [.....1] [ip4][..udp] [..61.68.110.153][53045] -> [..212.32.214.39][61457] [DTLS][Unknown][Web][Safe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn diff --git a/test/results/flow-info/default/dtls_certificate.pcapng.out b/test/results/flow-info/default/dtls_certificate.pcapng.out index a0d317f64..4ff1ad531 100644 --- a/test/results/flow-info/default/dtls_certificate.pcapng.out +++ b/test/results/flow-info/default/dtls_certificate.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..udp] [..191.62.60.190][..443] -> [.163.205.15.180][38876] [DTLS.WindowsUpdate][Unknown][SoftwareUpdate][Safe] RISK: TLS Cert Expired, Unidirectional Traffic idle: [.....1] [ip4][..udp] [..191.62.60.190][..443] -> [.163.205.15.180][38876] [DTLS.WindowsUpdate][Unknown][SoftwareUpdate][Safe] - RISK: TLS Cert Expired, Unidirectional Traffic + RISK: TLS Cert Expired DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dtls_certificate_fragments.pcap.out b/test/results/flow-info/default/dtls_certificate_fragments.pcap.out index c7b50a736..987eb48d8 100644 --- a/test/results/flow-info/default/dtls_certificate_fragments.pcap.out +++ b/test/results/flow-info/default/dtls_certificate_fragments.pcap.out @@ -5,11 +5,13 @@ detected: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS][GoogleCloud][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS][GoogleCloud][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + detection-update: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS][GoogleCloud][Web][Safe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.10.186.198.149][39347] -> [..35.210.59.134][44443] [DTLS][GoogleCloud][Web][Safe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, TLS Cert About To Expire DAEMON-EVENT: [Processed: 20 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] new: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] detected: [.....2] [ip4][..udp] [...192.168.1.26][43594] -> [.104.153.87.149][50001] [DTLS][Discord][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic diff --git a/test/results/flow-info/default/dtls_mid_sessions.pcapng.out b/test/results/flow-info/default/dtls_mid_sessions.pcapng.out index d81990976..1e885a449 100644 --- a/test/results/flow-info/default/dtls_mid_sessions.pcapng.out +++ b/test/results/flow-info/default/dtls_mid_sessions.pcapng.out @@ -14,11 +14,7 @@ detected: [.....4] [ip4][..udp] [170.151.105.215][..443] -> [.72.102.179.218][62811] [DTLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.135.215.56.198][..443] -> [..124.73.140.89][61189] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [170.151.105.215][..443] -> [121.152.255.238][.8460] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..53.214.238.65][53558] -> [199.186.151.155][..443] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [170.151.105.215][..443] -> [.72.102.179.218][62811] [DTLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/dtls_old_version.pcapng.out b/test/results/flow-info/default/dtls_old_version.pcapng.out index 692940192..7d73b003c 100644 --- a/test/results/flow-info/default/dtls_old_version.pcapng.out +++ b/test/results/flow-info/default/dtls_old_version.pcapng.out @@ -5,6 +5,8 @@ detected: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + detection-update: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [.....1] [ip4][..udp] [...37.188.4.115][56453] -> [....70.66.6.128][..443] [DTLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher diff --git a/test/results/flow-info/default/dtls_session_id_and_coockie_both.pcap.out b/test/results/flow-info/default/dtls_session_id_and_coockie_both.pcap.out index 1d1b644ac..49d0c3a9f 100644 --- a/test/results/flow-info/default/dtls_session_id_and_coockie_both.pcap.out +++ b/test/results/flow-info/default/dtls_session_id_and_coockie_both.pcap.out @@ -6,6 +6,8 @@ RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, Unidirectional Traffic detection-update: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn + detection-update: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Unknown][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn idle: [.....1] [ip4][..udp] [185.196.113.239][50257] -> [223.116.105.247][44443] [DTLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/elasticsearch.pcap.out b/test/results/flow-info/default/elasticsearch.pcap.out index 3079c7b4f..251b9217b 100644 --- a/test/results/flow-info/default/elasticsearch.pcap.out +++ b/test/results/flow-info/default/elasticsearch.pcap.out @@ -23,13 +23,9 @@ detected: [.....7] [ip4][..tcp] [..172.16.17.102][47980] -> [..172.16.16.106][.9300] [Elasticsearch][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [..172.16.17.102][47980] -> [..172.16.16.106][.9300] [Elasticsearch][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [..172.16.17.102][48028] -> [..172.16.16.106][.9300] [Elasticsearch][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..172.16.17.102][48038] -> [..172.16.16.106][.9300] [Elasticsearch][Unknown][System][Acceptable] idle: [.....5] [ip4][..tcp] [..172.16.16.107][.9300] -> [..172.16.17.102][40298] [Elasticsearch][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [..172.16.16.107][.9300] -> [..172.16.17.102][40342] [Elasticsearch][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [..172.16.16.107][33288] -> [..172.16.17.102][.9300] [Elasticsearch][Unknown][System][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/emotet.pcap.out b/test/results/flow-info/default/emotet.pcap.out index 956e185a0..286ba1ff8 100644 --- a/test/results/flow-info/default/emotet.pcap.out +++ b/test/results/flow-info/default/emotet.pcap.out @@ -69,7 +69,7 @@ RISK: TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Unknown][Web][Safe][] RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - analyse: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] + analyse: [.....5] [ip4][..tcp] [....10.4.25.101][49803] -> [138.197.147.101][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.263| 0.113| 0.288| 82863.079| 2.700] [PKTLEN......: 46.000| 1428.000| 682.000| 663.200| 439900.200| 4.200] diff --git a/test/results/flow-info/default/encrypted_sni.pcap.out b/test/results/flow-info/default/encrypted_sni.pcap.out index 028795d15..563dc9e67 100644 --- a/test/results/flow-info/default/encrypted_sni.pcap.out +++ b/test/results/flow-info/default/encrypted_sni.pcap.out @@ -10,7 +10,10 @@ new: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe][] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] - idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] - idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] + idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/esp.pcapng.out b/test/results/flow-info/default/esp.pcapng.out index 08aa2cba5..043dcaa94 100644 --- a/test/results/flow-info/default/esp.pcapng.out +++ b/test/results/flow-info/default/esp.pcapng.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.2.3.2][..500] -> [.......10.3.4.4][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][...50] [.......10.2.3.2] -> [.......10.3.4.4] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ethereum.pcap.out b/test/results/flow-info/default/ethereum.pcap.out index d099bf8ad..56d53c5c1 100644 --- a/test/results/flow-info/default/ethereum.pcap.out +++ b/test/results/flow-info/default/ethereum.pcap.out @@ -499,18 +499,14 @@ end: [....43] [ip4][..tcp] [..192.168.1.184][56645] -> [.185.219.133.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....46] [ip4][..tcp] [..192.168.1.184][56650] -> [.35.228.250.140][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] idle: [....50] [ip4][..udp] [..192.168.1.184][30303] -> [.18.219.167.159][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....68] [ip4][..tcp] [..192.168.1.184][56679] -> [..35.228.158.52][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] end: [....65] [ip4][..tcp] [..192.168.1.184][56674] -> [...94.68.55.162][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....34] [ip4][..tcp] [..192.168.1.184][56635] -> [.162.228.29.160][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....70] [ip4][..tcp] [..192.168.1.184][56681] -> [207.180.206.216][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....56] [ip4][..tcp] [..192.168.1.184][56662] -> [..35.229.232.19][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] idle: [....37] [ip4][..udp] [..192.168.1.184][30303] -> [.35.180.246.169][30301] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [..192.168.1.184][30303] -> [..54.36.160.211][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [..192.168.1.184][30303] -> [..106.12.39.168][30333] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [....74] [ip4][..tcp] [..192.168.1.184][56686] -> [.206.189.107.35][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....13] [ip4][..tcp] [..192.168.1.184][56615] -> [.35.158.244.151][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] guessed: [....42] [ip4][..tcp] [..192.168.1.184][56644] -> [..13.230.108.42][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] @@ -521,29 +517,21 @@ end: [....20] [ip4][..tcp] [..192.168.1.184][56624] -> [....89.38.99.34][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....49] [ip4][..tcp] [..192.168.1.184][56654] -> [..85.214.108.52][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [.....3] [ip4][..udp] [...3.112.138.57][25516] -> [..192.168.1.184][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....10] [ip4][..tcp] [..192.168.1.184][56610] -> [..165.22.107.33][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [.....1] [ip4][..udp] [...87.14.222.25][56693] -> [..192.168.1.184][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....53] [ip4][..tcp] [..192.168.1.184][56658] -> [.157.230.152.87][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....40] [ip4][..tcp] [..192.168.1.184][56642] -> [..178.62.10.218][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....41] [ip4][..tcp] [..192.168.1.184][56643] -> [..178.62.29.183][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....61] [ip4][..tcp] [..192.168.1.184][56670] -> [..167.86.122.50][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....31] [ip4][..udp] [..192.168.1.184][30303] -> [..111.229.0.180][20182] [ETHEREUM][Tencent][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....23] [ip4][..tcp] [..192.168.1.184][56627] -> [..34.255.23.113][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] end: [....15] [ip4][..tcp] [..192.168.1.184][56618] -> [.52.231.165.108][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] end: [....64] [ip4][..tcp] [..192.168.1.184][56673] -> [..78.47.147.155][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....71] [ip4][..udp] [..192.168.1.184][30303] -> [..167.86.122.50][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [..192.168.1.184][30303] -> [...209.97.143.1][50000] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.1.184][30303] -> [.52.231.165.108][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...60.191.32.71][30303] -> [..192.168.1.184][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [183.129.242.164][.1024] -> [..192.168.1.184][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....22] [ip4][..tcp] [..192.168.1.184][56626] -> [178.128.195.220][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....51] [ip4][..tcp] [..192.168.1.184][56655] -> [.202.112.28.106][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] guessed: [....21] [ip4][..tcp] [..192.168.1.184][56625] -> [.....5.1.83.226][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] @@ -560,19 +548,15 @@ end: [....57] [ip4][..tcp] [..192.168.1.184][56663] -> [124.217.235.180][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....47] [ip4][..tcp] [..192.168.1.184][56651] -> [..138.201.12.87][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....26] [ip4][..udp] [..192.168.1.184][30303] -> [...128.0.51.140][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....44] [ip4][..tcp] [..192.168.1.184][56646] -> [..172.105.94.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....48] [ip4][..tcp] [..192.168.1.184][56652] -> [..176.9.136.209][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....59] [ip4][..udp] [..192.168.1.184][30303] -> [.202.112.28.106][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....18] [ip4][..tcp] [..192.168.1.184][56622] -> [..18.138.108.67][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] end: [....19] [ip4][..tcp] [..192.168.1.184][56623] -> [...18.138.81.28][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] idle: [.....9] [ip4][..tcp] [..192.168.1.184][56612] -> [...66.42.82.246][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.1.184][30303] -> [....3.209.45.79][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....11] [ip4][..tcp] [..192.168.1.184][56611] -> [..104.42.217.25][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] idle: [.....7] [ip4][..udp] [..192.168.1.184][30303] -> [...34.97.172.22][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....63] [ip4][..tcp] [..192.168.1.184][56672] -> [139.162.255.210][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....16] [ip4][..tcp] [..192.168.1.184][56620] -> [191.234.162.198][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] end: [....45] [ip4][..tcp] [..192.168.1.184][56647] -> [.182.162.161.61][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] @@ -582,11 +566,9 @@ end: [....17] [ip4][..tcp] [..192.168.1.184][56621] -> [..52.187.207.27][30303] [ETHEREUM][Azure][Crypto_Currency][Acceptable] idle: [....67] [ip4][..tcp] [..192.168.1.184][56678] -> [..13.251.14.199][30303] [ETHEREUM][AmazonAWS][Crypto_Currency][Acceptable] idle: [.....6] [ip4][..udp] [..192.168.1.184][30303] -> [..18.138.108.67][30303] [ETHEREUM][ETHEREUM][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....66] [ip4][..tcp] [..192.168.1.184][56675] -> [..35.235.37.216][30303] [ETHEREUM][GoogleCloud][Crypto_Currency][Acceptable] end: [....72] [ip4][..tcp] [..192.168.1.184][56684] -> [...51.83.237.44][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [.....8] [ip4][..udp] [..192.168.1.184][30303] -> [...66.42.82.246][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] - RISK: Unidirectional Traffic end: [....62] [ip4][..tcp] [..192.168.1.184][56671] -> [..86.107.243.62][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] idle: [....73] [ip4][..tcp] [..192.168.1.184][56685] -> [...88.99.93.219][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] end: [....12] [ip4][..tcp] [..192.168.1.184][56613] -> [.162.243.160.83][30303] [ETHEREUM][Unknown][Crypto_Currency][Acceptable] diff --git a/test/results/flow-info/default/ethernetIP.pcap.out b/test/results/flow-info/default/ethernetIP.pcap.out index d147e1a1c..914d78cc4 100644 --- a/test/results/flow-info/default/ethernetIP.pcap.out +++ b/test/results/flow-info/default/ethernetIP.pcap.out @@ -14,11 +14,7 @@ detected: [.....4] [ip4][..tcp] [....141.81.0.10][62717] -> [....141.81.0.23][44818] [EthernetIP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [....141.81.0.10][50275] -> [....141.81.0.83][44818] [EthernetIP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [....141.81.0.10][62717] -> [....141.81.0.23][44818] [EthernetIP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [....141.81.0.63][44818] -> [....141.81.0.10][52593] [EthernetIP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [....141.81.0.10][52594] -> [....141.81.0.43][44818] [EthernetIP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/facebook.pcap.out b/test/results/flow-info/default/facebook.pcap.out index 8c0a6aa82..64d7fdf98 100644 --- a/test/results/flow-info/default/facebook.pcap.out +++ b/test/results/flow-info/default/facebook.pcap.out @@ -18,6 +18,6 @@ [IATS(ms)....: 132.1,132.1,0.2,154.7,0.5,155.0,0.2,3.3,129.4,125.9,0.4,0.4,0.8,119.2,4.5,123.7,0.6,0.6,1.2,4.9,0.6,5.6,8.9,7.8,16.7,0.9,0.5,1.4,0.8,0.7,1.4] [PKTLENS.....: 60,60,52,569,52,198,52,103,438,133,90,90,94,52,1440,431,52,1440,576,52,1440,1440,52,1440,1440,52,1440,1440,52,1440,1440,52] [ENTROPIES...: 4.8,5.2,5.1,6.2,5.1,6.5,5.1,5.5,7.5,6.5,5.6,5.9,6.0,5.0,7.8,7.6,5.0,7.9,7.6,5.0,7.9,7.9,5.1,7.9,7.9,5.1,7.9,7.9,5.0,7.8,7.9,5.0] - idle: [.....1] [ip4][..tcp] [..192.168.43.18][52066] -> [..66.220.156.68][..443] + idle: [.....1] [ip4][..tcp] [..192.168.43.18][52066] -> [..66.220.156.68][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] idle: [.....2] [ip4][..tcp] [..192.168.43.18][44614] -> [....31.13.86.36][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/firefox.pcap.out b/test/results/flow-info/default/firefox.pcap.out index 9484e04bb..7b63fcdb5 100644 --- a/test/results/flow-info/default/firefox.pcap.out +++ b/test/results/flow-info/default/firefox.pcap.out @@ -19,10 +19,10 @@ detection-update: [.....5] [ip4][..tcp] [..192.168.1.178][51600] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....4] [ip4][..tcp] [..192.168.1.178][51599] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....6] [ip4][..tcp] [..192.168.1.178][51601] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] - idle: [.....1] [ip4][..tcp] [..192.168.1.178][51577] -> [...146.48.58.18][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.178][51577] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.178][51583] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] - idle: [.....3] [ip4][..tcp] [..192.168.1.178][51588] -> [...146.48.58.18][..443] - idle: [.....4] [ip4][..tcp] [..192.168.1.178][51599] -> [...146.48.58.18][..443] - idle: [.....5] [ip4][..tcp] [..192.168.1.178][51600] -> [...146.48.58.18][..443] - idle: [.....6] [ip4][..tcp] [..192.168.1.178][51601] -> [...146.48.58.18][..443] + idle: [.....3] [ip4][..tcp] [..192.168.1.178][51588] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....4] [ip4][..tcp] [..192.168.1.178][51599] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....5] [ip4][..tcp] [..192.168.1.178][51600] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] + idle: [.....6] [ip4][..tcp] [..192.168.1.178][51601] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/fix.pcap.out b/test/results/flow-info/default/fix.pcap.out index 0e34a4da0..e9b483f25 100644 --- a/test/results/flow-info/default/fix.pcap.out +++ b/test/results/flow-info/default/fix.pcap.out @@ -88,27 +88,15 @@ [PKTLENS.....: 91,52,112,52,91,52,91,52,137,52,91,52,91,52,112,52,91,52,112,52,91,52,91,52,137,52,91,52,133,52,91,52] [ENTROPIES...: 5.6,5.1,5.5,5.1,5.5,5.1,5.4,5.1,6.3,5.1,5.4,5.2,5.5,5.2,5.4,5.2,5.4,5.1,5.6,5.2,5.4,5.2,5.4,5.1,6.5,5.2,5.5,5.1,5.5,5.2,5.5,5.2] idle: [.....3] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45578] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][45584] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40918] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [....12] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][40928] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [....11] [ip4][..tcp] [..217.192.86.32][.4000] -> [...192.168.0.20][53330] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][43594] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47952] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47962] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.....8.17.22.31][.4000] -> [...192.168.0.20][47968] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38646] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][38652] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic idle: [....10] [ip4][..tcp] [..208.245.107.3][.4000] -> [...192.168.0.20][39094] [FIX][Unknown][RPC][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/forticlient.pcap.out b/test/results/flow-info/default/forticlient.pcap.out index a62055aa9..0a96f439f 100644 --- a/test/results/flow-info/default/forticlient.pcap.out +++ b/test/results/flow-info/default/forticlient.pcap.out @@ -46,10 +46,14 @@ [IATS(ms)....: 62.6,62.7,2.3,64.5,19.9,1.9,84.0,11.2,85.3,74.2,429.6,495.0,65.4,84.5,160.2,75.7,71.6,6.3,142.9,0.6,65.6,0.3,0.2,2.9,4.0,0.0,64.2,57.2,0.4,4.0,0.1] [PKTLENS.....: 64,60,52,365,52,1492,1033,52,210,294,52,582,827,52,348,923,52,343,99,52,99,52,99,52,99,117,103,99,52,99,111,111] [ENTROPIES...: 4.4,5.3,5.0,6.1,5.2,7.1,7.7,5.1,6.7,7.2,5.0,7.6,7.7,5.1,7.4,7.8,5.1,7.4,6.0,5.2,6.1,5.2,6.1,5.1,6.0,6.2,6.0,6.2,5.1,6.1,6.2,6.3] - end: [.....1] [ip4][..tcp] [..192.168.1.178][61805] -> [....82.81.46.13][10443] - end: [.....2] [ip4][..tcp] [..192.168.1.178][61806] -> [....82.81.46.13][10443] - end: [.....3] [ip4][..tcp] [..192.168.1.178][61811] -> [....82.81.46.13][10443] - end: [.....4] [ip4][..tcp] [..192.168.1.178][61812] -> [....82.81.46.13][10443] + end: [.....1] [ip4][..tcp] [..192.168.1.178][61805] -> [....82.81.46.13][10443] [TLS.FortiClient][Unknown][VPN][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS + end: [.....2] [ip4][..tcp] [..192.168.1.178][61806] -> [....82.81.46.13][10443] [TLS.FortiClient][Unknown][VPN][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS + end: [.....3] [ip4][..tcp] [..192.168.1.178][61811] -> [....82.81.46.13][10443] [TLS.FortiClient][Unknown][VPN][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS + end: [.....4] [ip4][..tcp] [..192.168.1.178][61812] -> [....82.81.46.13][10443] [TLS.FortiClient][Unknown][VPN][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS idle: [.....5] [ip4][..tcp] [..192.168.1.178][61820] -> [....82.81.46.13][10443] [TLS.FortiClient][Unknown][VPN][Safe] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ftp-start-tls.pcap.out b/test/results/flow-info/default/ftp-start-tls.pcap.out index ca589c1ed..99ec9172c 100644 --- a/test/results/flow-info/default/ftp-start-tls.pcap.out +++ b/test/results/flow-info/default/ftp-start-tls.pcap.out @@ -10,7 +10,7 @@ RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn detection-update: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, Unsafe Protocol, Missing SNI TLS Extn - analyse: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] + analyse: [.....1] [ip4][..tcp] [...10.238.26.36][62092] -> [...10.220.50.76][...21] [FTPS][Unknown][Download][Unsafe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.040| 0.005| 0.010| 91.331| 3.200] [PKTLEN......: 46.000| 552.000| 160.900| 164.200| 26956.400| 4.400] diff --git a/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out b/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out index 47ac560f0..50f270a7e 100644 --- a/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out +++ b/test/results/flow-info/default/fuzz-2006-06-26-2594.pcap.out @@ -58,18 +58,19 @@ new: [....18] [ip4][..tcp] [....192.168.1.2][.2717] -> [..147.137.21.94][..445] new: [....19] [ip4][..tcp] [....192.168.1.2][.2718] -> [..147.137.21.94][..139] new: [....20] [ip4][..tcp] [...192.168.1.71][.2718] -> [.147.137.21.122][..139] - update: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] + update: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] [DNS][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable] + update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] - update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] + update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] + update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] update: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] new: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] @@ -110,8 +111,8 @@ new: [....43] [ip4][..tcp] [.....37.115.0.2][.2639] -> [..147.234.1.253][...21] [MIDSTREAM] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [6/16] update: [....16] [ip4][..udp] [..208.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] update: [....15] [ip4][..udp] [....192.168.1.1][.9587] -> [....192.168.1.2][..156] new: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] detected: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -120,22 +121,23 @@ detected: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] - update: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] + update: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] [DNS][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....17] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.251][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....2] [ip4][..udp] [....217.168.1.2][..137] -> [..192.168.1.255][..137] update: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable] + update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] - update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] + update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] + update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] update: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] detection-update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -154,11 +156,12 @@ detected: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable][_zip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [..208.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] update: [....22] [ip4][..udp] [....192.168.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet - update: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] + update: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....15] [ip4][..udp] [....192.168.1.1][.9587] -> [....192.168.1.2][..156] new: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] detected: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -168,46 +171,51 @@ detected: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] - idle: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] + idle: [.....4] [ip4][..udp] [....192.168.1.2][.2712] -> [...192.37.115.0][...53] [DNS][Unknown][Network][Acceptable] guessed: [.....2] [ip4][..udp] [....217.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][] idle: [.....2] [ip4][..udp] [....217.168.1.2][..137] -> [..192.168.1.255][..137] - idle: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] + idle: [.....3] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....17] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.251][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable] + update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] - update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] + update: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] - update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] - update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] + update: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable] + update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] - update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] update: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] update: [.....9] [ip4][..udp] [....192.168.1.2][.2597] -> [....192.168.1.1][29440] update: [.....5] [ip4][..udp] [....192.168.1.2][.2712] -> [....192.168.1.1][49973] idle: [....17] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.251][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....16] [ip4][..udp] [..208.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [...192.168.1.52][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [....192.168.1.3][...53] -> [....192.168.1.2][.2712] [DNS][Unknown][Network][Acceptable] + idle: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [.....8] [ip4][..udp] [..192.168.1.110][.2713] -> [....192.168.1.1][...53] - idle: [.....7] [ip4][..udp] [....192.168.1.2][.2713] -> [....192.168.1.1][...53] idle: [....10] [ip4][..udp] [....192.168.1.2][.2714] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] - idle: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] + idle: [....13] [ip4][..udp] [....192.168.1.2][.2715] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [....14] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic not-detected: [....41] [ip4][..tcp] [....192.168.1.2][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic end: [....41] [ip4][..tcp] [....192.168.1.2][.2721] -> [..147.234.1.253][58999] @@ -226,20 +234,22 @@ update: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [....192.168.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet - update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] - update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] + update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable] + update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] - update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] update: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] - update: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] + update: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] detected: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_dom] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] @@ -249,20 +259,22 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] idle: [....22] [ip4][..udp] [....192.168.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet - idle: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] + idle: [....21] [ip4][..udp] [....192.114.1.2][.2719] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] - update: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] update: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable] + update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] - update: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] update: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] new: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] @@ -279,7 +291,8 @@ new: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] detected: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic - idle: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] + idle: [....44] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.136.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic detection-update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberxity.dk] RISK: Unidirectional Traffic detection-update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -293,17 +306,20 @@ not-detected: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][.9587] - idle: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] - idle: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable] + idle: [....45] [ip4][..udp] [....192.168.1.2][.2722] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + idle: [....46] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2723] [DNS][Unknown][Network][Acceptable] guessed: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] [NetBIOS][Unknown][System][Acceptable][] idle: [....49] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][25481] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] - idle: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] - idle: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] + idle: [....50] [ip4][..udp] [....192.168.1.2][.2724] -> [...192.168.17.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....48] [ip4][..udp] [....192.168.1.2][.2724] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] + update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] detected: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -318,22 +334,23 @@ RISK: Malformed Packet, Unidirectional Traffic idle: [....51] [ip4][..udp] [....192.168.1.2][.2725] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....52] [ip4][..udp] [...192.168.1.46][...53] -> [....192.168.1.2][.2726] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] - update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] - update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] update: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] - update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] - update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] + update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] new: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] detected: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -369,9 +386,12 @@ new: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] detected: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic - update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] - update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] - update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] + update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] detected: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -382,25 +402,29 @@ RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] - update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] - update: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] - update: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] update: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] - update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] - update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] - update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] + update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] ERROR-EVENT: Unknown packet type [1/16] new: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] @@ -409,7 +433,8 @@ detection-update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] update: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] + update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] detected: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -419,14 +444,18 @@ RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [....192.168.1.2][43690] -> [192.170.170.170][43690] idle: [....53] [ip4][..udp] [..192.168.1.202][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] + idle: [....54] [ip4][..udp] [....192.168.1.2][.2732] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] - update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] - update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] - update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] - update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] - update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable] + update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable] new: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] new: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] detected: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -438,25 +467,29 @@ new: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] detected: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp._s?p.brvjula.net] RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic - idle: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] + idle: [....60] [ip4][..udp] [....172.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Azure][Network][Acceptable] + RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + idle: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [....56] [ip4][..udp] [....192.168.1.2][.2733] -> [..192.168.115.1][...53] - idle: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] - update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] + idle: [....59] [ip4][..udp] [....192.168.1.2][.2734] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] - update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] - update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] - update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] - update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] + update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] update: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] new: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] detected: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -481,11 +514,12 @@ RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic guessed: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] [NetBIOS][Unknown][System][Acceptable][] idle: [....63] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..169] - idle: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] - idle: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] + idle: [....61] [ip4][..udp] [....200.168.1.2][.2735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + idle: [....62] [ip4][..udp] [....253.168.1.1][...53] -> [....192.168.1.2][.2735] [DNS][Unknown][Network][Acceptable] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] + update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] new: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] detected: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -506,13 +540,17 @@ RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] - update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] - update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] - update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] - update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] + update: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable] + update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] new: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] detected: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic @@ -536,19 +574,22 @@ RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] update: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] update: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] - update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] - update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] + update: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable] + update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] - update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] + update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] new: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] detected: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -558,12 +599,12 @@ RISK: Unidirectional Traffic detection-update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.527.in-addr.arpa] new: [...105] [ip4][..udp] [.....192.86.1.2][.5060] -> [..200.68.120.99][.5060] - update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] - update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] + update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] + update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] + update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] @@ -571,42 +612,53 @@ new: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] detected: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyberciwy.dk] RISK: Unidirectional Traffic - idle: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] - idle: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] - idle: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] - update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + idle: [....65] [ip4][..udp] [....192.168.1.2][.2684] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + idle: [....66] [ip4][..udp] [....192.168.1.2][.2736] -> [...192.168.1.17][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....64] [ip4][..udp] [....192.168.1.2][.2736] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] update: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] + update: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] - update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] - update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] + update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] detected: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic detection-update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [....192.168.1.2][20932] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [....192.168.1.2][.2737] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] + idle: [....69] [ip4][..udp] [....192.168.1.2][.2738] -> [...192.168.84.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] - update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] + update: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable] + update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] new: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] detected: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic detection-update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] - idle: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] - idle: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] - update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] + idle: [....71] [ip4][..udp] [....192.168.1.2][.2716] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....70] [ip4][..udp] [....192.168.1.2][.2738] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 241 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 63 / 109|skipped: 0|!detected: 6|guessed: 4|detection-updates: 26|updates: 178] new: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] @@ -619,35 +671,37 @@ guessed: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] [NetBIOS][Unknown][System][Acceptable][] idle: [....74] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][.8329] idle: [....72] [ip4][..udp] [....192.168.1.2][.2739] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] + idle: [....73] [ip4][..udp] [....192.168.1.2][.2740] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...105] [ip4][..udp] [.....192.86.1.2][.5060] -> [..200.68.120.99][.5060] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] - update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] - update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] + RISK: Known Proto on Non Std Port + update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable] + update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] - update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] + update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] + update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic - update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] + update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] new: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] detected: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.v.0.127.in-addr.arpa] @@ -665,16 +719,19 @@ [PKTLENS.....: 78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78,78] [ENTROPIES...: 4.3,4.2,4.2,4.3,4.2,4.2,4.2,4.3,4.3,4.3,4.3,4.3,4.3,4.2,4.2,4.2,4.3,4.2,4.2,4.3,4.2,4.2,4.2,4.3,4.2,4.2,4.3,4.3,4.3,4.3,4.2,3.2] idle: [....76] [ip4][..udp] [..192.168.130.1][...53] -> [....192.168.1.2][.2741] [DNS][Unknown][Network][Acceptable] + idle: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [....75] [ip4][..udp] [....192.168.1.2][.2741] -> [....192.168.1.1][...53] update: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] - update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] - update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] - update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] + update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] detected: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic @@ -687,17 +744,22 @@ RISK: Unidirectional Traffic detection-update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.gybercity.dk] RISK: Unidirectional Traffic - idle: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] + idle: [....77] [ip4][..udp] [....192.168.1.2][.2742] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic not-detected: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [....192.168.1.2][.2730] -> [....192.168.1.1][43690] update: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] - update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] - update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] + update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] new: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] detected: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.sn-addr.arpa] @@ -705,7 +767,8 @@ new: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] idle: [....79] [ip4][..udp] [....192.168.1.2][.2743] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] - update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] + update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] new: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] @@ -717,41 +780,45 @@ detection-update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [....192.168.1.2][...88] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] + idle: [....80] [ip4][..udp] [....192.168.1.2][.2744] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...105] [ip4][..udp] [.....192.86.1.2][.5060] -> [..200.68.120.99][.5060] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] - update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] - update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + RISK: Known Proto on Non Std Port + update: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] update: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable] + update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] - update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] + update: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] + update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] - update: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] - update: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] - update: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] + update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic - update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] - update: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] new: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] detected: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] new: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] @@ -767,11 +834,13 @@ RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [..192.168.1.170][43690] -> [170.170.170.170][43690] idle: [....83] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2745] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] - update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] + idle: [....86] [ip4][..udp] [...192.168.1.34][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] - update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] + update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [3/16] new: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] detected: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -786,22 +855,29 @@ RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic detection-update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Error Code, Unidirectional Traffic - idle: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] - idle: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] - idle: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] + idle: [....87] [ip4][..udp] [....192.168.1.2][.2747] -> [.....67.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....84] [ip4][..udp] [....192.168.1.2][.2746] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] + idle: [....88] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2747] [DNS][Unknown][Network][Acceptable] + idle: [....90] [ip4][..udp] [....192.168.1.2][.2748] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [....89] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.4932] [SIP][Unknown][VoIP][Acceptable] + update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] - update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] + update: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + update: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] - update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] - update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] + update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] detected: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -821,30 +897,33 @@ detected: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic idle: [....93] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2733] [DNS][Unknown][Network][Acceptable] + idle: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [....92] [ip4][..udp] [....192.168.1.2][.2749] -> [....192.168.1.1][...53] - idle: [....95] [ip4][..udp] [....192.168.1.2][10942] -> [....192.168.1.1][...53] - idle: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] + idle: [....94] [ip4][..udp] [....192.168.1.2][.2750] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...105] [ip4][..udp] [.....192.86.1.2][.5060] -> [..200.68.120.99][.5060] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] + RISK: Known Proto on Non Std Port + update: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] + update: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] + update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic - update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] - update: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] new: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] detected: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -860,20 +939,26 @@ detection-update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Malformed Packet, Unidirectional Traffic idle: [....99] [ip4][..udp] [....192.168.1.2][.4292] -> [..200.68.37.115][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [....192.168.1.2][.4901] -> [..200.68.120.81][29440] [SIP][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] + RISK: Known Proto on Non Std Port + idle: [...101] [ip4][..udp] [....192.168.1.2][.2752] -> [....102.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic idle: [....97] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2751] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + idle: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - idle: [....96] [ip4][..udp] [...192.168.1.18][.2751] -> [....192.168.1.1][...53] - idle: [....98] [ip4][..udp] [....192.168.1.2][.2752] -> [....192.168.1.1][...53] - idle: [...102] [ip4][..udp] [.....192.98.1.2][.2752] -> [.....25.168.1.1][...53] - update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] update: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] - update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] + update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] new: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] detected: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -884,10 +969,9 @@ idle: [...105] [ip4][..udp] [.....192.86.1.2][.5060] -> [..200.68.120.99][.5060] idle: [...104] [ip4][..udp] [....192.168.1.2][.2753] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...103] [ip4][..udp] [....192.169.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Error Code, Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] @@ -902,27 +986,36 @@ ERROR-EVENT: Unknown packet type [4/16] detection-update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic - idle: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] - idle: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] + idle: [...108] [ip4][..udp] [.....14.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...106] [ip4][..udp] [....192.168.1.2][.2754] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic update: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] update: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] + update: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] - update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] - update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] - update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] + update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic - update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] - update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] + RISK: Malformed Packet + update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] new: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] detected: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -937,7 +1030,8 @@ idle: [...109] [ip4][..udp] [....192.168.1.2][.2755] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [....58] [ip4][..120] [....192.168.1.2] -> [..212.242.33.35] update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] + update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic new: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] detected: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic @@ -950,46 +1044,61 @@ RISK: Unidirectional Traffic detection-update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - idle: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] + idle: [...110] [ip4][..udp] [....192.168.1.2][.2756] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] - update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] + update: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] - update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] + update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Unidirectional Traffic + update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Error Code, Unidirectional Traffic - update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] - update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] - update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] + update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] new: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] detected: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.il-addr.arpa] RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] - idle: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] + idle: [...112] [ip4][..udp] [....192.168.1.2][.2640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...111] [ip4][..udp] [....192.168.1.2][.2757] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - idle: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] + idle: [...113] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] update: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] update: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] - update: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] - update: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] - update: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] - update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] update: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet + update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Unidirectional Traffic - update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] - update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] - update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] new: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] detected: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic @@ -1005,21 +1114,25 @@ guessed: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic idle: [...114] [ip4][..udp] [.192.168.37.115][.2758] -> [....128.168.1.1][...53] - idle: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] + idle: [...115] [ip4][..udp] [....192.168.1.2][.2758] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] - update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] - update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable] + update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable] new: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] detected: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-aqd?.arpa] RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic detection-update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected - idle: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] - update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] + idle: [...116] [ip4][..udp] [....192.168.1.2][.2759] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] detected: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -1031,19 +1144,25 @@ guessed: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic idle: [...118] [ip4][..udp] [.....192.22.1.2][.2760] -> [....192.168.1.1][...53] - idle: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] + idle: [...119] [ip4][..udp] [....192.168.1.2][.2760] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] update: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] - update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] + update: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Unidirectional Traffic + update: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet update: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Error Code, Unidirectional Traffic - update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] - update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] - update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] - update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] + update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] new: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] new: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] @@ -1055,19 +1174,25 @@ new: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] ERROR-EVENT: Unknown packet type [1/16] idle: [...120] [ip4][..udp] [....192.168.1.2][.2761] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] + idle: [...121] [ip4][..udp] [....192.168.1.2][.2762] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] - update: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] update: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet + update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Unidirectional Traffic - update: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] - update: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] - update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] - update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] + update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] detected: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -1083,18 +1208,21 @@ RISK: Unidirectional Traffic idle: [...124] [ip4][..udp] [....192.168.1.2][43690] -> [170.170.170.170][43690] idle: [...122] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2763] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [...123] [ip4][..udp] [....192.168.1.2][.2764] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Error Code, Unidirectional Traffic update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...130] [ip4][..udp] [....192.168.1.2][.2767] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] - update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] + update: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable] + update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] - update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected new: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] @@ -1104,18 +1232,27 @@ detected: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.aspa] RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] - idle: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] + idle: [...129] [ip4][..udp] [....192.168.1.2][14798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...126] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2765] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic - idle: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] - idle: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] - idle: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] + RISK: Malformed Packet + idle: [...125] [ip4][..udp] [..192.168.1.110][.2765] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...128] [ip4][..udp] [....192.168.1.2][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...127] [ip4][..udp] [..192.168.1.172][.2766] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] - update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] - update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] - update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] - update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] - update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] + update: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] update: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] new: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] @@ -1133,13 +1270,14 @@ update: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] - update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] - update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] - update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] + update: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] detected: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-ad?r.arpa] RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic @@ -1158,15 +1296,20 @@ not-detected: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...133] [ip4][..udp] [.....94.168.1.2][.2768] -> [....192.168.1.1][....4] - idle: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] - idle: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] - idle: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] + idle: [...132] [ip4][..udp] [....192.168.1.2][35536] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...131] [ip4][..udp] [....192.168.1.2][.2768] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [...134] [ip4][..udp] [....192.168.1.2][.2769] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic not-detected: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [....192.168.1.1][..117] -> [....192.168.1.2][.2769] update: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] - update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] - update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] + update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] new: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] detected: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1195,16 +1338,18 @@ RISK: Malformed Packet, Unidirectional Traffic update: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol - update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] + update: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable] + update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] - update: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] + update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] detected: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -1227,23 +1372,29 @@ idle: [...138] [ip4][..udp] [....192.168.1.2][..137] -> [..120.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [...141] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol - idle: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] + idle: [...137] [ip4][..udp] [....192.168.1.2][.2770] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic idle: [...140] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2771] [DNS][Unknown][Network][Acceptable] + idle: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...139] [ip4][..udp] [...192.168.1.57][.2771] -> [....192.168.1.1][...53] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] - update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] - update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] - update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] - update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] - update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] + update: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable] + update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] - update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] update: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] new: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] detected: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -1258,40 +1409,58 @@ update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] update: [...162] [ip4][..udp] [..212.242.33.35][.9587] -> [....192.168.1.2][..196] update: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] - update: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] - update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] - update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] - idle: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] - idle: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] - idle: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] - idle: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] + update: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...143] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.184.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...142] [ip4][..udp] [....192.168.1.2][.2772] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...144] [ip4][..udp] [....192.168.1.2][.2773] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...146] [ip4][..udp] [....192.168.9.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...169] [ip4][..udp] [..212.242.33.35][.5060] -> [...192.37.115.0][.5060] [SIP][Unknown][VoIP][Acceptable] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] - update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] - update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] + update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] + update: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...172] [ip4][..udp] [....192.168.1.2][..137] -> [..192.194.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] + update: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] - update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] + update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable] + update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] - update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] - update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] - update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] - update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] - update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] - update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] - update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] update: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] new: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] detected: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] @@ -1301,39 +1470,55 @@ guessed: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [....192.168.1.6][.5060] -> [..212.242.33.35][.5060] - idle: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] + idle: [...145] [ip4][..udp] [....192.168.1.2][.2774] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...147] [ip4][..udp] [....192.168.1.2][.2775] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - idle: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] + idle: [...148] [ip4][..udp] [....192.168.1.2][.2776] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...151] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2782] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] + idle: [...150] [ip4][..udp] [...192.168.33.2][.2782] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...169] [ip4][..udp] [..212.242.33.35][.5060] -> [...192.37.115.0][.5060] [SIP][Unknown][VoIP][Acceptable] update: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] update: [...162] [ip4][..udp] [..212.242.33.35][.9587] -> [....192.168.1.2][..196] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] update: [...172] [ip4][..udp] [....192.168.1.2][..137] -> [..192.194.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] - update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] + update: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable] + update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] - update: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] - update: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] - update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] - update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] - update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] - update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] - update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] - update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] - update: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] - update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] - update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] - update: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] update: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] @@ -1345,15 +1530,21 @@ not-detected: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....85] [ip4][..240] [....192.168.1.2] -> [....192.168.1.1] - idle: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] - idle: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] + idle: [...154] [ip4][..udp] [......0.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...153] [ip4][..udp] [....192.168.1.2][.2783] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic idle: [...156] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.5.2][.2784] [DNS][Unknown][Network][Acceptable] + idle: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...155] [ip4][..udp] [....192.168.1.2][.2784] -> [....192.168.1.1][...53] - idle: [...160] [ip4][..udp] [....192.168.1.2][.2785] -> [....192.168.1.1][...53] - idle: [...161] [ip4][..udp] [....192.168.1.2][.2786] -> [....192.168.1.3][...53] - idle: [...163] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.3.1][...53] - idle: [...158] [ip4][..udp] [....200.168.1.2][.2785] -> [....192.168.1.1][...53] guessed: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] [NetBIOS][Unknown][System][Acceptable][] idle: [...159] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][35721] update: [...169] [ip4][..udp] [..212.242.33.35][.5060] -> [...192.37.115.0][.5060] [SIP][Unknown][VoIP][Acceptable] @@ -1363,20 +1554,27 @@ update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...179] [ip4][..udp] [....192.136.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...172] [ip4][..udp] [....192.168.1.2][..137] -> [..192.194.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] - update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] - update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] - update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] - update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] - update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] - update: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] - update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] - update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] + update: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + update: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] @@ -1392,17 +1590,23 @@ new: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] detected: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] - idle: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] - idle: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] - idle: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] + idle: [...164] [ip4][..udp] [....192.168.1.2][.2787] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...165] [ip4][..udp] [....192.168.1.2][.2788] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...167] [ip4][..udp] [....192.168.1.2][.2789] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] new: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] detected: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable][workgroup] RISK: Unidirectional Traffic idle: [...169] [ip4][..udp] [..212.242.33.35][.5060] -> [...192.37.115.0][.5060] [SIP][Unknown][VoIP][Acceptable] - idle: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] - idle: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] - idle: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] + idle: [...168] [ip4][..udp] [....192.168.1.2][.2790] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...171] [ip4][..udp] [...192.168.1.53][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...170] [ip4][..udp] [...192.168.79.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] new: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] detected: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][eci_domain] @@ -1410,15 +1614,16 @@ RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] idle: [...172] [ip4][..udp] [....192.168.1.2][..137] -> [..192.194.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - idle: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] - idle: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] + idle: [...175] [ip4][..udp] [....192.168.1.2][.2791] -> [...192.168.67.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...174] [ip4][..udp] [....192.168.1.2][.2791] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...179] [ip4][..udp] [....192.136.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] update: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected new: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] @@ -1426,8 +1631,8 @@ RISK: Unidirectional Traffic new: [...189] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..394] idle: [....12] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] + idle: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...176] [ip4][..udp] [....192.168.1.2][.2792] -> [....192.168.1.1][...53] idle: [...177] [ip4][..udp] [....192.168.1.1][...53] -> [....240.168.1.2][.2792] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected not-detected: [...107] [ip4][..118] [....192.168.1.2] -> [..200.68.120.81] [Unknown][Unknown][Unrated] @@ -1438,13 +1643,11 @@ update: [...181] [ip4][..udp] [.192.184.189.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...182] [ip4][..udp] [...192.168.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...180] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...179] [ip4][..udp] [....192.136.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] DAEMON-EVENT: [Processed: 409 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -1461,15 +1664,12 @@ detected: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] [DNS][Unknown][Network][Acceptable][sip.cybercity.dk] RISK: Unidirectional Traffic idle: [...178] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.112][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [...179] [ip4][..udp] [....192.136.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...149] [ip4][....0] [....192.168.1.2] -> [..192.168.1.255] update: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...183] [ip4][..udp] [...192.168.1.41][..137] -> [..107.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...181] [ip4][..udp] [.192.184.189.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...182] [ip4][..udp] [...192.168.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...180] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] @@ -1531,11 +1731,9 @@ ERROR-EVENT: Unknown packet type [1/16] update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] update: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...183] [ip4][..udp] [...192.168.1.41][..137] -> [..107.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...184] [ip4][..udp] [.....115.0.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...181] [ip4][..udp] [.192.184.189.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...182] [ip4][..udp] [...192.168.1.41][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...180] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] @@ -1543,7 +1741,8 @@ update: [...189] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..394] update: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] + update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] detected: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -1564,8 +1763,10 @@ update: [...187] [ip4][..udp] [....192.168.1.2][..137] -> [..200.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] - update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] + update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] new: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] detected: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1583,16 +1784,15 @@ idle: [...180] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] + update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic detection-update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] idle: [...185] [ip4][..udp] [...192.168.1.41][..137] -> [.192.168.37.115][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic new: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] new: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] detected: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] @@ -1614,16 +1814,17 @@ RISK: Unidirectional Traffic idle: [...186] [ip4][..udp] [....192.168.1.2][43690] -> [192.168.170.170][43690] update: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...189] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..394] update: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] update: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] - update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] - update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] + update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] new: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] detected: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable][] @@ -1634,17 +1835,22 @@ RISK: Unidirectional Traffic detection-update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic - update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] + update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] - update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] + update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] - update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] + update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] + update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [2/16] new: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] detected: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -1669,16 +1875,16 @@ RISK: Unidirectional Traffic idle: [...136] [ip4][..127] [....192.168.1.2] -> [....192.168.1.1] idle: [...188] [ip4][..udp] [....192.168.1.2][...68] -> [....192.168.1.1][...67] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [...189] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..394] [NetBIOS][Unknown][System][Acceptable][] idle: [...189] [ip4][..udp] [...192.168.1.41][..138] -> [..192.168.1.255][..394] update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] + update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] + update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] detected: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic @@ -1692,15 +1898,17 @@ update: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] update: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] - update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] - update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] + update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] + update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] detected: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cyaercity.dk] RISK: Unidirectional Traffic @@ -1709,38 +1917,49 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] idle: [...190] [ip4][..udp] [....192.168.1.2][.2793] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - idle: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] - update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] + idle: [...191] [ip4][..udp] [....192.168.1.2][.2794] -> [..192.168.108.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] update: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] update: [...157] [ip4][...19] [....192.168.1.2] -> [....192.168.1.1] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] - update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] + update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] update: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] - update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] + update: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] + update: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] + update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] + update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] - update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] + update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] update: [....37] [ip4][..170] [170.170.170.170] -> [170.170.170.170] - update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] + update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic new: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] detected: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127?in-ad_r?arpa???] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic @@ -1763,21 +1982,24 @@ idle: [...195] [ip4][..udp] [192.168.170.170][43690] -> [170.170.170.170][43690] idle: [...193] [ip4][..udp] [....192.168.1.2][.2794] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...192] [ip4][..udp] [....192.168.1.2][.2795] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] - idle: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] + idle: [...196] [ip4][..udp] [....192.168.1.2][.2796] -> [..192.168.1.129][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [...194] [ip4][..udp] [....192.168.1.2][.2796] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...117] [ip4][...37] [....192.168.1.1] -> [....192.168.1.2] update: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] - update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] - update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] + update: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + update: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] - update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] + update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] new: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] detected: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] @@ -1803,7 +2025,8 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] idle: [...197] [ip4][..udp] [....192.168.1.2][.2797] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - idle: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] + idle: [...199] [ip4][..udp] [....192.168.1.2][.2798] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] new: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] detected: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.1?7.in-addr.arpa] @@ -1815,6 +2038,8 @@ new: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] detected: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic + detection-update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] detection-update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic @@ -1826,30 +2051,39 @@ RISK: Unidirectional Traffic idle: [...203] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...21] idle: [...201] [ip4][..udp] [....192.168.1.1][...53] -> [..192.168.119.2][.2799] [DNS][Unknown][Network][Acceptable] + idle: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...200] [ip4][..udp] [....192.168.1.2][.2799] -> [....192.168.1.1][...53] - idle: [...202] [ip4][..udp] [....192.168.1.2][.2800] -> [....192.168.1.1][...53] - update: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] - update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] + update: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] update: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] + update: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] + update: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] - update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + update: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] - update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] + update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] - update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] + update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic new: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] detected: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -1860,24 +2094,30 @@ RISK: Unidirectional Traffic detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic + detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic detection-update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - idle: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] - idle: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] + idle: [...208] [ip4][..udp] [....192.168.1.2][18162] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...206] [ip4][..udp] [....192.168.1.2][.2568] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...204] [ip4][..udp] [....192.168.1.2][.2801] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Malformed Packet, Non-Printable/Invalid Chars Detected - idle: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] + idle: [...207] [ip4][..udp] [....192.168.1.2][.2802] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] update: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] - update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] + update: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] - update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] + update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] new: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] detected: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][d00] @@ -1888,12 +2128,13 @@ detection-update: [...244] [ip4][..udp] [....192.168.1.2][.2826] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Non-Printable/Invalid Chars Detected idle: [...209] [ip4][..udp] [....192.168.1.2][.2803] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] + idle: [...210] [ip4][..udp] [....192.168.1.2][.2804] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Error Code, Unidirectional Traffic - update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Error Code + update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] update: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] update: [...235] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] @@ -1919,11 +2160,11 @@ RISK: Unidirectional Traffic idle: [...211] [ip4][..udp] [....192.168.1.2][.2805] -> [....192.168.1.1][...51] idle: [...212] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2805] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...239] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.234.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - update: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] - update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] + update: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic new: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] detected: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][1.0.0.127.in-addr.arpa] RISK: Unidirectional Traffic @@ -1937,22 +2178,28 @@ not-detected: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...215] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][38709] - idle: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] + idle: [...213] [ip4][..udp] [....192.168.1.2][.2806] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...214] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2807] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic - idle: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected + idle: [...216] [ip4][..udp] [....192.168.1.2][.2808] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] - update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] + update: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] - update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] + update: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] + update: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] - update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] + update: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic new: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] detected: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] RISK: Unidirectional Traffic @@ -1971,29 +2218,33 @@ not-detected: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...166] [ip4][....0] [....192.168.1.1] -> [....192.168.1.2] - idle: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] + idle: [...217] [ip4][..udp] [....192.168.1.2][19192] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...218] [ip4][..udp] [....192.168.1.2][.2809] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] + idle: [...221] [ip4][..udp] [....192.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic guessed: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [...219] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][17860] - idle: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] + idle: [...220] [ip4][..udp] [....192.170.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] + update: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] - update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] + update: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + update: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic update: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Error Code, Unidirectional Traffic - update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Error Code + update: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic update: [...244] [ip4][..udp] [....192.168.1.2][.2826] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected update: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [...225] [ip4][..udp] [....192.168.1.2][..137] -> [..192.168.1.255][..905] update: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] update: [...233] [ip4][..udp] [....192.168.1.3][30000] -> [..212.242.33.36][40392] @@ -2008,8 +2259,10 @@ guessed: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][] RISK: Malformed Packet, Unidirectional Traffic idle: [...222] [ip4][..udp] [....128.168.1.2][.2810] -> [....192.168.1.1][...53] - update: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] - update: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] + update: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] new: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] detected: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][_sip._udp.sip.cybercity.dk] @@ -2035,16 +2288,13 @@ idle: [...243] [ip4][..udp] [....192.168.1.2][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [...232] [ip4][..udp] [....192.168.1.2][.5060] -> [.212.242.33.201][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...239] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.234.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...198] [ip4][..udp] [..212.242.33.35][.5060] -> [....192.168.1.2][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...205] [ip4][....0] [....192.168.1.2] -> [..212.242.33.35] idle: [...249] [ip4][..udp] [....192.168.1.1][...53] -> [....192.168.1.2][.2572] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet guessed: [....31] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2208] [FTP_CONTROL][Unknown][Download][Unsafe] RISK: Unsafe Protocol, Unidirectional Traffic idle: [....31] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2208] @@ -2054,35 +2304,48 @@ not-detected: [....39] [ip4][..tcp] [....192.168.1.6][.2721] -> [..147.234.1.253][58999] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....39] [ip4][..tcp] [....192.168.1.6][.2721] -> [..147.234.1.253][58999] - idle: [...255] [ip4][..udp] [....116.168.1.2][.2829] -> [....192.168.1.1][...53] + idle: [...255] [ip4][..udp] [....116.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...224] [ip4][..udp] [..192.168.233.1][...53] -> [....192.168.1.2][.2811] [DNS][Unknown][Network][Acceptable] + idle: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...223] [ip4][..udp] [....192.168.1.2][.2811] -> [....192.168.1.1][...53] - idle: [...226] [ip4][..udp] [....192.168.1.2][.2812] -> [....192.168.1.1][...53] - idle: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] - idle: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] + idle: [...227] [ip4][..udp] [....192.168.1.2][.2813] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...228] [ip4][..udp] [....192.168.1.2][.2814] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic idle: [...230] [ip4][..udp] [....192.168.1.2][.2815] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - RISK: Malformed Packet, Error Code, Unidirectional Traffic - idle: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] - idle: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] - idle: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] + RISK: Malformed Packet, Error Code + idle: [...231] [ip4][..udp] [....192.168.1.2][.2816] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...238] [ip4][..udp] [....192.168.1.2][.2822] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...240] [ip4][..udp] [....192.168.1.2][.2823] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...241] [ip4][..udp] [....192.168.1.2][.2824] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] + idle: [...242] [ip4][..udp] [....192.168.1.2][.2825] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Non-Printable/Invalid Chars Detected, Unidirectional Traffic idle: [...244] [ip4][..udp] [....192.168.1.2][.2826] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Non-Printable/Invalid Chars Detected - idle: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] - idle: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] - idle: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] - idle: [...253] [ip4][..udp] [...192.168.54.2][.2829] -> [....192.168.1.1][...53] - idle: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] + idle: [...246] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic + idle: [...245] [ip4][..udp] [....192.168.1.2][.2827] -> [..192.168.1.114][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...248] [ip4][..udp] [....192.168.1.2][.2828] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...253] [ip4][..udp] [...192.168.54.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Malformed Packet, Unidirectional Traffic + idle: [...252] [ip4][..udp] [....192.168.1.2][.2829] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...254] [ip4][..udp] [....192.168.1.2][.2830] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [...256] [ip4][..udp] [....192.168.1.2][.2831] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] - idle: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] + idle: [...257] [ip4][..udp] [....192.168.1.2][.2832] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic not-detected: [....40] [ip4][..tcp] [...37.115.0.253][58999] -> [....192.168.1.2][.2721] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....40] [ip4][..tcp] [...37.115.0.253][58999] -> [....192.168.1.2][.2721] idle: [...229] [ip4][..udp] [....192.168.1.2][29440] -> [...192.168.1.37][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic guessed: [....20] [ip4][..tcp] [...192.168.1.71][.2718] -> [.147.137.21.122][..139] [NetBIOS][Unknown][System][Acceptable][] RISK: Unidirectional Traffic idle: [....20] [ip4][..tcp] [...192.168.1.71][.2718] -> [.147.137.21.122][..139] @@ -2113,7 +2376,6 @@ RISK: Unsafe Protocol, Unidirectional Traffic idle: [....34] [ip4][..tcp] [..147.234.1.253][...21] -> [...192.168.65.2][.2720] idle: [....32] [ip4][..tcp] [..147.234.1.253][...21] -> [....192.168.1.2][.2732] [Protobuf][Unknown][Network][Safe] - RISK: Unidirectional Traffic not-detected: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...237] [ip4][..udp] [.....81.168.1.2][30000] -> [..212.242.33.36][40392] @@ -2130,7 +2392,8 @@ guessed: [....18] [ip4][..tcp] [....192.168.1.2][.2717] -> [..147.137.21.94][..445] [SMBv23][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [....18] [ip4][..tcp] [....192.168.1.2][.2717] -> [..147.137.21.94][..445] - idle: [...247] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.170.1.1][...53] + idle: [...247] [ip4][..udp] [....192.168.1.2][.2827] -> [....192.170.1.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: Non-Printable/Invalid Chars Detected, Unidirectional Traffic not-detected: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...234] [ip4][..udp] [....192.168.1.2][30000] -> [....37.115.0.36][40392] diff --git a/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out index 46f883113..c5cd192e1 100644 --- a/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out +++ b/test/results/flow-info/default/fuzz-2006-09-29-28586.pcap.out @@ -21,6 +21,8 @@ new: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [MIDSTREAM] detected: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13] RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + detection-update: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.13] + RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI new: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601] [MIDSTREAM] new: [....13] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.13][...80] new: [....14] [ip4][..tcp] [.....172.20.3.5][.2603] -> [....172.20.3.77][...80] [MIDSTREAM] @@ -64,6 +66,7 @@ detected: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5] RISK: Unidirectional Traffic new: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [MIDSTREAM] + detection-update: [....34] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][172.20.3.5] new: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80] [MIDSTREAM] ERROR-EVENT: Unknown packet type [2/16] new: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] @@ -71,7 +74,8 @@ RISK: HTTP Susp User-Agent new: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608] [MIDSTREAM] new: [....39] [ip4][..115] [....172.20.3.13] -> [.....172.20.3.5] - idle: [.....6] [ip4][..tcp] [.....172.20.3.1][...80] -> [....172.20.3.13][53132] + idle: [.....6] [ip4][..tcp] [.....172.20.3.1][...80] -> [....172.20.3.13][53132] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic guessed: [.....5] [ip4][..tcp] [....172.20.3.13][53132] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....5] [ip4][..tcp] [....172.20.3.13][53132] -> [.....172.20.3.5][...80] guessed: [....36] [ip4][..tcp] [...172.20.67.13][53136] -> [.....172.20.3.5][...80] [HTTP][Unknown][Web][Acceptable][] @@ -101,7 +105,8 @@ guessed: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] [HTTP][Cloudflare][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....35] [ip4][..tcp] [....172.20.3.13][53136] -> [.....172.70.3.5][...80] - idle: [....23] [ip4][..tcp] [....172.20.3.13][...80] -> [......44.20.3.5][.2605] + idle: [....23] [ip4][..tcp] [....172.20.3.13][...80] -> [......44.20.3.5][.2605] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic guessed: [....21] [ip4][..tcp] [......51.20.3.5][.2605] -> [....172.20.3.13][...80] [HTTP][AmazonAWS][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....21] [ip4][..tcp] [......51.20.3.5][.2605] -> [....172.20.3.13][...80] @@ -113,7 +118,7 @@ guessed: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....12] [ip4][..tcp] [....172.20.3.88][...80] -> [....172.20.3.82][.2601] - end: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601] + end: [.....2] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2601] [HTTP][Unknown][Web][Acceptable] end: [....11] [ip4][..tcp] [.....172.20.3.5][.2602] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI not-detected: [.....3] [ip4][..tcp] [....172.20.3.13][...81] -> [.....172.20.3.5][.2601] [Unknown][Unknown][Unrated] @@ -132,17 +137,21 @@ end: [....19] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.68.5][.2604] end: [....18] [ip4][..tcp] [.....172.20.3.5][.2604] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI - end: [....20] [ip4][..tcp] [.....172.20.3.5][.2605] -> [....172.20.3.13][...80] - idle: [....28] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.72.5][.2606] + end: [....20] [ip4][..tcp] [.....172.20.3.5][.2605] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP/TLS/QUIC Numeric Hostname/SNI + idle: [....28] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.72.5][.2606] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic end: [....27] [ip4][..tcp] [.....172.20.3.5][.2606] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI - idle: [....31] [ip4][..tcp] [....172.20.2.13][...80] -> [.....172.20.3.5][.2607] + idle: [....31] [ip4][..tcp] [....172.20.2.13][...80] -> [.....172.20.3.5][.2607] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic guessed: [....29] [ip4][..tcp] [.....172.20.3.5][.2607] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable][] idle: [....29] [ip4][..tcp] [.....172.20.3.5][.2607] -> [....172.20.3.13][...80] guessed: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....38] [ip4][..tcp] [....172.20.3.13][...80] -> [...172.20.148.5][.2608] - idle: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] + idle: [....37] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2608] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent guessed: [....25] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2639] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....25] [ip4][..tcp] [....172.20.3.13][...80] -> [.....172.20.3.5][.2639] @@ -157,7 +166,8 @@ guessed: [.....7] [ip4][..tcp] [.....172.20.3.5][...80] -> [....172.57.3.13][53132] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [.....172.20.3.5][...80] -> [....172.57.3.13][53132] - idle: [....30] [ip4][..tcp] [.....172.20.3.5][.9587] -> [....172.20.3.13][...80] + idle: [....30] [ip4][..tcp] [.....172.20.3.5][.9587] -> [....172.20.3.13][...80] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic guessed: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....22] [ip4][..tcp] [....172.20.3.13][...80] -> [....172.20.76.5][65069] diff --git a/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out b/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out index d2a21d398..3cdc474e4 100644 --- a/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out +++ b/test/results/flow-info/default/fuzz-2020-02-16-11740.pcap.out @@ -13,17 +13,13 @@ ERROR-EVENT: Unknown packet type [1/16] new: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] idle: [.....2] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.102.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....10.12.64.30][29200] -> [..108.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] detected: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] @@ -41,9 +37,7 @@ RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] update: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] new: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] @@ -53,27 +47,19 @@ RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1796] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.....10.4.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29270] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] update: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] not-detected: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..198.226.25.53][30764] -> [....10.12.64.30][12344] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.....10.4.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] update: [.....9] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29270] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] new: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] new: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] @@ -81,23 +67,18 @@ RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] idle: [.....8] [ip4][..udp] [.....10.4.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..198.226.25.53][..309] -> [....10.12.64.30][12339] idle: [.....9] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29270] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [198.226.170.170][43690] -> [170.170.170.170][43690] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] idle: [.....5] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic analyse: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.155| 612.411| 61.128| 140.850|19838793242.640| 2.700] @@ -112,7 +93,6 @@ new: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] ERROR-EVENT: Unknown packet type [1/16] update: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] new: [....14] [ip4][..udp] [..198.226.25.53][.1812] -> [....74.12.64.30][29200] detected: [....14] [ip4][..udp] [..198.226.25.53][.1812] -> [....74.12.64.30][29200] [Radius][Unknown][Network][Acceptable] @@ -125,7 +105,6 @@ RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] new: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] @@ -133,15 +112,10 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] update: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.77.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [..198.226.25.53][.1812] -> [....74.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] ERROR-EVENT: Unknown packet type [1/16] new: [....19] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.120.30][29200] @@ -157,19 +131,14 @@ RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..198.162.25.53][.1810] -> [....10.12.64.30][29200] idle: [....12] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29264] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [170.170.170.170][43690] -> [170.170.170.170][43690] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.77.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.120.30][29200] update: [....14] [ip4][..udp] [..198.226.25.53][.1812] -> [....74.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....22] [ip4][..udp] [..198.230.25.62][.1812] -> [....10.12.64.30][29200] detected: [....22] [ip4][..udp] [..198.230.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -186,11 +155,8 @@ detected: [....27] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.56.64.30][.9472] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.77.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..198.226.25.53][.1812] -> [....74.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [....10.12.64.30][29200] -> [..206.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] update: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] DAEMON-EVENT: [Processed: 104 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -202,27 +168,19 @@ ERROR-EVENT: Unknown packet type [2/16] ERROR-EVENT: Unknown packet type [3/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.120.30][29200] update: [....21] [ip4][..udp] [..198.157.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [4/16] new: [....29] [ip4][..udp] [....10.12.64.30][29200] -> [..198.224.25.53][.1812] detected: [....29] [ip4][..udp] [....10.12.64.30][29200] -> [..198.224.25.53][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [..198.226.82.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [....10.12.64.30][29200] -> [..206.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] update: [....22] [ip4][..udp] [..198.230.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [....10.12.64.30][30224] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.56.64.30][.9472] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] new: [....30] [ip4][..udp] [..198.226.25.53][.1812] -> [.....10.12.37.0][29200] detected: [....30] [ip4][..udp] [..198.226.25.53][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] @@ -237,70 +195,46 @@ RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.120.30][29200] idle: [....20] [ip4][..udp] [....10.12.64.30][29200] -> [..206.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..198.157.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [..198.226.82.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.28.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] update: [....22] [ip4][..udp] [..198.230.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [....10.12.64.30][30224] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [....10.12.64.30][29200] -> [..198.224.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.56.64.30][.9472] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] new: [....33] [ip4][..udp] [....10.12.64.30][29200] -> [...198.226.37.0][.1812] detected: [....33] [ip4][..udp] [....10.12.64.30][29200] -> [...198.226.37.0][.1812] [Radius][Unknown][Network][Acceptable] idle: [....28] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.28.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [..198.226.82.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [..198.226.25.53][.1895] -> [....10.12.64.30][29200] idle: [....26] [ip4][..udp] [....10.12.64.30][30224] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..198.230.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.56.64.30][.9472] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [..198.226.25.53][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] update: [....31] [ip4][..udp] [...10.12.64.110][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [....10.12.64.30][29200] -> [..198.224.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] update: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] update: [....32] [ip4][..udp] [...72.226.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] new: [....34] [ip4][..112] [....10.12.64.30] -> [..198.226.25.53] detected: [....34] [ip4][..112] [....10.12.64.30] -> [..198.226.25.53] [VRRP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [1/16] idle: [....31] [ip4][..udp] [...10.12.64.110][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [..198.226.25.53][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] idle: [....29] [ip4][..udp] [....10.12.64.30][29200] -> [..198.224.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [...72.226.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [....10.12.64.30][29200] -> [...198.226.37.0][.1812] [Radius][Unknown][Network][Acceptable] update: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] update: [....17] [ip4][...88] [..198.226.25.53] -> [....10.12.64.30] @@ -331,7 +265,6 @@ new: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] ERROR-EVENT: Unknown packet type [2/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] new: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] detected: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] @@ -343,20 +276,14 @@ RISK: Unidirectional Traffic idle: [....18] [ip4][..254] [....10.12.64.30] -> [..198.226.25.53] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [..198.226.25.62][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] update: [....35] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [..198.226.25.53][.1812] -> [..10.12.172.158][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [..198.226.25.62][.1812] -> [....10.12.64.30][29295] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [....10.12.64.30][29304] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] update: [....42] [ip4][..udp] [....10.12.64.30][29200] -> [..198.119.25.53][.1812] update: [....36] [ip4][..udp] [.....37.0.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....46] [ip4][..udp] [....10.76.64.30][29200] -> [..198.226.25.53][.1812] detected: [....46] [ip4][..udp] [....10.76.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -382,33 +309,22 @@ detected: [....52] [ip4][..udp] [...198.52.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [..198.226.25.62][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] update: [....49] [ip4][..udp] [.....10.84.37.0][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....10.76.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....48] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.112.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [..198.226.25.53][.1812] -> [..10.12.172.158][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [..198.226.25.62][.1812] -> [....10.12.64.30][29295] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [....10.12.64.30][29304] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] update: [....47] [ip4][..udp] [..198.226.25.53][43690] -> [..10.12.170.170][43690] update: [....42] [ip4][..udp] [....10.12.64.30][29200] -> [..198.119.25.53][.1812] update: [....36] [ip4][..udp] [.....37.0.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....23] [ip4][...85] [..198.226.25.62] -> [....10.12.64.30] update: [....34] [ip4][..112] [....10.12.64.30] -> [..198.226.25.53] [VRRP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....53] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29200] detected: [....53] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -416,18 +332,13 @@ ERROR-EVENT: Unknown L3 protocol [2/16] idle: [....37] [ip4][..udp] [..198.226.25.62][.1812] -> [.....10.12.37.0][29200] [Radius][Unknown][Network][Acceptable] idle: [....36] [ip4][..udp] [.....37.0.25.62][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....54] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29204] detected: [....54] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29204] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [..198.226.25.53][.1812] -> [..10.12.172.158][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [..198.226.25.62][.1812] -> [....10.12.64.30][29295] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [....10.12.64.30][29304] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....42] [ip4][..udp] [....10.12.64.30][29200] -> [..198.119.25.53][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [....10.12.64.30][29200] -> [..198.119.25.53][.1812] @@ -439,13 +350,9 @@ ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] idle: [....48] [ip4][..udp] [..198.226.25.53][.1812] -> [...10.12.112.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [....10.76.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [..198.234.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [.....10.84.37.0][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [..198.226.25.53][.1965] -> [....10.12.64.30][29200] @@ -453,21 +360,14 @@ RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [..198.226.25.53][43690] -> [..10.12.170.170][43690] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29204] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...198.52.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....51] [ip4][..udp] [....10.12.64.30][29200] -> [...198.48.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] update: [....50] [ip4][..udp] [....10.12.64.37][29200] -> [....0.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....34] [ip4][..112] [....10.12.64.30] -> [..198.226.25.53] [VRRP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....55] [ip4][..udp] [..198.226.25.53][.1812] -> [....65.12.64.30][29200] detected: [....55] [ip4][..udp] [..198.226.25.53][.1812] -> [....65.12.64.30][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -475,27 +375,18 @@ detected: [....56] [ip4][..udp] [....10.12.69.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [....10.12.64.37][29200] -> [....0.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....57] [ip4][..udp] [....10.12.82.30][29200] -> [..198.226.25.53][.1812] detected: [....57] [ip4][..udp] [....10.12.82.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic new: [....58] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.66][29200] idle: [....56] [ip4][..udp] [....10.12.69.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29204] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [..198.226.25.53][.1812] -> [....65.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [...198.52.25.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [....10.12.64.30][29200] -> [...198.48.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....34] [ip4][..112] [....10.12.64.30] -> [..198.226.25.53] [VRRP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] new: [....59] [ip4][..udp] [....88.12.80.30][29200] -> [..198.226.25.53][.1812] @@ -520,12 +411,9 @@ new: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [2/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [....10.12.82.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.66][29200] update: [....59] [ip4][..udp] [....88.12.80.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....65] [ip4][..udp] [.....198.7.9.53][.1812] -> [....10.12.64.30][29200] detected: [....65] [ip4][..udp] [.....198.7.9.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -541,11 +429,8 @@ ERROR-EVENT: nDPI IPv4/L4 payload detection failed [3/16] ERROR-EVENT: Unknown packet type [4/16] update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [.....10.6.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.82.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: nDPI IPv4/L4 payload detection failed [5/16] ERROR-EVENT: Unknown L3 protocol [6/16] ERROR-EVENT: nDPI IPv4/L4 payload detection failed [1/16] @@ -563,15 +448,11 @@ RISK: Unidirectional Traffic ERROR-EVENT: Unknown packet type [5/16] update: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [....10.12.82.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.66][29200] update: [....63] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.80.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] update: [....59] [ip4][..udp] [....88.12.80.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....72] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.21][.1812] detected: [....72] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.21][.1812] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -579,56 +460,36 @@ RISK: Unidirectional Traffic idle: [....44] [ip4][....0] [....10.12.64.30] -> [..198.226.25.53] update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....66] [ip4][..udp] [....10.12.64.30][29232] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] update: [....61] [ip4][..udp] [.....10.6.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....65] [ip4][..udp] [.....198.7.9.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.81.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.82.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic ERROR-EVENT: Unknown L3 protocol [1/16] idle: [....69] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.73][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.80.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....58] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.66][29200] [Radius][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.66][29200] idle: [....57] [ip4][..udp] [....10.12.82.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.21][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....64] [ip4][..udp] [..198.226.25.53][.3860] -> [....14.12.64.30][29200] idle: [....70] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][29208] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [....10.12.64.30][29232] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....59] [ip4][..udp] [....88.12.80.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....71] [ip4][..udp] [....10.12.64.30][29289] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [..198.226.25.53][43028] -> [....10.12.64.30][29200] idle: [....61] [ip4][..udp] [.....10.6.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.81.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....65] [ip4][..udp] [.....198.7.9.53][.1812] -> [....10.12.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.82.64.30][29200] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] new: [....73] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] detected: [....73] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] @@ -652,18 +513,13 @@ RISK: Unidirectional Traffic idle: [....40] [ip4][..170] [170.170.170.170] -> [170.170.170.170] update: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] ERROR-EVENT: Unknown packet type [1/16] ERROR-EVENT: Unknown packet type [2/16] idle: [....73] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.62][.1812] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [..198.226.25.53][.1813] -> [....10.12.64.30][21008] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [....10.12.64.30][29200] -> [..198.226.25.53][.1813] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....74] [ip4][..udp] [..198.226.25.53][.1814] -> [....10.12.64.30][29200] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [..198.226.25.53][.1814] -> [....10.12.64.30][29200] @@ -671,7 +527,6 @@ RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [....57.12.64.30][29200] -> [..198.226.25.53][28948] idle: [....76] [ip4][..udp] [..198.226.25.53][.1812] -> [....10.12.64.30][22544] [Radius][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....79] [ip4][...37] [..198.226.25.53] -> [....10.12.64.30] diff --git a/test/results/flow-info/default/geforcenow.pcapng.out b/test/results/flow-info/default/geforcenow.pcapng.out index 25006c459..ee6ad58d7 100644 --- a/test/results/flow-info/default/geforcenow.pcapng.out +++ b/test/results/flow-info/default/geforcenow.pcapng.out @@ -8,7 +8,7 @@ RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..tcp] [..192.168.1.245][57490] -> [..80.84.167.206][49100] [TLS.GeForceNow][Nvidia][Game][Fun][80-84-167-206.cloudmatchbeta.nvidiagrid.net] RISK: Known Proto on Non Std Port - analyse: [.....1] [ip4][..tcp] [..192.168.1.245][57490] -> [..80.84.167.206][49100] + analyse: [.....1] [ip4][..tcp] [..192.168.1.245][57490] -> [..80.84.167.206][49100] [TLS.GeForceNow][Nvidia][Game][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.047| 0.015| 0.018| 312.463| 3.900] [PKTLEN......: 52.000| 2948.000| 1089.800| 1283.500| 1647314.500| 4.000] @@ -23,6 +23,8 @@ new: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] detected: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [STUN][Nvidia][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS][Nvidia][Safe] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....2] [ip4][..udp] [..192.168.1.245][52441] -> [..80.84.167.206][18452] [DTLS.GeForceNow][Nvidia][Game][Fun] diff --git a/test/results/flow-info/default/genshin-impact.pcap.out b/test/results/flow-info/default/genshin-impact.pcap.out index 8b1a512a1..8bafaf619 100644 --- a/test/results/flow-info/default/genshin-impact.pcap.out +++ b/test/results/flow-info/default/genshin-impact.pcap.out @@ -10,20 +10,19 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][59145] -> [.47.254.169.109][22102] [GenshinImpact][Alibaba][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][58766] -> [..47.245.143.85][22101] [GenshinImpact][Alibaba][Game][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] detected: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] [GenshinImpact][Alibaba][Game][Fun] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][59145] -> [.47.254.169.109][22102] [GenshinImpact][Alibaba][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..tcp] [..192.168.2.100][39822] -> [..49.51.190.178][...80] detected: [.....4] [ip4][..tcp] [..192.168.2.100][39822] -> [..49.51.190.178][...80] [GenshinImpact][Tencent][Game][Fun] idle: [.....3] [ip4][..udp] [..192.168.2.100][52575] -> [...8.209.69.191][22101] [GenshinImpact][Alibaba][Game][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..tcp] [..192.168.2.100][39686] -> [..49.51.181.168][...80] diff --git a/test/results/flow-info/default/gnutella.pcap.out b/test/results/flow-info/default/gnutella.pcap.out index 0bea7fdb8..57e46d1ce 100644 --- a/test/results/flow-info/default/gnutella.pcap.out +++ b/test/results/flow-info/default/gnutella.pcap.out @@ -162,7 +162,6 @@ update: [....19] [ip4][..udp] [......10.0.2.15][63964] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] update: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol @@ -854,7 +853,6 @@ detected: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic update: [....95] [ip4][.icmp] [.......10.0.2.2] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] detected: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -865,10 +863,14 @@ update: [.....4] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [................................ff02::1] [ICMPV6][Unknown][Network][Acceptable] update: [.....3] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffa4:e108] [ICMPV6][Unknown][Network][Acceptable] - update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] - update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] - update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] - update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] + update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] new: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] detected: [...333] [ip4][..tcp] [......10.0.2.15][50327] -> [.69.118.162.229][46906] [HTTP.Gnutella][Unknown][Download][Potentially Dangerous][69.118.162.229] @@ -894,112 +896,111 @@ [PKTLENS.....: 52,44,40,639,40,699,111,40,304,40,1500,180,40,166,40,91,40,219,40,404,40,387,40,507,40,115,40,111,40,176,40,101] [ENTROPIES...: 4.6,4.8,4.8,5.8,4.6,5.7,5.6,4.7,5.3,4.7,7.7,6.7,4.7,6.3,4.6,5.2,4.8,6.9,4.8,7.5,4.7,7.4,4.7,7.5,4.8,6.0,4.6,5.8,4.8,6.7,4.6,5.9] update: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....15] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] update: [....19] [ip4][..udp] [......10.0.2.15][63964] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] update: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....96] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....16] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...100] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...115] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.104][11804] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...101] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....14] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] update: [....18] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63965] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] update: [...131] [ip4][..udp] [......10.0.2.15][28681] -> [.86.225.140.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...106] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.154.69][.4832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....17] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63960] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable] update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....86] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...127] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.1024] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...112] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....99] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...107] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...103] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....97] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...104] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...102] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....12] [ip4][..udp] [......10.0.2.15][63717] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...132] [ip4][..udp] [......10.0.2.15][28681] -> [...79.86.173.45][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....11] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63717] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...110] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...105] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] detected: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -1051,140 +1052,139 @@ idle: [.....4] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [................................ff02::1] [ICMPV6][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ffa4:e108] [ICMPV6][Unknown][Network][Acceptable] update: [....95] [ip4][.icmp] [.......10.0.2.2] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...170] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...196] [ip4][..udp] [......10.0.2.15][28681] -> [..88.127.72.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...217] [ip4][..udp] [......10.0.2.15][28681] -> [.126.117.45.151][19323] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...155] [ip4][..udp] [......10.0.2.15][28681] -> [.88.168.182.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...198] [ip4][..udp] [......10.0.2.15][28681] -> [..58.182.171.50][15180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...192] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...181] [ip4][..udp] [......10.0.2.15][28681] -> [...66.177.5.135][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...162] [ip4][..udp] [......10.0.2.15][28681] -> [.88.123.159.111][44729] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...214] [ip4][..udp] [......10.0.2.15][28681] -> [.91.169.215.227][26820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...193] [ip4][..udp] [......10.0.2.15][28681] -> [..188.44.126.74][54633] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...169] [ip4][..udp] [......10.0.2.15][28681] -> [...91.162.52.93][34799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...206] [ip4][..udp] [......10.0.2.15][28681] -> [213.166.132.204][11194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...203] [ip4][..udp] [......10.0.2.15][28681] -> [.120.156.204.38][54832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...199] [ip4][..udp] [......10.0.2.15][28681] -> [..114.73.129.26][53585] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...207] [ip4][..udp] [......10.0.2.15][28681] -> [.81.242.191.215][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...208] [ip4][..udp] [......10.0.2.15][28681] -> [..81.249.64.215][25058] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...212] [ip4][..udp] [......10.0.2.15][28681] -> [...36.233.3.223][12848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...197] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...168] [ip4][..udp] [......10.0.2.15][28681] -> [...89.157.59.43][56919] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...215] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...164] [ip4][..udp] [......10.0.2.15][28681] -> [.142.197.219.85][26234] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...189] [ip4][..udp] [......10.0.2.15][28681] -> [115.195.105.243][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...179] [ip4][..udp] [......10.0.2.15][28681] -> [.178.51.146.115][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...186] [ip4][..udp] [......10.0.2.15][28681] -> [..91.182.44.202][30277] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...174] [ip4][..udp] [......10.0.2.15][28681] -> [..196.74.159.56][29271] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...165] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...188] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...205] [ip4][..udp] [......10.0.2.15][28681] -> [..96.29.197.138][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...182] [ip4][..udp] [......10.0.2.15][28681] -> [....73.3.103.37][35589] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...210] [ip4][..udp] [......10.0.2.15][28681] -> [.41.100.120.146][12838] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...218] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.52.115][53956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...211] [ip4][..udp] [......10.0.2.15][28681] -> [..186.93.139.92][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...154] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.111.224][51984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...201] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...194] [ip4][..udp] [......10.0.2.15][28681] -> [176.150.126.156][16471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...178] [ip4][..udp] [......10.0.2.15][28681] -> [....83.46.253.7][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...163] [ip4][..udp] [......10.0.2.15][28681] -> [.88.126.160.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...216] [ip4][..udp] [......10.0.2.15][28681] -> [.212.68.248.153][27223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...204] [ip4][..udp] [......10.0.2.15][28681] -> [..84.126.240.32][45313] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...202] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol analyse: [....93] [ip4][..tcp] [......10.0.2.15][50248] -> [109.214.154.216][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 22.685| 3.465| 6.256| 39132462.055| 3.300] @@ -1216,128 +1216,130 @@ idle: [.....3] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [.....2] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] update: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...307] [ip4][..udp] [......10.0.2.15][28681] -> [..72.201.208.57][38617] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...258] [ip4][..udp] [......10.0.2.15][28681] -> [...24.26.216.95][13889] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...315] [ip4][..udp] [......10.0.2.15][28681] -> [...92.217.84.16][20223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....21] [ip4][..udp] [......10.0.2.15][55708] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...305] [ip4][..udp] [......10.0.2.15][28681] -> [..88.168.175.31][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...318] [ip4][..udp] [......10.0.2.15][28681] -> [173.183.183.110][59920] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...311] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.188.98][62851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....23] [ip4][..udp] [......10.0.2.15][62539] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...251] [ip4][..udp] [......10.0.2.15][28681] -> [.185.203.218.92][56962] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....25] [ip4][..udp] [......10.0.2.15][50435] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...256] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][50297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....22] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][62539] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...249] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.218][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....24] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][50435] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] update: [...314] [ip4][..udp] [......10.0.2.15][28681] -> [..71.237.202.91][16117] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...252] [ip4][..udp] [......10.0.2.15][28681] -> [..72.140.120.41][47739] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...329] [ip4][..udp] [......10.0.2.15][28681] -> [..92.117.249.98][.6815] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...328] [ip4][..udp] [......10.0.2.15][28681] -> [.203.220.105.27][19260] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...325] [ip4][..udp] [......10.0.2.15][28681] -> [..83.160.143.48][37036] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...322] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.219][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...327] [ip4][..udp] [......10.0.2.15][28681] -> [...84.28.53.225][44859] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...324] [ip4][..udp] [......10.0.2.15][28681] -> [.73.250.179.237][20848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...330] [ip4][..udp] [......10.0.2.15][28681] -> [....82.64.44.11][.1352] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...326] [ip4][..udp] [......10.0.2.15][28681] -> [..100.1.231.138][56558] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] detected: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] update: [....95] [ip4][.icmp] [.......10.0.2.2] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...349] [ip4][.icmp] [...84.197.97.94] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] + update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] - update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] - update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] - update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] new: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] detected: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -1366,277 +1368,276 @@ detected: [...368] [ip4][..udp] [......10.0.2.15][28681] -> [...47.147.52.21][36728] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic update: [...338] [ip4][..udp] [......10.0.2.15][28681] -> [221.198.205.196][20778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....15] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] update: [....19] [ip4][..udp] [......10.0.2.15][63964] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...350] [ip4][..udp] [......10.0.2.15][28681] -> [..99.250.253.99][11819] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...343] [ip4][..udp] [......10.0.2.15][28681] -> [..89.212.91.155][.5195] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....96] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....16] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...100] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...115] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.104][11804] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...101] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....14] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] update: [....18] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63965] -> [................................ff02::c][.3702] [WSD][Unknown][Network][Acceptable] update: [...131] [ip4][..udp] [......10.0.2.15][28681] -> [.86.225.140.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...106] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.154.69][.4832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...348] [ip4][..udp] [......10.0.2.15][28681] -> [...84.197.97.94][.1360] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....17] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63960] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable] update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....86] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...127] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.1024] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...112] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...347] [ip4][..udp] [......10.0.2.15][28681] -> [..176.10.169.10][12799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....99] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...107] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...103] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....97] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...104] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...102] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....12] [ip4][..udp] [......10.0.2.15][63717] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...132] [ip4][..udp] [......10.0.2.15][28681] -> [...79.86.173.45][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...341] [ip4][..udp] [......10.0.2.15][28681] -> [..24.129.233.60][19990] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....11] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63717] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...110] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...105] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...170] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...196] [ip4][..udp] [......10.0.2.15][28681] -> [..88.127.72.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...354] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][.1032] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...353] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][25282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...217] [ip4][..udp] [......10.0.2.15][28681] -> [.126.117.45.151][19323] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...155] [ip4][..udp] [......10.0.2.15][28681] -> [.88.168.182.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...198] [ip4][..udp] [......10.0.2.15][28681] -> [..58.182.171.50][15180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...192] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...181] [ip4][..udp] [......10.0.2.15][28681] -> [...66.177.5.135][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...162] [ip4][..udp] [......10.0.2.15][28681] -> [.88.123.159.111][44729] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...214] [ip4][..udp] [......10.0.2.15][28681] -> [.91.169.215.227][26820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...193] [ip4][..udp] [......10.0.2.15][28681] -> [..188.44.126.74][54633] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...169] [ip4][..udp] [......10.0.2.15][28681] -> [...91.162.52.93][34799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...206] [ip4][..udp] [......10.0.2.15][28681] -> [213.166.132.204][11194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...203] [ip4][..udp] [......10.0.2.15][28681] -> [.120.156.204.38][54832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...199] [ip4][..udp] [......10.0.2.15][28681] -> [..114.73.129.26][53585] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...207] [ip4][..udp] [......10.0.2.15][28681] -> [.81.242.191.215][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...208] [ip4][..udp] [......10.0.2.15][28681] -> [..81.249.64.215][25058] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...212] [ip4][..udp] [......10.0.2.15][28681] -> [...36.233.3.223][12848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...197] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...168] [ip4][..udp] [......10.0.2.15][28681] -> [...89.157.59.43][56919] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...215] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...164] [ip4][..udp] [......10.0.2.15][28681] -> [.142.197.219.85][26234] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...189] [ip4][..udp] [......10.0.2.15][28681] -> [115.195.105.243][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...179] [ip4][..udp] [......10.0.2.15][28681] -> [.178.51.146.115][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...186] [ip4][..udp] [......10.0.2.15][28681] -> [..91.182.44.202][30277] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...174] [ip4][..udp] [......10.0.2.15][28681] -> [..196.74.159.56][29271] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...165] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...188] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...205] [ip4][..udp] [......10.0.2.15][28681] -> [..96.29.197.138][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...182] [ip4][..udp] [......10.0.2.15][28681] -> [....73.3.103.37][35589] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...210] [ip4][..udp] [......10.0.2.15][28681] -> [.41.100.120.146][12838] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...218] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.52.115][53956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...211] [ip4][..udp] [......10.0.2.15][28681] -> [..186.93.139.92][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...351] [ip4][..udp] [......10.0.2.15][28681] -> [..187.37.87.189][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...154] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.111.224][51984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...201] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...194] [ip4][..udp] [......10.0.2.15][28681] -> [176.150.126.156][16471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...178] [ip4][..udp] [......10.0.2.15][28681] -> [....83.46.253.7][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...163] [ip4][..udp] [......10.0.2.15][28681] -> [.88.126.160.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...216] [ip4][..udp] [......10.0.2.15][28681] -> [.212.68.248.153][27223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...204] [ip4][..udp] [......10.0.2.15][28681] -> [..84.126.240.32][45313] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...202] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol analyse: [....94] [ip4][..tcp] [......10.0.2.15][50249] -> [.86.208.180.181][45883] [Gnutella][Unknown][Download][Potentially Dangerous] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 55.455| 7.491| 14.262| 203411798.622| 3.200] @@ -1651,7 +1652,6 @@ RISK: Unsafe Protocol idle: [.....5] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [.....6] [ip4][..udp] [.......10.0.2.2][...67] -> [......10.0.2.15][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic end: [....46] [ip4][..tcp] [......10.0.2.15][50206] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol end: [....77] [ip4][..tcp] [......10.0.2.15][50236] -> [..93.29.135.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1690,97 +1690,95 @@ RISK: Unsafe Protocol idle: [....11] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63717] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....95] [ip4][.icmp] [.......10.0.2.2] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...307] [ip4][..udp] [......10.0.2.15][28681] -> [..72.201.208.57][38617] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...258] [ip4][..udp] [......10.0.2.15][28681] -> [...24.26.216.95][13889] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...315] [ip4][..udp] [......10.0.2.15][28681] -> [...92.217.84.16][20223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....21] [ip4][..udp] [......10.0.2.15][55708] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...358] [ip4][..udp] [......10.0.2.15][28681] -> [.47.224.174.174][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...357] [ip4][..udp] [......10.0.2.15][28681] -> [...98.35.85.238][32173] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...305] [ip4][..udp] [......10.0.2.15][28681] -> [..88.168.175.31][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...318] [ip4][..udp] [......10.0.2.15][28681] -> [173.183.183.110][59920] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...311] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.188.98][62851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....23] [ip4][..udp] [......10.0.2.15][62539] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...251] [ip4][..udp] [......10.0.2.15][28681] -> [.185.203.218.92][56962] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....25] [ip4][..udp] [......10.0.2.15][50435] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...256] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][50297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....22] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][62539] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...249] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.218][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....24] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][50435] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [...356] [ip4][..udp] [......10.0.2.15][28681] -> [.63.228.175.169][.1936] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] update: [...314] [ip4][..udp] [......10.0.2.15][28681] -> [..71.237.202.91][16117] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...349] [ip4][.icmp] [...84.197.97.94] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...252] [ip4][..udp] [......10.0.2.15][28681] -> [..72.140.120.41][47739] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol end: [...293] [ip4][..tcp] [......10.0.2.15][50317] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [....15] [ip4][..udp] [......10.0.2.15][63957] -> [239.255.255.250][.3702] [WSD][Unknown][Network][Acceptable] @@ -1848,7 +1846,8 @@ RISK: Unsafe Protocol end: [...146] [ip4][..tcp] [......10.0.2.15][50259] -> [.183.179.90.112][.9852] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol - end: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] + end: [...290] [ip4][..tcp] [......10.0.2.15][50314] -> [...80.7.252.192][.6888] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port, Self-signed Cert, TLS Cert Expired, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn, TLS Cert Validity Too Long end: [...222] [ip4][..tcp] [......10.0.2.15][50268] -> [.210.209.249.84][24751] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol end: [...273] [ip4][..tcp] [......10.0.2.15][50297] -> [.14.200.255.229][45710] [Gnutella][Unknown][Download][Potentially Dangerous] @@ -1856,51 +1855,54 @@ end: [...299] [ip4][..tcp] [......10.0.2.15][50323] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...329] [ip4][..udp] [......10.0.2.15][28681] -> [..92.117.249.98][.6815] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...328] [ip4][..udp] [......10.0.2.15][28681] -> [.203.220.105.27][19260] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...325] [ip4][..udp] [......10.0.2.15][28681] -> [..83.160.143.48][37036] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...362] [ip4][..udp] [......10.0.2.15][28681] -> [190.192.210.182][.6754] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...322] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.219][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...327] [ip4][..udp] [......10.0.2.15][28681] -> [...84.28.53.225][44859] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...324] [ip4][..udp] [......10.0.2.15][28681] -> [.73.250.179.237][20848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...330] [ip4][..udp] [......10.0.2.15][28681] -> [....82.64.44.11][.1352] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic - update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] - update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] - update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] - update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] + RISK: Unsafe Protocol + update: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...326] [ip4][..udp] [......10.0.2.15][28681] -> [..100.1.231.138][56558] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] idle: [....95] [ip4][.icmp] [.......10.0.2.2] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [......10.0.2.15][..137] -> [.....10.0.2.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....23] [ip4][..udp] [......10.0.2.15][62539] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....25] [ip4][..udp] [......10.0.2.15][50435] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] @@ -1913,136 +1915,136 @@ end: [...278] [ip4][..tcp] [......10.0.2.15][50302] -> [....75.64.6.175][.4743] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...338] [ip4][..udp] [......10.0.2.15][28681] -> [221.198.205.196][20778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...366] [ip4][..udp] [......10.0.2.15][28681] -> [....94.8.55.158][51140] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...365] [ip4][..udp] [......10.0.2.15][28681] -> [..188.23.24.213][18561] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...350] [ip4][..udp] [......10.0.2.15][28681] -> [..99.250.253.99][11819] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...343] [ip4][..udp] [......10.0.2.15][28681] -> [..89.212.91.155][.5195] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....96] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...100] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...115] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.104][11804] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...101] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...131] [ip4][..udp] [......10.0.2.15][28681] -> [.86.225.140.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...106] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.154.69][.4832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...348] [ip4][..udp] [......10.0.2.15][28681] -> [...84.197.97.94][.1360] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...368] [ip4][..udp] [......10.0.2.15][28681] -> [...47.147.52.21][36728] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....9] [ip4][..udp] [......10.0.2.15][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...363] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][38297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....86] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...127] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.1024] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...112] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...347] [ip4][..udp] [......10.0.2.15][28681] -> [..176.10.169.10][12799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....99] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...107] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...103] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....97] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...104] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] update: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...102] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...132] [ip4][..udp] [......10.0.2.15][28681] -> [...79.86.173.45][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...341] [ip4][..udp] [......10.0.2.15][28681] -> [..24.129.233.60][19990] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...110] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...105] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] detected: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -2064,148 +2066,147 @@ RISK: Unsafe Protocol idle: [....10] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [...170] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...196] [ip4][..udp] [......10.0.2.15][28681] -> [..88.127.72.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...354] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][.1032] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...353] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][25282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...217] [ip4][..udp] [......10.0.2.15][28681] -> [.126.117.45.151][19323] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...155] [ip4][..udp] [......10.0.2.15][28681] -> [.88.168.182.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...198] [ip4][..udp] [......10.0.2.15][28681] -> [..58.182.171.50][15180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...192] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...181] [ip4][..udp] [......10.0.2.15][28681] -> [...66.177.5.135][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...162] [ip4][..udp] [......10.0.2.15][28681] -> [.88.123.159.111][44729] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...214] [ip4][..udp] [......10.0.2.15][28681] -> [.91.169.215.227][26820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...193] [ip4][..udp] [......10.0.2.15][28681] -> [..188.44.126.74][54633] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...169] [ip4][..udp] [......10.0.2.15][28681] -> [...91.162.52.93][34799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...206] [ip4][..udp] [......10.0.2.15][28681] -> [213.166.132.204][11194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...203] [ip4][..udp] [......10.0.2.15][28681] -> [.120.156.204.38][54832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...199] [ip4][..udp] [......10.0.2.15][28681] -> [..114.73.129.26][53585] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...207] [ip4][..udp] [......10.0.2.15][28681] -> [.81.242.191.215][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...208] [ip4][..udp] [......10.0.2.15][28681] -> [..81.249.64.215][25058] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...212] [ip4][..udp] [......10.0.2.15][28681] -> [...36.233.3.223][12848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...197] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...168] [ip4][..udp] [......10.0.2.15][28681] -> [...89.157.59.43][56919] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...215] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...164] [ip4][..udp] [......10.0.2.15][28681] -> [.142.197.219.85][26234] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...189] [ip4][..udp] [......10.0.2.15][28681] -> [115.195.105.243][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...179] [ip4][..udp] [......10.0.2.15][28681] -> [.178.51.146.115][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...186] [ip4][..udp] [......10.0.2.15][28681] -> [..91.182.44.202][30277] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...174] [ip4][..udp] [......10.0.2.15][28681] -> [..196.74.159.56][29271] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...349] [ip4][.icmp] [...84.197.97.94] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...165] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...188] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...205] [ip4][..udp] [......10.0.2.15][28681] -> [..96.29.197.138][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...182] [ip4][..udp] [......10.0.2.15][28681] -> [....73.3.103.37][35589] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...210] [ip4][..udp] [......10.0.2.15][28681] -> [.41.100.120.146][12838] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...218] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.52.115][53956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...211] [ip4][..udp] [......10.0.2.15][28681] -> [..186.93.139.92][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...351] [ip4][..udp] [......10.0.2.15][28681] -> [..187.37.87.189][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...154] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.111.224][51984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...201] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...194] [ip4][..udp] [......10.0.2.15][28681] -> [176.150.126.156][16471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...178] [ip4][..udp] [......10.0.2.15][28681] -> [....83.46.253.7][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...163] [ip4][..udp] [......10.0.2.15][28681] -> [.88.126.160.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...216] [ip4][..udp] [......10.0.2.15][28681] -> [.212.68.248.153][27223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...204] [ip4][..udp] [......10.0.2.15][28681] -> [..84.126.240.32][45313] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...202] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] new: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] new: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] @@ -2231,93 +2232,97 @@ new: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] new: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] new: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] - idle: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] - idle: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] - idle: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] - idle: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] + idle: [....26] [ip4][..udp] [......10.0.2.15][57619] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....27] [ip4][..udp] [......10.0.2.15][57620] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....34] [ip4][..udp] [......10.0.2.15][57621] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....41] [ip4][..udp] [......10.0.2.15][57622] -> [.......10.0.2.2][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...307] [ip4][..udp] [......10.0.2.15][28681] -> [..72.201.208.57][38617] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...258] [ip4][..udp] [......10.0.2.15][28681] -> [...24.26.216.95][13889] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...315] [ip4][..udp] [......10.0.2.15][28681] -> [...92.217.84.16][20223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...358] [ip4][..udp] [......10.0.2.15][28681] -> [.47.224.174.174][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...357] [ip4][..udp] [......10.0.2.15][28681] -> [...98.35.85.238][32173] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...305] [ip4][..udp] [......10.0.2.15][28681] -> [..88.168.175.31][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...318] [ip4][..udp] [......10.0.2.15][28681] -> [173.183.183.110][59920] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...311] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.188.98][62851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...251] [ip4][..udp] [......10.0.2.15][28681] -> [.185.203.218.92][56962] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...256] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][50297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...249] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.218][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...356] [ip4][..udp] [......10.0.2.15][28681] -> [.63.228.175.169][.1936] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] update: [...314] [ip4][..udp] [......10.0.2.15][28681] -> [..71.237.202.91][16117] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...252] [ip4][..udp] [......10.0.2.15][28681] -> [..72.140.120.41][47739] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] detected: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -2507,46 +2512,45 @@ RISK: Unsafe Protocol, Unidirectional Traffic idle: [....54] [ip4][..udp] [......10.0.2.15][57623] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....96] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...100] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...115] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.104][11804] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...101] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol end: [...345] [ip4][..tcp] [......10.0.2.15][50330] -> [.69.118.162.229][46906] [HTTP.Gnutella][Unknown][Download][Potentially Dangerous] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unsafe Protocol idle: [...131] [ip4][..udp] [......10.0.2.15][28681] -> [.86.225.140.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...106] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.154.69][.4832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....86] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...127] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.1024] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...112] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....99] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...349] [ip4][.icmp] [...84.197.97.94] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...103] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....97] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...104] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [.....7] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable] idle: [...102] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...132] [ip4][..udp] [......10.0.2.15][28681] -> [...79.86.173.45][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...110] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...105] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] detected: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -2566,208 +2570,208 @@ detected: [...492] [ip4][..udp] [......10.0.2.15][28681] -> [...172.94.41.71][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic idle: [...170] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...196] [ip4][..udp] [......10.0.2.15][28681] -> [..88.127.72.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] [Unknown][Unknown][Unrated] idle: [...220] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][.9239] idle: [...217] [ip4][..udp] [......10.0.2.15][28681] -> [.126.117.45.151][19323] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...155] [ip4][..udp] [......10.0.2.15][28681] -> [.88.168.182.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...198] [ip4][..udp] [......10.0.2.15][28681] -> [..58.182.171.50][15180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...192] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...181] [ip4][..udp] [......10.0.2.15][28681] -> [...66.177.5.135][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...162] [ip4][..udp] [......10.0.2.15][28681] -> [.88.123.159.111][44729] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...214] [ip4][..udp] [......10.0.2.15][28681] -> [.91.169.215.227][26820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...193] [ip4][..udp] [......10.0.2.15][28681] -> [..188.44.126.74][54633] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...169] [ip4][..udp] [......10.0.2.15][28681] -> [...91.162.52.93][34799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...206] [ip4][..udp] [......10.0.2.15][28681] -> [213.166.132.204][11194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...203] [ip4][..udp] [......10.0.2.15][28681] -> [.120.156.204.38][54832] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...199] [ip4][..udp] [......10.0.2.15][28681] -> [..114.73.129.26][53585] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...207] [ip4][..udp] [......10.0.2.15][28681] -> [.81.242.191.215][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...208] [ip4][..udp] [......10.0.2.15][28681] -> [..81.249.64.215][25058] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...212] [ip4][..udp] [......10.0.2.15][28681] -> [...36.233.3.223][12848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...197] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...168] [ip4][..udp] [......10.0.2.15][28681] -> [...89.157.59.43][56919] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...215] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...189] [ip4][..udp] [......10.0.2.15][28681] -> [115.195.105.243][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...179] [ip4][..udp] [......10.0.2.15][28681] -> [.178.51.146.115][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...186] [ip4][..udp] [......10.0.2.15][28681] -> [..91.182.44.202][30277] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...174] [ip4][..udp] [......10.0.2.15][28681] -> [..196.74.159.56][29271] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...205] [ip4][..udp] [......10.0.2.15][28681] -> [..96.29.197.138][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...210] [ip4][..udp] [......10.0.2.15][28681] -> [.41.100.120.146][12838] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...218] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.52.115][53956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...211] [ip4][..udp] [......10.0.2.15][28681] -> [..186.93.139.92][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...154] [ip4][..udp] [......10.0.2.15][28681] -> [174.115.111.224][51984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...201] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...194] [ip4][..udp] [......10.0.2.15][28681] -> [176.150.126.156][16471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...178] [ip4][..udp] [......10.0.2.15][28681] -> [....83.46.253.7][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...216] [ip4][..udp] [......10.0.2.15][28681] -> [.212.68.248.153][27223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...204] [ip4][..udp] [......10.0.2.15][28681] -> [..84.126.240.32][45313] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...202] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...329] [ip4][..udp] [......10.0.2.15][28681] -> [..92.117.249.98][.6815] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...328] [ip4][..udp] [......10.0.2.15][28681] -> [.203.220.105.27][19260] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...338] [ip4][..udp] [......10.0.2.15][28681] -> [221.198.205.196][20778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...366] [ip4][..udp] [......10.0.2.15][28681] -> [....94.8.55.158][51140] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...365] [ip4][..udp] [......10.0.2.15][28681] -> [..188.23.24.213][18561] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...350] [ip4][..udp] [......10.0.2.15][28681] -> [..99.250.253.99][11819] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...343] [ip4][..udp] [......10.0.2.15][28681] -> [..89.212.91.155][.5195] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...325] [ip4][..udp] [......10.0.2.15][28681] -> [..83.160.143.48][37036] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...348] [ip4][..udp] [......10.0.2.15][28681] -> [...84.197.97.94][.1360] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...368] [ip4][..udp] [......10.0.2.15][28681] -> [...47.147.52.21][36728] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...363] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][38297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...362] [ip4][..udp] [......10.0.2.15][28681] -> [190.192.210.182][.6754] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...322] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.219][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...327] [ip4][..udp] [......10.0.2.15][28681] -> [...84.28.53.225][44859] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...324] [ip4][..udp] [......10.0.2.15][28681] -> [.73.250.179.237][20848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...347] [ip4][..udp] [......10.0.2.15][28681] -> [..176.10.169.10][12799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...330] [ip4][..udp] [......10.0.2.15][28681] -> [....82.64.44.11][.1352] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...326] [ip4][..udp] [......10.0.2.15][28681] -> [..100.1.231.138][56558] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...341] [ip4][..udp] [......10.0.2.15][28681] -> [..24.129.233.60][19990] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] detected: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] @@ -3077,138 +3081,138 @@ detected: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...320] [ip4][..udp] [......10.0.2.15][28681] -> [185.236.200.137][48142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...325] [ip4][..udp] [......10.0.2.15][28681] -> [..83.160.143.48][37036] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...305] [ip4][..udp] [......10.0.2.15][28681] -> [..88.168.175.31][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....31] [ip4][..tcp] [......10.0.2.15][50193] -> [....89.75.52.19][46010] [Unknown][Unknown][Unrated] end: [....31] [ip4][..tcp] [......10.0.2.15][50193] -> [....89.75.52.19][46010] idle: [...322] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.219][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....28] [ip4][..tcp] [......10.0.2.15][50190] -> [..80.140.63.147][29545] [Unknown][Unknown][Unrated] end: [....28] [ip4][..tcp] [......10.0.2.15][50190] -> [..80.140.63.147][29545] idle: [...314] [ip4][..udp] [......10.0.2.15][28681] -> [..71.237.202.91][16117] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....30] [ip4][..tcp] [......10.0.2.15][50192] -> [....45.65.87.24][16201] [Unknown][Unknown][Unrated] end: [....30] [ip4][..tcp] [......10.0.2.15][50192] -> [....45.65.87.24][16201] not-detected: [....29] [ip4][..tcp] [......10.0.2.15][50191] -> [.207.38.163.228][.6778] [Unknown][Unknown][Unrated] end: [....29] [ip4][..tcp] [......10.0.2.15][50191] -> [.207.38.163.228][.6778] update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...354] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][.1032] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...353] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][25282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...371] [ip4][..udp] [......10.0.2.15][28681] -> [.109.131.202.24][44748] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...374] [ip4][..udp] [......10.0.2.15][28681] -> [....62.35.190.5][18604] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...164] [ip4][..udp] [......10.0.2.15][28681] -> [.142.197.219.85][26234] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...372] [ip4][..udp] [......10.0.2.15][28681] -> [.91.179.185.126][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...165] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...188] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...182] [ip4][..udp] [......10.0.2.15][28681] -> [....73.3.103.37][35589] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...351] [ip4][..udp] [......10.0.2.15][28681] -> [..187.37.87.189][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...163] [ip4][..udp] [......10.0.2.15][28681] -> [.88.126.160.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...373] [ip4][..udp] [......10.0.2.15][28681] -> [..88.122.233.15][11488] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] new: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] update: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] update: [...433] [ip4][..udp] [......10.0.2.15][28681] -> [.99.255.145.191][47264] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...404] [ip4][..udp] [......10.0.2.15][28681] -> [.86.234.216.251][17845] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] update: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] update: [...426] [ip4][..udp] [......10.0.2.15][28681] -> [..219.71.44.121][14398] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...307] [ip4][..udp] [......10.0.2.15][28681] -> [..72.201.208.57][38617] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...411] [ip4][..udp] [......10.0.2.15][28681] -> [...89.143.28.64][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...408] [ip4][..udp] [......10.0.2.15][28681] -> [...90.103.2.245][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...424] [ip4][..udp] [......10.0.2.15][28681] -> [..93.15.216.216][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] update: [...422] [ip4][..udp] [......10.0.2.15][28681] -> [..88.123.35.219][42211] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...258] [ip4][..udp] [......10.0.2.15][28681] -> [...24.26.216.95][13889] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...315] [ip4][..udp] [......10.0.2.15][28681] -> [...92.217.84.16][20223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...439] [ip4][..udp] [......10.0.2.15][28681] -> [..176.135.15.86][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] update: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] update: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] @@ -3217,57 +3221,57 @@ update: [...449] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][.8826] update: [...461] [ip4][..udp] [......10.0.2.15][28681] -> [..69.27.193.124][50555] update: [...358] [ip4][..udp] [......10.0.2.15][28681] -> [.47.224.174.174][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] update: [...357] [ip4][..udp] [......10.0.2.15][28681] -> [...98.35.85.238][32173] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] update: [...481] [ip4][..udp] [......10.0.2.15][28681] -> [..82.120.219.74][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] update: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] update: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] update: [...435] [ip4][..udp] [......10.0.2.15][28681] -> [.109.24.146.101][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...465] [ip4][..udp] [......10.0.2.15][28681] -> [.....2.28.39.18][15672] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...421] [ip4][..udp] [......10.0.2.15][28681] -> [..175.182.39.11][12977] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...416] [ip4][..udp] [......10.0.2.15][28681] -> [..92.139.61.103][24096] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] update: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] update: [...413] [ip4][..udp] [......10.0.2.15][28681] -> [...87.65.188.29][24676] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...318] [ip4][..udp] [......10.0.2.15][28681] -> [173.183.183.110][59920] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...311] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.188.98][62851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...412] [ip4][..udp] [......10.0.2.15][28681] -> [...58.177.52.73][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...418] [ip4][..udp] [......10.0.2.15][28681] -> [.75.129.149.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...251] [ip4][..udp] [......10.0.2.15][28681] -> [.185.203.218.92][56962] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...468] [ip4][..udp] [......10.0.2.15][28681] -> [..94.214.12.247][44001] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...466] [ip4][..udp] [......10.0.2.15][28681] -> [...70.119.248.5][49929] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] update: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] update: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] @@ -3275,194 +3279,194 @@ update: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] update: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] update: [...256] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][50297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] update: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] update: [...428] [ip4][..udp] [......10.0.2.15][28681] -> [....86.162.97.8][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...249] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.218][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] update: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] update: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] update: [...425] [ip4][..udp] [......10.0.2.15][28681] -> [..145.82.53.165][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] update: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] update: [...401] [ip4][..udp] [......10.0.2.15][28681] -> [.173.178.192.76][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...484] [ip4][..udp] [......10.0.2.15][28681] -> [...107.4.56.177][10000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...406] [ip4][..udp] [......10.0.2.15][28681] -> [....109.27.3.68][57380] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] update: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] update: [...356] [ip4][..udp] [......10.0.2.15][28681] -> [.63.228.175.169][.1936] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...467] [ip4][..udp] [......10.0.2.15][28681] -> [...61.64.177.53][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...431] [ip4][..udp] [......10.0.2.15][28681] -> [..88.124.71.246][49035] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] update: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] update: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] update: [...402] [ip4][..udp] [......10.0.2.15][28681] -> [...78.219.202.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...420] [ip4][..udp] [......10.0.2.15][28681] -> [..86.227.127.34][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...417] [ip4][..udp] [......10.0.2.15][28681] -> [.94.187.236.179][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] update: [...427] [ip4][..udp] [......10.0.2.15][28681] -> [...81.249.13.30][15138] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...405] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.31.118][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...415] [ip4][..udp] [......10.0.2.15][28681] -> [..90.247.160.96][17817] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...410] [ip4][..udp] [......10.0.2.15][28681] -> [..93.28.130.131][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] update: [...423] [ip4][..udp] [......10.0.2.15][28681] -> [..119.247.6.226][.9713] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...438] [ip4][..udp] [......10.0.2.15][28681] -> [..71.86.190.163][14142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...403] [ip4][..udp] [......10.0.2.15][28681] -> [197.244.171.132][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] update: [...429] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.215.213][23576] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...436] [ip4][..udp] [......10.0.2.15][28681] -> [.219.68.179.137][.6406] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...414] [ip4][..udp] [......10.0.2.15][28681] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...409] [ip4][..udp] [......10.0.2.15][28681] -> [...86.194.53.68][33770] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...482] [ip4][..udp] [......10.0.2.15][28681] -> [..86.193.23.172][42227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...407] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] update: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] update: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] update: [...440] [ip4][..udp] [......10.0.2.15][28681] -> [203.165.170.112][37087] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] update: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] update: [...252] [ip4][..udp] [......10.0.2.15][28681] -> [..72.140.120.41][47739] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] update: [...437] [ip4][..udp] [......10.0.2.15][28681] -> [....31.38.163.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] update: [...419] [ip4][..udp] [......10.0.2.15][28681] -> [...78.193.236.8][46557] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] update: [...432] [ip4][..udp] [......10.0.2.15][28681] -> [...104.6.118.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] update: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] update: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] update: [...434] [ip4][..udp] [......10.0.2.15][28681] -> [.114.24.182.130][22232] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...462] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][47808] update: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] update: [...430] [ip4][..udp] [......10.0.2.15][28681] -> [....90.8.95.165][40763] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] update: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] update: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] update: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] update: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...338] [ip4][..udp] [......10.0.2.15][28681] -> [221.198.205.196][20778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...134] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...350] [ip4][..udp] [......10.0.2.15][28681] -> [..99.250.253.99][11819] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...343] [ip4][..udp] [......10.0.2.15][28681] -> [..89.212.91.155][.5195] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...348] [ip4][..udp] [......10.0.2.15][28681] -> [...84.197.97.94][.1360] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...346] [ip4][..udp] [......10.0.2.15][28681] -> [..76.226.85.105][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...327] [ip4][..udp] [......10.0.2.15][28681] -> [...84.28.53.225][44859] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...164] [ip4][..udp] [......10.0.2.15][28681] -> [.142.197.219.85][26234] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...337] [ip4][..udp] [......10.0.2.15][28681] -> [..24.116.64.132][51227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...347] [ip4][..udp] [......10.0.2.15][28681] -> [..176.10.169.10][12799] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...165] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...188] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...182] [ip4][..udp] [......10.0.2.15][28681] -> [....73.3.103.37][35589] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...326] [ip4][..udp] [......10.0.2.15][28681] -> [..100.1.231.138][56558] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...351] [ip4][..udp] [......10.0.2.15][28681] -> [..187.37.87.189][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...163] [ip4][..udp] [......10.0.2.15][28681] -> [.88.126.160.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...341] [ip4][..udp] [......10.0.2.15][28681] -> [..24.129.233.60][19990] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...488] [ip4][..udp] [......10.0.2.15][28681] -> [.183.179.90.112][.9852] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...490] [ip4][..udp] [......10.0.2.15][28681] -> [...90.3.215.132][20356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...489] [ip4][..udp] [......10.0.2.15][28681] -> [...108.44.45.25][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...491] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.42.210][.5512] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...492] [ip4][..udp] [......10.0.2.15][28681] -> [...172.94.41.71][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] detected: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -3482,168 +3486,167 @@ detected: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic idle: [...329] [ip4][..udp] [......10.0.2.15][28681] -> [..92.117.249.98][.6815] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...328] [ip4][..udp] [......10.0.2.15][28681] -> [.203.220.105.27][19260] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...354] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][.1032] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...315] [ip4][..udp] [......10.0.2.15][28681] -> [...92.217.84.16][20223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...353] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][25282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...358] [ip4][..udp] [......10.0.2.15][28681] -> [.47.224.174.174][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...357] [ip4][..udp] [......10.0.2.15][28681] -> [...98.35.85.238][32173] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....90] [ip4][..tcp] [......10.0.2.15][50245] -> [..73.62.225.181][46843] [Unknown][Unknown][Unrated] end: [....90] [ip4][..tcp] [......10.0.2.15][50245] -> [..73.62.225.181][46843] idle: [...318] [ip4][..udp] [......10.0.2.15][28681] -> [173.183.183.110][59920] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...311] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.188.98][62851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Unknown][Unknown][Unrated] idle: [...300] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] idle: [...324] [ip4][..udp] [......10.0.2.15][28681] -> [.73.250.179.237][20848] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...177] [ip4][..udp] [......10.0.2.15][28681] -> [.69.157.183.106][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...366] [ip4][..udp] [......10.0.2.15][28681] -> [....94.8.55.158][51140] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...365] [ip4][..udp] [......10.0.2.15][28681] -> [..188.23.24.213][18561] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...368] [ip4][..udp] [......10.0.2.15][28681] -> [...47.147.52.21][36728] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...363] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][38297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...362] [ip4][..udp] [......10.0.2.15][28681] -> [190.192.210.182][.6754] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...330] [ip4][..udp] [......10.0.2.15][28681] -> [....82.64.44.11][.1352] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...251] [ip4][..udp] [......10.0.2.15][28681] -> [.185.203.218.92][56962] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...249] [ip4][..udp] [......10.0.2.15][28681] -> [..45.88.117.218][.6909] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] update: [...586] [ip4][..udp] [......10.0.2.15][28681] -> [..221.124.66.33][13060] update: [...618] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][13281] update: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] update: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] update: [...509] [ip4][..udp] [......10.0.2.15][28681] -> [.92.142.109.190][41370] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] update: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] update: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] update: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] update: [...511] [ip4][..udp] [......10.0.2.15][28681] -> [...68.47.223.27][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...496] [ip4][..udp] [......10.0.2.15][28681] -> [.218.173.230.98][19004] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] update: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] update: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] update: [...495] [ip4][..udp] [......10.0.2.15][28681] -> [...81.247.89.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] update: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] update: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] update: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] update: [...516] [ip4][..udp] [......10.0.2.15][28681] -> [.119.246.147.72][.4572] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] update: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] update: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] @@ -3651,13 +3654,13 @@ update: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] update: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] update: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] update: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] update: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] @@ -3680,10 +3683,10 @@ update: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] update: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] update: [...501] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] update: [...506] [ip4][..udp] [......10.0.2.15][28681] -> [..136.32.84.139][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] update: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] update: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] @@ -3695,12 +3698,12 @@ update: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] update: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] update: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] update: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] update: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] update: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] @@ -3712,23 +3715,23 @@ update: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] update: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] update: [...371] [ip4][..udp] [......10.0.2.15][28681] -> [.109.131.202.24][44748] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] update: [...591] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53707] update: [...594] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7375] update: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] update: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] update: [...508] [ip4][..udp] [......10.0.2.15][28681] -> [...92.144.99.73][10745] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] update: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] update: [...513] [ip4][..udp] [......10.0.2.15][28681] -> [..78.196.216.12][58910] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] update: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] update: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] @@ -3742,7 +3745,7 @@ update: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] update: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] update: [...499] [ip4][..udp] [......10.0.2.15][28681] -> [....1.161.80.82][.8656] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] update: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] update: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] @@ -3750,19 +3753,19 @@ update: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] update: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...505] [ip4][..udp] [......10.0.2.15][28681] -> [.....42.2.62.28][.6387] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...498] [ip4][..udp] [......10.0.2.15][28681] -> [...8.44.149.207][30551] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] update: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] update: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] @@ -3784,12 +3787,12 @@ update: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] update: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...374] [ip4][..udp] [......10.0.2.15][28681] -> [....62.35.190.5][18604] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] update: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] update: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] @@ -3797,15 +3800,15 @@ update: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] update: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] update: [...504] [ip4][..udp] [......10.0.2.15][28681] -> [..85.203.45.107][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...372] [ip4][..udp] [......10.0.2.15][28681] -> [.91.179.185.126][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] update: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] update: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] @@ -3821,7 +3824,7 @@ update: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] update: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] update: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] update: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] @@ -3834,21 +3837,21 @@ update: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] update: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...502] [ip4][..udp] [......10.0.2.15][28681] -> [..47.156.58.211][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...507] [ip4][..udp] [......10.0.2.15][28681] -> [...50.4.204.220][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] update: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] update: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] update: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] update: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] @@ -3857,9 +3860,9 @@ update: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] update: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...512] [ip4][..udp] [......10.0.2.15][28681] -> [..209.204.207.5][49256] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] update: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] update: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] @@ -3872,12 +3875,12 @@ update: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] update: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] update: [...518] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] update: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] update: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] update: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] update: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] @@ -3890,20 +3893,20 @@ update: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] update: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...500] [ip4][..udp] [......10.0.2.15][28681] -> [.220.143.34.225][20071] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] update: [...514] [ip4][..udp] [......10.0.2.15][28681] -> [..83.114.40.175][23552] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] update: [...517] [ip4][..udp] [......10.0.2.15][28681] -> [..36.239.162.27][.7986] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...519] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.8070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] update: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] update: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] @@ -3923,18 +3926,18 @@ update: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] update: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] update: [...510] [ip4][..udp] [......10.0.2.15][28681] -> [...79.94.85.113][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] update: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] update: [...497] [ip4][..udp] [......10.0.2.15][28681] -> [..84.100.76.123][39628] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] update: [...373] [ip4][..udp] [......10.0.2.15][28681] -> [..88.122.233.15][11488] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...515] [ip4][..udp] [......10.0.2.15][28681] -> [220.137.106.173][11625] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] update: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] update: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] @@ -3954,41 +3957,41 @@ update: [...523] [ip4][..udp] [......10.0.2.15][28681] -> [..1.162.138.200][24018] update: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] idle: [...307] [ip4][..udp] [......10.0.2.15][28681] -> [..72.201.208.57][38617] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...258] [ip4][..udp] [......10.0.2.15][28681] -> [...24.26.216.95][13889] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...359] [ip4][..udp] [......10.0.2.15][51685] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...256] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][50297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...252] [ip4][..udp] [......10.0.2.15][28681] -> [..72.140.120.41][47739] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] update: [...433] [ip4][..udp] [......10.0.2.15][28681] -> [.99.255.145.191][47264] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...404] [ip4][..udp] [......10.0.2.15][28681] -> [.86.234.216.251][17845] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] update: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] update: [...426] [ip4][..udp] [......10.0.2.15][28681] -> [..219.71.44.121][14398] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...411] [ip4][..udp] [......10.0.2.15][28681] -> [...89.143.28.64][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...408] [ip4][..udp] [......10.0.2.15][28681] -> [...90.103.2.245][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...424] [ip4][..udp] [......10.0.2.15][28681] -> [..93.15.216.216][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] update: [...422] [ip4][..udp] [......10.0.2.15][28681] -> [..88.123.35.219][42211] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...439] [ip4][..udp] [......10.0.2.15][28681] -> [..176.135.15.86][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] update: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] update: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] @@ -3999,234 +4002,233 @@ update: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] update: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] update: [...481] [ip4][..udp] [......10.0.2.15][28681] -> [..82.120.219.74][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] update: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] update: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] update: [...435] [ip4][..udp] [......10.0.2.15][28681] -> [.109.24.146.101][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...465] [ip4][..udp] [......10.0.2.15][28681] -> [.....2.28.39.18][15672] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...421] [ip4][..udp] [......10.0.2.15][28681] -> [..175.182.39.11][12977] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...416] [ip4][..udp] [......10.0.2.15][28681] -> [..92.139.61.103][24096] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] update: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] update: [...413] [ip4][..udp] [......10.0.2.15][28681] -> [...87.65.188.29][24676] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...412] [ip4][..udp] [......10.0.2.15][28681] -> [...58.177.52.73][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...418] [ip4][..udp] [......10.0.2.15][28681] -> [.75.129.149.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...468] [ip4][..udp] [......10.0.2.15][28681] -> [..94.214.12.247][44001] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...466] [ip4][..udp] [......10.0.2.15][28681] -> [...70.119.248.5][49929] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] update: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] update: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] update: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] update: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] update: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] update: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] update: [...428] [ip4][..udp] [......10.0.2.15][28681] -> [....86.162.97.8][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] update: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] update: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] update: [...425] [ip4][..udp] [......10.0.2.15][28681] -> [..145.82.53.165][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] update: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] update: [...401] [ip4][..udp] [......10.0.2.15][28681] -> [.173.178.192.76][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...484] [ip4][..udp] [......10.0.2.15][28681] -> [...107.4.56.177][10000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...406] [ip4][..udp] [......10.0.2.15][28681] -> [....109.27.3.68][57380] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] update: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] update: [...356] [ip4][..udp] [......10.0.2.15][28681] -> [.63.228.175.169][.1936] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...467] [ip4][..udp] [......10.0.2.15][28681] -> [...61.64.177.53][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...431] [ip4][..udp] [......10.0.2.15][28681] -> [..88.124.71.246][49035] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] update: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] update: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] update: [...402] [ip4][..udp] [......10.0.2.15][28681] -> [...78.219.202.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...420] [ip4][..udp] [......10.0.2.15][28681] -> [..86.227.127.34][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...417] [ip4][..udp] [......10.0.2.15][28681] -> [.94.187.236.179][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] update: [...427] [ip4][..udp] [......10.0.2.15][28681] -> [...81.249.13.30][15138] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...405] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.31.118][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...415] [ip4][..udp] [......10.0.2.15][28681] -> [..90.247.160.96][17817] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...410] [ip4][..udp] [......10.0.2.15][28681] -> [..93.28.130.131][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] update: [...423] [ip4][..udp] [......10.0.2.15][28681] -> [..119.247.6.226][.9713] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...438] [ip4][..udp] [......10.0.2.15][28681] -> [..71.86.190.163][14142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...403] [ip4][..udp] [......10.0.2.15][28681] -> [197.244.171.132][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] update: [...429] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.215.213][23576] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...436] [ip4][..udp] [......10.0.2.15][28681] -> [.219.68.179.137][.6406] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...414] [ip4][..udp] [......10.0.2.15][28681] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...409] [ip4][..udp] [......10.0.2.15][28681] -> [...86.194.53.68][33770] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...482] [ip4][..udp] [......10.0.2.15][28681] -> [..86.193.23.172][42227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...407] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] update: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] update: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] update: [...440] [ip4][..udp] [......10.0.2.15][28681] -> [203.165.170.112][37087] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] update: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] update: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] update: [...437] [ip4][..udp] [......10.0.2.15][28681] -> [....31.38.163.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] update: [...419] [ip4][..udp] [......10.0.2.15][28681] -> [...78.193.236.8][46557] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] update: [...432] [ip4][..udp] [......10.0.2.15][28681] -> [...104.6.118.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] update: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] update: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] update: [...434] [ip4][..udp] [......10.0.2.15][28681] -> [.114.24.182.130][22232] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...462] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][47808] update: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] update: [...430] [ip4][..udp] [......10.0.2.15][28681] -> [....90.8.95.165][40763] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] update: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] update: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] update: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] update: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] idle: [...247] [ip4][..udp] [......10.0.2.15][28681] -> [..181.84.178.16][60262] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...366] [ip4][..udp] [......10.0.2.15][28681] -> [....94.8.55.158][51140] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...309] [ip4][..udp] [......10.0.2.15][28681] -> [.47.220.186.140][27641] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...365] [ip4][..udp] [......10.0.2.15][28681] -> [..188.23.24.213][18561] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...310] [ip4][..udp] [......10.0.2.15][28681] -> [.118.240.69.199][.6348] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...368] [ip4][..udp] [......10.0.2.15][28681] -> [...47.147.52.21][36728] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...363] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][38297] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...362] [ip4][..udp] [......10.0.2.15][28681] -> [190.192.210.182][.6754] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...356] [ip4][..udp] [......10.0.2.15][28681] -> [.63.228.175.169][.1936] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...355] [ip4][..udp] [......10.0.2.15][28681] -> [.181.118.53.212][29998] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] [Unknown][Unknown][Unrated] idle: [...301] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][11852] not-detected: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Unknown][Unknown][Unrated] idle: [...243] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] idle: [...330] [ip4][..udp] [......10.0.2.15][28681] -> [....82.64.44.11][.1352] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...360] [ip4][..udp] [......10.0.2.15][28681] -> [..198.58.218.12][47912] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...263] [ip4][..udp] [......10.0.2.15][28681] -> [..82.217.176.52][.7446] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...264] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][11603] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...488] [ip4][..udp] [......10.0.2.15][28681] -> [.183.179.90.112][.9852] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...490] [ip4][..udp] [......10.0.2.15][28681] -> [...90.3.215.132][20356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...489] [ip4][..udp] [......10.0.2.15][28681] -> [...108.44.45.25][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...491] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.42.210][.5512] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...492] [ip4][..udp] [......10.0.2.15][28681] -> [...172.94.41.71][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] detected: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -4234,143 +4236,143 @@ RISK: Unidirectional Traffic idle: [...242] [ip4][..udp] [......10.0.2.15][28681] -> [..75.133.101.93][52367] idle: [...308] [ip4][..udp] [......10.0.2.15][28681] -> [...81.205.91.45][40137] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] detected: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [....20] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [...136] [ip4][..udp] [......10.0.2.15][28681] -> [.80.236.247.120][16047] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...173] [ip4][..udp] [......10.0.2.15][28681] -> [..121.99.222.36][44988] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] update: [...586] [ip4][..udp] [......10.0.2.15][28681] -> [..221.124.66.33][13060] update: [...618] [ip4][..udp] [......10.0.2.15][28681] -> [...1.172.184.48][13281] update: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] update: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] update: [...509] [ip4][..udp] [......10.0.2.15][28681] -> [.92.142.109.190][41370] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] update: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] update: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] update: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] update: [...511] [ip4][..udp] [......10.0.2.15][28681] -> [...68.47.223.27][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...496] [ip4][..udp] [......10.0.2.15][28681] -> [.218.173.230.98][19004] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] update: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] update: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] update: [...495] [ip4][..udp] [......10.0.2.15][28681] -> [...81.247.89.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] update: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] update: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] update: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] update: [...516] [ip4][..udp] [......10.0.2.15][28681] -> [.119.246.147.72][.4572] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] update: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] update: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] @@ -4378,13 +4380,13 @@ update: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] update: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] update: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] update: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] update: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] @@ -4407,10 +4409,10 @@ update: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] update: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] update: [...501] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] update: [...506] [ip4][..udp] [......10.0.2.15][28681] -> [..136.32.84.139][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] update: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] update: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] @@ -4422,12 +4424,12 @@ update: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] update: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] update: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] update: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] update: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] update: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] @@ -4439,23 +4441,23 @@ update: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] update: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] update: [...371] [ip4][..udp] [......10.0.2.15][28681] -> [.109.131.202.24][44748] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] update: [...591] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53707] update: [...594] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7375] update: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] update: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] update: [...508] [ip4][..udp] [......10.0.2.15][28681] -> [...92.144.99.73][10745] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] update: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] update: [...513] [ip4][..udp] [......10.0.2.15][28681] -> [..78.196.216.12][58910] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] update: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] update: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] @@ -4469,7 +4471,7 @@ update: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] update: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] update: [...499] [ip4][..udp] [......10.0.2.15][28681] -> [....1.161.80.82][.8656] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] update: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] update: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] @@ -4477,17 +4479,17 @@ update: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] update: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...505] [ip4][..udp] [......10.0.2.15][28681] -> [.....42.2.62.28][.6387] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...498] [ip4][..udp] [......10.0.2.15][28681] -> [...8.44.149.207][30551] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] update: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] update: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] @@ -4509,12 +4511,12 @@ update: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] update: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...374] [ip4][..udp] [......10.0.2.15][28681] -> [....62.35.190.5][18604] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] update: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] update: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] @@ -4522,15 +4524,15 @@ update: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] update: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] update: [...504] [ip4][..udp] [......10.0.2.15][28681] -> [..85.203.45.107][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...372] [ip4][..udp] [......10.0.2.15][28681] -> [.91.179.185.126][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] update: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] update: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] @@ -4546,7 +4548,7 @@ update: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] update: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] update: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] update: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] @@ -4559,21 +4561,21 @@ update: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] update: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...502] [ip4][..udp] [......10.0.2.15][28681] -> [..47.156.58.211][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...507] [ip4][..udp] [......10.0.2.15][28681] -> [...50.4.204.220][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] update: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] update: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] update: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] update: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] @@ -4582,9 +4584,9 @@ update: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] update: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...512] [ip4][..udp] [......10.0.2.15][28681] -> [..209.204.207.5][49256] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] update: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] update: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] @@ -4597,12 +4599,12 @@ update: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] update: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] update: [...518] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] update: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] update: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] update: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] update: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] @@ -4615,20 +4617,20 @@ update: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] update: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...500] [ip4][..udp] [......10.0.2.15][28681] -> [.220.143.34.225][20071] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] update: [...514] [ip4][..udp] [......10.0.2.15][28681] -> [..83.114.40.175][23552] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] update: [...517] [ip4][..udp] [......10.0.2.15][28681] -> [..36.239.162.27][.7986] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...519] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.8070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] update: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] update: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] @@ -4648,18 +4650,18 @@ update: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] update: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] update: [...510] [ip4][..udp] [......10.0.2.15][28681] -> [...79.94.85.113][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] update: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] update: [...497] [ip4][..udp] [......10.0.2.15][28681] -> [..84.100.76.123][39628] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] update: [...373] [ip4][..udp] [......10.0.2.15][28681] -> [..88.122.233.15][11488] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...515] [ip4][..udp] [......10.0.2.15][28681] -> [220.137.106.173][11625] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] update: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] update: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] @@ -4680,27 +4682,27 @@ update: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] update: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] update: [...433] [ip4][..udp] [......10.0.2.15][28681] -> [.99.255.145.191][47264] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...404] [ip4][..udp] [......10.0.2.15][28681] -> [.86.234.216.251][17845] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] update: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] update: [...426] [ip4][..udp] [......10.0.2.15][28681] -> [..219.71.44.121][14398] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...411] [ip4][..udp] [......10.0.2.15][28681] -> [...89.143.28.64][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...408] [ip4][..udp] [......10.0.2.15][28681] -> [...90.103.2.245][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...424] [ip4][..udp] [......10.0.2.15][28681] -> [..93.15.216.216][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] update: [...422] [ip4][..udp] [......10.0.2.15][28681] -> [..88.123.35.219][42211] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...439] [ip4][..udp] [......10.0.2.15][28681] -> [..176.135.15.86][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] update: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] update: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] @@ -4711,174 +4713,173 @@ update: [...472] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45744] update: [...471] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][43457] update: [...481] [ip4][..udp] [......10.0.2.15][28681] -> [..82.120.219.74][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] update: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] update: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] update: [...435] [ip4][..udp] [......10.0.2.15][28681] -> [.109.24.146.101][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...465] [ip4][..udp] [......10.0.2.15][28681] -> [.....2.28.39.18][15672] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...421] [ip4][..udp] [......10.0.2.15][28681] -> [..175.182.39.11][12977] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...416] [ip4][..udp] [......10.0.2.15][28681] -> [..92.139.61.103][24096] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] update: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] update: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] update: [...413] [ip4][..udp] [......10.0.2.15][28681] -> [...87.65.188.29][24676] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...412] [ip4][..udp] [......10.0.2.15][28681] -> [...58.177.52.73][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...418] [ip4][..udp] [......10.0.2.15][28681] -> [.75.129.149.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...468] [ip4][..udp] [......10.0.2.15][28681] -> [..94.214.12.247][44001] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...466] [ip4][..udp] [......10.0.2.15][28681] -> [...70.119.248.5][49929] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] update: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] update: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] update: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] update: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] update: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] update: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] update: [...428] [ip4][..udp] [......10.0.2.15][28681] -> [....86.162.97.8][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] update: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] update: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] update: [...425] [ip4][..udp] [......10.0.2.15][28681] -> [..145.82.53.165][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] update: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] update: [...401] [ip4][..udp] [......10.0.2.15][28681] -> [.173.178.192.76][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...484] [ip4][..udp] [......10.0.2.15][28681] -> [...107.4.56.177][10000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...406] [ip4][..udp] [......10.0.2.15][28681] -> [....109.27.3.68][57380] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] update: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] update: [...467] [ip4][..udp] [......10.0.2.15][28681] -> [...61.64.177.53][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...431] [ip4][..udp] [......10.0.2.15][28681] -> [..88.124.71.246][49035] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] update: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] update: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] update: [...402] [ip4][..udp] [......10.0.2.15][28681] -> [...78.219.202.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...420] [ip4][..udp] [......10.0.2.15][28681] -> [..86.227.127.34][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...417] [ip4][..udp] [......10.0.2.15][28681] -> [.94.187.236.179][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...427] [ip4][..udp] [......10.0.2.15][28681] -> [...81.249.13.30][15138] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...405] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.31.118][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...415] [ip4][..udp] [......10.0.2.15][28681] -> [..90.247.160.96][17817] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...410] [ip4][..udp] [......10.0.2.15][28681] -> [..93.28.130.131][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] update: [...423] [ip4][..udp] [......10.0.2.15][28681] -> [..119.247.6.226][.9713] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...438] [ip4][..udp] [......10.0.2.15][28681] -> [..71.86.190.163][14142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...403] [ip4][..udp] [......10.0.2.15][28681] -> [197.244.171.132][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] update: [...429] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.215.213][23576] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...436] [ip4][..udp] [......10.0.2.15][28681] -> [.219.68.179.137][.6406] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...414] [ip4][..udp] [......10.0.2.15][28681] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...409] [ip4][..udp] [......10.0.2.15][28681] -> [...86.194.53.68][33770] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...482] [ip4][..udp] [......10.0.2.15][28681] -> [..86.193.23.172][42227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...407] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] update: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] update: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] update: [...440] [ip4][..udp] [......10.0.2.15][28681] -> [203.165.170.112][37087] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] update: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] update: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] update: [...437] [ip4][..udp] [......10.0.2.15][28681] -> [....31.38.163.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] update: [...419] [ip4][..udp] [......10.0.2.15][28681] -> [...78.193.236.8][46557] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] update: [...432] [ip4][..udp] [......10.0.2.15][28681] -> [...104.6.118.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] update: [...382] [ip4][..udp] [......10.0.2.15][28681] -> [..76.175.11.126][40958] update: [...480] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.74.26][65498] update: [...434] [ip4][..udp] [......10.0.2.15][28681] -> [.114.24.182.130][22232] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...462] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][47808] update: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] update: [...430] [ip4][..udp] [......10.0.2.15][28681] -> [....90.8.95.165][40763] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...475] [ip4][..udp] [......10.0.2.15][28681] -> [..188.61.52.183][63978] update: [...473] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][33564] update: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] update: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] update: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] detected: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -4892,122 +4893,121 @@ idle: [...369] [ip4][..udp] [......10.0.2.15][28681] -> [.89.187.171.240][.6346] update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] update: [...488] [ip4][..udp] [......10.0.2.15][28681] -> [.183.179.90.112][.9852] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...490] [ip4][..udp] [......10.0.2.15][28681] -> [...90.3.215.132][20356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...489] [ip4][..udp] [......10.0.2.15][28681] -> [...108.44.45.25][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...491] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.42.210][.5512] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...492] [ip4][..udp] [......10.0.2.15][28681] -> [...172.94.41.71][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...371] [ip4][..udp] [......10.0.2.15][28681] -> [.109.131.202.24][44748] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...370] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.56.198][11984] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...374] [ip4][..udp] [......10.0.2.15][28681] -> [....62.35.190.5][18604] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...372] [ip4][..udp] [......10.0.2.15][28681] -> [.91.179.185.126][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...745] [ip4][.icmp] [..164.132.10.25] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...373] [ip4][..udp] [......10.0.2.15][28681] -> [..88.122.233.15][11488] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...335] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] detected: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][msedgewin10] RISK: Unsafe Protocol @@ -5018,125 +5018,125 @@ detected: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic idle: [...433] [ip4][..udp] [......10.0.2.15][28681] -> [.99.255.145.191][47264] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...404] [ip4][..udp] [......10.0.2.15][28681] -> [.86.234.216.251][17845] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...426] [ip4][..udp] [......10.0.2.15][28681] -> [..219.71.44.121][14398] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...411] [ip4][..udp] [......10.0.2.15][28681] -> [...89.143.28.64][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...408] [ip4][..udp] [......10.0.2.15][28681] -> [...90.103.2.245][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...424] [ip4][..udp] [......10.0.2.15][28681] -> [..93.15.216.216][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...422] [ip4][..udp] [......10.0.2.15][28681] -> [..88.123.35.219][42211] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...439] [ip4][..udp] [......10.0.2.15][28681] -> [..176.135.15.86][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...398] [ip4][..udp] [......10.0.2.15][28681] -> [.62.102.148.166][31332] idle: [...481] [ip4][..udp] [......10.0.2.15][28681] -> [..82.120.219.74][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...435] [ip4][..udp] [......10.0.2.15][28681] -> [.109.24.146.101][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...465] [ip4][..udp] [......10.0.2.15][28681] -> [.....2.28.39.18][15672] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...392] [ip4][..udp] [......10.0.2.15][28681] -> [....42.0.69.215][12608] idle: [...416] [ip4][..udp] [......10.0.2.15][28681] -> [..92.139.61.103][24096] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] [Unknown][Unknown][Unrated] idle: [...304] [ip4][..udp] [......10.0.2.15][28681] -> [.193.32.126.214][59596] not-detected: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...389] [ip4][..udp] [......10.0.2.15][28681] -> [..94.215.183.71][31310] idle: [...413] [ip4][..udp] [......10.0.2.15][28681] -> [...87.65.188.29][24676] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...412] [ip4][..udp] [......10.0.2.15][28681] -> [...58.177.52.73][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...418] [ip4][..udp] [......10.0.2.15][28681] -> [.75.129.149.103][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...468] [ip4][..udp] [......10.0.2.15][28681] -> [..94.214.12.247][44001] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...466] [ip4][..udp] [......10.0.2.15][28681] -> [...70.119.248.5][49929] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...385] [ip4][..udp] [......10.0.2.15][28681] -> [..66.223.143.31][47978] idle: [...428] [ip4][..udp] [......10.0.2.15][28681] -> [....86.162.97.8][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...425] [ip4][..udp] [......10.0.2.15][28681] -> [..145.82.53.165][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...401] [ip4][..udp] [......10.0.2.15][28681] -> [.173.178.192.76][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...406] [ip4][..udp] [......10.0.2.15][28681] -> [....109.27.3.68][57380] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...399] [ip4][..udp] [......10.0.2.15][28681] -> [.175.39.219.223][31728] idle: [...431] [ip4][..udp] [......10.0.2.15][28681] -> [..88.124.71.246][49035] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] [Unknown][Unknown][Unrated] idle: [...303] [ip4][..udp] [......10.0.2.15][28681] -> [.142.132.165.13][30566] not-detected: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...395] [ip4][..udp] [......10.0.2.15][28681] -> [..191.114.88.39][18751] idle: [...402] [ip4][..udp] [......10.0.2.15][28681] -> [...78.219.202.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...420] [ip4][..udp] [......10.0.2.15][28681] -> [..86.227.127.34][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...417] [ip4][..udp] [......10.0.2.15][28681] -> [.94.187.236.179][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...125] [ip4][..udp] [......10.0.2.15][28681] -> [..83.92.178.182][57302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...427] [ip4][..udp] [......10.0.2.15][28681] -> [...81.249.13.30][15138] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...405] [ip4][..udp] [......10.0.2.15][28681] -> [.176.155.31.118][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...387] [ip4][..udp] [......10.0.2.15][28681] -> [....220.135.8.7][.1219] idle: [...415] [ip4][..udp] [......10.0.2.15][28681] -> [..90.247.160.96][17817] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...410] [ip4][..udp] [......10.0.2.15][28681] -> [..93.28.130.131][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...438] [ip4][..udp] [......10.0.2.15][28681] -> [..71.86.190.163][14142] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...403] [ip4][..udp] [......10.0.2.15][28681] -> [197.244.171.132][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...429] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.215.213][23576] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...436] [ip4][..udp] [......10.0.2.15][28681] -> [.219.68.179.137][.6406] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...409] [ip4][..udp] [......10.0.2.15][28681] -> [...86.194.53.68][33770] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...482] [ip4][..udp] [......10.0.2.15][28681] -> [..86.193.23.172][42227] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...108] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][.7922] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...407] [ip4][..udp] [......10.0.2.15][28681] -> [195.181.151.217][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...390] [ip4][..udp] [......10.0.2.15][28681] -> [144.134.132.206][16401] idle: [...440] [ip4][..udp] [......10.0.2.15][28681] -> [203.165.170.112][37087] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...391] [ip4][..udp] [......10.0.2.15][28681] -> [...161.81.38.67][.9539] idle: [...437] [ip4][..udp] [......10.0.2.15][28681] -> [....31.38.163.2][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...419] [ip4][..udp] [......10.0.2.15][28681] -> [...78.193.236.8][46557] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...432] [ip4][..udp] [......10.0.2.15][28681] -> [...104.6.118.53][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...397] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][24634] idle: [...430] [ip4][..udp] [......10.0.2.15][28681] -> [....90.8.95.165][40763] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...396] [ip4][..udp] [......10.0.2.15][28681] -> [..112.119.59.24][28755] @@ -5146,33 +5146,33 @@ update: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] update: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] update: [...509] [ip4][..udp] [......10.0.2.15][28681] -> [.92.142.109.190][41370] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] update: [...609] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][59016] update: [...690] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][50637] update: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] update: [...511] [ip4][..udp] [......10.0.2.15][28681] -> [...68.47.223.27][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...496] [ip4][..udp] [......10.0.2.15][28681] -> [.218.173.230.98][19004] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] update: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] update: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] update: [...495] [ip4][..udp] [......10.0.2.15][28681] -> [...81.247.89.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...603] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][64577] update: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] update: [...646] [ip4][..udp] [......10.0.2.15][28681] -> [..36.237.10.152][21293] update: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] update: [...516] [ip4][..udp] [......10.0.2.15][28681] -> [.119.246.147.72][.4572] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] update: [...597] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52274] update: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] @@ -5180,13 +5180,13 @@ update: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] update: [...628] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...616] [ip4][..udp] [......10.0.2.15][28681] -> [220.208.167.152][30628] update: [...596] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58954] update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...713] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51379] update: [...593] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.9747] update: [...571] [ip4][..udp] [......10.0.2.15][28681] -> [.114.40.163.123][55341] @@ -5209,10 +5209,10 @@ update: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] update: [...744] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][48250] update: [...501] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...683] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][54459] update: [...506] [ip4][..udp] [......10.0.2.15][28681] -> [..136.32.84.139][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] update: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] update: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] @@ -5224,12 +5224,12 @@ update: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] update: [...714] [ip4][..udp] [......10.0.2.15][28681] -> [..76.174.174.69][21358] update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...614] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][60482] update: [...746] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] update: [...606] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][42288] update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...739] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][19814] update: [...587] [ip4][..udp] [......10.0.2.15][28681] -> [.94.134.154.158][54130] update: [...550] [ip4][..udp] [......10.0.2.15][28681] -> [.220.238.145.82][33527] @@ -5246,16 +5246,16 @@ update: [...613] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51920] update: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] update: [...508] [ip4][..udp] [......10.0.2.15][28681] -> [...92.144.99.73][10745] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] update: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] update: [...513] [ip4][..udp] [......10.0.2.15][28681] -> [..78.196.216.12][58910] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] update: [...623] [ip4][..udp] [......10.0.2.15][28681] -> [.210.209.249.84][24751] update: [...629] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][45710] @@ -5269,7 +5269,7 @@ update: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] update: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] update: [...499] [ip4][..udp] [......10.0.2.15][28681] -> [....1.161.80.82][.8656] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] update: [...703] [ip4][..udp] [......10.0.2.15][28681] -> [..114.40.67.191][14971] update: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] @@ -5277,15 +5277,15 @@ update: [...727] [ip4][..udp] [......10.0.2.15][28681] -> [101.136.187.253][10914] update: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...505] [ip4][..udp] [......10.0.2.15][28681] -> [.....42.2.62.28][.6387] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...498] [ip4][..udp] [......10.0.2.15][28681] -> [...8.44.149.207][30551] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] update: [...641] [ip4][..udp] [......10.0.2.15][28681] -> [.36.233.199.103][.2625] update: [...717] [ip4][..udp] [......10.0.2.15][28681] -> [...79.191.58.38][48157] @@ -5307,10 +5307,10 @@ update: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] update: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...735] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][52420] update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] update: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] update: [...747] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6599] @@ -5318,13 +5318,13 @@ update: [...643] [ip4][..udp] [......10.0.2.15][28681] -> [..31.20.248.147][30706] update: [...711] [ip4][..udp] [......10.0.2.15][28681] -> [..220.129.86.65][49723] update: [...504] [ip4][..udp] [......10.0.2.15][28681] -> [..85.203.45.107][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...729] [ip4][..udp] [......10.0.2.15][28681] -> [..114.47.227.91][54463] update: [...732] [ip4][..udp] [......10.0.2.15][28681] -> [..85.168.34.105][39908] update: [...633] [ip4][..udp] [......10.0.2.15][28681] -> [..68.174.18.115][50679] @@ -5340,7 +5340,7 @@ update: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] update: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] update: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] update: [...706] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.1968] @@ -5353,21 +5353,21 @@ update: [...696] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][55050] update: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] update: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...502] [ip4][..udp] [......10.0.2.15][28681] -> [..47.156.58.211][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...507] [ip4][..udp] [......10.0.2.15][28681] -> [...50.4.204.220][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] update: [...662] [ip4][..udp] [......10.0.2.15][28681] -> [..96.59.117.166][33192] update: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...602] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][53658] update: [...589] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][52647] update: [...653] [ip4][..udp] [......10.0.2.15][28681] -> [....82.12.1.136][.6348] @@ -5376,9 +5376,9 @@ update: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] update: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...512] [ip4][..udp] [......10.0.2.15][28681] -> [..209.204.207.5][49256] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] update: [...627] [ip4][..udp] [......10.0.2.15][28681] -> [..73.62.225.181][46843] update: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] @@ -5391,12 +5391,12 @@ update: [...574] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] update: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] update: [...518] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] update: [...659] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10791] update: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...564] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53144] update: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] update: [...647] [ip4][..udp] [......10.0.2.15][28681] -> [..61.18.212.223][58290] @@ -5409,20 +5409,20 @@ update: [...570] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] update: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...500] [ip4][..udp] [......10.0.2.15][28681] -> [.220.143.34.225][20071] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] update: [...514] [ip4][..udp] [......10.0.2.15][28681] -> [..83.114.40.175][23552] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] update: [...517] [ip4][..udp] [......10.0.2.15][28681] -> [..36.239.162.27][.7986] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...519] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.8070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] update: [...726] [ip4][..udp] [......10.0.2.15][28681] -> [....1.171.82.65][50072] update: [...608] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][23461] @@ -5442,16 +5442,16 @@ update: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] update: [...687] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][53454] update: [...510] [ip4][..udp] [......10.0.2.15][28681] -> [...79.94.85.113][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] update: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] update: [...497] [ip4][..udp] [......10.0.2.15][28681] -> [..84.100.76.123][39628] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...515] [ip4][..udp] [......10.0.2.15][28681] -> [220.137.106.173][11625] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] update: [...590] [ip4][..udp] [......10.0.2.15][28681] -> [...95.10.205.67][48380] update: [...605] [ip4][..udp] [......10.0.2.15][28681] -> [180.149.125.139][.6578] @@ -5477,33 +5477,33 @@ detected: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic idle: [...306] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...421] [ip4][..udp] [......10.0.2.15][28681] -> [..175.182.39.11][12977] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...484] [ip4][..udp] [......10.0.2.15][28681] -> [...107.4.56.177][10000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...467] [ip4][..udp] [......10.0.2.15][28681] -> [...61.64.177.53][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...483] [ip4][..udp] [.......10.0.2.2][.1026] -> [......10.0.2.15][28681] idle: [...213] [ip4][..udp] [......10.0.2.15][28681] -> [....5.180.62.37][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...423] [ip4][..udp] [......10.0.2.15][28681] -> [..119.247.6.226][.9713] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...414] [ip4][..udp] [......10.0.2.15][28681] -> [175.181.156.244][.8255] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...113] [ip4][..udp] [......10.0.2.15][28681] -> [105.101.132.146][57746] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...434] [ip4][..udp] [......10.0.2.15][28681] -> [.114.24.182.130][22232] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...377] [ip4][..udp] [......10.0.2.15][28681] -> [.180.200.236.13][12082] update: [...441] [ip4][..udp] [......10.0.2.15][28681] -> [.36.237.199.108][56040] update: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] update: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] update: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] update: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...474] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][45880] update: [...477] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][45640] update: [...444] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] @@ -5516,18 +5516,18 @@ update: [...381] [ip4][..udp] [......10.0.2.15][28681] -> [...77.58.211.52][.3806] update: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] update: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...443] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][54754] update: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...446] [ip4][..udp] [......10.0.2.15][28681] -> [..61.70.199.107][60475] update: [...470] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][46790] update: [...447] [ip4][..udp] [......10.0.2.15][28681] -> [...14.199.10.60][23458] update: [...451] [ip4][..udp] [......10.0.2.15][28681] -> [...218.35.66.21][22234] update: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...384] [ip4][..udp] [......10.0.2.15][28681] -> [....75.64.6.175][.4743] update: [...378] [ip4][..udp] [......10.0.2.15][28681] -> [.118.241.204.61][43366] update: [...456] [ip4][..udp] [......10.0.2.15][28681] -> [.89.241.112.255][14766] @@ -5535,45 +5535,45 @@ update: [...455] [ip4][..udp] [......10.0.2.15][28681] -> [.58.153.206.183][16919] update: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] update: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...460] [ip4][..udp] [......10.0.2.15][28681] -> [.210.194.116.78][.8342] update: [...454] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.121.156][23183] update: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] update: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] update: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...376] [ip4][..udp] [......10.0.2.15][28681] -> [....156.57.42.2][33476] update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] update: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...458] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.228.167][12201] update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...380] [ip4][..udp] [......10.0.2.15][28681] -> [...83.86.49.195][12019] update: [...457] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.240.113][13867] update: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] update: [...452] [ip4][..udp] [......10.0.2.15][28681] -> [..68.227.193.37][27481] update: [...448] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][15677] update: [...459] [ip4][..udp] [......10.0.2.15][28681] -> [...100.89.84.59][11603] update: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] update: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] update: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] @@ -5585,25 +5585,25 @@ update: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] update: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...488] [ip4][..udp] [......10.0.2.15][28681] -> [.183.179.90.112][.9852] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...490] [ip4][..udp] [......10.0.2.15][28681] -> [...90.3.215.132][20356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...489] [ip4][..udp] [......10.0.2.15][28681] -> [...108.44.45.25][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...487] [ip4][..udp] [......10.0.2.15][28681] -> [..24.78.134.188][49046] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...491] [ip4][..udp] [......10.0.2.15][28681] -> [..36.233.42.210][.5512] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...492] [ip4][..udp] [......10.0.2.15][28681] -> [...172.94.41.71][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] update: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...577] [ip4][..udp] [......10.0.2.15][28681] -> [.59.148.100.237][23459] @@ -5620,7 +5620,7 @@ RISK: Unidirectional Traffic idle: [...526] [ip4][..udp] [......10.0.2.15][28681] -> [..36.234.197.93][.1483] idle: [...509] [ip4][..udp] [......10.0.2.15][28681] -> [.92.142.109.190][41370] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...669] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2846] @@ -5637,22 +5637,22 @@ RISK: Unidirectional Traffic idle: [...700] [ip4][..udp] [......10.0.2.15][28681] -> [...91.206.27.26][.6578] idle: [...511] [ip4][..udp] [......10.0.2.15][28681] -> [...68.47.223.27][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...331] [ip4][..udp] [......10.0.2.15][28681] -> [..45.31.152.112][26851] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...361] [ip4][..udp] [......10.0.2.15][28681] -> [..86.129.196.84][.9915] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] [Unknown][Unknown][Unrated] idle: [...450] [ip4][..udp] [......10.0.2.15][28681] -> [113.252.206.254][23458] idle: [...496] [ip4][..udp] [......10.0.2.15][28681] -> [.218.173.230.98][19004] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] [Unknown][Unknown][Unrated] idle: [...592] [ip4][..udp] [......10.0.2.15][28681] -> [....1.36.249.91][.7190] not-detected: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...701] [ip4][..udp] [......10.0.2.15][28681] -> [119.237.190.184][64163] idle: [...495] [ip4][..udp] [......10.0.2.15][28681] -> [...81.247.89.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...493] [ip4][..udp] [......10.0.2.15][57552] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] not-detected: [...479] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.13.148][51896] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -5663,7 +5663,7 @@ not-detected: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] [Unknown][Unknown][Unrated] idle: [...394] [ip4][..udp] [......10.0.2.15][28681] -> [.165.84.134.136][21407] idle: [...254] [ip4][..udp] [......10.0.2.15][28681] -> [..88.120.73.215][24562] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...740] [ip4][..udp] [......10.0.2.15][28681] -> [...36.237.25.47][21293] @@ -5674,7 +5674,7 @@ RISK: Unidirectional Traffic idle: [...621] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3227] idle: [...516] [ip4][..udp] [......10.0.2.15][28681] -> [.119.246.147.72][.4572] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...733] [ip4][..udp] [......10.0.2.15][28681] -> [...99.199.148.6][.4338] @@ -5685,7 +5685,7 @@ RISK: Unidirectional Traffic idle: [...675] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][62191] idle: [...340] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49732] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...738] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3256] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...738] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3256] @@ -5741,7 +5741,7 @@ RISK: Unidirectional Traffic idle: [...635] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.2556] idle: [...332] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...636] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][53143] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...636] [ip4][..udp] [......10.0.2.15][28681] -> [.80.193.171.146][53143] @@ -5775,7 +5775,7 @@ RISK: Unidirectional Traffic idle: [...707] [ip4][..udp] [......10.0.2.15][28681] -> [..183.179.14.31][64871] idle: [...501] [ip4][..udp] [......10.0.2.15][28681] -> [.88.160.214.137][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...476] [ip4][..udp] [......10.0.2.15][28681] -> [..98.18.172.208][63172] @@ -5788,19 +5788,19 @@ RISK: Unidirectional Traffic idle: [...386] [ip4][..udp] [......10.0.2.15][28681] -> [...85.172.10.90][40162] idle: [...344] [ip4][..udp] [......10.0.2.15][28681] -> [.207.38.163.228][.6778] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...506] [ip4][..udp] [......10.0.2.15][28681] -> [..136.32.84.139][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...619] [ip4][..udp] [......10.0.2.15][28681] -> [...1.163.14.246][.1630] idle: [...323] [ip4][..udp] [......10.0.2.15][28681] -> [.96.246.156.126][56070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...691] [ip4][..udp] [......10.0.2.15][28681] -> [..61.93.150.146][62507] idle: [...265] [ip4][..udp] [......10.0.2.15][28681] -> [203.220.198.244][.1194] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...620] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53516] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...620] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53516] @@ -5842,7 +5842,7 @@ RISK: Unidirectional Traffic idle: [...688] [ip4][..udp] [......10.0.2.15][28681] -> [.114.36.234.196][11629] idle: [...260] [ip4][..udp] [......10.0.2.15][28681] -> [.46.128.114.107][.6578] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...670] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52669] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...670] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52669] @@ -5855,7 +5855,7 @@ not-detected: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] [Unknown][Unknown][Unrated] idle: [...721] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][.9897] idle: [...336] [ip4][..udp] [......10.0.2.15][28681] -> [...80.7.252.192][.6888] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...631] [ip4][..udp] [......10.0.2.15][28681] -> [..36.231.59.187][62234] @@ -5872,11 +5872,11 @@ RISK: Unidirectional Traffic idle: [...617] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7380] idle: [...508] [ip4][..udp] [......10.0.2.15][28681] -> [...92.144.99.73][10745] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] [Unknown][Unknown][Unrated] idle: [...582] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][10624] idle: [...513] [ip4][..udp] [......10.0.2.15][28681] -> [..78.196.216.12][58910] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...568] [ip4][..udp] [......10.0.2.15][28681] -> [.123.205.118.77][56562] @@ -5908,7 +5908,7 @@ RISK: Unidirectional Traffic idle: [...600] [ip4][..udp] [......10.0.2.15][28681] -> [....1.64.156.63][60092] idle: [...250] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][26253] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...645] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49803] @@ -5916,7 +5916,7 @@ RISK: Unidirectional Traffic idle: [...661] [ip4][..udp] [......10.0.2.15][28681] -> [...24.127.1.235][37814] idle: [...499] [ip4][..udp] [......10.0.2.15][28681] -> [....1.161.80.82][.8656] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...626] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49815] @@ -5939,9 +5939,9 @@ RISK: Unidirectional Traffic idle: [...521] [ip4][..udp] [......10.0.2.15][28681] -> [.113.255.250.32][23458] idle: [...505] [ip4][..udp] [......10.0.2.15][28681] -> [.....42.2.62.28][.6387] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...494] [ip4][..udp] [......10.0.2.15][28681] -> [...86.210.81.59][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...375] [ip4][..udp] [......10.0.2.15][28681] -> [..73.182.136.42][27873] @@ -5952,9 +5952,9 @@ RISK: Unidirectional Traffic idle: [...453] [ip4][..udp] [......10.0.2.15][28681] -> [..74.127.26.138][.3083] idle: [...498] [ip4][..udp] [......10.0.2.15][28681] -> [...8.44.149.207][30551] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...257] [ip4][..udp] [......10.0.2.15][28681] -> [.82.181.251.218][36368] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...704] [ip4][..udp] [......10.0.2.15][28681] -> [..123.192.83.59][33513] @@ -5998,7 +5998,7 @@ RISK: Unidirectional Traffic idle: [...469] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][47184] idle: [...321] [ip4][..udp] [......10.0.2.15][28681] -> [188.165.203.190][21995] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...665] [ip4][..udp] [......10.0.2.15][28681] -> [..82.36.106.134][.3927] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...665] [ip4][..udp] [......10.0.2.15][28681] -> [..82.36.106.134][.3927] @@ -6015,7 +6015,7 @@ RISK: Unidirectional Traffic idle: [...731] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6564] idle: [...342] [ip4][..udp] [......10.0.2.15][28681] -> [..98.208.26.154][.4994] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...388] [ip4][..udp] [......10.0.2.15][28681] -> [...121.7.145.36][33905] @@ -6029,7 +6029,7 @@ RISK: Unidirectional Traffic idle: [...634] [ip4][..udp] [......10.0.2.15][28681] -> [..24.179.18.242][47329] idle: [...246] [ip4][..udp] [......10.0.2.15][28681] -> [...96.65.68.194][35481] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...527] [ip4][..udp] [......10.0.2.15][28681] -> [..42.72.149.140][37848] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...527] [ip4][..udp] [......10.0.2.15][28681] -> [..42.72.149.140][37848] @@ -6042,7 +6042,7 @@ RISK: Unidirectional Traffic idle: [...563] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6831] idle: [...504] [ip4][..udp] [......10.0.2.15][28681] -> [..85.203.45.107][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...639] [ip4][..udp] [......10.0.2.15][28681] -> [.119.237.116.22][.7849] @@ -6057,7 +6057,7 @@ not-detected: [...607] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.4814] [Unknown][Unknown][Unrated] idle: [...607] [ip4][..udp] [......10.0.2.15][28681] -> [..111.241.31.96][.4814] idle: [...317] [ip4][..udp] [......10.0.2.15][28681] -> [...96.236.205.7][34794] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...705] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.8658] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...705] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][.8658] @@ -6081,7 +6081,7 @@ RISK: Unidirectional Traffic idle: [...724] [ip4][..udp] [......10.0.2.15][28681] -> [...1.65.217.224][.9070] idle: [...261] [ip4][..udp] [......10.0.2.15][28681] -> [..60.241.48.194][21301] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...666] [ip4][..udp] [......10.0.2.15][28681] -> [.159.196.95.223][.2003] @@ -6091,7 +6091,7 @@ not-detected: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] [Unknown][Unknown][Unrated] idle: [...648] [ip4][..udp] [......10.0.2.15][28681] -> [180.218.135.222][.4548] idle: [...313] [ip4][..udp] [......10.0.2.15][28681] -> [..176.99.176.20][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] [Unknown][Unknown][Unrated] idle: [...579] [ip4][..udp] [......10.0.2.15][28681] -> [.223.16.170.108][23458] not-detected: [...677] [ip4][..udp] [......10.0.2.15][28681] -> [....223.16.83.5][.9128] [Unknown][Unknown][Unrated] @@ -6107,14 +6107,14 @@ RISK: Unidirectional Traffic idle: [...725] [ip4][..udp] [......10.0.2.15][28681] -> [..219.91.30.216][61635] idle: [...319] [ip4][..udp] [......10.0.2.15][28681] -> [..164.132.10.25][55302] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] [Unknown][Unknown][Unrated] idle: [...302] [ip4][..udp] [......10.0.2.15][28681] -> [.185.187.74.173][53489] not-detected: [...668] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][64731] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...668] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][64731] idle: [...255] [ip4][..udp] [......10.0.2.15][28681] -> [..80.61.221.246][30577] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...741] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.4364] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...741] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.4364] @@ -6125,9 +6125,9 @@ RISK: Unidirectional Traffic idle: [...585] [ip4][..udp] [......10.0.2.15][28681] -> [..51.68.153.214][35004] idle: [...502] [ip4][..udp] [......10.0.2.15][28681] -> [..47.156.58.211][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...507] [ip4][..udp] [......10.0.2.15][28681] -> [...50.4.204.220][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...686] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][13965] @@ -6152,9 +6152,9 @@ RISK: Unidirectional Traffic idle: [...610] [ip4][..udp] [......10.0.2.15][28681] -> [..61.10.174.159][.4841] idle: [...248] [ip4][..udp] [......10.0.2.15][28681] -> [..66.30.221.181][12012] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...512] [ip4][..udp] [......10.0.2.15][28681] -> [..209.204.207.5][49256] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...734] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.91.201][.4297] @@ -6186,7 +6186,7 @@ RISK: Unidirectional Traffic idle: [...678] [ip4][..udp] [......10.0.2.15][28681] -> [150.116.225.105][51438] idle: [...518] [ip4][..udp] [......10.0.2.15][28681] -> [..202.151.63.59][.7624] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...715] [ip4][..udp] [......10.0.2.15][28681] -> [...219.71.72.88][58808] @@ -6218,7 +6218,7 @@ RISK: Unidirectional Traffic idle: [...657] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53195] idle: [...364] [ip4][..udp] [......10.0.2.15][28681] -> [194.163.180.126][10825] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...576] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][42925] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...576] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][42925] @@ -6228,24 +6228,24 @@ RISK: Unidirectional Traffic idle: [...680] [ip4][..udp] [......10.0.2.15][28681] -> [.61.227.198.100][.6910] idle: [...500] [ip4][..udp] [......10.0.2.15][28681] -> [.220.143.34.225][20071] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...566] [ip4][..udp] [......10.0.2.15][28681] -> [...58.176.62.40][52755] idle: [...514] [ip4][..udp] [......10.0.2.15][28681] -> [..83.114.40.175][23552] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...599] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][59875] idle: [...517] [ip4][..udp] [......10.0.2.15][28681] -> [..36.239.162.27][.7986] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...519] [ip4][..udp] [......10.0.2.15][28681] -> [...219.70.48.23][.8070] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...601] [ip4][..udp] [......10.0.2.15][28681] -> [113.255.200.161][65274] idle: [...253] [ip4][..udp] [......10.0.2.15][28681] -> [.193.37.255.130][61616] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] [Unknown][Unknown][Unrated] idle: [...638] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.242.225][15068] not-detected: [...463] [ip4][..udp] [......10.0.2.15][28681] -> [..200.7.155.210][28365] [Unknown][Unknown][Unrated] @@ -6274,7 +6274,7 @@ RISK: Unidirectional Traffic idle: [...580] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] idle: [...339] [ip4][..udp] [......10.0.2.15][28681] -> [..87.123.54.234][54130] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...624] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57492] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...624] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57492] @@ -6287,7 +6287,7 @@ not-detected: [...743] [ip4][..udp] [......10.0.2.15][28681] -> [...27.94.154.53][.6346] [Unknown][Unknown][Unrated] idle: [...743] [ip4][..udp] [......10.0.2.15][28681] -> [...27.94.154.53][.6346] idle: [...316] [ip4][..udp] [......10.0.2.15][28681] -> [....94.54.66.82][63637] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...730] [ip4][..udp] [......10.0.2.15][28681] -> [124.217.188.105][62849] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...730] [ip4][..udp] [......10.0.2.15][28681] -> [124.217.188.105][62849] @@ -6304,14 +6304,14 @@ RISK: Unidirectional Traffic idle: [...445] [ip4][..udp] [......10.0.2.15][28681] -> [118.165.153.100][.4509] idle: [...262] [ip4][..udp] [......10.0.2.15][28681] -> [....89.75.52.19][46010] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...510] [ip4][..udp] [......10.0.2.15][28681] -> [...79.94.85.113][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...652] [ip4][..udp] [......10.0.2.15][28681] -> [..94.139.21.182][50110] idle: [...497] [ip4][..udp] [......10.0.2.15][28681] -> [..84.100.76.123][39628] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] [Unknown][Unknown][Unrated] idle: [...569] [ip4][..udp] [......10.0.2.15][28681] -> [....73.89.249.8][50649] not-detected: [...393] [ip4][..udp] [......10.0.2.15][28681] -> [.58.115.158.103][.5110] [Unknown][Unknown][Unrated] @@ -6320,7 +6320,7 @@ not-detected: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] [Unknown][Unknown][Unrated] idle: [...464] [ip4][..udp] [......10.0.2.15][28681] -> [...101.128.66.8][34512] idle: [...515] [ip4][..udp] [......10.0.2.15][28681] -> [220.137.106.173][11625] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...522] [ip4][..udp] [......10.0.2.15][28681] -> [119.247.152.218][51153] @@ -6371,7 +6371,7 @@ not-detected: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] [Unknown][Unknown][Unrated] idle: [...379] [ip4][..udp] [......10.0.2.15][28681] -> [..80.140.63.147][29545] idle: [...367] [ip4][..udp] [......10.0.2.15][28681] -> [.149.28.163.175][49956] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...719] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Unknown][Unknown][Unrated] idle: [...719] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] not-detected: [...442] [ip4][..udp] [......10.0.2.15][28681] -> [..89.204.130.55][29545] [Unknown][Unknown][Unrated] @@ -6389,29 +6389,29 @@ idle: [...693] [ip4][..udp] [......10.0.2.15][28681] -> [.98.215.130.156][12405] update: [...544] [ip4][..udp] [......10.0.2.15][28681] -> [..111.184.29.35][30582] update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...533] [ip4][..udp] [......10.0.2.15][28681] -> [..36.229.185.60][.6898] update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...553] [ip4][..udp] [......10.0.2.15][28681] -> [182.155.128.228][.3259] update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [.....8] [ip4][....2] [......10.0.2.15] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [...546] [ip4][..udp] [......10.0.2.15][28681] -> [.38.142.119.234][49867] update: [...531] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51497] @@ -6419,130 +6419,130 @@ update: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...562] [ip4][..udp] [......10.0.2.15][28681] -> [112.119.242.110][59879] update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...542] [ip4][..udp] [......10.0.2.15][28681] -> [..218.103.139.2][51675] update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...551] [ip4][..udp] [......10.0.2.15][28681] -> [..92.24.129.230][14766] update: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] update: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...536] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.222.160][56121] update: [...558] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][.6466] update: [...556] [ip4][..udp] [......10.0.2.15][28681] -> [...59.104.173.5][49787] update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...560] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][53883] update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...559] [ip4][..udp] [......10.0.2.15][28681] -> [.113.252.86.162][55080] update: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...529] [ip4][..udp] [......10.0.2.15][28681] -> [116.241.162.162][57929] update: [...539] [ip4][..udp] [......10.0.2.15][28681] -> [.119.14.143.237][.7510] update: [...545] [ip4][..udp] [......10.0.2.15][28681] -> [..116.49.159.77][55915] update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...663] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.163][.6594] update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...554] [ip4][..udp] [......10.0.2.15][28681] -> [.123.203.72.224][55577] update: [...528] [ip4][..udp] [......10.0.2.15][28681] -> [..118.168.15.71][58442] update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] update: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...532] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10677] update: [...695] [ip4][..udp] [......10.0.2.15][28681] -> [..76.189.72.230][.8161] update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...552] [ip4][..udp] [......10.0.2.15][28681] -> [...218.250.6.59][60012] update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...543] [ip4][..udp] [......10.0.2.15][28681] -> [..114.39.159.60][56896] update: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...557] [ip4][..udp] [......10.0.2.15][28681] -> [..61.222.160.99][53163] update: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...561] [ip4][..udp] [......10.0.2.15][28681] -> [.61.238.173.128][57466] update: [...763] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...541] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][11141] update: [...547] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][43316] update: [...530] [ip4][..udp] [......10.0.2.15][28681] -> [118.167.248.220][59304] update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...540] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52131] update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...765] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] new: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] new: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] @@ -6566,24 +6566,24 @@ RISK: Unidirectional Traffic new: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] idle: [....88] [ip4][..udp] [......10.0.2.15][28681] -> [.....81.50.24.2][17874] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...159] [ip4][..udp] [......10.0.2.15][28681] -> [176.163.231.160][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...124] [ip4][..udp] [......10.0.2.15][28681] -> [...170.254.19.6][24180] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...161] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...785] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] detected: [...785] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -6642,7 +6642,7 @@ RISK: Unidirectional Traffic idle: [...555] [ip4][..udp] [......10.0.2.15][28681] -> [..124.218.26.16][20387] idle: [...259] [ip4][..udp] [......10.0.2.15][28681] -> [103.232.107.100][43508] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...538] [ip4][..udp] [......10.0.2.15][28681] -> [.124.218.41.253][14339] @@ -6683,7 +6683,7 @@ RISK: Unidirectional Traffic idle: [...537] [ip4][..udp] [......10.0.2.15][28681] -> [218.164.200.235][.2034] idle: [...753] [ip4][..udp] [......10.0.2.15][28681] -> [..165.84.140.96][14400] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...535] [ip4][..udp] [......10.0.2.15][28681] -> [...114.27.24.95][10655] @@ -6719,130 +6719,129 @@ idle: [...540] [ip4][..udp] [......10.0.2.15][28681] -> [..36.236.203.37][52131] update: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] update: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] detected: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...783] [ip4][.icmp] [.65.182.231.232] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...763] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...754] [ip4][..udp] [......10.0.2.15][28681] -> [..84.125.218.84][17561] idle: [....98] [ip4][..udp] [......10.0.2.15][28681] -> [.203.222.14.170][23332] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] [Unknown][Unknown][Unrated] idle: [...573] [ip4][..udp] [......10.0.2.15][28681] -> [..71.239.173.18][23327] not-detected: [...383] [ip4][..udp] [......10.0.2.15][28681] -> [...84.71.243.60][34498] [Unknown][Unknown][Unrated] @@ -6856,42 +6855,42 @@ update: [...768] [ip4][..udp] [......10.0.2.15][28681] -> [.14.200.255.229][37058] update: [...765] [ip4][..udp] [......10.0.2.15][28681] -> [213.229.111.224][.4876] update: [...787] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...793] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] update: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] update: [...792] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...771] [ip4][..udp] [......10.0.2.15][28681] -> [...202.27.193.6][.6346] update: [...786] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] update: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] update: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...769] [ip4][..udp] [......10.0.2.15][28681] -> [.123.110.61.169][11973] update: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] update: [...788] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...789] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...772] [ip4][..udp] [......10.0.2.15][28681] -> [.73.192.231.237][.9676] update: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] update: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...790] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] update: [...785] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] update: [...791] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol new: [...795] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] detected: [...795] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic @@ -6902,130 +6901,128 @@ detected: [...797] [ip4][.icmp] [...154.3.42.209] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...195] [ip4][..udp] [......10.0.2.15][28681] -> [.177.231.151.16][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...191] [ip4][..udp] [......10.0.2.15][28681] -> [.190.153.143.54][65535] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...200] [ip4][..udp] [......10.0.2.15][28681] -> [.138.199.16.123][52993] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...400] [ip4][..udp] [......10.0.2.15][28681] -> [..129.45.47.167][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...794] [ip4][..udp] [......10.0.2.15][50214] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...783] [ip4][.icmp] [.65.182.231.232] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...759] [ip4][..udp] [......10.0.2.15][28681] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...757] [ip4][..udp] [......10.0.2.15][28681] -> [.104.156.226.72][53258] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...760] [ip4][..udp] [......10.0.2.15][..138] -> [.....10.0.2.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol update: [...763] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...758] [ip4][..udp] [......10.0.2.15][50213] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...797] [ip4][.icmp] [...154.3.42.209] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] detected: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [...799] [ip6][..udp] [..............fe80::c50d:519f:96a4:e108][63958] -> [................................ff02::c][.3702] @@ -7040,21 +7037,21 @@ RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [......10.0.2.15][50212] -> [...95.17.124.40][.6776] idle: [...750] [ip4][..udp] [......10.0.2.15][28681] -> [....67.193.8.52][38584] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...752] [ip4][..udp] [......10.0.2.15][28681] -> [...78.231.73.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...128] [ip4][..udp] [......10.0.2.15][28681] -> [..77.141.219.27][37580] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...166] [ip4][..udp] [......10.0.2.15][28681] -> [..90.59.253.186][15555] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...777] [ip4][..udp] [......10.0.2.15][28681] -> [.124.244.211.43][23459] [Unknown][Unknown][Unrated] idle: [...777] [ip4][..udp] [......10.0.2.15][28681] -> [.124.244.211.43][23459] idle: [...184] [ip4][..udp] [......10.0.2.15][28681] -> [..86.239.62.213][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...183] [ip4][..udp] [......10.0.2.15][28681] -> [..91.172.15.182][37829] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...114] [ip4][..udp] [......10.0.2.15][28681] -> [....86.23.75.69][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...245] [ip4][..tcp] [......10.0.2.15][50289] -> [.74.195.236.249][18557] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...245] [ip4][..tcp] [......10.0.2.15][50289] -> [.74.195.236.249][18557] @@ -7070,7 +7067,7 @@ not-detected: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] [Unknown][Unknown][Unrated] idle: [...767] [ip4][..udp] [......10.0.2.15][28681] -> [....45.65.87.24][16201] idle: [...352] [ip4][..udp] [......10.0.2.15][28681] -> [.176.191.49.159][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....72] [ip4][..tcp] [......10.0.2.15][50231] -> [..76.68.138.207][45079] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....72] [ip4][..tcp] [......10.0.2.15][50231] -> [..76.68.138.207][45079] @@ -7078,7 +7075,7 @@ RISK: Unidirectional Traffic idle: [...228] [ip4][..tcp] [......10.0.2.15][50274] -> [..68.174.18.115][50679] idle: [...219] [ip4][..udp] [......10.0.2.15][28681] -> [...76.30.86.144][53821] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...778] [ip4][..udp] [......10.0.2.15][28681] -> [.122.117.100.78][.9010] @@ -7104,7 +7101,7 @@ RISK: Unsafe Protocol idle: [...798] [ip4][..udp] [......10.0.2.15][63962] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...118] [ip4][..udp] [......10.0.2.15][28681] -> [...5.180.62.100][46385] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....74] [ip4][..tcp] [......10.0.2.15][50233] -> [...1.163.14.246][12854] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....74] [ip4][..tcp] [......10.0.2.15][50233] -> [...1.163.14.246][12854] @@ -7112,20 +7109,20 @@ RISK: Unidirectional Traffic idle: [...152] [ip4][..tcp] [......10.0.2.15][50265] -> [.113.255.250.32][52647] idle: [...796] [ip4][..udp] [......10.0.2.15][28681] -> [..41.249.63.200][22582] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...787] [ip4][..udp] [......10.0.2.15][28681] -> [220.133.122.217][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...233] [ip4][..tcp] [......10.0.2.15][50279] -> [.113.252.91.201][.4297] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...233] [ip4][..tcp] [......10.0.2.15][50279] -> [.113.252.91.201][.4297] idle: [...117] [ip4][..udp] [......10.0.2.15][28681] -> [200.120.243.143][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...793] [ip4][..udp] [......10.0.2.15][28681] -> [123.205.126.102][.5193] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...172] [ip4][..udp] [......10.0.2.15][28681] -> [..87.69.142.133][15471] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...748] [ip4][..udp] [......10.0.2.15][28681] -> [.....92.8.59.80][35192] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...801] [ip6][icmp6] [..............fe80::c50d:519f:96a4:e108] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] not-detected: [...123] [ip4][..tcp] [......10.0.2.15][50254] -> [..24.78.134.188][49046] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -7140,7 +7137,7 @@ RISK: Unidirectional Traffic idle: [....59] [ip4][..tcp] [......10.0.2.15][50218] -> [..90.103.247.94][59045] idle: [...111] [ip4][..udp] [......10.0.2.15][28681] -> [..90.65.141.157][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....49] [ip4][..tcp] [......10.0.2.15][50209] -> [113.252.206.254][49587] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....49] [ip4][..tcp] [......10.0.2.15][50209] -> [113.252.206.254][49587] @@ -7148,20 +7145,20 @@ RISK: Unidirectional Traffic idle: [....65] [ip4][..tcp] [......10.0.2.15][50224] -> [...78.125.63.97][.6346] idle: [...187] [ip4][..udp] [......10.0.2.15][28681] -> [....92.88.92.56][21009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...190] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.195.227][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...139] [ip4][..udp] [......10.0.2.15][28681] -> [165.169.226.142][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....68] [ip4][..tcp] [......10.0.2.15][50227] -> [.111.246.157.94][51175] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....68] [ip4][..tcp] [......10.0.2.15][50227] -> [.111.246.157.94][51175] idle: [...141] [ip4][..udp] [......10.0.2.15][28681] -> [..172.97.199.14][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...751] [ip4][..udp] [......10.0.2.15][28681] -> [142.115.218.152][.5900] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...126] [ip4][..udp] [......10.0.2.15][28681] -> [..91.69.159.133][28000] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....56] [ip4][..tcp] [......10.0.2.15][50215] -> [.124.244.64.237][.4704] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....56] [ip4][..tcp] [......10.0.2.15][50215] -> [.124.244.64.237][.4704] @@ -7169,9 +7166,9 @@ RISK: Unidirectional Traffic idle: [....71] [ip4][..tcp] [......10.0.2.15][50230] -> [....73.3.103.37][17296] idle: [...503] [ip4][..udp] [......10.0.2.15][28681] -> [..74.210.244.72][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....85] [ip4][..udp] [......10.0.2.15][28681] -> [..85.138.20.110][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...244] [ip4][..tcp] [......10.0.2.15][50288] -> [...76.119.55.28][20347] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...244] [ip4][..tcp] [......10.0.2.15][50288] -> [...76.119.55.28][20347] @@ -7179,7 +7176,7 @@ RISK: Unidirectional Traffic idle: [....47] [ip4][..tcp] [......10.0.2.15][50207] -> [..90.78.171.204][.6346] idle: [...180] [ip4][..udp] [......10.0.2.15][28681] -> [...66.131.24.72][30711] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...281] [ip4][..tcp] [......10.0.2.15][50305] -> [....94.54.66.82][63637] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...281] [ip4][..tcp] [......10.0.2.15][50305] -> [....94.54.66.82][63637] @@ -7193,9 +7190,8 @@ RISK: Unidirectional Traffic idle: [...266] [ip4][..tcp] [......10.0.2.15][50290] -> [....73.89.249.8][50649] idle: [...797] [ip4][.icmp] [...154.3.42.209] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [......10.0.2.15][28681] -> [.193.250.99.158][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....78] [ip4][..tcp] [......10.0.2.15][50237] -> [.88.123.202.175][37910] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....78] [ip4][..tcp] [......10.0.2.15][50237] -> [.88.123.202.175][37910] @@ -7203,7 +7199,7 @@ RISK: Unidirectional Traffic idle: [...151] [ip4][..tcp] [......10.0.2.15][50264] -> [...95.10.205.67][48380] idle: [...764] [ip4][..udp] [......10.0.2.15][28681] -> [.208.92.106.151][32476] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....89] [ip4][..tcp] [......10.0.2.15][50244] -> [..188.61.52.183][63978] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....89] [ip4][..tcp] [......10.0.2.15][50244] -> [..188.61.52.183][63978] @@ -7214,11 +7210,11 @@ RISK: Unidirectional Traffic idle: [...784] [ip4][..udp] [......10.0.2.15][28681] -> [..23.19.141.110][.6346] idle: [...749] [ip4][..udp] [......10.0.2.15][28681] -> [...78.159.27.22][17563] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...156] [ip4][..udp] [......10.0.2.15][28681] -> [..86.244.228.86][10131] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...176] [ip4][..udp] [......10.0.2.15][28681] -> [....41.99.164.4][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...774] [ip4][..udp] [......10.0.2.15][28681] -> [..50.58.238.149][.6599] @@ -7229,19 +7225,19 @@ RISK: Unidirectional Traffic idle: [....84] [ip4][..tcp] [......10.0.2.15][50243] -> [176.138.129.252][27962] idle: [...792] [ip4][..udp] [......10.0.2.15][28681] -> [.36.239.213.146][21750] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...157] [ip4][..udp] [......10.0.2.15][28681] -> [.86.227.162.150][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...142] [ip4][..tcp] [......10.0.2.15][50255] -> [..36.236.203.37][52165] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...142] [ip4][..tcp] [......10.0.2.15][50255] -> [..36.236.203.37][52165] idle: [...209] [ip4][..udp] [......10.0.2.15][28681] -> [..91.179.98.234][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...241] [ip4][..tcp] [......10.0.2.15][50287] -> [.98.215.130.156][12405] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...241] [ip4][..tcp] [......10.0.2.15][50287] -> [.98.215.130.156][12405] idle: [...116] [ip4][..udp] [......10.0.2.15][28681] -> [.124.44.190.145][10170] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...236] [ip4][..tcp] [......10.0.2.15][50282] -> [..221.124.66.33][13060] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...236] [ip4][..tcp] [......10.0.2.15][50282] -> [..221.124.66.33][13060] @@ -7255,7 +7251,7 @@ RISK: Unidirectional Traffic idle: [...224] [ip4][..tcp] [......10.0.2.15][50270] -> [...114.27.24.95][11427] idle: [...485] [ip4][..udp] [......10.0.2.15][28681] -> [...154.3.42.209][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...145] [ip4][..tcp] [......10.0.2.15][50258] -> [122.100.216.210][.7097] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...145] [ip4][..tcp] [......10.0.2.15][50258] -> [122.100.216.210][.7097] @@ -7278,27 +7274,27 @@ RISK: Unidirectional Traffic idle: [...234] [ip4][..tcp] [......10.0.2.15][50280] -> [...99.199.148.6][.4338] idle: [...133] [ip4][..udp] [......10.0.2.15][28681] -> [.91.175.220.161][15721] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...167] [ip4][..udp] [......10.0.2.15][28681] -> [..93.29.107.176][20363] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...171] [ip4][..udp] [......10.0.2.15][28681] -> [196.217.132.111][25394] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...229] [ip4][..tcp] [......10.0.2.15][50275] -> [.122.117.100.78][.9010] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...229] [ip4][..tcp] [......10.0.2.15][50275] -> [.122.117.100.78][.9010] idle: [...786] [ip4][..udp] [......10.0.2.15][28681] -> [....114.38.9.82][24223] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] [Unknown][Unknown][Unrated] idle: [...781] [ip4][..udp] [......10.0.2.15][28681] -> [...112.105.52.2][23458] not-detected: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...782] [ip4][..udp] [......10.0.2.15][28681] -> [.65.182.231.232][.7890] idle: [...160] [ip4][..udp] [......10.0.2.15][28681] -> [...83.150.49.35][32448] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...486] [ip4][..udp] [......10.0.2.15][28681] -> [...88.68.45.203][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...185] [ip4][..udp] [......10.0.2.15][28681] -> [.109.132.196.58][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....39] [ip4][..tcp] [......10.0.2.15][50200] -> [176.128.217.128][45194] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....39] [ip4][..tcp] [......10.0.2.15][50200] -> [176.128.217.128][45194] @@ -7309,7 +7305,7 @@ RISK: Unidirectional Traffic idle: [....53] [ip4][..tcp] [......10.0.2.15][50213] -> [...85.117.153.7][50138] idle: [...762] [ip4][..udp] [......10.0.2.15][28681] -> [...86.75.43.182][43502] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....82] [ip4][..tcp] [......10.0.2.15][50241] -> [..98.18.172.208][63172] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....82] [ip4][..tcp] [......10.0.2.15][50241] -> [..98.18.172.208][63172] @@ -7319,11 +7315,11 @@ not-detected: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] [Unknown][Unknown][Unrated] idle: [...775] [ip4][..udp] [......10.0.2.15][28681] -> [..223.17.132.18][23458] idle: [...130] [ip4][..udp] [......10.0.2.15][28681] -> [..119.224.95.97][46356] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...129] [ip4][..udp] [......10.0.2.15][28681] -> [.176.138.50.179][29411] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...788] [ip4][..udp] [......10.0.2.15][28681] -> [.220.134.167.82][.5820] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....79] [ip4][..tcp] [......10.0.2.15][50238] -> [.124.218.41.253][59144] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....79] [ip4][..tcp] [......10.0.2.15][50238] -> [.124.218.41.253][59144] @@ -7334,9 +7330,9 @@ RISK: Unidirectional Traffic idle: [....70] [ip4][..tcp] [......10.0.2.15][50229] -> [....1.36.249.91][64920] idle: [...789] [ip4][..udp] [......10.0.2.15][28681] -> [..42.98.115.128][23458] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...795] [ip4][..udp] [......10.0.2.15][28681] -> [..213.120.26.86][29946] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....33] [ip4][..tcp] [......10.0.2.15][50195] -> [162.157.143.201][29762] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....33] [ip4][..tcp] [......10.0.2.15][50195] -> [162.157.143.201][29762] @@ -7344,12 +7340,12 @@ RISK: Unidirectional Traffic idle: [....91] [ip4][..tcp] [......10.0.2.15][50246] -> [...80.7.252.192][45685] idle: [...755] [ip4][..udp] [......10.0.2.15][28681] -> [..83.134.107.32][38836] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....50] [ip4][..tcp] [......10.0.2.15][50210] -> [..36.234.18.166][61404] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....50] [ip4][..tcp] [......10.0.2.15][50210] -> [..36.234.18.166][61404] idle: [...137] [ip4][..udp] [......10.0.2.15][28681] -> [...82.65.70.197][21693] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....45] [ip4][..tcp] [......10.0.2.15][50205] -> [.114.46.139.171][52120] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....45] [ip4][..tcp] [......10.0.2.15][50205] -> [.114.46.139.171][52120] @@ -7357,16 +7353,15 @@ RISK: Unidirectional Traffic idle: [...772] [ip4][..udp] [......10.0.2.15][28681] -> [.73.192.231.237][.9676] idle: [...109] [ip4][..udp] [......10.0.2.15][28681] -> [...88.169.2.153][52414] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...140] [ip4][..udp] [......10.0.2.15][28681] -> [.77.197.111.186][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] [Unknown][Unknown][Unrated] idle: [...770] [ip4][..udp] [......10.0.2.15][28681] -> [..97.83.183.148][.8890] not-detected: [...235] [ip4][..tcp] [......10.0.2.15][50281] -> [.94.134.154.158][54130] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...235] [ip4][..tcp] [......10.0.2.15][50281] -> [.94.134.154.158][54130] idle: [...783] [ip4][.icmp] [.65.182.231.232] -> [......10.0.2.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [....60] [ip4][..tcp] [......10.0.2.15][50219] -> [.193.121.165.12][55376] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....60] [ip4][..tcp] [......10.0.2.15][50219] -> [.193.121.165.12][55376] @@ -7375,11 +7370,11 @@ idle: [...334] [ip4][..tcp] [......10.0.2.15][50328] -> [..189.147.72.83][26108] [HTTP.Gnutella][Unknown][Media][Potentially Dangerous] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unsafe Protocol idle: [...175] [ip4][..udp] [......10.0.2.15][28681] -> [...115.69.62.99][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...756] [ip4][..udp] [......10.0.2.15][28681] -> [..41.100.68.255][12838] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...790] [ip4][..udp] [......10.0.2.15][28681] -> [.218.164.39.233][20855] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....80] [ip4][..tcp] [......10.0.2.15][50239] -> [...112.105.52.2][.6384] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....80] [ip4][..tcp] [......10.0.2.15][50239] -> [...112.105.52.2][.6384] @@ -7390,7 +7385,7 @@ RISK: Unidirectional Traffic idle: [...766] [ip4][..udp] [......10.0.2.15][28681] -> [...76.119.55.28][20347] idle: [...763] [ip4][..udp] [......10.0.2.15][28681] -> [.85.170.209.214][46210] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol end: [...288] [ip4][..tcp] [......10.0.2.15][50312] -> [104.238.172.250][23548] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol not-detected: [...120] [ip4][..tcp] [......10.0.2.15][50251] -> [...24.127.1.235][37814] [Unknown][Unknown][Unrated] @@ -7409,12 +7404,12 @@ RISK: Unidirectional Traffic idle: [....58] [ip4][..tcp] [......10.0.2.15][50217] -> [.113.252.86.162][54958] idle: [...158] [ip4][..udp] [......10.0.2.15][28681] -> [.118.166.226.70][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....32] [ip4][..tcp] [......10.0.2.15][50194] -> [..92.152.66.153][43771] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....32] [ip4][..tcp] [......10.0.2.15][50194] -> [..92.152.66.153][43771] idle: [....87] [ip4][..udp] [......10.0.2.15][28681] -> [..92.131.85.245][31743] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....83] [ip4][..tcp] [......10.0.2.15][50242] -> [109.210.203.131][.6346] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....83] [ip4][..tcp] [......10.0.2.15][50242] -> [109.210.203.131][.6346] @@ -7428,12 +7423,12 @@ RISK: Unidirectional Traffic idle: [....62] [ip4][..tcp] [......10.0.2.15][50221] -> [...59.104.173.5][49956] idle: [...785] [ip4][..udp] [......10.0.2.15][28681] -> [.176.134.139.39][.6346] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...780] [ip4][..udp] [......10.0.2.15][28681] -> [...68.66.94.132][17735] idle: [...761] [ip4][..udp] [......10.0.2.15][28681] -> [..195.132.75.56][56009] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol not-detected: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....55] [ip4][..tcp] [......10.0.2.15][50214] -> [.80.193.171.146][53808] @@ -7441,11 +7436,11 @@ RISK: Unidirectional Traffic idle: [...231] [ip4][..tcp] [......10.0.2.15][50277] -> [.82.181.251.218][36368] idle: [...791] [ip4][..udp] [......10.0.2.15][28681] -> [...219.85.11.85][10722] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol end: [....94] [ip4][..tcp] [......10.0.2.15][50249] -> [.86.208.180.181][45883] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol idle: [...312] [ip4][..udp] [......10.0.2.15][28681] -> [..24.167.201.53][47282] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [...138] [ip4][..udp] [......10.0.2.15][28681] -> [167.114.170.156][23844] [Gnutella][Unknown][Download][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/googledns_android10.pcap.out b/test/results/flow-info/default/googledns_android10.pcap.out index 5ca35196f..04d5a33a4 100644 --- a/test/results/flow-info/default/googledns_android10.pcap.out +++ b/test/results/flow-info/default/googledns_android10.pcap.out @@ -38,7 +38,6 @@ RISK: Unidirectional Traffic new: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968] [MIDSTREAM] update: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable] - RISK: Unidirectional Traffic new: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] detected: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google] RISK: TLS (probably) Not Carrying HTTPS @@ -55,13 +54,13 @@ [PKTLENS.....: 60,60,52,569,52,199,52,103,52,211,52,551,52,211,52,551,52,211,52,551,52,211,52,551,52,211,52,211,551,52,52,551] [ENTROPIES...: 4.2,4.9,4.8,6.2,4.7,6.1,4.8,5.5,4.8,6.8,4.7,7.5,4.8,6.8,4.8,7.5,4.8,6.7,4.9,7.6,4.9,6.7,4.8,7.6,4.9,6.8,4.9,6.8,7.6,4.9,4.9,7.6] update: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [.....1] [ip4][..tcp] [........8.8.8.8][..853] -> [..192.168.1.159][55856] [DoH_DoT][Google][Network][Acceptable] end: [.....1] [ip4][..tcp] [........8.8.8.8][..853] -> [..192.168.1.159][55856] - end: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] - end: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] + end: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + end: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS guessed: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968] [DoH_DoT][Google][Network][Acceptable] end: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968] end: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable] diff --git a/test/results/flow-info/default/gquic.pcap.out b/test/results/flow-info/default/gquic.pcap.out index 525031ca0..8c61989f4 100644 --- a/test/results/flow-info/default/gquic.pcap.out +++ b/test/results/flow-info/default/gquic.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.....10.44.5.25][61097] -> [.216.58.213.163][..443] [QUIC.Google][Google][Web][Acceptable][www.gstatic.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....10.44.5.25][61097] -> [.216.58.213.163][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/gtp_c.pcap.out b/test/results/flow-info/default/gtp_c.pcap.out index 2f93d97d5..e49bf6b55 100644 --- a/test/results/flow-info/default/gtp_c.pcap.out +++ b/test/results/flow-info/default/gtp_c.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.....10.101.0.2][.1024] -> [.....10.102.0.2][.2123] [GTP.GTP_C][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....10.101.0.2][.1024] -> [.....10.102.0.2][.2123] [GTP.GTP_C][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/haproxy.pcap.out b/test/results/flow-info/default/haproxy.pcap.out index 595488b23..7c4ba3a1b 100644 --- a/test/results/flow-info/default/haproxy.pcap.out +++ b/test/results/flow-info/default/haproxy.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..tcp] [........1.1.1.1][48502] -> [........2.2.2.2][..443] [HAProxy][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [........1.1.1.1][48502] -> [........2.2.2.2][..443] [HAProxy][Unknown][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/hots.pcapng.out b/test/results/flow-info/default/hots.pcapng.out index 4182e54fe..e0f542ecc 100644 --- a/test/results/flow-info/default/hots.pcapng.out +++ b/test/results/flow-info/default/hots.pcapng.out @@ -15,14 +15,12 @@ [PKTLENS.....: 52,48,52,52,52,52,48,52,48,52,52,52,48,52,60,60,60,48,60,60,60,60,60,60,60,60,48,60,60,60,48,60] [ENTROPIES...: 4.9,4.8,4.8,4.9,4.9,4.9,4.8,4.9,4.8,4.9,4.9,4.9,4.8,4.9,4.4,4.4,4.4,3.7,4.4,4.4,4.3,4.4,4.2,4.3,4.3,4.4,3.7,4.4,4.4,4.4,3.7,4.4] update: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] detected: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...192.168.0.73][54598] -> [...24.105.56.13][.3724] [Heroes_of_the_Storm][Starcraft][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] @@ -39,7 +37,5 @@ [PKTLENS.....: 111,111,48,132,132,103,103,121,121,103,109,109,103,48,150,109,109,48,109,48,150,150,146,48,129,48,138,138,121,48,123,109] [ENTROPIES...: 5.7,5.7,3.7,6.0,6.0,5.4,5.4,5.9,5.9,5.6,5.7,5.7,5.5,3.7,6.2,5.8,5.8,3.7,5.7,3.7,6.3,6.3,6.3,3.7,6.0,3.7,6.0,6.1,5.9,3.7,6.0,5.7] idle: [.....2] [ip4][..udp] [..24.105.57.183][.1119] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...24.105.57.16][.3724] -> [...192.168.0.73][50609] [Heroes_of_the_Storm][Starcraft][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http2.pcapng.out b/test/results/flow-info/default/http2.pcapng.out index 8acabfdaa..657012793 100644 --- a/test/results/flow-info/default/http2.pcapng.out +++ b/test/results/flow-info/default/http2.pcapng.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..tcp] [......127.0.0.1][37824] -> [......127.0.0.1][29518] [HTTP2][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [......127.0.0.1][37824] -> [......127.0.0.1][29518] [HTTP2][Unknown][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http_asymmetric.pcapng.out b/test/results/flow-info/default/http_asymmetric.pcapng.out index 7d4d35a73..48745d716 100644 --- a/test/results/flow-info/default/http_asymmetric.pcapng.out +++ b/test/results/flow-info/default/http_asymmetric.pcapng.out @@ -7,7 +7,10 @@ RISK: Unidirectional Traffic detected: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Unidirectional Traffic + detection-update: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] + RISK: HTTP Susp User-Agent, Error Code, Unidirectional Traffic end: [.....2] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Susp User-Agent, Error Code, Unidirectional Traffic - end: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] + end: [.....1] [ip4][..tcp] [....192.168.0.1][.1044] -> [.....10.10.10.1][...80] [HTTP][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http_auth.pcap.out b/test/results/flow-info/default/http_auth.pcap.out index eca48ae82..44edac12f 100644 --- a/test/results/flow-info/default/http_auth.pcap.out +++ b/test/results/flow-info/default/http_auth.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..tcp] [....192.168.0.4][54337] -> [192.254.189.169][...80] detected: [.....1] [ip4][..tcp] [....192.168.0.4][54337] -> [192.254.189.169][...80] [HTTP][Unknown][Web][Acceptable][browserspy.dk] RISK: Clear-Text Credentials + detection-update: [.....1] [ip4][..tcp] [....192.168.0.4][54337] -> [192.254.189.169][...80] [HTTP][Unknown][Web][Acceptable][browserspy.dk] + RISK: Clear-Text Credentials, Error Code analyse: [.....1] [ip4][..tcp] [....192.168.0.4][54337] -> [192.254.189.169][...80] [HTTP][Unknown][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 4.862| 0.405| 1.194| 1424465.723| 2.200] diff --git a/test/results/flow-info/default/http_ipv6.pcap.out b/test/results/flow-info/default/http_ipv6.pcap.out index 1b3d38d13..dded35988 100644 --- a/test/results/flow-info/default/http_ipv6.pcap.out +++ b/test/results/flow-info/default/http_ipv6.pcap.out @@ -8,6 +8,7 @@ new: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] detected: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] [QUIC.Google][Google][Web][Acceptable][www.google.it] RISK: Unidirectional Traffic + detection-update: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [TLS][Google][Web][Safe] new: [.....4] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][58660] -> [...............2a00:1450:4006:803::2008][..443] [MIDSTREAM] new: [.....5] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][55145] -> [.................2a00:1450:400b:c02::5f][..443] analyse: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] [QUIC.Google][Google][Web][Acceptable] @@ -51,18 +52,20 @@ detection-update: [....15] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53134] -> [..................2a02:26f0:ad:197::236][..443] [TLS.Facebook][Unknown][SocialNetwork][Fun][s-static.ak.facebook.com] detection-update: [....14] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53132] -> [..................2a02:26f0:ad:197::236][..443] [TLS.Facebook][Unknown][SocialNetwork][Fun][s-static.ak.facebook.com] detection-update: [....14] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53132] -> [..................2a02:26f0:ad:197::236][..443] [TLS.Facebook][Unknown][SocialNetwork][Fun][s-static.ak.facebook.com] - idle: [....14] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53132] -> [..................2a02:26f0:ad:197::236][..443] - idle: [....15] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53134] -> [..................2a02:26f0:ad:197::236][..443] - idle: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] + idle: [....14] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53132] -> [..................2a02:26f0:ad:197::236][..443] [TLS.Facebook][Unknown][SocialNetwork][Fun] + idle: [....15] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][53134] -> [..................2a02:26f0:ad:197::236][..443] [TLS.Facebook][Unknown][SocialNetwork][Fun] + idle: [.....2] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][41776] -> [...............2a00:1450:4001:803::1017][..443] [TLS][Google][Web][Safe] idle: [.....3] [ip6][..udp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][45931] -> [...............2a00:1450:4001:803::1017][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic guessed: [.....9] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][60124] -> [..................2a02:26f0:ad:1a1::eed][..443] [TLS][Unknown][Web][Safe] idle: [.....9] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][60124] -> [..................2a02:26f0:ad:1a1::eed][..443] guessed: [.....4] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][58660] -> [...............2a00:1450:4006:803::2008][..443] [TLS][Google][Web][Safe] idle: [.....4] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][58660] -> [...............2a00:1450:4006:803::2008][..443] - end: [.....6] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37486] -> [................2a03:b0c0:3:d0::70:1001][..443] - end: [.....7] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37488] -> [................2a03:b0c0:3:d0::70:1001][..443] - end: [.....8] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37494] -> [................2a03:b0c0:3:d0::70:1001][..443] + end: [.....6] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37486] -> [................2a03:b0c0:3:d0::70:1001][..443] [TLS.ntop][Unknown][Network][Safe] + RISK: TLS Cert Mismatch + end: [.....7] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37488] -> [................2a03:b0c0:3:d0::70:1001][..443] [TLS.ntop][Unknown][Network][Safe] + RISK: TLS Cert Mismatch + end: [.....8] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37494] -> [................2a03:b0c0:3:d0::70:1001][..443] [TLS.ntop][Unknown][Network][Safe] + RISK: TLS Cert Mismatch idle: [....12] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][37506] -> [................2a03:b0c0:3:d0::70:1001][..443] [TLS.ntop][Unknown][Network][Safe] RISK: TLS Cert Mismatch guessed: [.....1] [ip6][..tcp] [........2a00:d40:1:3:7aac:c0ff:fea7:d4c][40526] -> [...............2a00:1450:4006:804::200e][..443] [TLS][Google][Web][Safe] diff --git a/test/results/flow-info/default/http_on_sip_port.pcap.out b/test/results/flow-info/default/http_on_sip_port.pcap.out index 279fcf670..d88e3353e 100644 --- a/test/results/flow-info/default/http_on_sip_port.pcap.out +++ b/test/results/flow-info/default/http_on_sip_port.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..tcp] [.82.178.111.221][.5060] -> [....45.58.148.2][.8888] detected: [.....1] [ip4][..tcp] [.82.178.111.221][.5060] -> [....45.58.148.2][.8888] [HTTP][Unknown][Web][Acceptable][45.58.148.2] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI + detection-update: [.....1] [ip4][..tcp] [.82.178.111.221][.5060] -> [....45.58.148.2][.8888] [HTTP][Unknown][Web][Acceptable][45.58.148.2] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Error Code idle: [.....1] [ip4][..tcp] [.82.178.111.221][.5060] -> [....45.58.148.2][.8888] [HTTP][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Error Code DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/http_starting_with_reply.pcapng.out b/test/results/flow-info/default/http_starting_with_reply.pcapng.out index 02d370f66..d26f5b793 100644 --- a/test/results/flow-info/default/http_starting_with_reply.pcapng.out +++ b/test/results/flow-info/default/http_starting_with_reply.pcapng.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][] + RISK: HTTP Susp User-Agent detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local] end: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/i3d.pcap.out b/test/results/flow-info/default/i3d.pcap.out index 7a01e6fb3..87413e530 100644 --- a/test/results/flow-info/default/i3d.pcap.out +++ b/test/results/flow-info/default/i3d.pcap.out @@ -10,19 +10,15 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][55205] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][60476] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][62620] -> [..213.163.87.47][50004] detected: [.....3] [ip4][..udp] [..192.168.2.100][62620] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][55205] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.2.100][62461] -> [..213.163.87.47][50004] detected: [.....4] [ip4][..udp] [..192.168.2.100][62461] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][62461] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][62620] -> [..213.163.87.47][50004] [i3D][Discord][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/iax.pcap.out b/test/results/flow-info/default/iax.pcap.out index 2a1c5ff6c..c644631cf 100644 --- a/test/results/flow-info/default/iax.pcap.out +++ b/test/results/flow-info/default/iax.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 94,40,40,46,40,46,192,200,200,46,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192,192] [ENTROPIES...: 4.7,4.3,4.4,4.4,4.4,4.4,1.3,1.5,1.3,4.3,1.1,1.3,1.9,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3,1.3] idle: [.....1] [ip4][..udp] [...82.110.36.84][.4569] -> [..192.168.2.120][.4566] [IAX][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/icmp-tunnel.pcap.out b/test/results/flow-info/default/icmp-tunnel.pcap.out index 8b7427ee7..9758e2616 100644 --- a/test/results/flow-info/default/icmp-tunnel.pcap.out +++ b/test/results/flow-info/default/icmp-tunnel.pcap.out @@ -15,59 +15,59 @@ [PKTLENS.....: 112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112] [ENTROPIES...: 5.6,5.6,5.7,5.7,5.7,5.6,5.6,5.6,5.6,5.6,5.6,5.7,5.7,5.6,5.7,5.7,5.7,5.7,5.6,5.7,5.6,5.7,5.6,5.7,5.6,5.7,5.6,5.6,5.7,5.7,5.7,5.7] update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet DAEMON-EVENT: [Processed: 251 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet update: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [.....1] [ip4][.icmp] [192.168.154.131] -> [192.168.154.132] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/imap-starttls.pcap.out b/test/results/flow-info/default/imap-starttls.pcap.out index a6166a65c..be955eb2d 100644 --- a/test/results/flow-info/default/imap-starttls.pcap.out +++ b/test/results/flow-info/default/imap-starttls.pcap.out @@ -10,7 +10,7 @@ RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....1] [ip4][..tcp] [..192.168.17.53][49640] -> [.212.227.17.186][..143] [IMAPS][Unknown][Email][Safe] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - analyse: [.....1] [ip4][..tcp] [..192.168.17.53][49640] -> [.212.227.17.186][..143] + analyse: [.....1] [ip4][..tcp] [..192.168.17.53][49640] -> [.212.227.17.186][..143] [IMAPS][Unknown][Email][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.678| 0.188| 0.378| 143010.873| 3.300] [PKTLEN......: 40.000| 1500.000| 235.200| 424.600| 180326.200| 3.600] diff --git a/test/results/flow-info/default/imaps.pcap.out b/test/results/flow-info/default/imaps.pcap.out index 62ed47ea9..34fc6a15f 100644 --- a/test/results/flow-info/default/imaps.pcap.out +++ b/test/results/flow-info/default/imaps.pcap.out @@ -15,6 +15,8 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....2] [ip4][..tcp] [....192.168.0.1][51529] -> [.....10.10.10.1][..993] [IMAPS][Unknown][Email][Safe] RISK: TLS (probably) Not Carrying HTTPS - idle: [.....1] [ip4][..tcp] [....192.168.1.8][50506] -> [.167.99.215.164][..993] - idle: [.....2] [ip4][..tcp] [....192.168.0.1][51529] -> [.....10.10.10.1][..993] + idle: [.....1] [ip4][..tcp] [....192.168.1.8][50506] -> [.167.99.215.164][..993] [IMAPS.ntop][Unknown][Email][Safe] + RISK: TLS (probably) Not Carrying HTTPS + idle: [.....2] [ip4][..tcp] [....192.168.0.1][51529] -> [.....10.10.10.1][..993] [IMAPS][Unknown][Email][Safe] + RISK: TLS (probably) Not Carrying HTTPS DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/instagram.pcap.out b/test/results/flow-info/default/instagram.pcap.out index 446d17d0d..efdc90de5 100644 --- a/test/results/flow-info/default/instagram.pcap.out +++ b/test/results/flow-info/default/instagram.pcap.out @@ -5,11 +5,12 @@ new: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] detected: [.....1] [ip4][..tcp] [..192.168.0.103][56382] -> [..173.252.107.4][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][telegraph-ash.instagram.com] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....1] [ip4][..tcp] [..192.168.0.103][56382] -> [..173.252.107.4][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][telegraph-ash.instagram.com] RISK: Obsolete TLS (v1.1 or older) - analyse: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] + analyse: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.572| 0.136| 0.382| 146017.665| 2.200] [PKTLEN......: 52.000| 1450.000| 668.500| 663.900| 440818.000| 4.200] @@ -32,6 +33,7 @@ new: [.....6] [ip4][..tcp] [..192.168.0.103][57965] -> [...82.85.26.185][...80] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [..192.168.0.103][57965] -> [...82.85.26.185][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-f.ak.instagram.com] RISK: Unidirectional Traffic + detection-update: [.....3] [ip4][..tcp] [..192.168.0.103][38816] -> [...46.33.70.160][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-h.ak.instagram.com] analyse: [.....3] [ip4][..tcp] [..192.168.0.103][38816] -> [...46.33.70.160][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.033| 0.003| 0.008| 64.366| 2.900] @@ -42,6 +44,7 @@ [IATS(ms)....: 32.7,33.1,0.8,0.7,1.8,2.1,0.1,0.0,0.3,0.4,0.7,0.6,0.6,0.6,0.6,0.6,0.6,0.6,11.0,1.9,2.0,0.4,0.3,0.8,1.1,0.5,0.5,0.4,0.8,4.1,0.5] [PKTLENS.....: 312,1470,52,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,1470,52,1470,52,1470,52,1470,1470,1470,1470,1470,1470,52,1470] [ENTROPIES...: 5.9,7.3,5.1,7.7,7.7,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.8,7.9,7.7,7.7,7.8,7.7,5.1,7.8,5.1,7.6,5.1,7.8,7.8,7.7,7.7,7.8,7.5,5.1,7.8] + detection-update: [.....4] [ip4][..tcp] [..192.168.0.103][57936] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-g.ak.instagram.com] analyse: [.....4] [ip4][..tcp] [..192.168.0.103][57936] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.112| 0.011| 0.030| 883.414| 2.300] @@ -52,6 +55,8 @@ [IATS(ms)....: 56.8,57.1,1.2,1.0,0.6,0.6,0.4,0.4,0.5,0.5,0.7,0.7,1.3,1.3,1.2,1.2,0.5,0.5,0.4,0.5,111.5,0.0,112.0,0.3,1.3,0.1,0.0,1.0,0.9,0.8,0.5] [PKTLENS.....: 305,1470,52,1431,52,1470,52,1470,52,1470,52,1470,52,172,52,1470,52,1470,52,1470,52,1470,1470,52,52,1470,1470,1470,52,1470,52,1470] [ENTROPIES...: 5.8,6.9,5.0,7.6,5.0,7.8,5.0,7.8,5.0,7.8,5.1,7.8,5.0,6.5,5.0,6.9,5.0,7.5,5.0,7.8,5.0,7.8,7.8,5.1,5.1,7.8,7.8,7.8,5.1,7.8,5.1,7.8] + detection-update: [.....6] [ip4][..tcp] [..192.168.0.103][57965] -> [...82.85.26.185][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-f.ak.instagram.com] + detection-update: [.....5] [ip4][..tcp] [..192.168.0.103][44379] -> [...82.85.26.186][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-e.ak.instagram.com] new: [.....7] [ip4][..tcp] [..192.168.0.103][33976] -> [....77.67.29.17][...80] [MIDSTREAM] analyse: [.....5] [ip4][..tcp] [..192.168.0.103][44379] -> [...82.85.26.186][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy @@ -74,15 +79,18 @@ new: [....12] [ip4][..tcp] [....31.13.93.52][..443] -> [..192.168.0.103][33934] [MIDSTREAM] detected: [....12] [ip4][..tcp] [....31.13.93.52][..443] -> [..192.168.0.103][33934] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....12] [ip4][..tcp] [....31.13.93.52][..443] -> [..192.168.0.103][33934] [TLS][Facebook][Web][Safe] new: [....13] [ip4][..tcp] [..192.168.0.103][33935] -> [....31.13.93.52][..443] [MIDSTREAM] detected: [....13] [ip4][..tcp] [..192.168.0.103][33935] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....13] [ip4][..tcp] [..192.168.0.103][33935] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] new: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] detected: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic new: [....15] [ip4][..tcp] [..192.168.0.103][33763] -> [....31.13.93.52][..443] [MIDSTREAM] detected: [....15] [ip4][..tcp] [..192.168.0.103][33763] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....15] [ip4][..tcp] [..192.168.0.103][33763] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] new: [....16] [ip4][..tcp] [..192.168.0.103][38817] -> [...46.33.70.160][...80] [MIDSTREAM] analyse: [.....7] [ip4][..tcp] [..192.168.0.103][33976] -> [....77.67.29.17][...80] min| max| avg| stddev| variance| entropy @@ -142,6 +150,7 @@ new: [....27] [ip4][..tcp] [..192.168.0.103][58053] -> [...82.85.26.162][...80] [MIDSTREAM] detected: [....27] [ip4][..tcp] [..192.168.0.103][58053] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-g.ak.instagram.com] RISK: Unidirectional Traffic + detection-update: [....26] [ip4][..tcp] [..192.168.0.103][58052] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun][photos-g.ak.instagram.com] analyse: [....26] [ip4][..tcp] [..192.168.0.103][58052] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.062| 0.005| 0.015| 225.668| 2.000] @@ -164,7 +173,6 @@ [PKTLENS.....: 1450,52,1450,52,1450,1450,52,1450,1450,1450,52,1450,52,1450,1450,52,1450,1450,52,1450,1450,52,1450,1450,52,1450,1450,52,1450,1450,52,1450] [ENTROPIES...: 7.8,5.0,7.5,5.0,7.9,7.9,5.0,7.8,7.4,7.5,5.0,7.9,5.0,7.8,7.9,5.0,7.8,7.8,5.0,7.2,7.8,5.0,7.8,7.9,5.0,7.8,7.8,5.0,7.4,7.9,5.0,7.9] update: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....29] [ip4][..tcp] [....2.22.236.51][...80] -> [..192.168.0.103][44151] [MIDSTREAM] new: [....30] [ip4][..tcp] [..192.168.0.103][58690] -> [...46.33.70.159][..443] [MIDSTREAM] detected: [....30] [ip4][..tcp] [..192.168.0.103][58690] -> [...46.33.70.159][..443] [TLS][Unknown][Web][Safe] @@ -187,7 +195,7 @@ update: [....10] [ip4][..udp] [..192.168.0.106][17500] -> [..192.168.0.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....11] [ip4][..udp] [....192.168.0.1][..520] -> [..192.168.0.255][..520] DAEMON-EVENT: [Processed: 633 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 32 / 32|skipped: 0|!detected: 0|guessed: 0|detection-updates: 13|updates: 4] + DAEMON-EVENT: [Flows][active: 32 / 32|skipped: 0|!detected: 0|guessed: 0|detection-updates: 22|updates: 4] new: [....33] [ip4][..tcp] [...192.168.2.17][49355] -> [....31.13.86.52][..443] detected: [....33] [ip4][..tcp] [...192.168.2.17][49355] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][scontent-mxp1-1.cdninstagram.com] detection-update: [....33] [ip4][..tcp] [...192.168.2.17][49355] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][scontent-mxp1-1.cdninstagram.com] @@ -200,43 +208,48 @@ detection-update: [....34] [ip4][..tcp] [...192.168.2.17][49357] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][scontent-mxp1-1.cdninstagram.com] detection-update: [....35] [ip4][..tcp] [...192.168.2.17][49358] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][scontent-mxp1-1.cdninstagram.com] detection-update: [....36] [ip4][..tcp] [...192.168.2.17][49359] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun][scontent-mxp1-1.cdninstagram.com] - idle: [.....8] [ip4][..tcp] [..192.168.0.103][37350] -> [...82.85.26.153][...80] - idle: [....22] [ip4][..tcp] [..192.168.0.103][41181] -> [...82.85.26.154][..443] - idle: [....23] [ip4][..tcp] [..192.168.0.103][41182] -> [...82.85.26.154][..443] + idle: [.....8] [ip4][..tcp] [..192.168.0.103][37350] -> [...82.85.26.153][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] + RISK: Unidirectional Traffic + idle: [....22] [ip4][..tcp] [..192.168.0.103][41181] -> [...82.85.26.154][..443] [TLS.Instagram][Unknown][SocialNetwork][Fun] + RISK: Obsolete TLS (v1.1 or older) + idle: [....23] [ip4][..tcp] [..192.168.0.103][41182] -> [...82.85.26.154][..443] [TLS.Instagram][Unknown][SocialNetwork][Fun] + RISK: Obsolete TLS (v1.1 or older) idle: [.....4] [ip4][..tcp] [..192.168.0.103][57936] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] idle: [....20] [ip4][..udp] [..192.168.0.103][26540] -> [........8.8.8.8][...53] [DNS.Instagram][Google][Network][Fun] - idle: [.....6] [ip4][..tcp] [..192.168.0.103][57965] -> [...82.85.26.185][...80] + idle: [.....6] [ip4][..tcp] [..192.168.0.103][57965] -> [...82.85.26.185][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] guessed: [....19] [ip4][..tcp] [..192.168.0.103][57966] -> [...82.85.26.185][...80] [HTTP][Unknown][Web][Acceptable][] end: [....19] [ip4][..tcp] [..192.168.0.103][57966] -> [...82.85.26.185][...80] end: [....30] [ip4][..tcp] [..192.168.0.103][58690] -> [...46.33.70.159][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic guessed: [.....7] [ip4][..tcp] [..192.168.0.103][33976] -> [....77.67.29.17][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....7] [ip4][..tcp] [..192.168.0.103][33976] -> [....77.67.29.17][...80] idle: [....17] [ip4][..udp] [..192.168.0.103][51219] -> [........8.8.8.8][...53] [DNS.Instagram][Google][Network][Fun] idle: [....26] [ip4][..tcp] [..192.168.0.103][58052] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] - idle: [....27] [ip4][..tcp] [..192.168.0.103][58053] -> [...82.85.26.162][...80] - idle: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] [ICMP][Unknown][Network][Acceptable] + idle: [....27] [ip4][..tcp] [..192.168.0.103][58053] -> [...82.85.26.162][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] RISK: Unidirectional Traffic + idle: [....14] [ip4][.icmp] [..192.168.0.103] -> [..192.168.0.103] [ICMP][Unknown][Network][Acceptable] idle: [.....9] [ip4][..udp] [..192.168.0.106][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....24] [ip4][..tcp] [..192.168.0.103][60908] -> [...46.33.70.136][..443] + idle: [....24] [ip4][..tcp] [..192.168.0.103][60908] -> [...46.33.70.136][..443] [TLS.Instagram][Unknown][SocialNetwork][Fun] + RISK: Obsolete TLS (v1.1 or older) guessed: [....28] [ip4][..tcp] [....31.13.86.52][...80] -> [..192.168.0.103][58216] [HTTP][Facebook][Web][Acceptable][] idle: [....28] [ip4][..tcp] [....31.13.86.52][...80] -> [..192.168.0.103][58216] - idle: [....21] [ip4][..tcp] [..192.168.0.103][44558] -> [...46.33.70.174][..443] + idle: [....21] [ip4][..tcp] [..192.168.0.103][44558] -> [...46.33.70.174][..443] [TLS.Instagram][Unknown][SocialNetwork][Fun] + RISK: Obsolete TLS (v1.1 or older) guessed: [....32] [ip4][..tcp] [...46.33.70.150][...80] -> [..192.168.0.103][40855] [HTTP][Unknown][Web][Acceptable][] idle: [....32] [ip4][..tcp] [...46.33.70.150][...80] -> [..192.168.0.103][40855] idle: [.....3] [ip4][..tcp] [..192.168.0.103][38816] -> [...46.33.70.160][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] guessed: [....16] [ip4][..tcp] [..192.168.0.103][38817] -> [...46.33.70.160][...80] [HTTP][Unknown][Web][Acceptable][] end: [....16] [ip4][..tcp] [..192.168.0.103][38817] -> [...46.33.70.160][...80] idle: [....10] [ip4][..udp] [..192.168.0.106][17500] -> [..192.168.0.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....31] [ip4][..udp] [..192.168.0.103][27124] -> [........8.8.8.8][...53] + idle: [....31] [ip4][..udp] [..192.168.0.103][27124] -> [........8.8.8.8][...53] [DNS.Instagram][Google][Network][Fun] + RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..192.168.0.103][56382] -> [..173.252.107.4][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] RISK: Obsolete TLS (v1.1 or older) - idle: [....15] [ip4][..tcp] [..192.168.0.103][33763] -> [....31.13.93.52][..443] + idle: [....15] [ip4][..tcp] [..192.168.0.103][33763] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] guessed: [....29] [ip4][..tcp] [....2.22.236.51][...80] -> [..192.168.0.103][44151] [HTTP][Unknown][Web][Acceptable][] idle: [....29] [ip4][..tcp] [....2.22.236.51][...80] -> [..192.168.0.103][44151] end: [.....5] [ip4][..tcp] [..192.168.0.103][44379] -> [...82.85.26.186][...80] [HTTP.Instagram][Unknown][SocialNetwork][Fun] - idle: [....12] [ip4][..tcp] [....31.13.93.52][..443] -> [..192.168.0.103][33934] - idle: [....13] [ip4][..tcp] [..192.168.0.103][33935] -> [....31.13.93.52][..443] + idle: [....12] [ip4][..tcp] [....31.13.93.52][..443] -> [..192.168.0.103][33934] [TLS][Facebook][Web][Safe] + idle: [....13] [ip4][..tcp] [..192.168.0.103][33935] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.0.103][33936] -> [....31.13.93.52][..443] [TLS][Facebook][Web][Safe] idle: [....18] [ip4][..udp] [..192.168.0.103][33603] -> [........8.8.8.8][...53] [DNS.Instagram][Google][Network][Fun] not-detected: [....11] [ip4][..udp] [....192.168.0.1][..520] -> [..192.168.0.255][..520] [Unknown][Unknown][Unrated] @@ -259,10 +272,10 @@ [IATS(ms)....: 11.1,12.4,1.2,0.5,13.3,0.6,0.1,14.2,0.6,14.4,12.5,169.6,0.3,0.2,0.1,0.3,0.1,0.2,0.2,0.0,169.7,0.1,1.8,0.2,0.1,0.5,10413.4,52.2,10469.8,9.8,75.9] [PKTLENS.....: 64,60,52,471,649,52,52,274,52,136,230,52,825,1440,1440,1440,1440,1440,628,1440,86,52,52,52,52,52,52,587,587,52,52,828] [ENTROPIES...: 4.2,5.1,4.9,7.1,7.6,5.0,5.0,6.8,4.9,6.4,7.0,4.8,7.7,7.9,7.9,7.8,7.9,7.9,7.7,7.9,5.8,5.0,5.0,4.9,4.9,4.9,5.0,7.6,7.6,5.1,5.1,7.8] - idle: [....33] [ip4][..tcp] [...192.168.2.17][49355] -> [....31.13.86.52][..443] + idle: [....33] [ip4][..tcp] [...192.168.2.17][49355] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] end: [....34] [ip4][..tcp] [...192.168.2.17][49357] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] idle: [....35] [ip4][..tcp] [...192.168.2.17][49358] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] - idle: [....36] [ip4][..tcp] [...192.168.2.17][49359] -> [....31.13.86.52][..443] - idle: [....37] [ip4][..tcp] [...192.168.2.17][49360] -> [....31.13.86.52][..443] - idle: [....38] [ip4][..tcp] [...192.168.2.17][49361] -> [....31.13.86.52][..443] + idle: [....36] [ip4][..tcp] [...192.168.2.17][49359] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] + idle: [....37] [ip4][..tcp] [...192.168.2.17][49360] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] + idle: [....38] [ip4][..tcp] [...192.168.2.17][49361] -> [....31.13.86.52][..443] [TLS.Instagram][Facebook][SocialNetwork][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/iphone.pcap.out b/test/results/flow-info/default/iphone.pcap.out index fdea3d516..24841e5b0 100644 --- a/test/results/flow-info/default/iphone.pcap.out +++ b/test/results/flow-info/default/iphone.pcap.out @@ -186,7 +186,7 @@ [IATS(ms)....: 33.3,146.1,0.1,147.3,1.4,0.2,0.1,0.0,38.6,0.0,0.1,10.9,46.9,12.5,120.2,0.0,0.0,0.2,1.1,0.1,1.5,0.5,107.4,0.0,1.2,31.0,0.5,3.7,0.0,4.5,82.6] [PKTLENS.....: 64,60,52,569,52,1492,1492,1268,442,52,52,52,132,339,339,98,95,87,1492,552,818,52,52,52,122,52,52,83,52,87,52,52] [ENTROPIES...: 4.5,5.3,5.1,4.5,5.2,7.8,7.9,7.8,7.5,5.1,5.2,5.1,6.2,7.4,7.3,6.1,6.0,5.9,7.9,7.6,7.7,5.2,5.2,5.1,6.2,5.1,5.1,5.8,5.1,5.9,5.1,5.1] - analyse: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] + analyse: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.804| 0.109| 0.185| 34306.707| 3.400] [PKTLEN......: 52.000| 1492.000| 721.000| 667.300| 445284.800| 4.300] @@ -204,7 +204,7 @@ new: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] detected: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][sync.itunes.apple.com] detection-update: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][sync.itunes.apple.com] - idle: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] + idle: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] idle: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] idle: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] idle: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] @@ -212,25 +212,23 @@ idle: [....28] [ip4][..udp] [...192.168.2.17][52852] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] idle: [....16] [ip4][..udp] [...192.168.2.17][63143] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] - idle: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353] + idle: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....9] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....19] [ip4][..udp] [...192.168.2.17][51007] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] - idle: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] + idle: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] [TLS.Apple][Apple][Web][Safe] idle: [....34] [ip4][..udp] [...192.168.2.17][63377] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun] idle: [....15] [ip4][..udp] [...192.168.2.17][63381] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443] + idle: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443] [TLS.Apple][Unknown][Web][Safe] idle: [....40] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....35] [ip4][..udp] [...192.168.2.17][53272] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun] idle: [....32] [ip4][..udp] [...192.168.2.17][53317] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] idle: [....10] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.17][...68] [DHCP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] + idle: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] [TLS.Apple][Apple][Web][Safe] idle: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] - idle: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443] + idle: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443] [TLS.Apple][Unknown][Web][Safe] idle: [....50] [ip4][..udp] [...192.168.2.17][63677] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun] idle: [.....8] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] @@ -239,7 +237,7 @@ idle: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] guessed: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] [NAT-PMP][Unknown][Network][Acceptable] idle: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] - idle: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] + idle: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] @@ -248,9 +246,9 @@ idle: [....37] [ip4][..udp] [...192.168.2.17][49880] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun] idle: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun] idle: [....44] [ip4][..udp] [...192.168.2.17][52031] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] - end: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443] - end: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443] - idle: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] + end: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe] + end: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe] + idle: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe] idle: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] idle: [....33] [ip4][..udp] [...192.168.2.17][62526] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] end: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80] [HTTP.Apple][Apple][ConnCheck][Safe] diff --git a/test/results/flow-info/default/ipsec_isakmp_esp.pcap.out b/test/results/flow-info/default/ipsec_isakmp_esp.pcap.out index a6f1e1985..5ab34ac01 100644 --- a/test/results/flow-info/default/ipsec_isakmp_esp.pcap.out +++ b/test/results/flow-info/default/ipsec_isakmp_esp.pcap.out @@ -8,15 +8,11 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 23 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] update: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic analyse: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 662.067| 70.207| 185.660|34469670203.425| 2.000] @@ -28,33 +24,24 @@ [PKTLENS.....: 844,236,140,108,124,444,1360,1360,928,1360,160,160,160,928,160,844,236,140,108,124,444,1360,1360,928,160,160,160,1056,160,108,844,236] [ENTROPIES...: 7.7,7.0,6.1,5.8,6.1,7.4,7.9,7.9,7.8,7.9,6.6,6.7,6.6,7.8,6.6,7.8,6.9,6.2,5.8,6.0,7.4,7.9,7.9,7.8,6.6,6.5,6.8,7.8,6.7,5.7,7.8,6.8] update: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 61 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] idle: [.....2] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] detected: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 84 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] idle: [.....1] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] detected: [.....4] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] detected: [.....5] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic @@ -62,17 +49,12 @@ detected: [.....6] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.195][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 126 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] idle: [.....5] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.195][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 145 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [.....7] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.194][..500] @@ -82,19 +64,13 @@ detected: [.....8] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.195][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 164 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] update: [.....8] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.194][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.194][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 187 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 18] new: [.....9] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.225][..500] @@ -104,9 +80,7 @@ detected: [....10] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.225][.4500] [IPSec][Unknown][VPN][Safe] RISK: Malformed Packet, Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.194][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic new: [....11] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.131][..500] detected: [....11] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.131][..500] [IPSec][Unknown][VPN][Safe] RISK: Malformed Packet, Unidirectional Traffic @@ -114,15 +88,13 @@ detected: [....12] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.131][.4500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.225][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet idle: [.....9] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.225][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 225 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 18] update: [....12] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.131][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.131][..500] [IPSec][Unknown][VPN][Safe] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet DAEMON-EVENT: [Processed: 244 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [....13] [ip4][..udp] [..192.168.2.100][43811] -> [109.237.187.193][.4500] @@ -132,9 +104,8 @@ detected: [....14] [ip4][..udp] [..192.168.2.100][43811] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.131][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.131][..500] [IPSec][Unknown][VPN][Safe] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet DAEMON-EVENT: [Processed: 267 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [....15] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.129][..500] @@ -144,9 +115,7 @@ detected: [....16] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.129][.4500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..192.168.2.100][43811] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..192.168.2.100][43811] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.225][..500] detected: [....17] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.225][..500] [IPSec][Unknown][VPN][Safe] RISK: Unidirectional Traffic @@ -258,47 +227,25 @@ [PKTLENS.....: 844,236,140,108,124,444,1360,1360,928,160,160,160,1056,160,108,844,236,140,108,124,444,1360,1360,912,160,160,160,1056,160,1360,844,236] [ENTROPIES...: 7.7,6.9,6.3,5.8,6.2,7.5,7.8,7.8,7.8,6.7,6.6,6.6,7.8,6.6,5.7,7.8,7.0,6.2,5.9,6.2,7.5,7.9,7.9,7.8,6.7,6.6,6.6,7.8,6.6,7.8,7.7,6.9] idle: [....28] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.130][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.131][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.226][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.227][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.195][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.225][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..192.168.2.100][14500] -> [109.237.187.129][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.130][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.131][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.226][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.227][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.195][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.194][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.225][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [..192.168.2.100][10500] -> [109.237.187.129][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [..192.168.2.100][41618] -> [109.237.187.194][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [..192.168.2.100][41618] -> [109.237.187.194][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [..192.168.2.100][42593] -> [109.237.187.193][.4500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [..192.168.2.100][42593] -> [109.237.187.193][..500] [IPSec][Unknown][VPN][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ja3_lots_of_cipher_suites_2_anon.pcap.out b/test/results/flow-info/default/ja3_lots_of_cipher_suites_2_anon.pcap.out index ac24df529..7d94de587 100644 --- a/test/results/flow-info/default/ja3_lots_of_cipher_suites_2_anon.pcap.out +++ b/test/results/flow-info/default/ja3_lots_of_cipher_suites_2_anon.pcap.out @@ -18,5 +18,4 @@ ERROR-EVENT: Captured packet size is smaller than expected packet size [12/16] ERROR-EVENT: Captured packet size is smaller than expected packet size [13/16] idle: [.....1] [ip4][..udp] [.132.190.244.12][.2152] -> [.151.121.185.44][.2152] [GTP.GTP_U][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/jabber.pcap.out b/test/results/flow-info/default/jabber.pcap.out index e549e4184..d3c8daa5b 100644 --- a/test/results/flow-info/default/jabber.pcap.out +++ b/test/results/flow-info/default/jabber.pcap.out @@ -34,7 +34,6 @@ DAEMON-EVENT: [Processed: 189 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] end: [.....3] [ip4][..tcp] [....172.16.0.62][57126] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....5] [ip4][..tcp] [....172.16.0.62][57147] -> [...172.16.1.138][.5222] detected: [.....5] [ip4][..tcp] [....172.16.0.62][57147] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] new: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [MIDSTREAM] @@ -60,9 +59,7 @@ idle: [.....1] [ip4][..tcp] [....172.16.0.62][57094] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] idle: [.....2] [ip4][..tcp] [....172.16.0.62][57122] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] idle: [.....4] [ip4][..tcp] [....172.16.0.62][57129] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [....172.16.0.62][57149] -> [...172.16.1.138][.5222] [Jabber][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 283 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....8] [ip4][..tcp] [..192.168.2.100][34218] -> [.160.44.201.102][.5223] diff --git a/test/results/flow-info/default/kerberos-error.pcap.out b/test/results/flow-info/default/kerberos-error.pcap.out index 2ee7a9f67..d3ceffa2d 100644 --- a/test/results/flow-info/default/kerberos-error.pcap.out +++ b/test/results/flow-info/default/kerberos-error.pcap.out @@ -4,5 +4,6 @@ new: [.....1] [ip4][..udp] [.148.151.79.183][34473] -> [.144.199.10.233][...88] detected: [.....1] [ip4][..udp] [.148.151.79.183][34473] -> [.144.199.10.233][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.148.151.79.183][34473] -> [.144.199.10.233][...88] [Kerberos][Unknown][Network][Acceptable] idle: [.....1] [ip4][..udp] [.148.151.79.183][34473] -> [.144.199.10.233][...88] [Kerberos][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/kerberos-login.pcap.out b/test/results/flow-info/default/kerberos-login.pcap.out index 8908c8721..e1bea40fe 100644 --- a/test/results/flow-info/default/kerberos-login.pcap.out +++ b/test/results/flow-info/default/kerberos-login.pcap.out @@ -38,47 +38,28 @@ detected: [....12] [ip4][..udp] [......10.1.12.2][.1096] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [......10.1.12.2][.1061] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [......10.1.12.2][.1065] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [......10.1.12.2][.1067] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [......10.1.12.2][.1068] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [......10.1.12.2][.1069] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [......10.1.12.2][.1074] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [......10.1.12.2][.1076] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 24 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 12 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 7] new: [....13] [ip4][..tcp] [..192.168.10.12][44256] -> [...192.168.10.3][...88] detected: [....13] [ip4][..tcp] [..192.168.10.12][44256] -> [...192.168.10.3][...88] [Kerberos][Unknown][Network][Acceptable] detection-update: [....13] [ip4][..tcp] [..192.168.10.12][44256] -> [...192.168.10.3][...88] [Kerberos][Unknown][Network][Acceptable] idle: [.....1] [ip4][..udp] [......10.1.12.2][.1061] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [......10.1.12.2][.1065] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [......10.1.12.2][.1067] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [......10.1.12.2][.1068] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [......10.1.12.2][.1069] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [......10.1.12.2][.1074] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [......10.1.12.2][.1076] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [......10.1.12.2][.1084] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [......10.1.12.2][.1089] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [......10.1.12.2][.1090] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [......10.1.12.2][.1092] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [......10.1.12.2][.1096] -> [.......10.5.3.1][...88] [Kerberos][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic end: [....13] [ip4][..tcp] [..192.168.10.12][44256] -> [...192.168.10.3][...88] [Kerberos][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/kerberos.pcap.out b/test/results/flow-info/default/kerberos.pcap.out index 8b9c19b95..eb5c40e8a 100644 --- a/test/results/flow-info/default/kerberos.pcap.out +++ b/test/results/flow-info/default/kerberos.pcap.out @@ -4,9 +4,11 @@ new: [.....1] [ip4][..tcp] [...172.16.8.201][49157] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [...172.16.8.201][49157] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [...172.16.8.201][49157] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [.....2] [ip4][..tcp] [...172.16.8.201][49158] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [...172.16.8.201][49158] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....2] [ip4][..tcp] [...172.16.8.201][49158] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [.....3] [ip4][..tcp] [...172.16.8.201][49159] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [.....4] [ip4][..tcp] [...172.16.8.201][49160] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [...172.16.8.201][49160] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] @@ -18,9 +20,11 @@ new: [.....8] [ip4][..tcp] [...172.16.8.201][49166] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [.....8] [ip4][..tcp] [...172.16.8.201][49166] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....8] [ip4][..tcp] [...172.16.8.201][49166] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [.....9] [ip4][..tcp] [...172.16.8.201][49167] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [...172.16.8.201][49167] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....9] [ip4][..tcp] [...172.16.8.201][49167] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [....10] [ip4][..tcp] [...172.16.8.201][49168] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....11] [ip4][..tcp] [...172.16.8.201][49165] -> [.....172.16.8.8][49155] [MIDSTREAM] new: [....12] [ip4][..tcp] [...172.16.8.201][49169] -> [.....172.16.8.8][..389] [MIDSTREAM] @@ -42,18 +46,22 @@ new: [....22] [ip4][..tcp] [...172.16.8.201][49181] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [....22] [ip4][..tcp] [...172.16.8.201][49181] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [....22] [ip4][..tcp] [...172.16.8.201][49181] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [....23] [ip4][..tcp] [...172.16.8.201][49182] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [....23] [ip4][..tcp] [...172.16.8.201][49182] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [....23] [ip4][..tcp] [...172.16.8.201][49182] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [....24] [ip4][..tcp] [...172.16.8.201][49183] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....25] [ip4][..tcp] [...172.16.8.201][49186] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] [MIDSTREAM] new: [....27] [ip4][..tcp] [...172.16.8.201][49187] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [....27] [ip4][..tcp] [...172.16.8.201][49187] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [....27] [ip4][..tcp] [...172.16.8.201][49187] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [....28] [ip4][..tcp] [...172.16.8.201][49188] -> [.....172.16.8.8][...88] [MIDSTREAM] detected: [....28] [ip4][..tcp] [...172.16.8.201][49188] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [....28] [ip4][..tcp] [...172.16.8.201][49188] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] new: [....29] [ip4][..tcp] [...172.16.8.201][49189] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....30] [ip4][..tcp] [...172.16.8.201][49190] -> [.....172.16.8.8][...88] [MIDSTREAM] new: [....31] [ip4][..tcp] [...172.16.8.201][49192] -> [.....172.16.8.8][...88] [MIDSTREAM] @@ -67,14 +75,14 @@ not-detected: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] [Unknown][Unknown][Unrated] idle: [....26] [ip4][..tcp] [...172.16.8.201][49185] -> [.....172.16.8.8][49155] idle: [.....1] [ip4][..tcp] [...172.16.8.201][49157] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] - idle: [.....2] [ip4][..tcp] [...172.16.8.201][49158] -> [.....172.16.8.8][...88] + idle: [.....2] [ip4][..tcp] [...172.16.8.201][49158] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] guessed: [.....3] [ip4][..tcp] [...172.16.8.201][49159] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [.....3] [ip4][..tcp] [...172.16.8.201][49159] -> [.....172.16.8.8][...88] idle: [.....4] [ip4][..tcp] [...172.16.8.201][49160] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] guessed: [.....6] [ip4][..tcp] [...172.16.8.201][49162] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [.....6] [ip4][..tcp] [...172.16.8.201][49162] -> [.....172.16.8.8][...88] idle: [.....8] [ip4][..tcp] [...172.16.8.201][49166] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] - idle: [.....9] [ip4][..tcp] [...172.16.8.201][49167] -> [.....172.16.8.8][...88] + idle: [.....9] [ip4][..tcp] [...172.16.8.201][49167] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] guessed: [....10] [ip4][..tcp] [...172.16.8.201][49168] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [....10] [ip4][..tcp] [...172.16.8.201][49168] -> [.....172.16.8.8][...88] guessed: [....13] [ip4][..tcp] [...172.16.8.201][49170] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] @@ -86,13 +94,13 @@ idle: [....17] [ip4][..tcp] [...172.16.8.201][49175] -> [.....172.16.8.8][...88] idle: [....18] [ip4][..tcp] [...172.16.8.201][49176] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [....22] [ip4][..tcp] [...172.16.8.201][49181] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] - idle: [....23] [ip4][..tcp] [...172.16.8.201][49182] -> [.....172.16.8.8][...88] + idle: [....23] [ip4][..tcp] [...172.16.8.201][49182] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] guessed: [....24] [ip4][..tcp] [...172.16.8.201][49183] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [....24] [ip4][..tcp] [...172.16.8.201][49183] -> [.....172.16.8.8][...88] guessed: [....25] [ip4][..tcp] [...172.16.8.201][49186] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [....25] [ip4][..tcp] [...172.16.8.201][49186] -> [.....172.16.8.8][...88] idle: [....27] [ip4][..tcp] [...172.16.8.201][49187] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] - idle: [....28] [ip4][..tcp] [...172.16.8.201][49188] -> [.....172.16.8.8][...88] + idle: [....28] [ip4][..tcp] [...172.16.8.201][49188] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] guessed: [....29] [ip4][..tcp] [...172.16.8.201][49189] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] idle: [....29] [ip4][..tcp] [...172.16.8.201][49189] -> [.....172.16.8.8][...88] guessed: [....30] [ip4][..tcp] [...172.16.8.201][49190] -> [.....172.16.8.8][...88] [Kerberos][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/kerberos_fuzz.pcapng.out b/test/results/flow-info/default/kerberos_fuzz.pcapng.out index 1e1f3b862..29ff00757 100644 --- a/test/results/flow-info/default/kerberos_fuzz.pcapng.out +++ b/test/results/flow-info/default/kerberos_fuzz.pcapng.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [......126.4.1.0][...88] -> [.......19.0.0.0][53646] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [......126.4.1.0][...88] -> [.......19.0.0.0][53646] [Kerberos][Unknown][Network][Acceptable] - end: [.....1] [ip4][..tcp] [......126.4.1.0][...88] -> [.......19.0.0.0][53646] + end: [.....1] [ip4][..tcp] [......126.4.1.0][...88] -> [.......19.0.0.0][53646] [Kerberos][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/kontiki.pcap.out b/test/results/flow-info/default/kontiki.pcap.out index 3256a7cdc..bda5b516c 100644 --- a/test/results/flow-info/default/kontiki.pcap.out +++ b/test/results/flow-info/default/kontiki.pcap.out @@ -32,19 +32,15 @@ [PKTLENS.....: 32,32,32,48,56,245,499,232,204,118,1269,1269,1269,1269,44,1269,1269,1269,1269,1269,44,1269,1269,1269,1269,1269,1269,44,1269,1269,1269,1269] [ENTROPIES...: 4.3,4.4,4.4,4.8,5.1,6.3,7.3,7.0,6.9,6.2,7.9,7.8,7.8,7.8,4.9,7.8,7.8,7.8,7.8,7.8,4.9,7.9,7.8,7.8,7.8,7.9,7.8,4.9,7.8,7.8,7.9,7.9] idle: [.....8] [ip4][.icmp] [...4.79.219.125] -> [....10.25.32.59] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][.icmp] [216.168.241.157] -> [....10.25.32.59] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [....10.25.32.59][19948] -> [..64.200.148.86][.8888] [Kontiki][Unknown][Media][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [.....6] [ip4][.icmp] [.....10.25.32.3] -> [....10.25.32.59] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][.icmp] [...10.25.249.14] -> [....10.25.32.59] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic not-detected: [.....1] [ip4][..udp] [....10.25.32.59][19948] -> [255.255.255.255][19948] [Unknown][Unknown][Unrated] idle: [.....1] [ip4][..udp] [....10.25.32.59][19948] -> [255.255.255.255][19948] not-detected: [.....2] [ip4][..udp] [....10.25.32.59][19948] -> [..64.200.148.82][.1948] [Unknown][Unknown][Unrated] idle: [.....2] [ip4][..udp] [....10.25.32.59][19948] -> [..64.200.148.82][.1948] idle: [.....5] [ip4][..udp] [....10.25.32.59][19948] -> [..64.200.148.88][...80] [Kontiki][Unknown][Media][Potentially Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/line.pcap.out b/test/results/flow-info/default/line.pcap.out index bcf2bfac9..e4c37e526 100644 --- a/test/results/flow-info/default/line.pcap.out +++ b/test/results/flow-info/default/line.pcap.out @@ -20,6 +20,7 @@ detected: [.....2] [ip4][..tcp] [...10.200.3.125][57841] -> [.147.92.165.194][..443] [TLS][Line][Web][Safe] RISK: Unidirectional Traffic new: [.....3] [ip4][..tcp] [...10.200.3.125][58160] -> [.147.92.242.232][..443] + detection-update: [.....2] [ip4][..tcp] [...10.200.3.125][57841] -> [.147.92.165.194][..443] [TLS][Line][Web][Safe] detected: [.....3] [ip4][..tcp] [...10.200.3.125][58160] -> [.147.92.242.232][..443] [TLS.Line][Line][Chat][Acceptable][uts-front.line-apps.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....3] [ip4][..tcp] [...10.200.3.125][58160] -> [.147.92.242.232][..443] [TLS.Line][Line][Chat][Acceptable][uts-front.line-apps.com] @@ -47,7 +48,6 @@ [PKTLENS.....: 52,52,40,557,46,1500,1500,381,40,133,314,335,46,581,46,224,75,40,335,46,613,46,224,75,40,335,46,612,46,224,75,40] [ENTROPIES...: 4.5,4.9,4.8,4.8,4.5,7.2,7.5,7.4,4.8,6.2,7.2,7.3,4.5,7.6,4.5,7.0,5.7,4.8,7.4,4.4,7.6,4.6,7.0,5.8,4.6,7.3,4.5,7.6,4.5,7.0,5.7,4.7] idle: [.....1] [ip4][..udp] [......10.0.2.15][50835] -> [125.209.252.210][20610] [LineCall][Line][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [...10.200.3.125][51161] -> [..147.92.169.90][29070] detected: [.....4] [ip4][..udp] [...10.200.3.125][51161] -> [..147.92.169.90][29070] [LineCall][Line][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -65,12 +65,9 @@ detected: [.....5] [ip4][..udp] [...10.200.3.125][51170] -> [..147.92.169.90][29070] [LineCall][Line][VoIP][Acceptable] RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [...10.200.3.125][51161] -> [..147.92.169.90][29070] [LineCall][Line][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [...10.200.3.125][57841] -> [.147.92.165.194][..443] [TLS][Line][Web][Safe] end: [.....3] [ip4][..tcp] [...10.200.3.125][58160] -> [.147.92.242.232][..443] [TLS.Line][Line][Chat][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....4] [ip4][..udp] [...10.200.3.125][51161] -> [..147.92.169.90][29070] [LineCall][Line][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [...10.200.3.125][51170] -> [..147.92.169.90][29070] [LineCall][Line][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/lisp_registration.pcap.out b/test/results/flow-info/default/lisp_registration.pcap.out index d7be8d2e9..31b32f4d1 100644 --- a/test/results/flow-info/default/lisp_registration.pcap.out +++ b/test/results/flow-info/default/lisp_registration.pcap.out @@ -13,8 +13,6 @@ detected: [.....4] [ip4][..tcp] [.....10.0.123.3][52995] -> [.....10.0.123.1][.4342] [LISP][Unknown][Cloud][Acceptable] idle: [.....4] [ip4][..tcp] [.....10.0.123.3][52995] -> [.....10.0.123.1][.4342] [LISP][Unknown][Cloud][Acceptable] idle: [.....3] [ip4][..udp] [.....10.0.123.3][.4342] -> [.....10.0.123.1][.4342] [LISP][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....10.0.123.2][.4342] -> [.....10.0.123.1][.4342] [LISP][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.....10.0.123.2][15373] -> [.....10.0.123.1][.4342] [LISP][Unknown][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/long_tls_certificate.pcap.out b/test/results/flow-info/default/long_tls_certificate.pcap.out index 9a2d3607f..de2cf8182 100644 --- a/test/results/flow-info/default/long_tls_certificate.pcap.out +++ b/test/results/flow-info/default/long_tls_certificate.pcap.out @@ -5,7 +5,7 @@ detected: [.....1] [ip4][..tcp] [...192.168.1.60][55333] -> [.106.15.100.123][..443] [TLS.Alibaba][Alibaba][Web][Acceptable][beacon-api.aliyuncs.com] detection-update: [.....1] [ip4][..tcp] [...192.168.1.60][55333] -> [.106.15.100.123][..443] [TLS.Alibaba][Alibaba][Web][Acceptable][beacon-api.aliyuncs.com] detection-update: [.....1] [ip4][..tcp] [...192.168.1.60][55333] -> [.106.15.100.123][..443] [TLS.Alibaba][Alibaba][Web][Acceptable][beacon-api.aliyuncs.com] - analyse: [.....1] [ip4][..tcp] [...192.168.1.60][55333] -> [.106.15.100.123][..443] + analyse: [.....1] [ip4][..tcp] [...192.168.1.60][55333] -> [.106.15.100.123][..443] [TLS.Alibaba][Alibaba][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.371| 0.087| 0.130| 17024.252| 3.400] [PKTLEN......: 40.000| 1492.000| 370.700| 546.600| 298744.200| 3.700] diff --git a/test/results/flow-info/default/lru_ipv6_caches.pcapng.out b/test/results/flow-info/default/lru_ipv6_caches.pcapng.out index 51f07f585..8f73d0327 100644 --- a/test/results/flow-info/default/lru_ipv6_caches.pcapng.out +++ b/test/results/flow-info/default/lru_ipv6_caches.pcapng.out @@ -42,21 +42,24 @@ new: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] detected: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][] RISK: Unidirectional Traffic - idle: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] - idle: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] - idle: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] - idle: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] + idle: [.....8] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44144] [TLS.Cloudflare][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic + idle: [.....9] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44150] [TLS.Cloudflare][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic + idle: [....10] [ip6][..tcp] [........................2001:db8:200::1][..443] -> [..........................2001:db8:1::1][44192] [TLS.Cloudflare][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic + idle: [.....5] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2c7f:d7a0:44a9:49e9:e586:fb7f:5b85:9c83][....1] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....2] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [3024:e5ee:ac2f:cd76:5dd6:a7a1:f17f:5c27][60506] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] - idle: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] + idle: [.....4] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [2fda:1f8a:c107:88a4:e509:d2e1:445f:f34c][.6881] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [.....6] [ip6][..udp] [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] -> [.38b2:46b7:27a4:94c3:c134:948:e069:d71f][....1] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....7] [ip6][..udp] [2118:ec33:112b:7908:2c80:27ff:fef7:d71f][48415] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip6][..udp] [.3297:a1af:5121:cfc:360b:2e07:872f:1ea0][43865] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] -> [20ed:470f:6f73:ce60:60be:8b4f:df37:b080][45658] [STUN][Unknown][Network][Acceptable] idle: [....12] [ip6][..udp] [.3069:c624:1d42:9469:98b1:67ff:fe43:325][56131] -> [....32fb:f967:681e:e96b:face:b00c::74fd][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip6][..udp] [.2a2f:8509:1cb2:466d:ecbf:69d6:109c:608][62229] -> [.3991:72d:336e:65ec:c5bf:a5fa:83ad:23de][.6881] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/malformed_icmp.pcap.out b/test/results/flow-info/default/malformed_icmp.pcap.out index 69bb0882c..3362d74b0 100644 --- a/test/results/flow-info/default/malformed_icmp.pcap.out +++ b/test/results/flow-info/default/malformed_icmp.pcap.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][.icmp] [218.152.179.213] -> [.218.152.179.54] [ICMP][Unknown][Network][Acceptable] RISK: Malformed Packet, Unidirectional Traffic idle: [.....1] [ip4][.icmp] [218.152.179.213] -> [.218.152.179.54] [ICMP][Unknown][Network][Acceptable] - RISK: Malformed Packet, Unidirectional Traffic + RISK: Malformed Packet DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/malware.pcap.out b/test/results/flow-info/default/malware.pcap.out index 9b1b715f7..033f487d0 100644 --- a/test/results/flow-info/default/malware.pcap.out +++ b/test/results/flow-info/default/malware.pcap.out @@ -14,6 +14,7 @@ new: [.....4] [ip4][..tcp] [....192.168.7.7][48394] -> [..67.215.92.210][...80] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [....192.168.7.7][48394] -> [..67.215.92.210][...80] [HTTP][OpenDNS][Web][Acceptable][www.internetbadguys.com] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..tcp] [....192.168.7.7][48394] -> [..67.215.92.210][...80] [HTTP][OpenDNS][Web][Acceptable][www.internetbadguys.com] new: [.....5] [ip4][..tcp] [....192.168.7.7][35236] -> [..67.215.92.210][..443] detected: [.....5] [ip4][..tcp] [....192.168.7.7][35236] -> [..67.215.92.210][..443] [TLS][OpenDNS][Web][Safe][www.internetbadguys.com] detection-update: [.....5] [ip4][..tcp] [....192.168.7.7][35236] -> [..67.215.92.210][..443] [TLS][OpenDNS][Web][Safe][www.internetbadguys.com] @@ -23,10 +24,9 @@ RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [....192.168.7.7][33706] -> [144.139.247.220][...80] idle: [.....2] [ip4][.icmp] [....192.168.7.7] -> [144.139.247.220] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....192.168.7.7][42370] -> [........1.1.1.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 26 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 3|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 0] new: [.....6] [ip4][..tcp] [...192.168.0.20][41240] -> [.193.109.85.123][..443] detected: [.....6] [ip4][..tcp] [...192.168.0.20][41240] -> [.193.109.85.123][..443] [TLS][Unknown][Web][Safe][hobbeach.com] detection-update: [.....6] [ip4][..tcp] [...192.168.0.20][41240] -> [.193.109.85.123][..443] [TLS][Unknown][Web][Safe][hobbeach.com] @@ -41,6 +41,7 @@ [PKTLENS.....: 52,52,40,692,46,1492,40,46,121,52,1492,40,133,314,511,46,1492,1492,40,46,1367,1492,40,1492,46,1269,40,1492,1492,40,46,1492] [ENTROPIES...: 4.7,4.9,4.8,7.2,4.4,7.4,4.9,4.4,6.3,5.0,7.6,4.9,6.0,7.2,7.6,4.4,7.9,7.9,4.8,4.4,7.9,7.9,4.9,7.9,4.4,7.8,4.9,7.9,7.9,4.8,4.5,7.9] idle: [.....6] [ip4][..tcp] [...192.168.0.20][41240] -> [.193.109.85.123][..443] [TLS][Unknown][Web][Safe] - end: [.....5] [ip4][..tcp] [....192.168.7.7][35236] -> [..67.215.92.210][..443] - idle: [.....4] [ip4][..tcp] [....192.168.7.7][48394] -> [..67.215.92.210][...80] + end: [.....5] [ip4][..tcp] [....192.168.7.7][35236] -> [..67.215.92.210][..443] [TLS.OpenDNS][OpenDNS][Network][Acceptable] + RISK: TLS Cert Mismatch + idle: [.....4] [ip4][..tcp] [....192.168.7.7][48394] -> [..67.215.92.210][...80] [HTTP][OpenDNS][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/merakicloud.pcapng.out b/test/results/flow-info/default/merakicloud.pcapng.out index 1b394d43e..8a99e03cd 100644 --- a/test/results/flow-info/default/merakicloud.pcapng.out +++ b/test/results/flow-info/default/merakicloud.pcapng.out @@ -5,13 +5,9 @@ detected: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic analyse: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.185| 25.011| 16.136| 11.214| 125752330.682| 4.400] @@ -23,11 +19,7 @@ [PKTLENS.....: 140,74,140,74,140,74,140,74,140,74,140,74,140,74,140,74,140,74,140,74,176,183,176,183,176,183,176,183,176,183,140,74] [ENTROPIES...: 5.8,4.6,5.8,4.6,5.8,4.6,5.8,4.6,5.8,4.7,5.9,4.6,5.8,4.7,5.8,4.6,5.8,4.6,5.8,4.7,6.5,6.5,6.4,6.6,6.5,6.6,6.5,6.5,6.5,6.6,5.8,4.7] update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...2.36.234.133][47301] -> [..209.206.59.34][.7351] [MerakiCloud][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mgcp.pcap.out b/test/results/flow-info/default/mgcp.pcap.out index 3ff9607b9..fe22ddd8f 100644 --- a/test/results/flow-info/default/mgcp.pcap.out +++ b/test/results/flow-info/default/mgcp.pcap.out @@ -5,35 +5,29 @@ detected: [.....1] [ip4][..udp] [...172.16.1.116][.2427] -> [...172.16.1.119][.2427] [MGCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...172.16.1.116][.2427] -> [...172.16.1.119][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 8 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....2] [ip4][..udp] [...10.10.228.72][.2427] -> [....10.10.244.2][.2427] detected: [.....2] [ip4][..udp] [...10.10.228.72][.2427] -> [....10.10.244.2][.2427] [MGCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...172.16.1.116][.2427] -> [...172.16.1.119][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 20 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....3] [ip4][..udp] [..187.43.37.188][40798] -> [.196.167.59.124][.2427] detected: [.....3] [ip4][..udp] [..187.43.37.188][40798] -> [.196.167.59.124][.2427] [MGCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...10.10.228.72][.2427] -> [....10.10.244.2][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 21 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....4] [ip4][..udp] [.67.232.180.250][38238] -> [186.112.128.179][.2427] detected: [.....4] [ip4][..udp] [.67.232.180.250][38238] -> [186.112.128.179][.2427] [MGCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..187.43.37.188][40798] -> [.196.167.59.124][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 22 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....5] [ip4][..udp] [.92.173.166.213][51954] -> [..83.250.239.33][.2427] detected: [.....5] [ip4][..udp] [.92.173.166.213][51954] -> [..83.250.239.33][.2427] [MGCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.92.173.166.213][51954] -> [..83.250.239.33][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.67.232.180.250][38238] -> [186.112.128.179][.2427] [MGCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/modbus.pcap.out b/test/results/flow-info/default/modbus.pcap.out index 66fee0c39..25896ebe4 100644 --- a/test/results/flow-info/default/modbus.pcap.out +++ b/test/results/flow-info/default/modbus.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51,52,51] [ENTROPIES...: 4.5,4.7,4.4,4.9,4.4,4.6,4.4,4.9,4.6,4.7,4.6,4.8,4.6,4.7,4.6,4.9,4.6,4.8,4.6,4.9,4.6,4.7,4.6,4.9,4.6,4.8,4.6,4.9,4.6,4.8,4.6,4.9] idle: [.....1] [ip4][..tcp] [192.168.110.131][.2074] -> [192.168.110.138][..502] [Modbus][Unknown][IoT-Scada][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mpeg-dash.pcap.out b/test/results/flow-info/default/mpeg-dash.pcap.out index 5db0ae278..cf8365d4f 100644 --- a/test/results/flow-info/default/mpeg-dash.pcap.out +++ b/test/results/flow-info/default/mpeg-dash.pcap.out @@ -10,12 +10,15 @@ new: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] [HTTP.MpegDash][AmazonAWS][Media][Fun][] RISK: HTTP Susp User-Agent, Unidirectional Traffic + detection-update: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] [HTTP.MpegDash][AmazonAWS][Media][Fun][] + RISK: HTTP Susp User-Agent detection-update: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] [HTTP.MpegDash][AmazonAWS][Media][Fun][livesim.dashif.org] new: [.....4] [ip4][..tcp] [..192.168.2.105][59146] -> [..54.161.101.85][...80] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [..192.168.2.105][59146] -> [..54.161.101.85][...80] [HTTP.MpegDash][AmazonAWS][Media][Fun][livesim.dashif.org] RISK: Unidirectional Traffic - idle: [.....2] [ip4][..tcp] [..192.168.2.105][59142] -> [..54.161.101.85][...80] - idle: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] - idle: [.....4] [ip4][..tcp] [..192.168.2.105][59146] -> [..54.161.101.85][...80] + idle: [.....2] [ip4][..tcp] [..192.168.2.105][59142] -> [..54.161.101.85][...80] [HTTP.MpegDash][AmazonAWS][Media][Fun] + idle: [.....3] [ip4][..tcp] [..54.161.101.85][...80] -> [..192.168.2.105][59144] [HTTP.MpegDash][AmazonAWS][Media][Fun] + idle: [.....4] [ip4][..tcp] [..192.168.2.105][59146] -> [..54.161.101.85][...80] [HTTP.MpegDash][AmazonAWS][Media][Fun] + RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.....10.84.1.81][60926] -> [.166.248.152.10][...80] [HTTP.MpegDash][Unknown][Media][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mqtt.pcap.out b/test/results/flow-info/default/mqtt.pcap.out index ae31b0116..881c30c3f 100644 --- a/test/results/flow-info/default/mqtt.pcap.out +++ b/test/results/flow-info/default/mqtt.pcap.out @@ -7,6 +7,5 @@ detected: [.....2] [ip4][..tcp] [..100.67.35.238][35035] -> [..51.137.28.239][.1883] [MQTT][Azure][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..100.67.35.238][35035] -> [..51.137.28.239][.1883] [MQTT][Azure][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.....10.10.10.1][.1883] -> [....192.168.0.1][41892] [MQTT][Unknown][RPC][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/mssql_tds.pcap.out b/test/results/flow-info/default/mssql_tds.pcap.out index 10735e26d..a0381de4d 100644 --- a/test/results/flow-info/default/mssql_tds.pcap.out +++ b/test/results/flow-info/default/mssql_tds.pcap.out @@ -19,7 +19,6 @@ detected: [.....5] [ip4][..tcp] [.10.111.111.111][.5555] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.10.111.111.111][.1111] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic new: [.....6] [ip4][..tcp] [.10.111.111.111][.6666] -> [.......10.0.0.1][.1433] [MIDSTREAM] new: [.....7] [ip4][..tcp] [.10.111.111.111][.7777] -> [.......10.0.0.1][.1433] [MIDSTREAM] detected: [.....7] [ip4][..tcp] [.10.111.111.111][.7777] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] @@ -42,26 +41,16 @@ detected: [....12] [ip4][..tcp] [.10.111.111.111][33333] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [....10] [ip4][..tcp] [.10.111.111.111][11111] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [.10.111.111.111][.3333] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..tcp] [.10.111.111.111][.5555] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..tcp] [.10.111.111.111][.7777] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..tcp] [.10.111.111.111][22222] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..tcp] [.10.111.111.111][.9999] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.10.111.111.111][.2222] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [.10.111.111.111][.4444] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic guessed: [.....6] [ip4][..tcp] [.10.111.111.111][.6666] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] RISK: Unidirectional Traffic idle: [.....6] [ip4][..tcp] [.10.111.111.111][.6666] -> [.......10.0.0.1][.1433] idle: [....12] [ip4][..tcp] [.10.111.111.111][33333] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..tcp] [.10.111.111.111][.8888] -> [.......10.0.0.1][.1433] [MsSQL-TDS][Unknown][Database][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/natpmp.pcap.out b/test/results/flow-info/default/natpmp.pcap.out index f27ee616d..20ade2bf9 100644 --- a/test/results/flow-info/default/natpmp.pcap.out +++ b/test/results/flow-info/default/natpmp.pcap.out @@ -11,14 +11,17 @@ new: [.....2] [ip4][..udp] [..192.168.2.100][36845] -> [....192.168.2.1][.5351] detected: [.....2] [ip4][..udp] [..192.168.2.100][36845] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..udp] [..192.168.1.128][36852] -> [..192.168.1.254][.5351] + idle: [.....1] [ip4][..udp] [..192.168.1.128][36852] -> [..192.168.1.254][.5351] [NAT-PMP][Unknown][Network][Acceptable] new: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] detected: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] detected: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] - idle: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] - idle: [.....2] [ip4][..udp] [..192.168.2.100][36845] -> [....192.168.2.1][.5351] + idle: [.....3] [ip4][..udp] [..192.168.2.100][59817] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [.....4] [ip4][..udp] [..192.168.2.100][35763] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..udp] [..192.168.2.100][36845] -> [....192.168.2.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out b/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out index 21e90f0ca..080276827 100644 --- a/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out +++ b/test/results/flow-info/default/ndpi_match_string_subprotocol__error.pcapng.out @@ -4,8 +4,10 @@ new: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] detected: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable][10.68.137.118] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable][10.68.137.118] + RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI DAEMON-EVENT: [Processed: 7 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] end: [.....1] [ip4][..tcp] [......10.3.9.19][40632] -> [..10.68.137.118][.8091] [HTTP.SOAP][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/netbios.pcap.out b/test/results/flow-info/default/netbios.pcap.out index 1f42ab2e7..c0b52b89b 100644 --- a/test/results/flow-info/default/netbios.pcap.out +++ b/test/results/flow-info/default/netbios.pcap.out @@ -62,14 +62,11 @@ update: [.....3] [ip4][..udp] [.......10.0.5.9][..138] -> [.....10.0.5.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [.....8] [ip4][..udp] [......10.0.4.24][..137] -> [.....10.0.4.165][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.....10.0.4.165][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [.....2] [ip4][..udp] [.....10.0.5.233][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....11] [ip4][..udp] [.......10.0.5.1][..137] -> [......10.0.4.24][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [......10.0.4.14][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....13] [ip4][..udp] [.....10.0.5.233][..137] -> [......10.0.4.24][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [......10.0.4.24][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [.....9] [ip4][..udp] [......10.0.4.66][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [.....6] [ip4][..udp] [.....10.0.4.101][..137] -> [.....10.0.5.255][..137] [NetBIOS][Unknown][System][Acceptable] @@ -79,9 +76,7 @@ idle: [.....3] [ip4][..udp] [.......10.0.5.9][..138] -> [.....10.0.5.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [.....5] [ip4][..udp] [......10.0.1.87][57836] -> [......10.0.4.24][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [......10.0.1.87][57921] -> [......10.0.4.24][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic guessed: [.....4] [ip4][..tcp] [......10.0.4.24][..139] -> [.....10.0.4.131][.1398] [NetBIOS][Unknown][System][Acceptable][] idle: [.....4] [ip4][..tcp] [......10.0.4.24][..139] -> [.....10.0.4.131][.1398] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/netbios_wildcard_dns_query.pcap.out b/test/results/flow-info/default/netbios_wildcard_dns_query.pcap.out index 49b2ef239..f712f1ae5 100644 --- a/test/results/flow-info/default/netbios_wildcard_dns_query.pcap.out +++ b/test/results/flow-info/default/netbios_wildcard_dns_query.pcap.out @@ -4,5 +4,6 @@ new: [.....1] [ip4][..udp] [....10.1.67.250][41335] -> [.....10.1.66.20][...53] detected: [.....1] [ip4][..udp] [....10.1.67.250][41335] -> [.....10.1.66.20][...53] [DNS][Unknown][Network][Acceptable][ckaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..udp] [....10.1.67.250][41335] -> [.....10.1.66.20][...53] + idle: [.....1] [ip4][..udp] [....10.1.67.250][41335] -> [.....10.1.66.20][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/netflix.pcap.out b/test/results/flow-info/default/netflix.pcap.out index 07c064aa2..479c31e5c 100644 --- a/test/results/flow-info/default/netflix.pcap.out +++ b/test/results/flow-info/default/netflix.pcap.out @@ -81,7 +81,7 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [....16] [ip4][..tcp] [....192.168.1.7][53134] -> [...52.89.39.139][..443] [TLS.NetFlix][AmazonAWS][Video][Fun][api-global.netflix.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [....15] [ip4][..tcp] [....192.168.1.7][53133] -> [...52.89.39.139][..443] + analyse: [....15] [ip4][..tcp] [....192.168.1.7][53133] -> [...52.89.39.139][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.350| 0.041| 0.077| 5966.970| 3.500] [PKTLEN......: 52.000| 1500.000| 530.200| 630.500| 397553.600| 4.000] @@ -101,7 +101,7 @@ detected: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Unknown][Video][Fun][art-s.nflximg.net] detection-update: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Unknown][Video][Fun][art-s.nflximg.net] detection-update: [....18] [ip4][..tcp] [....192.168.1.7][53141] -> [..104.86.97.179][..443] [TLS.NetFlix][Unknown][Video][Fun][art-s.nflximg.net] - analyse: [....14] [ip4][..tcp] [....192.168.1.7][53132] -> [...52.89.39.139][..443] + analyse: [....14] [ip4][..tcp] [....192.168.1.7][53132] -> [...52.89.39.139][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.508| 0.502| 1.826| 3335198.867| 1.400] [PKTLEN......: 52.000| 1500.000| 358.800| 520.700| 271128.800| 3.800] @@ -370,7 +370,7 @@ [IATS(ms)....: 43.9,45.8,13.4,88.6,4.9,81.9,1250.8,92.5,118.4,0.7,544.2,69.2,495.5,501.7,62.9,1143.9,28.6,39.1,4432.0,83.0,87.8,169.9,586.4,795.5,292.9,509.0,501.2,1203.5,55.9,83.0,70.7] [PKTLENS.....: 64,60,52,410,569,1500,52,80,80,72,72,72,72,72,64,64,64,64,64,1500,52,1500,64,52,1500,64,52,52,1500,1500,52,1500] [ENTROPIES...: 4.6,5.2,5.0,6.4,5.8,4.5,5.1,5.3,5.3,5.4,5.4,5.3,5.4,5.3,5.3,5.1,5.3,5.3,5.2,4.3,5.0,4.3,5.2,5.2,4.4,5.2,5.2,5.2,4.3,4.3,5.2,4.4] - analyse: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443] + analyse: [.....9] [ip4][..tcp] [....192.168.1.7][53118] -> [..54.69.204.241][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 30.086| 1.958| 7.380| 54461959.504| 1.100] [PKTLEN......: 52.000| 1500.000| 380.000| 556.900| 310128.200| 3.800] @@ -398,7 +398,7 @@ RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI detection-update: [....48] [ip4][..udp] [....192.168.1.7][60962] -> [....192.168.1.1][...53] [DNS.NetFlix][Unknown][Network][Fun][ichnaea.geo.netflix.com] new: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] - analyse: [....11] [ip4][..tcp] [....192.168.1.7][53119] -> [..54.69.204.241][..443] + analyse: [....11] [ip4][..tcp] [....192.168.1.7][53119] -> [..54.69.204.241][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 30.431| 1.003| 5.373| 28867930.620| 0.200] [PKTLEN......: 52.000| 1500.000| 379.500| 557.000| 310204.400| 3.800] @@ -424,7 +424,7 @@ detection-update: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun][ios.nccp.netflix.com] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] [TLS.NetFlix][AmazonAWS][Video][Fun][ichnaea.netflix.com] - analyse: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] + analyse: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.282| 0.053| 0.058| 3383.537| 4.200] [PKTLEN......: 52.000| 1500.000| 552.500| 629.700| 396553.700| 4.000] @@ -436,7 +436,7 @@ [ENTROPIES...: 4.6,5.4,5.2,4.4,5.2,7.2,7.7,5.2,6.5,6.0,5.1,7.8,6.2,5.2,7.9,7.9,7.9,7.9,5.1,7.9,7.4,5.2,5.2,7.8,5.2,7.9,7.9,5.2,6.2,5.2,5.8,5.1] detection-update: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun][ios.nccp.netflix.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] + analyse: [....49] [ip4][..tcp] [....192.168.1.7][53203] -> [...52.37.36.252][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.333| 0.059| 0.083| 6944.879| 3.800] [PKTLEN......: 52.000| 1500.000| 746.100| 703.800| 495333.000| 4.200] @@ -532,7 +532,7 @@ new: [....61] [ip4][..tcp] [....192.168.1.7][53252] -> [..184.25.204.10][...80] detected: [....60] [ip4][..tcp] [....192.168.1.7][53251] -> [..184.25.204.10][...80] [HTTP.NetFlix][Unknown][Video][Fun][art-1.nflximg.net] detected: [....61] [ip4][..tcp] [....192.168.1.7][53252] -> [..184.25.204.10][...80] [HTTP.NetFlix][Unknown][Video][Fun][art-1.nflximg.net] - analyse: [....55] [ip4][..tcp] [....192.168.1.7][53239] -> [.....52.41.30.5][..443] + analyse: [....55] [ip4][..tcp] [....192.168.1.7][53239] -> [.....52.41.30.5][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.501| 0.064| 0.122| 14766.799| 3.300] [PKTLEN......: 52.000| 1500.000| 442.800| 552.300| 305076.800| 4.000] @@ -567,18 +567,21 @@ idle: [....12] [ip4][....2] [....192.168.1.7] -> [239.255.255.250] [IGMP][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [....192.168.1.7][57093] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....19] [ip4][..udp] [....192.168.1.7][59180] -> [....192.168.1.1][...53] [DNS.NetFlix][Unknown][Network][Fun] - end: [.....5] [ip4][..tcp] [....192.168.1.7][53114] -> [...54.191.17.51][..443] - end: [....29] [ip4][..tcp] [....192.168.1.7][53162] -> [...54.191.17.51][..443] + end: [.....5] [ip4][..tcp] [....192.168.1.7][53114] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + RISK: TLS (probably) Not Carrying HTTPS + end: [....29] [ip4][..tcp] [....192.168.1.7][53162] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + RISK: TLS (probably) Not Carrying HTTPS guessed: [.....1] [ip4][..tcp] [....192.168.1.7][52929] -> [.....52.24.87.6][..443] [TLS][AmazonAWS][Web][Safe] RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [....192.168.1.7][52929] -> [.....52.24.87.6][..443] - idle: [....46] [ip4][..tcp] [....192.168.1.7][53193] -> [...54.191.17.51][..443] + idle: [....46] [ip4][..tcp] [....192.168.1.7][53193] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + RISK: TLS (probably) Not Carrying HTTPS end: [....47] [ip4][..tcp] [....192.168.1.7][53202] -> [...54.191.17.51][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] RISK: TLS (probably) Not Carrying HTTPS end: [....25] [ip4][..tcp] [....192.168.1.7][53152] -> [...52.89.39.139][...80] [HTTP.NetFlix][AmazonAWS][Video][Fun] end: [....24] [ip4][..tcp] [....192.168.1.7][53151] -> [.54.201.191.132][...80] [HTTP.NetFlix][AmazonAWS][Video][Fun] - end: [.....6] [ip4][..tcp] [....192.168.1.7][53115] -> [...52.32.196.36][..443] - idle: [.....7] [ip4][..tcp] [....192.168.1.7][53116] -> [...52.32.196.36][..443] + end: [.....6] [ip4][..tcp] [....192.168.1.7][53115] -> [...52.32.196.36][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + idle: [.....7] [ip4][..tcp] [....192.168.1.7][53116] -> [...52.32.196.36][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] end: [.....8] [ip4][..tcp] [....192.168.1.7][53117] -> [...52.32.196.36][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] RISK: TLS (probably) Not Carrying HTTPS idle: [....10] [ip4][..udp] [....192.168.1.7][53776] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] @@ -587,8 +590,10 @@ end: [....22] [ip4][..tcp] [....192.168.1.7][53150] -> [..184.25.204.25][...80] [HTTP.NetFlix][Unknown][Video][Fun] idle: [....28] [ip4][..tcp] [....192.168.1.7][53153] -> [..184.25.204.24][...80] [HTTP.NetFlix][Unknown][Video][Fun] RISK: HTTP Susp Content - end: [....53] [ip4][..tcp] [....192.168.1.7][53238] -> [...52.32.22.214][..443] - idle: [....56] [ip4][..tcp] [....192.168.1.7][53248] -> [...52.32.22.214][..443] + end: [....53] [ip4][..tcp] [....192.168.1.7][53238] -> [...52.32.22.214][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....56] [ip4][..tcp] [....192.168.1.7][53248] -> [...52.32.22.214][..443] [TLS.NetFlix][AmazonAWS][Video][Fun] + RISK: TLS (probably) Not Carrying HTTPS idle: [....60] [ip4][..tcp] [....192.168.1.7][53251] -> [..184.25.204.10][...80] [HTTP.NetFlix][Unknown][Video][Fun] idle: [....61] [ip4][..tcp] [....192.168.1.7][53252] -> [..184.25.204.10][...80] [HTTP.NetFlix][Unknown][Video][Fun] idle: [.....2] [ip4][..udp] [....192.168.1.7][51543] -> [....192.168.1.1][...53] [DNS.NetFlix][Unknown][Network][Fun] diff --git a/test/results/flow-info/default/nfsv2.pcap.out b/test/results/flow-info/default/nfsv2.pcap.out index a4085e268..a26e6eddd 100644 --- a/test/results/flow-info/default/nfsv2.pcap.out +++ b/test/results/flow-info/default/nfsv2.pcap.out @@ -33,17 +33,15 @@ detected: [.....7] [ip4][..udp] [....139.25.22.2][..686] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....4] [ip4][..udp] [....139.25.22.2][.3292] -> [..139.25.22.102][.2049] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....139.25.22.2][.3289] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [....139.25.22.2][.3291] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....6] [ip4][..udp] [....139.25.22.2][.3293] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....2] [ip4][..udp] [....139.25.22.2][..671] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..udp] [....139.25.22.2][..686] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip4][..udp] [....139.25.22.2][.1023] -> [..139.25.22.102][.2049] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/nfsv3.pcap.out b/test/results/flow-info/default/nfsv3.pcap.out index d0ddb664f..b6c774dfa 100644 --- a/test/results/flow-info/default/nfsv3.pcap.out +++ b/test/results/flow-info/default/nfsv3.pcap.out @@ -36,19 +36,17 @@ detected: [.....8] [ip4][..udp] [....139.25.22.2][..722] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....5] [ip4][..udp] [....139.25.22.2][.3298] -> [..139.25.22.102][.2049] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....139.25.22.2][.3295] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....4] [ip4][..udp] [....139.25.22.2][.3297] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....7] [ip4][..udp] [....139.25.22.2][.3299] -> [..139.25.22.102][..111] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [....139.25.22.2][..706] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..udp] [....139.25.22.2][..722] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....2] [ip4][..udp] [....139.25.22.2][.3296] -> [..139.25.22.102][.1048] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....6] [ip4][..udp] [....139.25.22.2][.1022] -> [..139.25.22.102][.2049] [NFS][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/nintendo.pcap.out b/test/results/flow-info/default/nintendo.pcap.out index dd69a0fd7..28d507376 100644 --- a/test/results/flow-info/default/nintendo.pcap.out +++ b/test/results/flow-info/default/nintendo.pcap.out @@ -13,6 +13,7 @@ new: [.....4] [ip4][..tcp] [..54.187.10.185][..443] -> [.192.168.12.114][48328] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [..54.187.10.185][..443] -> [.192.168.12.114][48328] [TLS][AmazonAWS][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..tcp] [..54.187.10.185][..443] -> [.192.168.12.114][48328] [TLS][AmazonAWS][Web][Safe] new: [.....5] [ip4][..udp] [.192.168.12.114][52119] -> [...35.158.74.61][33335] detected: [.....5] [ip4][..udp] [.192.168.12.114][52119] -> [...35.158.74.61][33335] [Nintendo][AmazonAWS][Game][Fun] RISK: Unidirectional Traffic @@ -123,7 +124,6 @@ idle: [.....9] [ip4][..tcp] [.192.168.12.114][11534] -> [..54.146.242.74][..443] idle: [.....4] [ip4][..tcp] [..54.187.10.185][..443] -> [.192.168.12.114][48328] [TLS][AmazonAWS][Web][Safe] idle: [....20] [ip4][..udp] [.192.168.12.114][55915] -> [..81.61.158.138][51769] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.192.168.12.114][18874] -> [...192.168.12.1][...53] [DNS.Nintendo][Unknown][Network][Fun] guessed: [....10] [ip4][..udp] [.192.168.12.114][55915] -> [...35.158.74.61][33334] [AmazonAWS][AmazonAWS][Cloud][Acceptable] RISK: Unidirectional Traffic @@ -135,24 +135,18 @@ RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [.192.168.12.114][55915] -> [..52.10.205.177][34343] idle: [....19] [ip4][..udp] [.192.168.12.114][55915] -> [.93.237.131.235][56066] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.192.168.12.114][52119] -> [...35.158.74.61][33335] [Nintendo][AmazonAWS][Game][Fun] - RISK: Unidirectional Traffic guessed: [.....6] [ip4][..udp] [.192.168.12.114][52119] -> [..52.10.205.177][34343] [AmazonAWS][AmazonAWS][Cloud][Acceptable] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.192.168.12.114][52119] -> [..52.10.205.177][34343] - end: [.....8] [ip4][..tcp] [.192.168.12.114][41517] -> [..54.192.27.217][..443] - end: [....16] [ip4][..tcp] [.192.168.12.114][31329] -> [....54.192.27.8][..443] + end: [.....8] [ip4][..tcp] [.192.168.12.114][41517] -> [..54.192.27.217][..443] [TLS.Nintendo][AmazonAWS][Game][Fun] + RISK: TLS (probably) Not Carrying HTTPS + end: [....16] [ip4][..tcp] [.192.168.12.114][31329] -> [....54.192.27.8][..443] [TLS.Nintendo][AmazonAWS][Game][Fun] + RISK: TLS (probably) Not Carrying HTTPS idle: [....17] [ip4][..udp] [.192.168.12.114][55915] -> [.185.118.169.65][27520] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.192.168.12.114][52119] -> [....91.8.243.35][49432] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.192.168.12.114][52119] -> [..109.21.255.11][50251] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.192.168.12.114][52119] -> [...134.3.248.25][56955] [Nintendo][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....21] [ip4][.icmp] [...151.6.184.98] -> [.192.168.12.114] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....18] [ip4][.icmp] [..151.6.184.100] -> [.192.168.12.114] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/no_sni.pcap.out b/test/results/flow-info/default/no_sni.pcap.out index 8a40dd4f7..70c67ab16 100644 --- a/test/results/flow-info/default/no_sni.pcap.out +++ b/test/results/flow-info/default/no_sni.pcap.out @@ -5,6 +5,7 @@ detected: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] RISK: Unidirectional Traffic new: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] + detection-update: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] detected: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable][mozilla.cloudflare-dns.com] detection-update: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable][mozilla.cloudflare-dns.com] new: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] @@ -56,9 +57,9 @@ [PKTLENS.....: 64,52,40,752,46,1500,1371,40,104,210,366,115,115,1371,52,46,552,40,71,46,71,40,567,71,40,40,354,40,71,40,354,40] [ENTROPIES...: 4.5,4.9,4.5,7.3,4.5,7.9,7.8,4.7,5.9,7.0,7.4,6.3,6.4,7.8,4.7,4.5,7.6,4.7,5.4,4.5,5.6,4.7,7.6,5.6,4.6,4.6,7.4,4.7,5.6,4.7,7.3,4.7] idle: [.....6] [ip4][..tcp] [..192.168.1.119][51637] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] - end: [.....7] [ip4][..tcp] [..192.168.1.119][51638] -> [..104.22.72.170][..443] - end: [.....8] [ip4][..tcp] [..192.168.1.119][51639] -> [..104.22.72.170][..443] - end: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] + end: [.....7] [ip4][..tcp] [..192.168.1.119][51638] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] + end: [.....8] [ip4][..tcp] [..192.168.1.119][51639] -> [..104.22.72.170][..443] [TLS][Cloudflare][Web][Safe] + end: [.....1] [ip4][..tcp] [..192.168.1.119][51331] -> [.104.16.249.249][..443] [TLS][Cloudflare][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.119][51606] -> [.104.16.249.249][..443] [TLS.DoH_DoT][Cloudflare][Network][Acceptable] idle: [.....3] [ip4][..tcp] [..192.168.1.119][51612] -> [..104.16.124.96][..443] [TLS][Cloudflare][Web][Safe] idle: [.....4] [ip4][..tcp] [..192.168.1.119][51635] -> [..104.17.198.37][..443] [TLS][Cloudflare][Web][Safe] diff --git a/test/results/flow-info/default/ocs.pcap.out b/test/results/flow-info/default/ocs.pcap.out index 1175f9032..f60fddee8 100644 --- a/test/results/flow-info/default/ocs.pcap.out +++ b/test/results/flow-info/default/ocs.pcap.out @@ -61,12 +61,18 @@ new: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] detected: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] [TLS][Google][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - update: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] - update: [.....3] [ip4][..udp] [..192.168.180.2][40097] -> [........8.8.8.8][...53] - update: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] - update: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] - update: [.....2] [ip4][..udp] [..192.168.180.2][38472] -> [........8.8.8.8][...53] - update: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] + update: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun] + RISK: Unidirectional Traffic + update: [.....3] [ip4][..udp] [..192.168.180.2][40097] -> [........8.8.8.8][...53] [DNS.Crashlytics][Google][Network][Acceptable] + RISK: Unidirectional Traffic + update: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] + RISK: Unidirectional Traffic + update: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] + RISK: Unidirectional Traffic + update: [.....2] [ip4][..udp] [..192.168.180.2][38472] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun] + RISK: Unidirectional Traffic + update: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] [DNS.PlayStore][Google][Network][Safe] + RISK: Unidirectional Traffic new: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] detected: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun][www.ocs.fr] RISK: Unidirectional Traffic @@ -83,10 +89,12 @@ [IATS(ms)....: 71.4,1.5,54.8,1.1,3.6,59.9,0.6,0.1,5.3,64.8,1.7,1.5,79.5,5.5,58.4,1.8,64.6,2.0,67.5,26.5,42.9,26.0,65.4,1.0,48.6,1.3,2.0,1.3,75.5,1.4,4.8] [PKTLENS.....: 60,52,204,52,52,52,52,52,64,64,64,64,72,64,64,72,72,72,64,64,64,52,52,52,52,52,52,52,52,52,64,72] [ENTROPIES...: 4.6,5.0,5.9,5.2,5.1,5.2,5.2,5.2,5.2,5.2,5.2,5.2,5.3,5.2,5.3,5.3,5.4,5.3,5.3,5.3,5.3,5.2,5.2,5.2,5.1,5.2,5.2,5.1,5.2,5.2,5.3,5.3] - update: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] + update: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] [DNS.GoogleServices][Google][Network][Acceptable] + RISK: Unidirectional Traffic idle: [....20] [ip4][..tcp] [..192.168.180.2][42590] -> [178.248.208.210][...80] [HTTP.OCS][OCS][Media][Fun] RISK: HTTP Susp User-Agent, Unidirectional Traffic - end: [.....8] [ip4][..tcp] [..192.168.180.2][44959] -> [137.135.129.206][...80] + end: [.....8] [ip4][..tcp] [..192.168.180.2][44959] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic guessed: [....12] [ip4][..tcp] [..192.168.180.2][46166] -> [.137.135.131.52][.5122] [Azure][Azure][Cloud][Acceptable] RISK: Unidirectional Traffic idle: [....12] [ip4][..tcp] [..192.168.180.2][46166] -> [.137.135.131.52][.5122] @@ -95,24 +103,34 @@ idle: [.....1] [ip4][..tcp] [..192.168.180.2][47699] -> [.64.233.184.188][.5228] end: [.....6] [ip4][..tcp] [..192.168.180.2][39263] -> [..23.21.230.199][..443] [TLS.Crashlytics][AmazonAWS][DataTransfer][Acceptable] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - end: [.....7] [ip4][..tcp] [..192.168.180.2][53356] -> [137.135.129.206][...80] + end: [.....7] [ip4][..tcp] [..192.168.180.2][53356] -> [137.135.129.206][...80] [HTTP][Azure][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic idle: [....15] [ip4][..tcp] [..192.168.180.2][36680] -> [.178.248.208.54][..443] [TLS.OCS][OCS][Media][Fun] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - idle: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] + idle: [....14] [ip4][..udp] [..192.168.180.2][.2589] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun] + RISK: Unidirectional Traffic idle: [....16] [ip4][..tcp] [..192.168.180.2][32946] -> [.64.233.184.188][..443] [TLS.GoogleServices][Google][Web][Acceptable] RISK: TLS (probably) Not Carrying HTTPS, Unidirectional Traffic end: [....13] [ip4][..tcp] [..192.168.180.2][49881] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun] RISK: Unidirectional Traffic - idle: [.....3] [ip4][..udp] [..192.168.180.2][40097] -> [........8.8.8.8][...53] - idle: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] - idle: [.....5] [ip4][..tcp] [..192.168.180.2][48250] -> [.178.248.208.54][...80] + idle: [.....3] [ip4][..udp] [..192.168.180.2][40097] -> [........8.8.8.8][...53] [DNS.Crashlytics][Google][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [.....4] [ip4][..udp] [..192.168.180.2][.1291] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [.....5] [ip4][..tcp] [..192.168.180.2][48250] -> [.178.248.208.54][...80] [HTTP.OCS][OCS][Media][Fun] + RISK: Unidirectional Traffic end: [....10] [ip4][..tcp] [..192.168.180.2][41223] -> [..216.58.208.46][..443] [TLS][Google][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic idle: [....18] [ip4][..tcp] [..192.168.180.2][47803] -> [..64.233.166.95][..443] [TLS][Google][Web][Safe] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - idle: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] - idle: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] - idle: [.....2] [ip4][..udp] [..192.168.180.2][38472] -> [........8.8.8.8][...53] - idle: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] - idle: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] + idle: [....17] [ip4][..udp] [..192.168.180.2][11793] -> [........8.8.8.8][...53] [DNS.GoogleServices][Google][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....11] [ip4][..udp] [..192.168.180.2][.3621] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..udp] [..192.168.180.2][38472] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun] + RISK: Unidirectional Traffic + idle: [.....9] [ip4][..udp] [..192.168.180.2][48770] -> [........8.8.8.8][...53] [DNS.PlayStore][Google][Network][Safe] + RISK: Unidirectional Traffic + idle: [....19] [ip4][..udp] [..192.168.180.2][24245] -> [........8.8.8.8][...53] [DNS.OCS][Google][Network][Fun] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/oicq.pcap.out b/test/results/flow-info/default/oicq.pcap.out index 9978ac6e5..1f7a668d7 100644 --- a/test/results/flow-info/default/oicq.pcap.out +++ b/test/results/flow-info/default/oicq.pcap.out @@ -8,196 +8,153 @@ detected: [.....2] [ip4][..udp] [..90.147.69.210][51884] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..90.147.69.210][60213] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..90.147.69.210][52991] -> [....58.60.10.45][.8000] detected: [.....3] [ip4][..udp] [..90.147.69.210][52991] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..90.147.69.210][51884] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..udp] [..90.147.69.210][60288] -> [....58.60.10.45][.8000] detected: [.....4] [ip4][..udp] [..90.147.69.210][60288] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..90.147.69.210][52991] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [..90.147.69.210][56476] -> [....58.60.10.45][.8000] detected: [.....5] [ip4][..udp] [..90.147.69.210][56476] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..90.147.69.210][60288] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..udp] [..90.147.69.210][63120] -> [....58.60.10.45][.8000] detected: [.....6] [ip4][..udp] [..90.147.69.210][63120] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..90.147.69.210][56476] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..udp] [..90.147.69.210][65276] -> [....58.60.10.45][.8000] detected: [.....7] [ip4][..udp] [..90.147.69.210][65276] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..90.147.69.210][63120] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [..90.147.69.210][64916] -> [....58.60.10.45][.8000] detected: [.....8] [ip4][..udp] [..90.147.69.210][64916] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..90.147.69.210][65276] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 8 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..udp] [..90.147.69.210][49340] -> [....58.60.10.45][.8000] detected: [.....9] [ip4][..udp] [..90.147.69.210][49340] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..90.147.69.210][64916] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 9 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....10] [ip4][..udp] [..90.147.69.210][58434] -> [....58.60.10.45][.8000] detected: [....10] [ip4][..udp] [..90.147.69.210][58434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..90.147.69.210][49340] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....11] [ip4][..udp] [..90.147.69.210][55338] -> [....58.60.10.45][.8000] detected: [....11] [ip4][..udp] [..90.147.69.210][55338] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..90.147.69.210][58434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....12] [ip4][..udp] [..90.147.69.210][54233] -> [....58.60.10.45][.8000] detected: [....12] [ip4][..udp] [..90.147.69.210][54233] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..90.147.69.210][55338] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 12 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....13] [ip4][..udp] [..90.147.69.210][55774] -> [....58.60.10.45][.8000] detected: [....13] [ip4][..udp] [..90.147.69.210][55774] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..90.147.69.210][54233] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....14] [ip4][..udp] [..90.147.69.210][52663] -> [....58.60.10.45][.8000] detected: [....14] [ip4][..udp] [..90.147.69.210][52663] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..90.147.69.210][55774] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 14 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 14|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....15] [ip4][..udp] [..90.147.69.210][58797] -> [....58.60.10.45][.8000] detected: [....15] [ip4][..udp] [..90.147.69.210][58797] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..90.147.69.210][52663] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....16] [ip4][..udp] [..90.147.69.210][50315] -> [....58.60.10.45][.8000] detected: [....16] [ip4][..udp] [..90.147.69.210][50315] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [..90.147.69.210][58797] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [..90.147.69.210][65163] -> [....58.60.10.45][.8000] detected: [....17] [ip4][..udp] [..90.147.69.210][65163] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..90.147.69.210][50315] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....18] [ip4][..udp] [..90.147.69.210][59802] -> [....58.60.10.45][.8000] detected: [....18] [ip4][..udp] [..90.147.69.210][59802] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [..90.147.69.210][65163] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....19] [ip4][..udp] [..90.147.69.210][60434] -> [....58.60.10.45][.8000] detected: [....19] [ip4][..udp] [..90.147.69.210][60434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [..90.147.69.210][59802] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 19|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....20] [ip4][..udp] [..90.147.69.210][60436] -> [....58.60.10.45][.8000] detected: [....20] [ip4][..udp] [..90.147.69.210][60436] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..90.147.69.210][60434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....21] [ip4][..udp] [..90.147.69.210][57677] -> [....58.60.10.45][.8000] detected: [....21] [ip4][..udp] [..90.147.69.210][57677] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [..90.147.69.210][60434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [..90.147.69.210][60436] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....22] [ip4][..udp] [..90.147.69.210][61686] -> [....58.60.10.45][.8000] detected: [....22] [ip4][..udp] [..90.147.69.210][61686] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..90.147.69.210][60434] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..90.147.69.210][57677] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [..90.147.69.210][60436] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....23] [ip4][..udp] [..90.147.69.210][54462] -> [....58.60.10.45][.8000] detected: [....23] [ip4][..udp] [..90.147.69.210][54462] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [..90.147.69.210][60436] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..90.147.69.210][57677] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [..90.147.69.210][61686] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [..90.147.69.210][64415] -> [....58.60.10.45][.8000] detected: [....24] [ip4][..udp] [..90.147.69.210][64415] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..90.147.69.210][57677] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [..90.147.69.210][61686] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....23] [ip4][..udp] [..90.147.69.210][54462] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....25] [ip4][..udp] [..90.147.69.210][57872] -> [....58.60.10.45][.8000] detected: [....25] [ip4][..udp] [..90.147.69.210][57872] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [..90.147.69.210][54462] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [..90.147.69.210][64415] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....26] [ip4][..udp] [..90.147.69.210][59394] -> [....58.60.10.45][.8000] detected: [....26] [ip4][..udp] [..90.147.69.210][59394] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [..90.147.69.210][64415] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [..90.147.69.210][57872] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....27] [ip4][..udp] [..90.147.69.210][49199] -> [....58.60.10.45][.8000] detected: [....27] [ip4][..udp] [..90.147.69.210][49199] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [..90.147.69.210][57872] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [..90.147.69.210][59394] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 27 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 27|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] new: [....28] [ip4][..udp] [..90.147.69.210][61163] -> [....58.60.10.45][.8000] detected: [....28] [ip4][..udp] [..90.147.69.210][61163] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [..90.147.69.210][57872] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [..90.147.69.210][59394] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [..90.147.69.210][49199] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic new: [....29] [ip4][..udp] [..90.147.69.210][64420] -> [....58.60.10.45][.8000] detected: [....29] [ip4][..udp] [..90.147.69.210][64420] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [..90.147.69.210][64420] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [..90.147.69.210][61163] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [..90.147.69.210][59394] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [..90.147.69.210][49199] -> [....58.60.10.45][.8000] [OICQ][Unknown][Chat][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ookla.pcap.out b/test/results/flow-info/default/ookla.pcap.out index fe801e670..deae2b3f6 100644 --- a/test/results/flow-info/default/ookla.pcap.out +++ b/test/results/flow-info/default/ookla.pcap.out @@ -6,13 +6,15 @@ DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..tcp] [....192.168.1.7][51207] -> [..46.44.253.187][...80] detected: [.....3] [ip4][..tcp] [....192.168.1.7][51207] -> [..46.44.253.187][...80] [HTTP.Ookla][Unknown][Network][Safe][massarosa-1.speedtest.welcomeitalia.it] + detection-update: [.....3] [ip4][..tcp] [....192.168.1.7][51207] -> [..46.44.253.187][...80] [HTTP.Ookla][Unknown][Network][Safe][massarosa-1.speedtest.welcomeitalia.it] + RISK: HTTP Obsolete Server new: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] detected: [.....4] [ip4][..tcp] [....192.168.1.7][51215] -> [..46.44.253.187][.8080] [Ookla][Unknown][Network][Safe] guessed: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] [Ookla][Unknown][Network][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.192][51156] -> [..89.96.108.170][.8080] idle: [.....1] [ip4][..tcp] [..192.168.1.192][37790] -> [185.157.229.246][.8080] [Ookla][Unknown][Network][Safe] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 0] new: [.....5] [ip4][..tcp] [..192.168.1.128][48854] -> [..104.16.209.12][..443] detected: [.....5] [ip4][..tcp] [..192.168.1.128][48854] -> [..104.16.209.12][..443] [TLS.Ookla][Cloudflare][Network][Safe][www.speedtest.net] detection-update: [.....5] [ip4][..tcp] [..192.168.1.128][48854] -> [..104.16.209.12][..443] [TLS.Ookla][Cloudflare][Network][Safe][www.speedtest.net] @@ -25,6 +27,6 @@ detection-update: [.....6] [ip4][..tcp] [..192.168.1.128][35830] -> [..89.96.108.170][.8080] [TLS][Unknown][Web][Safe][spd-pub-mi-01-01.fastwebnet.it] RISK: Known Proto on Non Std Port detection-update: [.....6] [ip4][..tcp] [..192.168.1.128][35830] -> [..89.96.108.170][.8080] [TLS.Ookla][Unknown][Web][Safe][spd-pub-mi-01-01.fastwebnet.it] - idle: [.....5] [ip4][..tcp] [..192.168.1.128][48854] -> [..104.16.209.12][..443] + idle: [.....5] [ip4][..tcp] [..192.168.1.128][48854] -> [..104.16.209.12][..443] [TLS.Ookla][Cloudflare][Network][Safe] idle: [.....6] [ip4][..tcp] [..192.168.1.128][35830] -> [..89.96.108.170][.8080] [TLS.Ookla][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/opera-vpn.pcapng.out b/test/results/flow-info/default/opera-vpn.pcapng.out index c5724d434..926a88d93 100644 --- a/test/results/flow-info/default/opera-vpn.pcapng.out +++ b/test/results/flow-info/default/opera-vpn.pcapng.out @@ -851,5 +851,5 @@ idle: [....59] [ip4][..tcp] [...192.168.1.29][51463] -> [..77.111.247.69][..443] [TLS.OperaVPN][Unknown][VPN][Acceptable] idle: [....60] [ip4][..tcp] [...192.168.1.29][51464] -> [..77.111.247.69][..443] [TLS.OperaVPN][Unknown][VPN][Acceptable] end: [....61] [ip4][..tcp] [...192.168.1.29][51465] -> [..77.111.247.69][..443] [TLS.OperaVPN][Unknown][VPN][Acceptable] - idle: [....62] [ip4][..tcp] [...192.168.1.29][51466] -> [..77.111.247.69][..443] + idle: [....62] [ip4][..tcp] [...192.168.1.29][51466] -> [..77.111.247.69][..443] [TLS.OperaVPN][Unknown][VPN][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/os_detected.pcapng.out b/test/results/flow-info/default/os_detected.pcapng.out index 1325d597b..bc3120ae8 100644 --- a/test/results/flow-info/default/os_detected.pcapng.out +++ b/test/results/flow-info/default/os_detected.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..udp] [..192.168.1.128][39821] -> [........8.8.8.8][..443] [QUIC][Google][Web][Acceptable][] RISK: Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch idle: [.....1] [ip4][..udp] [..192.168.1.128][39821] -> [........8.8.8.8][..443] [QUIC][Google][Web][Acceptable] - RISK: Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch + RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ospfv2_add_new_prefix.pcap.out b/test/results/flow-info/default/ospfv2_add_new_prefix.pcap.out index d52517559..58f4dd9da 100644 --- a/test/results/flow-info/default/ospfv2_add_new_prefix.pcap.out +++ b/test/results/flow-info/default/ospfv2_add_new_prefix.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][...89] [.....10.1.10.10] -> [......10.1.10.1] [OSPF][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][...89] [.....10.1.10.10] -> [......10.1.10.1] [OSPF][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out index 163b6a36a..e2a46a76d 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_1.pcapng.out @@ -40,20 +40,19 @@ RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [......127.0.0.1][..100] -> [......127.0.0.1][..200] [Steam][Unknown][Game][Fun] idle: [.....4] [ip4][..tcp] [..192.168.1.128][....1] -> [121.254.200.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: Unidirectional Traffic, TCP Connection Issues + RISK: TCP Connection Issues idle: [.....6] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.236.254][.1119] [Starcraft][Unknown][Game][Fun] - RISK: Unidirectional Traffic, TCP Connection Issues + RISK: TCP Connection Issues idle: [.....3] [ip4][..tcp] [..192.168.1.128][....1] -> [.12.129.206.130][.1119] [Starcraft][Unknown][Game][Fun] - RISK: Unidirectional Traffic, TCP Connection Issues + RISK: TCP Connection Issues idle: [.....5] [ip4][..tcp] [..192.168.1.128][....1] -> [....202.9.66.76][.1119] [Starcraft][Starcraft][Game][Fun] - RISK: Unidirectional Traffic, TCP Connection Issues + RISK: TCP Connection Issues DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [.....9] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...10] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...10] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic, TCP Connection Issues idle: [.....8] [ip4][..udp] [......127.0.0.1][17788] -> [......127.0.0.1][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic new: [....10] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...11] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..192.168.1.128][....1] -> [........1.2.3.4][...11] [Gnutella][Unknown][Download][Potentially Dangerous] RISK: Unsafe Protocol, Unidirectional Traffic, TCP Connection Issues diff --git a/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out b/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out index 770c67685..f7b87506d 100644 --- a/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out +++ b/test/results/flow-info/default/ossfuzz_seed_fake_traces_3.pcapng.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] detected: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] [MapleStory][Edgecast][Game][Fun] - idle: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] + idle: [.....1] [ip4][..tcp] [.192.168.16.173][60546] -> [..93.184.216.34][...80] [MapleStory][Edgecast][Game][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pinterest.pcap.out b/test/results/flow-info/default/pinterest.pcap.out index 5cdad211f..0dfa837a5 100644 --- a/test/results/flow-info/default/pinterest.pcap.out +++ b/test/results/flow-info/default/pinterest.pcap.out @@ -7,7 +7,7 @@ detected: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun][www.pinterest.fr] detection-update: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun][www.pinterest.fr] detection-update: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun][www.pinterest.fr] - analyse: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] + analyse: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.172| 0.013| 0.032| 1054.860| 2.700] [PKTLEN......: 72.000| 1120.000| 364.100| 421.400| 177613.600| 4.200] @@ -89,7 +89,7 @@ detected: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Web][Safe][images.unsplash.com] detection-update: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Web][Safe][images.unsplash.com] detection-update: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Media][Safe][images.unsplash.com] - analyse: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33280] -> [.....................64:ff9b::9765:7854][..443] + analyse: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33280] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.090| 0.014| 0.022| 502.919| 3.300] [PKTLEN......: 72.000| 1120.000| 300.800| 374.800| 140490.000| 4.100] @@ -100,7 +100,7 @@ [PKTLENS.....: 80,80,72,589,72,1120,1120,72,72,1120,1120,72,72,1120,154,72,72,165,171,368,72,72,72,330,138,72,72,110,72,516,246,72] [ENTROPIES...: 4.8,5.1,5.1,4.6,5.0,6.8,4.4,5.2,5.1,6.6,7.1,5.2,5.2,7.6,6.2,5.2,5.2,6.1,6.3,7.3,5.0,5.0,5.0,7.0,6.2,5.2,5.2,5.6,5.0,7.5,6.9,5.2] detection-update: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33280] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun][accounts.pinterest.com] - analyse: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] + analyse: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Media][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.050| 0.008| 0.015| 236.626| 2.900] [PKTLEN......: 72.000| 1460.000| 498.700| 595.900| 355070.700| 4.000] @@ -139,6 +139,7 @@ new: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [MIDSTREAM] detected: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] analyse: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43562] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.029| 0.002| 0.006| 41.161| 1.800] @@ -200,7 +201,7 @@ [IATS(ms)....: 46.9,46.9,0.2,112.0,45.4,0.0,0.0,157.3,0.0,0.0,2.9,0.3,3.0,37.7,0.0,0.0,1.1,0.0,0.0,32.6,0.0,0.0,0.6,1.0,0.0,0.0,0.0,0.3,0.0,0.0,0.0] [PKTLENS.....: 80,80,72,589,72,1280,1280,549,72,72,72,136,164,337,72,72,72,652,486,1280,72,72,72,103,1280,1280,1280,1280,72,72,72,72] [ENTROPIES...: 4.9,5.3,5.1,4.6,5.1,7.8,7.8,7.5,5.1,5.1,5.2,6.1,6.6,7.3,5.0,5.1,5.1,7.6,7.5,7.8,5.1,5.1,5.1,5.8,7.8,7.9,7.8,7.9,5.1,5.2,5.1,5.2] - analyse: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38546] -> [.......................2a04:4e42:1d::84][..443] + analyse: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38546] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.136| 0.023| 0.040| 1569.290| 3.200] [PKTLEN......: 72.000| 1460.000| 430.600| 544.300| 296293.800| 4.000] @@ -215,7 +216,7 @@ detected: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40114] -> [.....................64:ff9b::9765:7a6e][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][js-agent.newrelic.com] detection-update: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40114] -> [.....................64:ff9b::9765:7a6e][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][js-agent.newrelic.com] detection-update: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40114] -> [.....................64:ff9b::9765:7a6e][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads][js-agent.newrelic.com] - analyse: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40114] -> [.....................64:ff9b::9765:7a6e][..443] + analyse: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40114] -> [.....................64:ff9b::9765:7a6e][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.045| 0.007| 0.012| 147.627| 3.200] [PKTLEN......: 72.000| 1120.000| 377.700| 441.200| 194656.500| 4.100] @@ -236,7 +237,7 @@ idle: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51446] -> [...............2a00:1450:4007:816::2003][..443] guessed: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51472] -> [...............2a00:1450:4007:816::2003][..443] [TLS][Google][Web][Safe] idle: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51472] -> [...............2a00:1450:4007:816::2003][..443] - idle: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51582] -> [...............2a00:1450:4007:816::2003][..443] + idle: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51582] -> [...............2a00:1450:4007:816::2003][..443] [TLS.Google][Google][Web][Acceptable] guessed: [....28] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38402] -> [.......................2a04:4e42:1d::84][..443] [TLS][Unknown][Web][Safe] idle: [....28] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38402] -> [.......................2a04:4e42:1d::84][..443] guessed: [....30] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38406] -> [.......................2a04:4e42:1d::84][..443] [TLS][Unknown][Web][Safe] @@ -248,11 +249,11 @@ guessed: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56940] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Web][Safe] idle: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56940] -> [......................2a04:4e42:1d::720][..443] idle: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38512] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] - end: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38514] -> [.......................2a04:4e42:1d::84][..443] - end: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38516] -> [.......................2a04:4e42:1d::84][..443] - end: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38518] -> [.......................2a04:4e42:1d::84][..443] - end: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38520] -> [.......................2a04:4e42:1d::84][..443] - end: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38522] -> [.......................2a04:4e42:1d::84][..443] + end: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38514] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] + end: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38516] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] + end: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38518] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] + end: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38520] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] + end: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38522] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] idle: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38546] -> [.......................2a04:4e42:1d::84][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] idle: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47790] -> [...............2a00:1450:4007:816::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable] idle: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57050] -> [......................2a04:4e42:1d::720][..443] [TLS][Unknown][Media][Safe] @@ -260,14 +261,14 @@ idle: [....12] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][34626] -> [.....................64:ff9b::acd9:13e2][..443] guessed: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54308] -> [...............2a00:1450:4007:806::200e][..443] [TLS][Google][Web][Safe] idle: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54308] -> [...............2a00:1450:4007:806::200e][..443] - idle: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54416] -> [...............2a00:1450:4007:806::200e][..443] + idle: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54416] -> [...............2a00:1450:4007:806::200e][..443] [TLS.Google][Google][Web][Acceptable] guessed: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33156] -> [.....................64:ff9b::9765:7854][..443] [TLS][Unknown][Web][Safe] idle: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33156] -> [.....................64:ff9b::9765:7854][..443] guessed: [.....1] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33164] -> [.....................64:ff9b::9765:7854][..443] [TLS][Unknown][Web][Safe] idle: [.....1] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33164] -> [.....................64:ff9b::9765:7854][..443] guessed: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58726] -> [...............2a00:1450:4007:80b::2002][..443] [TLS][Google][Web][Safe] idle: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58726] -> [...............2a00:1450:4007:80b::2002][..443] - idle: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][60340] -> [......2a03:2880:f11f:83:face:b00c::25de][..443] + idle: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][60340] -> [......2a03:2880:f11f:83:face:b00c::25de][..443] [TLS.Facebook][Facebook][SocialNetwork][Fun] idle: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33262] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] idle: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][33280] -> [.....................64:ff9b::9765:7854][..443] [TLS.Pinterest][Unknown][SocialNetwork][Fun] guessed: [....34] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40560] -> [...............2a00:1450:4007:816::2004][..443] [TLS][Google][Web][Safe] diff --git a/test/results/flow-info/default/pluralsight.pcap.out b/test/results/flow-info/default/pluralsight.pcap.out index 822ff7aec..345e38927 100644 --- a/test/results/flow-info/default/pluralsight.pcap.out +++ b/test/results/flow-info/default/pluralsight.pcap.out @@ -23,10 +23,10 @@ new: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] detected: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com] detection-update: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun][zn6qzq6caaucudesr-pluralsight.siteintercept.qualtrics.com] - idle: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] - idle: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] - idle: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] - idle: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] - idle: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] - idle: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] + idle: [.....6] [ip4][..tcp] [..192.168.1.128][44770] -> [.104.17.209.240][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun] + idle: [.....4] [ip4][..tcp] [..192.168.1.128][42618] -> [..18.203.201.56][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun] + idle: [.....5] [ip4][..tcp] [..192.168.1.128][48948] -> [.104.19.162.127][..443] [TLS.Pluralsight][Cloudflare][Streaming][Fun] + idle: [.....2] [ip4][..tcp] [..192.168.1.128][42782] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun] + idle: [.....3] [ip4][..tcp] [..192.168.1.128][42790] -> [..146.75.62.208][..443] [TLS.Pluralsight][Unknown][Streaming][Fun] + idle: [.....1] [ip4][..tcp] [..192.168.1.128][42642] -> [...54.69.188.18][..443] [TLS.Pluralsight][AmazonAWS][Streaming][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pop3.pcap.out b/test/results/flow-info/default/pop3.pcap.out index 521949ea9..9846f9324 100644 --- a/test/results/flow-info/default/pop3.pcap.out +++ b/test/results/flow-info/default/pop3.pcap.out @@ -33,10 +33,12 @@ [IATS(ms)....: 48.7,48.8,52.1,85.3,79.8,1.2,96.8,99.7,95.0,92.4,96.8,111.5,96.8,82.4,96.0,95.0,97.0,96.0,95.2,98.0,2.0,51.0,3.2,0.1,3.2,44.7,56.5,59.7,2.4,50.3,0.1] [PKTLENS.....: 52,52,40,97,46,58,66,46,131,52,58,106,131,46,58,46,72,46,132,48,58,1500,40,1500,1500,40,1229,48,58,1500,40,1500] [ENTROPIES...: 4.4,4.9,4.8,5.7,5.0,5.4,5.2,4.9,5.5,5.0,5.2,5.8,5.4,4.9,5.1,4.8,5.1,4.9,5.7,5.0,5.3,6.0,4.8,5.3,5.3,4.8,5.4,5.0,5.3,5.6,4.7,5.8] - end: [.....2] [ip4][..tcp] [....192.168.0.4][26272] -> [.212.227.15.166][..110] + end: [.....2] [ip4][..tcp] [....192.168.0.4][26272] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol end: [.....3] [ip4][..tcp] [....192.168.0.4][26284] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] RISK: Unsafe Protocol - end: [.....4] [ip4][..tcp] [....192.168.0.4][26304] -> [.212.227.15.166][..110] + end: [.....4] [ip4][..tcp] [....192.168.0.4][26304] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] + RISK: Unsafe Protocol end: [.....5] [ip4][..tcp] [....192.168.0.4][26308] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] RISK: Unsafe Protocol end: [.....6] [ip4][..tcp] [....192.168.0.4][26383] -> [.212.227.15.166][..110] [POP3][Unknown][Email][Unsafe] diff --git a/test/results/flow-info/default/pop3_stls.pcap.out b/test/results/flow-info/default/pop3_stls.pcap.out index d5dba394f..42a6f89c7 100644 --- a/test/results/flow-info/default/pop3_stls.pcap.out +++ b/test/results/flow-info/default/pop3_stls.pcap.out @@ -10,7 +10,7 @@ RISK: Obsolete TLS (v1.1 or older), Unsafe Protocol detection-update: [.....1] [ip4][..tcp] [..192.168.20.18][50583] -> [...72.249.41.52][..110] [POPS][Unknown][Email][Safe] RISK: Obsolete TLS (v1.1 or older), Unsafe Protocol - analyse: [.....1] [ip4][..tcp] [..192.168.20.18][50583] -> [...72.249.41.52][..110] + analyse: [.....1] [ip4][..tcp] [..192.168.20.18][50583] -> [...72.249.41.52][..110] [POPS][Unknown][Email][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.072| 0.263| 0.525| 275477.529| 3.300] [PKTLEN......: 40.000| 1500.000| 234.500| 417.000| 173868.900| 3.700] diff --git a/test/results/flow-info/default/pops.pcapng.out b/test/results/flow-info/default/pops.pcapng.out index 1144ec099..02d8663db 100644 --- a/test/results/flow-info/default/pops.pcapng.out +++ b/test/results/flow-info/default/pops.pcapng.out @@ -6,5 +6,6 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....1] [ip4][..tcp] [....192.168.0.1][55077] -> [.....10.10.10.1][..995] [POPS][Unknown][Email][Safe] RISK: TLS (probably) Not Carrying HTTPS - idle: [.....1] [ip4][..tcp] [....192.168.0.1][55077] -> [.....10.10.10.1][..995] + idle: [.....1] [ip4][..tcp] [....192.168.0.1][55077] -> [.....10.10.10.1][..995] [POPS][Unknown][Email][Safe] + RISK: TLS (probably) Not Carrying HTTPS DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/pps.pcap.out b/test/results/flow-info/default/pps.pcap.out index 7f84e0a71..28b273f24 100644 --- a/test/results/flow-info/default/pps.pcap.out +++ b/test/results/flow-info/default/pps.pcap.out @@ -100,54 +100,83 @@ new: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [MIDSTREAM] detected: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....37] [ip4][..tcp] [..192.168.115.8][50463] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] + RISK: HTTP Obsolete Server new: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [MIDSTREAM] detected: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com] RISK: Unidirectional Traffic + detection-update: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com] new: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [MIDSTREAM] detected: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.Google][Unknown][Web][Acceptable][clients1.google.com] RISK: Unidirectional Traffic + detection-update: [....39] [ip4][..tcp] [..192.168.115.8][50466] -> [..203.66.182.24][...80] [HTTP.OCSP][Unknown][Web][Safe][clients1.google.com] new: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....40] [ip4][..tcp] [..192.168.115.8][50467] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic new: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....42] [ip4][..tcp] [..192.168.115.8][50470] -> [.202.108.14.236][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server + detection-update: [....41] [ip4][..tcp] [..192.168.115.8][50469] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....43] [ip4][..tcp] [..192.168.115.8][50471] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [MIDSTREAM] detected: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic new: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....44] [ip4][..tcp] [..192.168.115.8][50474] -> [.202.108.14.221][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server new: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....45] [ip4][..tcp] [..192.168.115.8][50475] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [MIDSTREAM] detected: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Unknown][Streaming][Fun][cache.video.iqiyi.com] RISK: HTTP Susp User-Agent, Unidirectional Traffic + detection-update: [....47] [ip4][..tcp] [..192.168.115.8][50476] -> [..101.227.32.39][...80] [HTTP.PPStream][Unknown][Streaming][Fun][cache.video.iqiyi.com] + RISK: HTTP Susp User-Agent + detection-update: [....46] [ip4][..tcp] [..192.168.115.8][50473] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....48] [ip4][..tcp] [..192.168.115.8][50477] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [MIDSTREAM] detected: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Unknown][Web][Acceptable][] RISK: HTTP Susp User-Agent, Unidirectional Traffic new: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [MIDSTREAM] detected: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable][cmc.tanx.com] RISK: Unidirectional Traffic + detection-update: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable][cmc.tanx.com] new: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....51] [ip4][..tcp] [..192.168.115.8][50483] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....52] [ip4][..tcp] [..192.168.115.8][50484] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [MIDSTREAM] detected: [....54] [ip4][..tcp] [..192.168.115.8][50486] -> [...77.234.40.96][...80] [HTTP.Cybersec][AVAST][Cybersecurity][Safe][bcu.ff.avast.com] RISK: HTTP Susp User-Agent, Unidirectional Traffic @@ -161,27 +190,40 @@ new: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [MIDSTREAM] detected: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][meta.video.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....57] [ip4][..tcp] [..192.168.115.8][50488] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][meta.video.qiyi.com] new: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [MIDSTREAM] detected: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....58] [ip4][..tcp] [..192.168.115.8][50489] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] + RISK: HTTP Obsolete Server new: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [MIDSTREAM] detected: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....59] [ip4][..tcp] [..192.168.115.8][50490] -> [.119.188.13.188][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] + RISK: HTTP Obsolete Server new: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [MIDSTREAM] detected: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + detection-update: [....60] [ip4][..tcp] [..192.168.115.8][50491] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66] + RISK: HTTP/TLS/QUIC Numeric Hostname/SNI new: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [MIDSTREAM] detected: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] RISK: Unidirectional Traffic new: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....61] [ip4][..tcp] [..192.168.115.8][50492] -> [...111.206.13.3][...80] [HTTP][Unknown][Web][Acceptable][pdata.video.qiyi.com] + RISK: HTTP Obsolete Server new: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [MIDSTREAM] detected: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Unknown][Web][Acceptable][223.26.106.66] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + detection-update: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [MIDSTREAM] detected: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] RISK: Unidirectional Traffic + detection-update: [....64] [ip4][..tcp] [...192.168.5.15][65127] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] + RISK: Error Code detection-update: [....63] [ip4][..tcp] [..192.168.115.8][50494] -> [..223.26.106.66][...80] [HTTP][Unknown][Download][Acceptable][223.26.106.66] RISK: Binary App Transfer, HTTP/TLS/QUIC Numeric Hostname/SNI new: [....65] [ip4][..udp] [...192.168.5.48][63930] -> [239.255.255.250][.1900] @@ -189,12 +231,17 @@ new: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [MIDSTREAM] detected: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....67] [ip4][..tcp] [..192.168.115.8][50496] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] + RISK: HTTP Obsolete Server new: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [MIDSTREAM] detected: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com] RISK: Unidirectional Traffic + detection-update: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable][click.hm.baidu.com] new: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] detected: [....69] [ip4][..udp] [...192.168.5.63][39383] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [....70] [ip4][..udp] [...192.168.5.63][60976] -> [239.255.255.250][.1900] @@ -202,28 +249,41 @@ new: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [MIDSTREAM] detected: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....71] [ip4][..tcp] [..192.168.115.8][50498] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com] + RISK: HTTP Obsolete Server new: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [MIDSTREAM] detected: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....72] [ip4][..tcp] [..192.168.115.8][50499] -> [..111.206.22.76][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server new: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [MIDSTREAM] detected: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Unknown][Web][Acceptable][s1.symcb.com] RISK: Unidirectional Traffic + detection-update: [....73] [ip4][..tcp] [..192.168.115.8][50500] -> [..23.41.133.163][...80] [HTTP][Unknown][Web][Acceptable][s1.symcb.com] new: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....74] [ip4][..tcp] [..192.168.115.8][50501] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] detected: [....75] [ip4][..udp] [...192.168.5.38][58897] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....76] [ip4][..tcp] [..192.168.115.8][50502] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] detected: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [MIDSTREAM] detected: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] RISK: Unidirectional Traffic + detection-update: [....78] [ip4][..tcp] [...192.168.5.15][65128] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][api.magicansoft.com] + RISK: Error Code new: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [MIDSTREAM] detected: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] detected: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] update: [....22] [ip4][..udp] [..192.168.115.8][22793] -> [.222.26.193.119][.7133] @@ -243,7 +303,6 @@ update: [.....7] [ip4][..udp] [..192.168.115.8][22793] -> [219.228.107.156][.1250] update: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590] update: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic update: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227] update: [....20] [ip4][..udp] [..192.168.115.8][22793] -> [.121.248.133.93][12757] update: [....19] [ip4][..udp] [..192.168.115.8][22793] -> [..202.112.31.89][29072] @@ -251,14 +310,10 @@ update: [....14] [ip4][..udp] [..192.168.115.8][22793] -> [..61.223.204.67][11102] update: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793] update: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185] update: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic update: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738] update: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738] update: [....17] [ip4][..udp] [..192.168.115.8][22793] -> [.111.117.101.81][10162] @@ -296,6 +351,7 @@ new: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [MIDSTREAM] detected: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Unknown][Web][Acceptable][iplocation.geo.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....89] [ip4][..tcp] [..192.168.115.8][50509] -> [.106.38.219.107][...80] [HTTP][Unknown][Web][Acceptable][iplocation.geo.qiyi.com] new: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [MIDSTREAM] detected: [....90] [ip4][..tcp] [..192.168.115.8][50766] -> [..223.26.106.20][...80] [HTTP][Unknown][Web][Acceptable][static.qiyi.com] RISK: Unidirectional Traffic @@ -312,20 +368,29 @@ new: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [MIDSTREAM] detected: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Unknown][Web][Acceptable][static.qiyi.com] RISK: Unidirectional Traffic + detection-update: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable][msg.video.qiyi.com] + RISK: HTTP Obsolete Server detection-update: [....93] [ip4][..tcp] [..192.168.115.8][50768] -> [..223.26.106.19][...80] [HTTP][Unknown][Download][Acceptable][static.qiyi.com] RISK: Binary App Transfer new: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [MIDSTREAM] detected: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....94] [ip4][..tcp] [..192.168.115.8][50769] -> [.101.227.200.11][...80] [HTTP.PPStream][Unknown][Streaming][Fun][api.cupid.iqiyi.com] + RISK: HTTP Obsolete Server new: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [MIDSTREAM] detected: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic new: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [MIDSTREAM] detected: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....95] [ip4][..tcp] [..192.168.115.8][50771] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server + detection-update: [....96] [ip4][..tcp] [..192.168.115.8][50772] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com] new: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [MIDSTREAM] detected: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] RISK: Unidirectional Traffic + detection-update: [....97] [ip4][..tcp] [..192.168.115.8][50773] -> [.202.108.14.221][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server new: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [MIDSTREAM] detected: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com] RISK: Unidirectional Traffic @@ -335,21 +400,32 @@ new: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [MIDSTREAM] detected: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [....99] [ip4][..tcp] [..192.168.115.8][50774] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable][msg.71.am] + RISK: HTTP Obsolete Server + detection-update: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server new: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [MIDSTREAM] detected: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server new: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [MIDSTREAM] detected: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com] RISK: Unidirectional Traffic + detection-update: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com] new: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] detected: [...103] [ip4][..udp] [..192.168.115.1][50945] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] new: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [MIDSTREAM] detected: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] RISK: Unidirectional Traffic + detection-update: [...104] [ip4][..tcp] [..192.168.115.8][50779] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun][msg.iqiyi.com] + RISK: HTTP Obsolete Server new: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [MIDSTREAM] detected: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com] RISK: Unidirectional Traffic + detection-update: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com] update: [....55] [ip4][..udp] [...192.168.5.57][59648] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] + detection-update: [....98] [ip4][..tcp] [..192.168.115.8][50775] -> [.123.125.111.70][...80] [HTTP.PPStream][Unknown][Streaming][Fun][nl.rcd.iqiyi.com] new: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [MIDSTREAM] detected: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun][preimage1.qiyipic.com] RISK: Unidirectional Traffic @@ -423,8 +499,10 @@ RISK: Binary App Transfer idle: [...102] [ip4][..tcp] [..192.168.115.8][50778] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun] idle: [...105] [ip4][..tcp] [..192.168.115.8][50780] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun] - idle: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] - idle: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] + idle: [...106] [ip4][..tcp] [..192.168.115.8][50781] -> [..223.26.106.20][...80] [HTTP.PPStream][Unknown][Streaming][Fun] + RISK: Unidirectional Traffic + idle: [....87] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50295] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic, HTTP Obsolete Server not-detected: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] [Unknown][Unknown][Unrated] idle: [.....3] [ip4][..udp] [..192.168.115.8][22793] -> [...114.42.0.158][.7716] idle: [....80] [ip4][..udp] [...192.168.5.28][60023] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] @@ -466,7 +544,8 @@ RISK: HTTP Obsolete Server idle: [....53] [ip4][..tcp] [..192.168.115.8][50485] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable] RISK: HTTP Obsolete Server - idle: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] + idle: [....56] [ip4][..tcp] [..192.168.115.8][50487] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable] + RISK: Unidirectional Traffic idle: [....62] [ip4][..tcp] [..192.168.115.8][50493] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable] RISK: HTTP Obsolete Server idle: [....66] [ip4][..tcp] [..192.168.115.8][50495] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable] @@ -477,9 +556,12 @@ RISK: HTTP Obsolete Server idle: [....79] [ip4][..tcp] [..192.168.115.8][50503] -> [.202.108.14.219][...80] [HTTP][Unknown][Streaming][Acceptable] RISK: HTTP Obsolete Server - idle: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] - idle: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] - idle: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] + idle: [....82] [ip4][..tcp] [..192.168.115.8][50504] -> [.202.108.14.236][...80] [HTTP][Unknown][Streaming][Acceptable] + RISK: Unidirectional Traffic + idle: [....86] [ip4][..tcp] [.202.108.14.219][...80] -> [..192.168.115.8][50506] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic, HTTP Obsolete Server + idle: [...107] [ip4][..tcp] [...77.234.41.35][...80] -> [..192.168.115.8][49174] [HTTP.Cybersec][AVAST][Cybersecurity][Safe] + RISK: HTTP Susp User-Agent not-detected: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [..192.168.115.8][22793] -> [.114.37.142.173][.1074] @@ -490,7 +572,6 @@ idle: [....16] [ip4][..udp] [..192.168.115.8][22793] -> [...36.233.39.81][18590] idle: [....38] [ip4][..tcp] [..192.168.115.8][50464] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable] idle: [....35] [ip4][..udp] [..192.168.115.8][22793] -> [119.188.133.182][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic end: [....68] [ip4][..tcp] [..192.168.115.8][50497] -> [.123.125.112.49][...80] [HTTP][Unknown][Web][Acceptable] idle: [....50] [ip4][..tcp] [..192.168.115.8][50482] -> [.140.205.243.64][...80] [HTTP][Alibaba][Web][Acceptable] not-detected: [....18] [ip4][..udp] [..192.168.115.8][22793] -> [..61.227.170.88][20227] [Unknown][Unknown][Unrated] @@ -527,16 +608,12 @@ idle: [.....8] [ip4][..udp] [.183.228.182.44][13913] -> [..192.168.115.8][22793] idle: [....84] [ip4][..udp] [...192.168.5.41][50374] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....36] [ip4][..udp] [..192.168.115.8][22793] -> [.183.61.167.104][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [..192.168.115.8][22793] -> [..183.61.167.82][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic not-detected: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..192.168.115.8][22793] -> [..1.175.128.104][.5185] idle: [....34] [ip4][..udp] [..192.168.115.8][22793] -> [...218.61.39.87][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..192.168.115.8][22793] -> [..218.61.39.103][17788] [PPStream][Unknown][Streaming][Fun] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [...192.168.5.50][52529] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] not-detected: [....31] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.20][33738] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -546,7 +623,8 @@ idle: [....30] [ip4][..udp] [..192.168.115.8][22793] -> [...210.47.12.19][33738] idle: [....92] [ip4][..tcp] [..192.168.115.8][50765] -> [..36.110.220.15][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Obsolete Server - idle: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] + idle: [....49] [ip4][..tcp] [..117.79.81.135][...80] -> [..192.168.115.8][50443] [HTTP][Unknown][Web][Acceptable] + RISK: HTTP Susp User-Agent, Unidirectional Traffic idle: [...100] [ip4][..tcp] [..192.168.115.8][50776] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun] RISK: HTTP Obsolete Server idle: [...101] [ip4][..tcp] [..192.168.115.8][50777] -> [..111.206.22.77][...80] [HTTP.PPStream][Unknown][Streaming][Fun] diff --git a/test/results/flow-info/default/protonvpn.pcap.out b/test/results/flow-info/default/protonvpn.pcap.out index 97f3f0072..32001b75a 100644 --- a/test/results/flow-info/default/protonvpn.pcap.out +++ b/test/results/flow-info/default/protonvpn.pcap.out @@ -12,7 +12,8 @@ new: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] idle: [.....2] [ip4][..udp] [......10.0.2.15][57701] -> [....217.23.3.76][..443] [WireGuard][ProtonVPN][VPN][Acceptable] RISK: Known Proto on Non Std Port - idle: [.....1] [ip4][..tcp] [......10.0.2.15][37810] -> [185.159.159.148][..443] + idle: [.....1] [ip4][..tcp] [......10.0.2.15][37810] -> [185.159.159.148][..443] [TLS.ProtonVPN][Unknown][VPN][Acceptable] + RISK: TLS Cert Expired guessed: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] [TLS][Google][Web][Safe] RISK: Anonymous Subscriber, Unidirectional Traffic idle: [.....3] [ip4][..tcp] [....2.58.241.67][37710] -> [........8.8.8.8][..443] diff --git a/test/results/flow-info/default/psiphon3.pcap.out b/test/results/flow-info/default/psiphon3.pcap.out index 474dd927d..e6e965629 100644 --- a/test/results/flow-info/default/psiphon3.pcap.out +++ b/test/results/flow-info/default/psiphon3.pcap.out @@ -8,7 +8,7 @@ RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch detection-update: [.....1] [ip4][..tcp] [..192.168.0.103][40557] -> [.104.18.151.190][..443] [TLS.Psiphon][Cloudflare][VPN][Acceptable][] RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch - analyse: [.....1] [ip4][..tcp] [..192.168.0.103][40557] -> [.104.18.151.190][..443] + analyse: [.....1] [ip4][..tcp] [..192.168.0.103][40557] -> [.104.18.151.190][..443] [TLS.Psiphon][Cloudflare][VPN][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.046| 0.007| 0.011| 114.161| 3.600] [PKTLEN......: 40.000| 1500.000| 277.500| 421.900| 177964.300| 3.800] diff --git a/test/results/flow-info/default/punycode-idn.pcap.out b/test/results/flow-info/default/punycode-idn.pcap.out index 1398736fb..1eb0c09a3 100644 --- a/test/results/flow-info/default/punycode-idn.pcap.out +++ b/test/results/flow-info/default/punycode-idn.pcap.out @@ -13,8 +13,11 @@ new: [.....3] [ip4][..tcp] [..192.168.2.140][56011] -> [...170.33.9.230][...80] detected: [.....3] [ip4][..tcp] [..192.168.2.140][56011] -> [...170.33.9.230][...80] [HTTP][Alibaba][Web][Acceptable][www.love.xn--55qx5d] RISK: IDN Domain Name + detection-update: [.....3] [ip4][..tcp] [..192.168.2.140][56011] -> [...170.33.9.230][...80] [HTTP][Alibaba][Web][Acceptable][www.love.xn--55qx5d] + RISK: IDN Domain Name, Error Code idle: [.....1] [ip4][..udp] [..192.168.2.140][45520] -> [....192.168.2.1][...53] [DNS.Spotify][Unknown][Network][Fun] - idle: [.....2] [ip4][..udp] [..192.168.2.140][60156] -> [....192.168.2.1][...53] + idle: [.....2] [ip4][..udp] [..192.168.2.140][60156] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable] + RISK: IDN Domain Name, Error Code end: [.....3] [ip4][..tcp] [..192.168.2.140][56011] -> [...170.33.9.230][...80] [HTTP][Alibaba][Web][Acceptable] RISK: IDN Domain Name, Error Code DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-23.pcap.out b/test/results/flow-info/default/quic-23.pcap.out index f07e1a4f6..659d15034 100644 --- a/test/results/flow-info/default/quic-23.pcap.out +++ b/test/results/flow-info/default/quic-23.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip6][..udp] [2e4a:774d:26fd:7f9b:785b:2d1b:4f8a:63c7][50339] -> [3bcc:9991:faba:bae1:cd2a:e2fd:b3be:c5ab][..443] [QUIC][Unknown][Web][Acceptable][quic.aiortc.org] RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [2e4a:774d:26fd:7f9b:785b:2d1b:4f8a:63c7][50339] -> [3bcc:9991:faba:bae1:cd2a:e2fd:b3be:c5ab][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-24.pcap.out b/test/results/flow-info/default/quic-24.pcap.out index ee74e8443..c4a029d4e 100644 --- a/test/results/flow-info/default/quic-24.pcap.out +++ b/test/results/flow-info/default/quic-24.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.......10.9.0.1][41436] -> [.......10.9.0.2][..443] [QUIC][Unknown][Web][Acceptable][localhost] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.9.0.1][41436] -> [.......10.9.0.2][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-27.pcap.out b/test/results/flow-info/default/quic-27.pcap.out index 4fcf37f71..489785725 100644 --- a/test/results/flow-info/default/quic-27.pcap.out +++ b/test/results/flow-info/default/quic-27.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip6][..udp] [...3ef4:2194:f4a6:3503:40cd:714:57:c4e4][64229] -> [..............2f3d:64d1:9d59:549b::200e][..443] [QUIC.Google][Unknown][Web][Acceptable][play.google.com] RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [...3ef4:2194:f4a6:3503:40cd:714:57:c4e4][64229] -> [..............2f3d:64d1:9d59:549b::200e][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-28.pcap.out b/test/results/flow-info/default/quic-28.pcap.out index b205d48d2..493a86516 100644 --- a/test/results/flow-info/default/quic-28.pcap.out +++ b/test/results/flow-info/default/quic-28.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 1228,75,1228,99,189,1228,1224,1225,245,138,89,71,71,154,98,543,71,71,96,71,71,71,71,71,686,71,133,71,845,71,108,72] [ENTROPIES...: 7.8,5.4,7.8,6.0,6.7,7.8,7.8,7.9,7.1,6.5,6.1,5.9,5.9,6.7,6.1,7.6,5.8,5.7,6.1,5.7,5.7,5.8,5.8,5.8,7.7,5.8,6.6,5.8,7.8,5.9,6.2,5.7] idle: [.....1] [ip4][..udp] [.......10.9.0.2][60106] -> [..104.26.11.240][..443] [QUIC][Cloudflare][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-29.pcap.out b/test/results/flow-info/default/quic-29.pcap.out index 2afedef2b..267cc2544 100644 --- a/test/results/flow-info/default/quic-29.pcap.out +++ b/test/results/flow-info/default/quic-29.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.......10.9.0.1][36588] -> [.......10.9.0.2][..443] [QUIC][Unknown][Web][Acceptable][localhost] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.9.0.1][36588] -> [.......10.9.0.2][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-33.pcapng.out b/test/results/flow-info/default/quic-33.pcapng.out index bd825925f..bf0226638 100644 --- a/test/results/flow-info/default/quic-33.pcapng.out +++ b/test/results/flow-info/default/quic-33.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip6][..udp] [....................................::1][51430] -> [....................................::1][.4443] [QUIC][Unknown][Web][Acceptable][] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch idle: [.....1] [ip6][..udp] [....................................::1][51430] -> [....................................::1][.4443] [QUIC][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch + RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-34.pcap.out b/test/results/flow-info/default/quic-34.pcap.out index 317da963e..7869e2baa 100644 --- a/test/results/flow-info/default/quic-34.pcap.out +++ b/test/results/flow-info/default/quic-34.pcap.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..udp] [...192.168.56.1][55880] -> [.192.168.56.198][.4443] [QUIC][Unknown][Web][Acceptable][] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch idle: [.....1] [ip4][..udp] [...192.168.56.1][55880] -> [.192.168.56.198][.4443] [QUIC][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch + RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, ALPN/SNI Mismatch DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-forcing-vn-with-data.pcapng.out b/test/results/flow-info/default/quic-forcing-vn-with-data.pcapng.out index 0884030eb..460b5a848 100644 --- a/test/results/flow-info/default/quic-forcing-vn-with-data.pcapng.out +++ b/test/results/flow-info/default/quic-forcing-vn-with-data.pcapng.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [.192.168.56.103][55523] -> [.192.168.56.104][.4433] detected: [.....1] [ip4][..udp] [.192.168.56.103][55523] -> [.192.168.56.104][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.56.103][55523] -> [.192.168.56.104][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.192.168.56.103][55523] -> [.192.168.56.104][.4433] [QUIC][Unknown][Web][Acceptable][] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, ALPN/SNI Mismatch idle: [.....1] [ip4][..udp] [.192.168.56.103][55523] -> [.192.168.56.104][.4433] [QUIC][Unknown][Web][Acceptable] diff --git a/test/results/flow-info/default/quic-mvfst-22.pcap.out b/test/results/flow-info/default/quic-mvfst-22.pcap.out index a95b3ee84..2536d0a1a 100644 --- a/test/results/flow-info/default/quic-mvfst-22.pcap.out +++ b/test/results/flow-info/default/quic-mvfst-22.pcap.out @@ -13,7 +13,5 @@ [PKTLENS.....: 1260,1280,1280,221,81,1260,106,95,66,261,59,52,1128,56,60,598,1260,1221,56,56,60,52,1280,1280,1280,1280,84,65,52,1280,1280,1280] [ENTROPIES...: 7.9,7.8,7.9,6.9,5.8,7.8,6.0,6.1,5.4,7.1,5.4,5.2,7.8,5.2,5.4,7.6,7.8,7.8,5.4,5.2,5.4,5.1,7.8,7.8,7.9,7.8,5.9,5.5,5.2,7.9,7.8,7.8] update: [.....1] [ip4][..udp] [......10.0.2.15][35601] -> [.....31.13.86.8][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [......10.0.2.15][35601] -> [.....31.13.86.8][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-mvfst-22_decryption_error.pcap.out b/test/results/flow-info/default/quic-mvfst-22_decryption_error.pcap.out index 5ae2e8bee..20539a665 100644 --- a/test/results/flow-info/default/quic-mvfst-22_decryption_error.pcap.out +++ b/test/results/flow-info/default/quic-mvfst-22_decryption_error.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..10.230.40.168][62196] -> [..94.97.225.146][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..10.230.40.168][62196] -> [..94.97.225.146][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-mvfst-27.pcapng.out b/test/results/flow-info/default/quic-mvfst-27.pcapng.out index b00dff7d0..6572853cc 100644 --- a/test/results/flow-info/default/quic-mvfst-27.pcapng.out +++ b/test/results/flow-info/default/quic-mvfst-27.pcapng.out @@ -3,5 +3,4 @@ detected: [.....1] [ip4][..udp] [......10.0.2.15][35957] -> [..69.171.250.15][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun][graph.facebook.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [......10.0.2.15][35957] -> [..69.171.250.15][..443] [QUIC.Facebook][Facebook][SocialNetwork][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-mvfst-exp.pcap.out b/test/results/flow-info/default/quic-mvfst-exp.pcap.out index cbb70715a..304e40f3e 100644 --- a/test/results/flow-info/default/quic-mvfst-exp.pcap.out +++ b/test/results/flow-info/default/quic-mvfst-exp.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip6][..udp] [.2aac:cdf7:d506:7807:9092:75f:a963:f4ab][57587] -> [....3f65:ece9:fe71:6e2a:face:b00c::358e][..443] [QUIC.FbookReelStory][Unknown][SocialNetwork][Fun][video.fmct2-3.fna.fbcdn.net] RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [.2aac:cdf7:d506:7807:9092:75f:a963:f4ab][57587] -> [....3f65:ece9:fe71:6e2a:face:b00c::358e][..443] [QUIC.FbookReelStory][Unknown][SocialNetwork][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic-v2.pcapng.out b/test/results/flow-info/default/quic-v2.pcapng.out index 4dd8e00d2..a8a73c077 100644 --- a/test/results/flow-info/default/quic-v2.pcapng.out +++ b/test/results/flow-info/default/quic-v2.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip6][..udp] [....................................::1][42086] -> [....................................::1][.4443] [QUIC][Unknown][Web][Acceptable][test] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....1] [ip6][..udp] [....................................::1][42086] -> [....................................::1][.4443] [QUIC][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic.pcap.out b/test/results/flow-info/default/quic.pcap.out index 1702ec5fd..d16cf60de 100644 --- a/test/results/flow-info/default/quic.pcap.out +++ b/test/results/flow-info/default/quic.pcap.out @@ -20,7 +20,6 @@ detected: [.....2] [ip4][..udp] [.......10.0.0.4][40134] -> [.......10.0.0.3][.6121] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.1.109][57833] -> [.216.58.212.101][..443] [QUIC.GMail][Google][Email][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 419 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.1.105][45669] -> [...172.217.16.4][..443] @@ -43,7 +42,7 @@ detected: [.....9] [ip4][..udp] [..192.168.1.105][53817] -> [.216.58.210.225][..443] [QUIC.YouTube][Google][Media][Fun][yt3.ggpht.com] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.......10.0.0.4][40134] -> [.......10.0.0.3][.6121] [QUIC][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, Unidirectional Traffic + RISK: Known Proto on Non Std Port, Missing SNI TLS Extn DAEMON-EVENT: [Processed: 449 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 7 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....10] [ip4][..udp] [..192.168.1.109][35236] -> [.216.58.210.206][..443] @@ -60,19 +59,12 @@ [PKTLENS.....: 1378,373,1378,1378,1378,369,65,68,1378,61,61,71,1378,1378,1174,68,65,1378,1378,68,1378,1378,1378,68,1378,68,1378,1378,1378,68,1378,1378] [ENTROPIES...: 5.1,7.4,7.6,2.6,5.4,7.4,5.3,5.5,7.9,5.5,5.5,5.7,7.9,7.9,7.8,5.6,5.6,7.9,7.9,5.7,7.9,7.9,7.9,5.6,7.9,5.7,7.9,7.8,7.9,5.6,7.9,7.9] idle: [.....7] [ip4][..udp] [..192.168.1.105][40030] -> [.216.58.201.227][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic guessed: [.....4] [ip4][..udp] [..192.168.1.105][40461] -> [...172.217.16.3][..443] [QUIC][Google][Web][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.1.105][40461] -> [...172.217.16.3][..443] idle: [.....6] [ip4][..udp] [..192.168.1.105][48445] -> [.216.58.214.110][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.1.105][34438] -> [.216.58.210.238][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.1.105][45669] -> [...172.217.16.4][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..192.168.1.109][35236] -> [.216.58.210.206][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.1.105][53817] -> [.216.58.210.225][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.1.105][55934] -> [.216.58.201.238][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic046.pcap.out b/test/results/flow-info/default/quic046.pcap.out index 80c7fc2cf..05044655c 100644 --- a/test/results/flow-info/default/quic046.pcap.out +++ b/test/results/flow-info/default/quic046.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 1378,560,114,187,185,185,186,185,191,188,1378,1378,255,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,56,48,1378,56,1378] [ENTROPIES...: 4.1,7.6,6.3,6.9,6.9,6.8,6.9,6.9,7.0,6.9,4.1,7.9,7.1,7.9,7.9,7.9,7.8,7.9,7.9,7.9,7.9,7.8,7.9,7.9,7.9,7.9,7.9,5.4,5.1,7.8,5.4,7.9] idle: [.....1] [ip4][..udp] [..192.168.1.236][50587] -> [..216.58.206.86][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_0RTT.pcap.out b/test/results/flow-info/default/quic_0RTT.pcap.out index 147ed95e8..8ea0f1b92 100644 --- a/test/results/flow-info/default/quic_0RTT.pcap.out +++ b/test/results/flow-info/default/quic_0RTT.pcap.out @@ -12,5 +12,5 @@ idle: [.....2] [ip4][..udp] [..192.168.2.100][51972] -> [142.250.181.227][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip6][..udp] [....................................::1][60459] -> [....................................::1][.4443] [QUIC][Unknown][Web][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_cc_ack.pcapng.out b/test/results/flow-info/default/quic_cc_ack.pcapng.out index ff4dbb9d5..4fb4ba14f 100644 --- a/test/results/flow-info/default/quic_cc_ack.pcapng.out +++ b/test/results/flow-info/default/quic_cc_ack.pcapng.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][..udp] [.183.23.159.144][37787] -> [.108.140.147.22][..443] [QUIC][Azure][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.183.23.159.144][37787] -> [.108.140.147.22][..443] [QUIC][Azure][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.152.14.223.145][57113] -> [...71.98.228.93][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_crypto_aes_auth_size.pcap.out b/test/results/flow-info/default/quic_crypto_aes_auth_size.pcap.out index 616283540..4e74f3ae9 100644 --- a/test/results/flow-info/default/quic_crypto_aes_auth_size.pcap.out +++ b/test/results/flow-info/default/quic_crypto_aes_auth_size.pcap.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][..udp] [245.161.134.177][27636] -> [..77.242.114.14][..443] [QUIC.Snapchat][Unknown][SocialNetwork][Fun][gcp.api.snapchat.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...134.53.36.43][34917] -> [..142.104.38.30][..443] [QUIC.Snapchat][Unknown][SocialNetwork][Fun] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [245.161.134.177][27636] -> [..77.242.114.14][..443] [QUIC.Snapchat][Unknown][SocialNetwork][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out b/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out index 976cff19c..c55543d96 100644 --- a/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out +++ b/test/results/flow-info/default/quic_frags_ch_out_of_order_same_packet_craziness.pcapng.out @@ -8,7 +8,6 @@ detected: [.....2] [ip4][..udp] [..147.196.90.42][61647] -> [..177.86.46.206][..443] [QUIC.Google][Unknown][Web][Acceptable][sb-ssl.google.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.133.205.75.230][56528] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 8 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [...168.144.64.5][55376] -> [.212.22.246.243][..443] @@ -24,30 +23,21 @@ detected: [.....6] [ip4][..udp] [...168.144.64.5][59827] -> [..37.47.218.224][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][www.googleadservices.com] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..147.196.90.42][61647] -> [..177.86.46.206][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [...168.144.64.5][51053] -> [241.138.147.133][..443] detected: [.....7] [ip4][..udp] [...168.144.64.5][51053] -> [241.138.147.133][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][content-autofill.googleapis.com] update: [.....3] [ip4][..udp] [...168.144.64.5][55376] -> [.212.22.246.243][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [...168.144.64.5][64964] -> [.133.202.76.105][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [...168.144.64.5][59827] -> [..37.47.218.224][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [...168.144.64.5][55844] -> [..112.1.105.138][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 5 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 4] new: [.....8] [ip4][..udp] [..10.117.78.100][44252] -> [.251.236.18.198][..443] detected: [.....8] [ip4][..udp] [..10.117.78.100][44252] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable][accounts.google.com] idle: [.....3] [ip4][..udp] [...168.144.64.5][55376] -> [.212.22.246.243][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...168.144.64.5][64964] -> [.133.202.76.105][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [...168.144.64.5][59827] -> [..37.47.218.224][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [...168.144.64.5][51053] -> [241.138.147.133][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] idle: [.....5] [ip4][..udp] [...168.144.64.5][55844] -> [..112.1.105.138][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [..10.117.78.100][55273] -> [202.152.155.121][..443] detected: [.....9] [ip4][..udp] [..10.117.78.100][55273] -> [202.152.155.121][..443] [QUIC.Google][Unknown][Web][Acceptable][clients4.google.com] RISK: Unidirectional Traffic @@ -70,20 +60,14 @@ RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..10.117.78.100][44252] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable] idle: [.....9] [ip4][..udp] [..10.117.78.100][55273] -> [202.152.155.121][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [...168.144.64.5][51456] -> [102.194.207.179][..443] detected: [....15] [ip4][..udp] [...168.144.64.5][51456] -> [102.194.207.179][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [...168.144.64.5][50482] -> [121.209.126.161][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [...168.144.64.5][62652] -> [.158.146.215.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [...168.144.64.5][63136] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [...168.144.64.5][53431] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [...168.144.64.5][53404] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....16] [ip4][..udp] [...168.144.64.5][63163] -> [113.250.137.243][..443] detected: [....16] [ip4][..udp] [...168.144.64.5][63163] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][update.googleapis.com] RISK: Unidirectional Traffic @@ -97,23 +81,14 @@ detected: [....19] [ip4][..udp] [...168.144.64.5][60896] -> [.45.228.175.189][..443] [QUIC.Google][Unknown][Web][Acceptable][www.google.com] RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [...168.144.64.5][54016] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [...168.144.64.5][50482] -> [121.209.126.161][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [...168.144.64.5][62652] -> [.158.146.215.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [...168.144.64.5][63136] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [...168.144.64.5][63163] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [...168.144.64.5][53431] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....18] [ip4][..udp] [...168.144.64.5][51248] -> [..99.42.133.245][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [...168.144.64.5][53404] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [...168.144.64.5][51456] -> [102.194.207.179][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....20] [ip4][..udp] [...168.144.64.5][60551] -> [...128.248.24.1][..443] detected: [....20] [ip4][..udp] [...168.144.64.5][60551] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gvt2.com] RISK: Unidirectional Traffic @@ -121,68 +96,41 @@ detected: [....21] [ip4][..udp] [...168.144.64.5][56488] -> [..177.86.46.206][..443] [QUIC.YouTube][Unknown][Media][Fun][www.youtube.com] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [...168.144.64.5][53431] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [...168.144.64.5][53404] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [...168.144.64.5][54016] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [...168.144.64.5][50482] -> [121.209.126.161][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....13] [ip4][..udp] [...168.144.64.5][62652] -> [.158.146.215.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [...168.144.64.5][63136] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....16] [ip4][..udp] [...168.144.64.5][63163] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [...168.144.64.5][60896] -> [.45.228.175.189][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....18] [ip4][..udp] [...168.144.64.5][51248] -> [..99.42.133.245][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [...168.144.64.5][51456] -> [102.194.207.179][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....22] [ip4][..udp] [...168.144.64.5][49153] -> [...153.98.28.78][..443] detected: [....22] [ip4][..udp] [...168.144.64.5][49153] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable][dns.google] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [...168.144.64.5][50482] -> [121.209.126.161][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [...168.144.64.5][62652] -> [.158.146.215.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [...168.144.64.5][63136] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [...168.144.64.5][60551] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....23] [ip4][..udp] [...168.144.64.5][51296] -> [...128.248.24.1][..443] detected: [....23] [ip4][..udp] [...168.144.64.5][51296] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gcp.gvt2.com] RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [...168.144.64.5][54016] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [...168.144.64.5][63163] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [...168.144.64.5][51248] -> [..99.42.133.245][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [...168.144.64.5][51456] -> [102.194.207.179][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [...168.144.64.5][60896] -> [.45.228.175.189][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [...168.144.64.5][49153] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [...168.144.64.5][56488] -> [..177.86.46.206][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....20] [ip4][..udp] [...168.144.64.5][60551] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [...168.144.64.5][57767] -> [....76.83.40.87][..443] detected: [....24] [ip4][..udp] [...168.144.64.5][57767] -> [....76.83.40.87][..443] [QUIC.YouTube][Unknown][Media][Fun][r11---sn-vh5ouxa-hjuk.googlevideo.com] RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [...168.144.64.5][51296] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [...168.144.64.5][60896] -> [.45.228.175.189][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [...168.144.64.5][49153] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [...168.144.64.5][56488] -> [..177.86.46.206][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [...168.144.64.5][60551] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....25] [ip4][..udp] [...168.144.64.5][63736] -> [.213.188.47.247][..443] detected: [....25] [ip4][..udp] [...168.144.64.5][63736] -> [.213.188.47.247][..443] [QUIC.YouTube][Unknown][Media][Fun][r4---sn-vh5ouxa-hjud.googlevideo.com] RISK: Unidirectional Traffic @@ -192,31 +140,23 @@ detected: [....27] [ip4][..udp] [...168.144.64.5][49324] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable][pagead2.googlesyndication.com] RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [...168.144.64.5][57767] -> [....76.83.40.87][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 38 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 4 / 27|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [....28] [ip4][..udp] [...168.144.64.5][62047] -> [..136.125.67.96][..443] detected: [....28] [ip4][..udp] [...168.144.64.5][62047] -> [..136.125.67.96][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons4.gvt2.com] RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [...168.144.64.5][63736] -> [.213.188.47.247][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [...168.144.64.5][49324] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [...168.144.64.5][52273] -> [244.214.160.219][..443] [QUIC.YouTube][Unknown][Media][Fun] update: [....24] [ip4][..udp] [...168.144.64.5][57767] -> [....76.83.40.87][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....29] [ip4][..udp] [...168.144.64.5][64976] -> [..220.80.126.73][..443] detected: [....29] [ip4][..udp] [...168.144.64.5][64976] -> [..220.80.126.73][..443] [QUIC.YouTube][Unknown][Media][Fun][r1---sn-hju7enel.googlevideo.com] RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [...168.144.64.5][63736] -> [.213.188.47.247][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [...168.144.64.5][62047] -> [..136.125.67.96][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [...168.144.64.5][49324] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [...168.144.64.5][52273] -> [244.214.160.219][..443] [QUIC.YouTube][Unknown][Media][Fun] idle: [....24] [ip4][..udp] [...168.144.64.5][57767] -> [....76.83.40.87][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....30] [ip4][..udp] [...168.144.64.5][61209] -> [..35.194.157.47][..443] detected: [....30] [ip4][..udp] [...168.144.64.5][61209] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable][www.googleadservices.com] RISK: Unidirectional Traffic @@ -224,20 +164,15 @@ detected: [....31] [ip4][..udp] [...168.144.64.5][50540] -> [...99.45.60.254][..443] [QUIC.YouTube][Unknown][Media][Fun][i.ytimg.com] RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [...168.144.64.5][64976] -> [..220.80.126.73][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...168.144.64.5][61209] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 42 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 38] new: [....32] [ip4][..udp] [...168.144.64.5][60809] -> [...9.65.169.252][..443] detected: [....32] [ip4][..udp] [...168.144.64.5][60809] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun][suggestqueries-clients6.youtube.com] RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [...168.144.64.5][64976] -> [..220.80.126.73][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...168.144.64.5][61209] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....31] [ip4][..udp] [...168.144.64.5][50540] -> [...99.45.60.254][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....33] [ip4][..udp] [...168.144.64.5][55637] -> [.169.81.163.225][..443] detected: [....33] [ip4][..udp] [...168.144.64.5][55637] -> [.169.81.163.225][..443] [QUIC.YouTube][Unknown][Media][Fun][r3---sn-hju7enel.googlevideo.com] RISK: Unidirectional Traffic @@ -245,30 +180,20 @@ detected: [....34] [ip4][..udp] [...168.144.64.5][53127] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable][b1.nel.goog] RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [...168.144.64.5][64976] -> [..220.80.126.73][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [...168.144.64.5][61209] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [...168.144.64.5][50540] -> [...99.45.60.254][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....32] [ip4][..udp] [...168.144.64.5][60809] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [...168.144.64.5][55637] -> [.169.81.163.225][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....35] [ip4][..udp] [...168.144.64.5][50073] -> [.152.128.87.238][..443] detected: [....35] [ip4][..udp] [...168.144.64.5][50073] -> [.152.128.87.238][..443] [QUIC.YouTube][Unknown][Media][Fun][r3---sn-vh5ouxa-hjud.googlevideo.com] RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [...168.144.64.5][60809] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [...168.144.64.5][55637] -> [.169.81.163.225][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....34] [ip4][..udp] [...168.144.64.5][53127] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic new: [....36] [ip4][..udp] [.192.168.254.11][59048] -> [.251.236.18.198][..443] detected: [....36] [ip4][..udp] [.192.168.254.11][59048] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable][accounts.google.com] idle: [....34] [ip4][..udp] [...168.144.64.5][53127] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [...168.144.64.5][50073] -> [.152.128.87.238][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....37] [ip4][..udp] [.192.168.254.11][38331] -> [.93.100.151.221][..443] detected: [....37] [ip4][..udp] [.192.168.254.11][38331] -> [.93.100.151.221][..443] [QUIC.DataSaver][Unknown][Web][Fun][litepages.googlezip.net] RISK: Unidirectional Traffic @@ -283,21 +208,15 @@ RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [.192.168.254.11][59048] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....35] [ip4][..udp] [...168.144.64.5][50073] -> [.152.128.87.238][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....41] [ip4][..udp] [.192.168.254.11][35124] -> [..168.78.153.39][..443] detected: [....41] [ip4][..udp] [.192.168.254.11][35124] -> [..168.78.153.39][..443] [QUIC][Unknown][Web][Acceptable][s-img.adskeeper.co.uk] RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [...168.144.64.5][50073] -> [.152.128.87.238][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [.192.168.254.11][45652] -> [.170.196.90.126][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [.192.168.254.11][38331] -> [.93.100.151.221][..443] [QUIC.DataSaver][Unknown][Web][Fun] - RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [.192.168.254.11][59048] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....40] [ip4][..udp] [.192.168.254.11][54692] -> [.171.182.169.23][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [.192.168.254.11][43427] -> [..98.251.203.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....42] [ip4][..udp] [.192.168.254.11][51075] -> [.117.148.117.30][..443] detected: [....42] [ip4][..udp] [.192.168.254.11][51075] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][pagead2.googlesyndication.com] RISK: Unidirectional Traffic @@ -306,49 +225,34 @@ RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [.192.168.254.11][59048] -> [.251.236.18.198][..443] [QUIC.Google][Unknown][Web][Acceptable] update: [....38] [ip4][..udp] [.192.168.254.11][45652] -> [.170.196.90.126][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [.192.168.254.11][35124] -> [..168.78.153.39][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [.192.168.254.11][38331] -> [.93.100.151.221][..443] [QUIC.DataSaver][Unknown][Web][Fun] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [.192.168.254.11][54692] -> [.171.182.169.23][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [.192.168.254.11][43427] -> [..98.251.203.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....44] [ip4][..udp] [...168.144.64.5][62818] -> [113.250.137.243][..443] detected: [....44] [ip4][..udp] [...168.144.64.5][62818] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [.192.168.254.11][45652] -> [.170.196.90.126][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [.192.168.254.11][38331] -> [.93.100.151.221][..443] [QUIC.DataSaver][Unknown][Web][Fun] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [.192.168.254.11][43427] -> [..98.251.203.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....45] [ip4][..udp] [...168.144.64.5][56425] -> [..125.136.204.4][..443] detected: [....45] [ip4][..udp] [...168.144.64.5][56425] -> [..125.136.204.4][..443] [QUIC.YouTube][Unknown][Media][Fun][r1---sn-vh5ouxa-hjuk.googlevideo.com] RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [.192.168.254.11][54692] -> [.171.182.169.23][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 57 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 5 / 45|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [....46] [ip4][..udp] [...168.144.64.5][59622] -> [...153.98.28.78][..443] detected: [....46] [ip4][..udp] [...168.144.64.5][59622] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable][dns.google] RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [...168.144.64.5][62818] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [.192.168.254.11][35124] -> [..168.78.153.39][..443] [QUIC][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [.192.168.254.11][51075] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [.192.168.254.11][49689] -> [.87.179.155.149][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....45] [ip4][..udp] [...168.144.64.5][56425] -> [..125.136.204.4][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....47] [ip4][..udp] [...168.144.64.5][50552] -> [108.171.138.182][..443] detected: [....47] [ip4][..udp] [...168.144.64.5][50552] -> [108.171.138.182][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gvt2.com] RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [...168.144.64.5][56425] -> [..125.136.204.4][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....48] [ip4][..udp] [...168.144.64.5][56844] -> [113.250.137.243][..443] detected: [....48] [ip4][..udp] [...168.144.64.5][56844] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable][b1.nel.goog] RISK: Unidirectional Traffic @@ -356,11 +260,8 @@ detected: [....49] [ip4][..udp] [...168.144.64.5][58414] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable][dns.google] RISK: Unidirectional Traffic update: [....48] [ip4][..udp] [...168.144.64.5][56844] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [...168.144.64.5][50552] -> [108.171.138.182][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [...168.144.64.5][59622] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....50] [ip4][..udp] [...168.144.64.5][61341] -> [.16.232.218.117][..443] detected: [....50] [ip4][..udp] [...168.144.64.5][61341] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun][r9---sn-vh5ouxa-hjuk.googlevideo.com] RISK: Unidirectional Traffic @@ -368,68 +269,44 @@ detected: [....51] [ip4][..udp] [...168.144.64.5][56683] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable][b1.nel.goog] RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [...168.144.64.5][58414] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....48] [ip4][..udp] [...168.144.64.5][56844] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [...168.144.64.5][50552] -> [108.171.138.182][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [...168.144.64.5][59622] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....52] [ip4][..udp] [...168.144.64.5][64700] -> [.16.232.218.117][..443] detected: [....52] [ip4][..udp] [...168.144.64.5][64700] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun][r9---sn-vh5ouxa-hjuk.googlevideo.com] RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [...168.144.64.5][56844] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [...168.144.64.5][50552] -> [108.171.138.182][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [...168.144.64.5][59622] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [...168.144.64.5][58414] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....50] [ip4][..udp] [...168.144.64.5][61341] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....51] [ip4][..udp] [...168.144.64.5][56683] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic new: [....53] [ip4][..udp] [...168.144.64.5][60936] -> [...9.65.169.252][..443] detected: [....53] [ip4][..udp] [...168.144.64.5][60936] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun][suggestqueries-clients6.youtube.com] RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [...168.144.64.5][58414] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....50] [ip4][..udp] [...168.144.64.5][61341] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....51] [ip4][..udp] [...168.144.64.5][56683] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...168.144.64.5][64700] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....54] [ip4][..udp] [...168.144.64.5][59965] -> [..22.12.150.194][..443] detected: [....54] [ip4][..udp] [...168.144.64.5][59965] -> [..22.12.150.194][..443] [QUIC.YouTube][Unknown][Media][Fun][r1---sn-vh5ouxa-hju6.googlevideo.com] RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [...168.144.64.5][58414] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....55] [ip4][..udp] [...168.144.64.5][64693] -> [113.250.137.243][..443] detected: [....55] [ip4][..udp] [...168.144.64.5][64693] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable][b1.nel.goog] RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [...168.144.64.5][61341] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [...168.144.64.5][56683] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [...168.144.64.5][59965] -> [..22.12.150.194][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [...168.144.64.5][60936] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...168.144.64.5][64700] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....56] [ip4][..udp] [...168.144.64.5][59680] -> [.117.148.117.30][..443] detected: [....56] [ip4][..udp] [...168.144.64.5][59680] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][googleads.g.doubleclick.net] RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [...168.144.64.5][59965] -> [..22.12.150.194][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [...168.144.64.5][60936] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [...168.144.64.5][64693] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [...168.144.64.5][64700] -> [.16.232.218.117][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....57] [ip4][..udp] [...168.144.64.5][57565] -> [217.254.108.174][..443] detected: [....57] [ip4][..udp] [...168.144.64.5][57565] -> [217.254.108.174][..443] [QUIC.YouTube][Unknown][Media][Fun][r2---sn-vh5ouxa-hjuk.googlevideo.com] RISK: Unidirectional Traffic @@ -442,47 +319,33 @@ detected: [....59] [ip4][..udp] [...168.144.64.5][49860] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable][b1.nel.goog] RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [...168.144.64.5][59680] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [...168.144.64.5][57565] -> [217.254.108.174][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [...168.144.64.5][52387] -> [..143.52.137.18][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....60] [ip4][..udp] [...168.144.64.5][60949] -> [185.186.183.185][..443] detected: [....60] [ip4][..udp] [...168.144.64.5][60949] -> [185.186.183.185][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][content-autofill.googleapis.com] RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [...168.144.64.5][59680] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [...168.144.64.5][57565] -> [217.254.108.174][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [...168.144.64.5][52387] -> [..143.52.137.18][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....59] [ip4][..udp] [...168.144.64.5][49860] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic new: [....61] [ip4][..udp] [...168.144.64.5][57735] -> [..137.238.249.2][..443] detected: [....61] [ip4][..udp] [...168.144.64.5][57735] -> [..137.238.249.2][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][ade.googlesyndication.com] RISK: Unidirectional Traffic idle: [....56] [ip4][..udp] [...168.144.64.5][59680] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [...168.144.64.5][57565] -> [217.254.108.174][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [...168.144.64.5][60949] -> [185.186.183.185][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [...168.144.64.5][52387] -> [..143.52.137.18][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....59] [ip4][..udp] [...168.144.64.5][49860] -> [113.250.137.243][..443] [QUIC.Google][Unknown][Cloud][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 61|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] new: [....62] [ip4][..udp] [..52.187.20.175][50588] -> [.208.229.157.81][..443] detected: [....62] [ip4][..udp] [..52.187.20.175][50588] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][update.googleapis.com] RISK: Unidirectional Traffic idle: [....61] [ip4][..udp] [...168.144.64.5][57735] -> [..137.238.249.2][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....63] [ip4][..udp] [..52.187.20.175][61089] -> [..99.42.133.245][..443] detected: [....63] [ip4][..udp] [..52.187.20.175][61089] -> [..99.42.133.245][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [..52.187.20.175][50588] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [....64] [ip4][..udp] [..52.187.20.175][49880] -> [.208.229.157.81][..443] detected: [....64] [ip4][..udp] [..52.187.20.175][49880] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][update.googleapis.com] RISK: Unidirectional Traffic @@ -492,18 +355,14 @@ detected: [....65] [ip4][..udp] [159.117.176.124][58337] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [..52.187.20.175][50588] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....64] [ip4][..udp] [..52.187.20.175][49880] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [..52.187.20.175][61089] -> [..99.42.133.245][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 89 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 65|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 83] new: [....66] [ip4][..udp] [159.117.176.124][49867] -> [...198.74.29.79][..443] detected: [....66] [ip4][..udp] [159.117.176.124][49867] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][content-autofill.googleapis.com] RISK: Unidirectional Traffic idle: [....65] [ip4][..udp] [159.117.176.124][58337] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 93 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 66|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 83] new: [....67] [ip4][..udp] [..52.187.20.175][58123] -> [..118.89.218.46][..443] @@ -513,32 +372,25 @@ detected: [....68] [ip4][..udp] [..52.187.20.175][63507] -> [121.209.126.161][..443] [QUIC.Google][Azure][Web][Acceptable][clients2.googleusercontent.com] RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [159.117.176.124][49867] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....69] [ip4][..udp] [..52.187.20.175][57066] -> [108.171.138.182][..443] detected: [....69] [ip4][..udp] [..52.187.20.175][57066] -> [108.171.138.182][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [..52.187.20.175][58123] -> [..118.89.218.46][..443] [QUIC.Google][Tencent][Web][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [..52.187.20.175][63507] -> [121.209.126.161][..443] [QUIC.Google][Azure][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 102 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 69|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 85] new: [....70] [ip4][..udp] [..52.187.20.175][52512] -> [..196.245.61.64][..443] detected: [....70] [ip4][..udp] [..52.187.20.175][52512] -> [..196.245.61.64][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][safebrowsing.googleapis.com] RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [..52.187.20.175][58123] -> [..118.89.218.46][..443] [QUIC.Google][Tencent][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [..52.187.20.175][63507] -> [121.209.126.161][..443] [QUIC.Google][Azure][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....69] [ip4][..udp] [..52.187.20.175][57066] -> [108.171.138.182][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 106 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 70|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 85] new: [....71] [ip4][..udp] [..52.187.20.175][51619] -> [.208.229.157.81][..443] detected: [....71] [ip4][..udp] [..52.187.20.175][51619] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [..52.187.20.175][52512] -> [..196.245.61.64][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 110 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 71|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 85] new: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] @@ -560,22 +412,15 @@ detected: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][static.doubleclick.net] RISK: Unidirectional Traffic idle: [....71] [ip4][..udp] [..52.187.20.175][51619] -> [.208.229.157.81][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] detected: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] detected: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gcp.gvt2.com] RISK: Unidirectional Traffic @@ -589,21 +434,13 @@ detected: [....82] [ip4][..udp] [...168.144.64.5][63925] -> [...39.227.72.32][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons2.gvt2.com] RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....83] [ip4][..udp] [...168.144.64.5][49926] -> [.103.179.40.184][..443] detected: [....83] [ip4][..udp] [...168.144.64.5][49926] -> [.103.179.40.184][..443] [QUIC.YouTube][Unknown][Media][Fun][r5---sn-vh5ouxa-hju6.googlevideo.com] RISK: Unidirectional Traffic @@ -614,42 +451,25 @@ detected: [....85] [ip4][..udp] [...168.144.64.5][57398] -> [..137.238.249.2][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][www.googleadservices.com] RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [...168.144.64.5][59785] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [...168.144.64.5][59327] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [...168.144.64.5][63925] -> [...39.227.72.32][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....86] [ip4][..udp] [...168.144.64.5][64497] -> [102.194.207.179][..443] detected: [....86] [ip4][..udp] [...168.144.64.5][64497] -> [102.194.207.179][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons.gvt2.com] RISK: Unidirectional Traffic idle: [....73] [ip4][..udp] [...168.144.64.5][55066] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [...168.144.64.5][65391] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [...168.144.64.5][58703] -> [.93.100.151.221][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic idle: [....76] [ip4][..udp] [...168.144.64.5][58832] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [...168.144.64.5][61886] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [...168.144.64.5][58429] -> [....38.57.8.121][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] detected: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][googleads.g.doubleclick.net] RISK: Unidirectional Traffic @@ -660,121 +480,86 @@ detected: [....89] [ip4][..udp] [...168.144.64.5][54449] -> [102.194.207.179][..443] [QUIC.Google][Unknown][Web][Acceptable][beacons3.gvt2.com] RISK: Unidirectional Traffic idle: [....79] [ip4][..udp] [...168.144.64.5][60934] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [...168.144.64.5][55479] -> [113.250.137.243][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...168.144.64.5][64497] -> [102.194.207.179][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [...168.144.64.5][49926] -> [.103.179.40.184][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic update: [....85] [ip4][..udp] [...168.144.64.5][57398] -> [..137.238.249.2][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....88] [ip4][..udp] [...168.144.64.5][58956] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [...168.144.64.5][56384] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [...168.144.64.5][59785] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [...168.144.64.5][59327] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [...168.144.64.5][63925] -> [...39.227.72.32][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic update: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [....90] [ip4][..udp] [...168.144.64.5][60342] -> [.93.100.151.221][..443] detected: [....90] [ip4][..udp] [...168.144.64.5][60342] -> [.93.100.151.221][..443] [QUIC.YouTube][Unknown][Media][Fun][suggestqueries-clients6.youtube.com] RISK: Unidirectional Traffic idle: [....86] [ip4][..udp] [...168.144.64.5][64497] -> [102.194.207.179][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....83] [ip4][..udp] [...168.144.64.5][49926] -> [.103.179.40.184][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....85] [ip4][..udp] [...168.144.64.5][57398] -> [..137.238.249.2][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [...168.144.64.5][58956] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....89] [ip4][..udp] [...168.144.64.5][54449] -> [102.194.207.179][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [...168.144.64.5][56384] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [...168.144.64.5][59785] -> [...128.248.24.1][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [...168.144.64.5][59327] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [...168.144.64.5][63925] -> [...39.227.72.32][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....87] [ip4][..udp] [...168.144.64.5][55572] -> [.117.148.117.30][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 129 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 90|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 119] new: [....91] [ip4][..udp] [...168.144.64.5][65186] -> [...9.65.169.252][..443] detected: [....91] [ip4][..udp] [...168.144.64.5][65186] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun][www.youtube.com] RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [...168.144.64.5][60342] -> [.93.100.151.221][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....92] [ip4][..udp] [...168.144.64.5][52942] -> [.93.100.151.221][..443] detected: [....92] [ip4][..udp] [...168.144.64.5][52942] -> [.93.100.151.221][..443] [QUIC.Google][Unknown][Web][Acceptable][clients2.google.com] RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [...168.144.64.5][65186] -> [...9.65.169.252][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic new: [....93] [ip4][..udp] [..52.187.20.175][62114] -> [...198.74.29.79][..443] detected: [....93] [ip4][..udp] [..52.187.20.175][62114] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][safebrowsing.googleapis.com] RISK: Unidirectional Traffic idle: [....92] [ip4][..udp] [...168.144.64.5][52942] -> [.93.100.151.221][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 135 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 93|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 119] new: [....94] [ip4][..udp] [...168.144.64.5][55561] -> [..35.194.157.47][..443] detected: [....94] [ip4][..udp] [...168.144.64.5][55561] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable][googleads.g.doubleclick.net] RISK: Unidirectional Traffic idle: [....93] [ip4][..udp] [..52.187.20.175][62114] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [....95] [ip4][..udp] [159.117.176.124][61202] -> [...198.74.29.79][..443] detected: [....95] [ip4][..udp] [159.117.176.124][61202] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][safebrowsing.googleapis.com] RISK: Unidirectional Traffic idle: [....94] [ip4][..udp] [...168.144.64.5][55561] -> [..35.194.157.47][..443] [QUIC.GoogleCloud][GoogleCloud][Advertisement][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 140 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 95|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 119] new: [....96] [ip4][..udp] [159.117.176.124][49521] -> [...128.248.24.1][..443] detected: [....96] [ip4][..udp] [159.117.176.124][49521] -> [...128.248.24.1][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [159.117.176.124][61202] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 144 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 96|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 120] new: [....97] [ip4][..udp] [...168.144.64.5][49217] -> [185.186.183.185][..443] detected: [....97] [ip4][..udp] [...168.144.64.5][49217] -> [185.186.183.185][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][safebrowsing.googleapis.com] RISK: Unidirectional Traffic idle: [....95] [ip4][..udp] [159.117.176.124][61202] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....96] [ip4][..udp] [159.117.176.124][49521] -> [...128.248.24.1][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic new: [....98] [ip4][..udp] [..52.187.20.175][61286] -> [...198.74.29.79][..443] detected: [....98] [ip4][..udp] [..52.187.20.175][61286] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][safebrowsing.googleapis.com] RISK: Unidirectional Traffic update: [....97] [ip4][..udp] [...168.144.64.5][49217] -> [185.186.183.185][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 149 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 98|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 121] new: [....99] [ip4][..udp] [..52.187.20.175][53260] -> [102.194.207.179][..443] detected: [....99] [ip4][..udp] [..52.187.20.175][53260] -> [102.194.207.179][..443] [QUIC.GoogleServices][Azure][Web][Acceptable][clientservices.googleapis.com] RISK: Unidirectional Traffic idle: [....97] [ip4][..udp] [...168.144.64.5][49217] -> [185.186.183.185][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....98] [ip4][..udp] [..52.187.20.175][61286] -> [...198.74.29.79][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [...100] [ip4][..udp] [...168.144.64.5][50023] -> [..76.231.104.92][..443] detected: [...100] [ip4][..udp] [...168.144.64.5][50023] -> [..76.231.104.92][..443] [QUIC.YouTube][Unknown][Media][Fun][www.youtube.com] RISK: Unidirectional Traffic update: [....99] [ip4][..udp] [..52.187.20.175][53260] -> [102.194.207.179][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [...101] [ip4][..udp] [...168.144.64.5][65360] -> [....65.33.51.74][..443] detected: [...101] [ip4][..udp] [...168.144.64.5][65360] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable][googleads.g.doubleclick.net] RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [...168.144.64.5][50023] -> [..76.231.104.92][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic idle: [....99] [ip4][..udp] [..52.187.20.175][53260] -> [102.194.207.179][..443] [QUIC.GoogleServices][Azure][Web][Acceptable] - RISK: Unidirectional Traffic new: [...102] [ip4][..udp] [159.117.176.124][64134] -> [..207.121.63.92][..443] detected: [...102] [ip4][..udp] [159.117.176.124][64134] -> [..207.121.63.92][..443] [QUIC.Google][Unknown][Web][Acceptable][www.google.com] RISK: Unidirectional Traffic @@ -782,30 +567,24 @@ detected: [...103] [ip4][..udp] [..52.187.20.175][61484] -> [202.152.155.121][..443] [QUIC.Google][Azure][Web][Acceptable][ogs.google.com] RISK: Unidirectional Traffic update: [...101] [ip4][..udp] [...168.144.64.5][65360] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic new: [...104] [ip4][..udp] [159.117.176.124][51856] -> [.16.205.123.234][..443] detected: [...104] [ip4][..udp] [159.117.176.124][51856] -> [.16.205.123.234][..443] [QUIC.WhatsAppFiles][Unknown][Download][Acceptable][media.fmct2-1.fna.whatsapp.net] RISK: Unidirectional Traffic idle: [...101] [ip4][..udp] [...168.144.64.5][65360] -> [....65.33.51.74][..443] [QUIC.Google][Unknown][Advertisement][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 164 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 104|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 123] new: [...105] [ip4][..udp] [...168.144.64.5][54120] -> [...153.98.28.78][..443] detected: [...105] [ip4][..udp] [...168.144.64.5][54120] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable][dns.google] RISK: Unidirectional Traffic idle: [...102] [ip4][..udp] [159.117.176.124][64134] -> [..207.121.63.92][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [..52.187.20.175][61484] -> [202.152.155.121][..443] [QUIC.Google][Azure][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [159.117.176.124][51856] -> [.16.205.123.234][..443] [QUIC.WhatsAppFiles][Unknown][Download][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 165 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 105|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 123] new: [...106] [ip4][..udp] [...168.144.64.5][52396] -> [...153.98.28.78][..443] detected: [...106] [ip4][..udp] [...168.144.64.5][52396] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable][dns.google] RISK: Unidirectional Traffic idle: [...105] [ip4][..udp] [...168.144.64.5][54120] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 166 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 106|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 123] new: [...107] [ip4][..udp] [...168.144.64.5][50224] -> [....126.3.93.89][..443] @@ -815,7 +594,6 @@ detected: [...108] [ip4][..udp] [...168.144.64.5][62719] -> [..31.219.210.96][..443] [QUIC.Google][Unknown][Web][Acceptable][lh4.googleusercontent.com] RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [...168.144.64.5][52396] -> [...153.98.28.78][..443] [QUIC.DoH_DoT][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [...109] [ip4][..udp] [...168.144.64.5][58351] -> [.193.68.169.100][..443] detected: [...109] [ip4][..udp] [...168.144.64.5][58351] -> [.193.68.169.100][..443] [QUIC.Google][Unknown][Web][Acceptable][www.gstatic.com] RISK: Unidirectional Traffic @@ -829,22 +607,15 @@ detected: [...112] [ip4][..udp] [...168.144.64.5][50423] -> [.144.237.113.58][..443] [QUIC.Google][Unknown][Web][Acceptable][www.google.com] RISK: Unidirectional Traffic idle: [...110] [ip4][..udp] [...168.144.64.5][57319] -> [....7.71.118.27][..443] [QUIC.PlayStore][Unknown][SoftwareUpdate][Safe] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [...168.144.64.5][50224] -> [....126.3.93.89][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...108] [ip4][..udp] [...168.144.64.5][62719] -> [..31.219.210.96][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...109] [ip4][..udp] [...168.144.64.5][58351] -> [.193.68.169.100][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...111] [ip4][..udp] [...168.144.64.5][60919] -> [.53.101.228.200][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 178 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 112|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 123] new: [...113] [ip4][..udp] [...168.144.64.5][59206] -> [..76.231.104.92][..443] detected: [...113] [ip4][..udp] [...168.144.64.5][59206] -> [..76.231.104.92][..443] [QUIC.Google][Unknown][Web][Acceptable][ogs.google.com] RISK: Unidirectional Traffic idle: [...113] [ip4][..udp] [...168.144.64.5][59206] -> [..76.231.104.92][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic idle: [...112] [ip4][..udp] [...168.144.64.5][50423] -> [.144.237.113.58][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_interop_V.pcapng.out b/test/results/flow-info/default/quic_interop_V.pcapng.out index 9f0437d99..5a5d98273 100644 --- a/test/results/flow-info/default/quic_interop_V.pcapng.out +++ b/test/results/flow-info/default/quic_interop_V.pcapng.out @@ -40,6 +40,9 @@ new: [....13] [ip4][..udp] [..192.168.1.128][60784] -> [...3.121.242.54][.4433] detected: [....13] [ip4][..udp] [..192.168.1.128][60784] -> [...3.121.242.54][.4433] [QUIC][AmazonAWS][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....3] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][37876] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][..443] [QUIC][AmazonAWS][Web][Acceptable] + detection-update: [.....7] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60346] -> [..................2001:bc8:47a4:1c25::1][..443] [QUIC][Unknown][Web][Acceptable] + detection-update: [.....6] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][48707] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][..443] [QUIC][Unknown][Web][Acceptable] new: [....14] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51185] -> [..................2001:bc8:47a4:1c25::1][.4433] detected: [....14] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51185] -> [..................2001:bc8:47a4:1c25::1][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -76,6 +79,8 @@ new: [....25] [ip4][..udp] [..192.168.1.128][37661] -> [..71.202.41.169][.4433] detected: [....25] [ip4][..udp] [..192.168.1.128][37661] -> [..71.202.41.169][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....14] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51185] -> [..................2001:bc8:47a4:1c25::1][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....26] [ip4][..udp] [..192.168.1.128][37784] -> [..140.227.52.92][..443] detected: [....26] [ip4][..udp] [..192.168.1.128][37784] -> [..140.227.52.92][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic @@ -91,6 +96,8 @@ new: [....30] [ip4][.icmp] [..51.158.105.98] -> [..192.168.1.128] detected: [....30] [ip4][.icmp] [..51.158.105.98] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy, Unidirectional Traffic + detection-update: [....19] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][39945] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....31] [ip4][..udp] [..192.168.1.128][38933] -> [.202.238.220.92][..443] detected: [....31] [ip4][..udp] [..192.168.1.128][38933] -> [.202.238.220.92][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic @@ -121,6 +128,8 @@ new: [....40] [ip4][..udp] [..192.168.1.128][34903] -> [..18.189.84.245][..443] detected: [....40] [ip4][..udp] [..192.168.1.128][34903] -> [..18.189.84.245][..443] [QUIC][AmazonAWS][Web][Acceptable] RISK: Unidirectional Traffic + detection-update: [....27] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60983] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....41] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][45852] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4433] detected: [....41] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][45852] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -145,33 +154,46 @@ new: [....48] [ip4][..udp] [..192.168.1.128][44619] -> [..140.227.52.92][.4433] detected: [....48] [ip4][..udp] [..192.168.1.128][44619] -> [..140.227.52.92][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....32] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52271] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....49] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44243] -> [......................2001:19f0:4:34::1][.4434] detected: [....49] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44243] -> [......................2001:19f0:4:34::1][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....50] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38394] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4433] detected: [....50] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38394] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4433] [QUIC][AmazonAWS][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....39] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49270] -> [..................2001:bc8:47a4:1c25::1][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....51] [ip6][icmp6] [.....2001:19f0:5:c21:5400:1ff:fe33:3b96] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] detected: [....51] [ip6][icmp6] [.....2001:19f0:5:c21:5400:1ff:fe33:3b96] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [....43] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][46353] -> [.................2606:4700:10::6816:826][..443] [QUIC][Cloudflare][Web][Acceptable] new: [....52] [ip4][..udp] [..192.168.1.128][35263] -> [.202.238.220.92][.4434] detected: [....52] [ip4][..udp] [..192.168.1.128][35263] -> [.202.238.220.92][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....53] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53760] -> [............2604:a880:800:a1::1279:3001][.4434] detected: [....53] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53760] -> [............2604:a880:800:a1::1279:3001][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....22] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][35643] -> [......................2001:19f0:4:34::1][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....54] [ip4][..udp] [..192.168.1.128][54570] -> [..18.189.84.245][.4434] detected: [....54] [ip4][..udp] [..192.168.1.128][54570] -> [..18.189.84.245][.4434] [QUIC][AmazonAWS][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [....55] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44924] -> [.........2400:8902::f03c:91ff:fe69:a454][.4434] detected: [....55] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44924] -> [.........2400:8902::f03c:91ff:fe69:a454][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....17] [ip4][..udp] [..192.168.1.128][43475] -> [..18.189.84.245][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....56] [ip4][..udp] [..192.168.1.128][39975] -> [.138.91.188.147][..443] detected: [....56] [ip4][..udp] [..192.168.1.128][39975] -> [.138.91.188.147][..443] [QUIC][Azure][Web][Acceptable] RISK: Unidirectional Traffic new: [....57] [ip4][..udp] [..192.168.1.128][50705] -> [.138.91.188.147][.4434] detected: [....57] [ip4][..udp] [..192.168.1.128][50705] -> [.138.91.188.147][.4434] [QUIC][Azure][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....33] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51040] -> [............2604:a880:800:a1::1279:3001][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port + detection-update: [....24] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52080] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4434] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....58] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][41857] -> [.................2606:4700:10::6816:826][.4434] detected: [....58] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][41857] -> [.................2606:4700:10::6816:826][.4434] [QUIC][Cloudflare][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -187,6 +209,8 @@ new: [....62] [ip4][..udp] [..192.168.1.128][42468] -> [.138.91.188.147][.4433] detected: [....62] [ip4][..udp] [..192.168.1.128][42468] -> [.138.91.188.147][.4433] [QUIC][Azure][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....41] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][45852] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....63] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38689] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4434] detected: [....63] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38689] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -208,15 +232,24 @@ new: [....69] [ip4][..udp] [..192.168.1.128][43735] -> [..51.158.105.98][.4434] detected: [....69] [ip4][..udp] [..192.168.1.128][43735] -> [..51.158.105.98][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....53] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53760] -> [............2604:a880:800:a1::1279:3001][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port + detection-update: [....40] [ip4][..udp] [..192.168.1.128][34903] -> [..18.189.84.245][..443] [QUIC][AmazonAWS][Web][Acceptable] new: [....70] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44605] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4434] detected: [....70] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44605] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4434] [QUIC][AmazonAWS][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....46] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49788] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....71] [ip4][.icmp] [.202.238.220.92] -> [..192.168.1.128] detected: [....71] [ip4][.icmp] [.202.238.220.92] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy, Unidirectional Traffic new: [....72] [ip4][.icmp] [..18.189.84.245] -> [..192.168.1.128] detected: [....72] [ip4][.icmp] [..18.189.84.245] -> [..192.168.1.128] [ICMP][AmazonAWS][Network][Acceptable] RISK: Susp Entropy, Unidirectional Traffic + detection-update: [....70] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44605] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4434] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + detection-update: [....50] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38394] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....73] [ip6][icmp6] [............2604:a880:800:a1::1279:3001] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] detected: [....73] [ip6][icmp6] [............2604:a880:800:a1::1279:3001] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -226,6 +259,8 @@ new: [....75] [ip4][.icmp] [133.242.206.244] -> [..192.168.1.128] detected: [....75] [ip4][.icmp] [133.242.206.244] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] RISK: Susp Entropy, Unidirectional Traffic + detection-update: [....65] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53140] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port new: [....76] [ip4][.icmp] [..192.168.1.128] -> [..140.227.52.92] detected: [....76] [ip4][.icmp] [..192.168.1.128] -> [..140.227.52.92] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -237,10 +272,11 @@ idle: [.....8] [ip4][..udp] [..192.168.1.128][46576] -> [..40.112.191.60][.4433] [QUIC][Azure][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....34] [ip4][.icmp] [.131.159.24.198] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic + RISK: Susp Entropy idle: [.....1] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38077] -> [.........2400:8902::f03c:91ff:fe69:a454][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....46] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49788] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4434] + idle: [....46] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49788] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....13] [ip4][..udp] [..192.168.1.128][60784] -> [...3.121.242.54][.4433] [QUIC][AmazonAWS][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....38] [ip4][..udp] [..192.168.1.128][50289] -> [..71.202.41.169][.4434] [QUIC][Unknown][Web][Acceptable] @@ -248,46 +284,55 @@ idle: [....15] [ip4][..udp] [..192.168.1.128][34511] -> [.131.159.24.198][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [....74] [ip4][.icmp] [..192.168.1.128] -> [..40.112.191.60] [ICMP][Azure][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....17] [ip4][..udp] [..192.168.1.128][43475] -> [..18.189.84.245][.4433] - idle: [....35] [ip4][..udp] [..192.168.1.128][45250] -> [..51.158.105.98][.4433] + idle: [....17] [ip4][..udp] [..192.168.1.128][43475] -> [..18.189.84.245][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....35] [ip4][..udp] [..192.168.1.128][45250] -> [..51.158.105.98][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....73] [ip6][icmp6] [............2604:a880:800:a1::1279:3001] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [..192.168.1.128][59515] -> [..193.190.10.98][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....31] [ip4][..udp] [..192.168.1.128][38933] -> [.202.238.220.92][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....33] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51040] -> [............2604:a880:800:a1::1279:3001][.4433] + idle: [....33] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51040] -> [............2604:a880:800:a1::1279:3001][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....26] [ip4][..udp] [..192.168.1.128][37784] -> [..140.227.52.92][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [....11] [ip4][.icmp] [...3.121.242.54] -> [..192.168.1.128] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic - idle: [....43] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][46353] -> [.................2606:4700:10::6816:826][..443] + RISK: Susp Entropy + idle: [....43] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][46353] -> [.................2606:4700:10::6816:826][..443] [QUIC][Cloudflare][Web][Acceptable] idle: [....67] [ip6][icmp6] [.........2400:8902::f03c:91ff:fe69:a454] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] + idle: [....19] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][39945] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....60] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][43645] -> [......................2001:19f0:4:34::1][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....19] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][39945] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4433] - idle: [....60] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][43645] -> [......................2001:19f0:4:34::1][..443] idle: [....56] [ip4][..udp] [..192.168.1.128][39975] -> [.138.91.188.147][..443] [QUIC][Azure][Web][Acceptable] RISK: Unidirectional Traffic - idle: [.....3] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][37876] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][..443] - idle: [....22] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][35643] -> [......................2001:19f0:4:34::1][.4433] - idle: [....32] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52271] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4434] + idle: [.....3] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][37876] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][..443] [QUIC][AmazonAWS][Web][Acceptable] + idle: [....22] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][35643] -> [......................2001:19f0:4:34::1][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....32] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52271] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....52] [ip4][..udp] [..192.168.1.128][35263] -> [.202.238.220.92][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....41] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][45852] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4433] + idle: [....41] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][45852] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....55] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44924] -> [.........2400:8902::f03c:91ff:fe69:a454][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....20] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][39624] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][..443] + idle: [....20] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][39624] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][..443] [QUIC][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [..192.168.1.128][42456] -> [133.242.206.244][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....69] [ip4][..udp] [..192.168.1.128][43735] -> [..51.158.105.98][.4434] - idle: [.....5] [ip4][..udp] [..192.168.1.128][47010] -> [...3.121.242.54][..443] + idle: [....69] [ip4][..udp] [..192.168.1.128][43735] -> [..51.158.105.98][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [.....5] [ip4][..udp] [..192.168.1.128][47010] -> [...3.121.242.54][..443] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Unidirectional Traffic idle: [....75] [ip4][.icmp] [133.242.206.244] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic + RISK: Susp Entropy idle: [....28] [ip4][..udp] [..192.168.1.128][49658] -> [..193.190.10.98][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [.....7] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60346] -> [..................2001:bc8:47a4:1c25::1][..443] - idle: [....16] [ip4][..udp] [..192.168.1.128][51887] -> [..51.158.105.98][..443] + idle: [.....7] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60346] -> [..................2001:bc8:47a4:1c25::1][..443] [QUIC][Unknown][Web][Acceptable] + idle: [....16] [ip4][..udp] [..192.168.1.128][51887] -> [..51.158.105.98][..443] [QUIC][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [..192.168.1.128][42468] -> [.138.91.188.147][.4433] [QUIC][Azure][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....57] [ip4][..udp] [..192.168.1.128][50705] -> [.138.91.188.147][.4434] [QUIC][Azure][Web][Acceptable] @@ -296,54 +341,64 @@ RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....48] [ip4][..udp] [..192.168.1.128][44619] -> [..140.227.52.92][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....29] [ip4][..udp] [..192.168.1.128][41587] -> [.131.159.24.198][.4433] - idle: [....49] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44243] -> [......................2001:19f0:4:34::1][.4434] + idle: [....29] [ip4][..udp] [..192.168.1.128][41587] -> [.131.159.24.198][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [....49] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44243] -> [......................2001:19f0:4:34::1][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....77] [ip4][.icmp] [..192.168.1.128] -> [.138.91.188.147] [ICMP][Azure][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....76] [ip4][.icmp] [..192.168.1.128] -> [..140.227.52.92] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....53] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53760] -> [............2604:a880:800:a1::1279:3001][.4434] - idle: [....70] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44605] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4434] - idle: [....54] [ip4][..udp] [..192.168.1.128][54570] -> [..18.189.84.245][.4434] + idle: [....53] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53760] -> [............2604:a880:800:a1::1279:3001][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....70] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][44605] -> [.2a05:d018:ce9:8100:cd2a:e2fd:b3be:c5ab][.4434] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....54] [ip4][..udp] [..192.168.1.128][54570] -> [..18.189.84.245][.4434] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....44] [ip4][..udp] [..192.168.1.128][53791] -> [..40.112.191.60][.4434] [QUIC][Azure][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....27] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60983] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4433] + idle: [....27] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][60983] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....18] [ip4][..udp] [..192.168.1.128][49151] -> [133.242.206.244][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....37] [ip6][icmp6] [.2001:4800:7817:101:be76:4eff:fe04:631d] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] + idle: [.....4] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][34442] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][..443] [QUIC][Unknown][Web][Acceptable] RISK: Unidirectional Traffic - idle: [.....4] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][34442] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][..443] - idle: [.....6] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][48707] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][..443] + idle: [.....6] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][48707] -> [..2a00:ac00:4000:400:2e0:4cff:fe68:199d][..443] [QUIC][Unknown][Web][Acceptable] idle: [....12] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][32957] -> [.................2606:4700:10::6816:826][.4433] [QUIC][Cloudflare][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....24] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52080] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4434] - idle: [....65] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53140] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4433] - idle: [....59] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][56073] -> [............2604:a880:800:a1::1279:3001][..443] + idle: [....24] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][52080] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4434] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....65] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][53140] -> [.2001:4800:7817:101:be76:4eff:fe04:631d][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....59] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][56073] -> [............2604:a880:800:a1::1279:3001][..443] [QUIC][Unknown][Web][Acceptable] + RISK: Unidirectional Traffic idle: [....72] [ip4][.icmp] [..18.189.84.245] -> [..192.168.1.128] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic + RISK: Susp Entropy idle: [....68] [ip6][icmp6] [......................2001:19f0:4:34::1] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip6][icmp6] [.....2001:19f0:5:c21:5400:1ff:fe33:3b96] -> [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d] [ICMPV6][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....47] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][46242] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][..443] [QUIC][AmazonAWS][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....63] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38689] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4434] + idle: [....63] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38689] -> [.....2001:19f0:5:c21:5400:1ff:fe33:3b96][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....10] [ip4][..udp] [..192.168.1.128][38366] -> [.202.238.220.92][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....23] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][56213] -> [.........2400:8902::f03c:91ff:fe69:a454][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....30] [ip4][.icmp] [..51.158.105.98] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic - idle: [....14] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51185] -> [..................2001:bc8:47a4:1c25::1][.4433] + RISK: Susp Entropy + idle: [....14] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][51185] -> [..................2001:bc8:47a4:1c25::1][.4433] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....25] [ip4][..udp] [..192.168.1.128][37661] -> [..71.202.41.169][.4433] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....71] [ip4][.icmp] [.202.238.220.92] -> [..192.168.1.128] [ICMP][Unknown][Network][Acceptable] - RISK: Susp Entropy, Unidirectional Traffic - idle: [....50] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38394] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4433] - idle: [....61] [ip4][..udp] [..192.168.1.128][48644] -> [.131.159.24.198][.4434] + RISK: Susp Entropy + idle: [....50] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][38394] -> [2600:1f18:2310:d230:5103:7d9e:7d75:374f][.4433] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....61] [ip4][..udp] [..192.168.1.128][48644] -> [.131.159.24.198][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.1.128][46334] -> [..40.112.191.60][..443] [QUIC][Azure][Web][Acceptable] RISK: Unidirectional Traffic - idle: [....39] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49270] -> [..................2001:bc8:47a4:1c25::1][.4434] + idle: [....39] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][49270] -> [..................2001:bc8:47a4:1c25::1][.4434] [QUIC][Unknown][Web][Acceptable] + RISK: Known Proto on Non Std Port idle: [....42] [ip4][..udp] [..192.168.1.128][45855] -> [133.242.206.244][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....58] [ip6][..udp] [..2001:b07:ac9:d5ae:a4d3:fe47:691e:807d][41857] -> [.................2606:4700:10::6816:826][.4434] [QUIC][Cloudflare][Web][Acceptable] @@ -352,5 +407,5 @@ RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [..192.168.1.128][57926] -> [..140.227.52.92][.4434] [QUIC][Unknown][Web][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....40] [ip4][..udp] [..192.168.1.128][34903] -> [..18.189.84.245][..443] + idle: [....40] [ip4][..udp] [..192.168.1.128][34903] -> [..18.189.84.245][..443] [QUIC][AmazonAWS][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_q39.pcap.out b/test/results/flow-info/default/quic_q39.pcap.out index cdfe5ba33..3567fe122 100644 --- a/test/results/flow-info/default/quic_q39.pcap.out +++ b/test/results/flow-info/default/quic_q39.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 1378,1160,63,1378,59,69,69,58,291,46,69,256,1378,64,1378,1378,61,1378,60,1378,62,1378,62,1378,62,1378,716,62,62,90,46,84] [ENTROPIES...: 4.2,7.8,5.0,7.8,5.4,5.6,5.7,5.3,7.3,4.8,5.8,7.1,7.9,5.4,7.8,7.9,5.5,7.9,5.4,7.9,5.4,7.9,5.4,7.9,5.5,7.8,7.7,5.5,5.5,6.0,4.8,6.0] idle: [.....1] [ip4][..udp] [.170.216.16.209][38620] -> [.21.157.183.227][..443] [QUIC.YouTube][Unknown][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_q43.pcap.out b/test/results/flow-info/default/quic_q43.pcap.out index bbeb79df6..6b1f7f33d 100644 --- a/test/results/flow-info/default/quic_q43.pcap.out +++ b/test/results/flow-info/default/quic_q43.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..51.120.20.202][49241] -> [..72.119.217.29][..443] [QUIC.DoH_DoT][Azure][Network][Acceptable][dns.google.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..51.120.20.202][49241] -> [..72.119.217.29][..443] [QUIC.DoH_DoT][Azure][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_q46.pcap.out b/test/results/flow-info/default/quic_q46.pcap.out index f40d37c35..838f54d1d 100644 --- a/test/results/flow-info/default/quic_q46.pcap.out +++ b/test/results/flow-info/default/quic_q46.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..172.29.42.236][38292] -> [.153.20.183.203][..443] [QUIC.Google][Unknown][Web][Acceptable][play.google.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..172.29.42.236][38292] -> [.153.20.183.203][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_q46_b.pcap.out b/test/results/flow-info/default/quic_q46_b.pcap.out index 0123d7879..e269c96fd 100644 --- a/test/results/flow-info/default/quic_q46_b.pcap.out +++ b/test/results/flow-info/default/quic_q46_b.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..172.27.69.216][45530] -> [.110.231.134.35][..443] [QUIC.YouTubeUpload][Unknown][Media][Fun][upload.youtube.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..172.27.69.216][45530] -> [.110.231.134.35][..443] [QUIC.YouTubeUpload][Unknown][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_q50.pcap.out b/test/results/flow-info/default/quic_q50.pcap.out index bd3ad53c8..bee1e256a 100644 --- a/test/results/flow-info/default/quic_q50.pcap.out +++ b/test/results/flow-info/default/quic_q50.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [248.144.129.147][39203] -> [184.151.193.237][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][www.googletagmanager.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [248.144.129.147][39203] -> [184.151.193.237][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_t50.pcap.out b/test/results/flow-info/default/quic_t50.pcap.out index 0533ee61e..579d6f4e2 100644 --- a/test/results/flow-info/default/quic_t50.pcap.out +++ b/test/results/flow-info/default/quic_t50.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.40.154.127.200][49836] -> [166.240.188.209][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable][fonts.googleapis.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.40.154.127.200][49836] -> [166.240.188.209][..443] [QUIC.GoogleServices][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quic_t51.pcap.out b/test/results/flow-info/default/quic_t51.pcap.out index 1b9be9861..b4409b0e9 100644 --- a/test/results/flow-info/default/quic_t51.pcap.out +++ b/test/results/flow-info/default/quic_t51.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [187.227.136.152][55356] -> [.211.247.147.90][..443] [QUIC.Google][Unknown][Web][Acceptable][www.google.com] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [187.227.136.152][55356] -> [.211.247.147.90][..443] [QUIC.Google][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/quickplay.pcap.out b/test/results/flow-info/default/quickplay.pcap.out index 6df2a4d12..3b5ea8480 100644 --- a/test/results/flow-info/default/quickplay.pcap.out +++ b/test/results/flow-info/default/quickplay.pcap.out @@ -4,33 +4,44 @@ new: [.....1] [ip4][..tcp] [..10.54.169.250][50668] -> [...120.28.35.41][...80] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..10.54.169.250][50668] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [..10.54.169.250][50668] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] new: [.....2] [ip4][..tcp] [..10.54.169.250][50669] -> [...120.28.35.41][...80] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..10.54.169.250][50669] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [.....2] [ip4][..tcp] [..10.54.169.250][50669] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] new: [.....3] [ip4][..tcp] [..10.54.169.250][33064] -> [....120.28.5.18][...80] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [..10.54.169.250][33064] -> [....120.28.5.18][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [.....3] [ip4][..tcp] [..10.54.169.250][33064] -> [....120.28.5.18][...80] [HTTP][Unknown][Streaming][Acceptable][api-singtelhawk.quickplay.com] new: [.....4] [ip4][..tcp] [..10.54.169.250][52285] -> [..173.252.74.22][...80] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [..10.54.169.250][52285] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..tcp] [..10.54.169.250][52285] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] new: [.....5] [ip4][..tcp] [..10.54.169.250][52288] -> [..173.252.74.22][...80] [MIDSTREAM] detected: [.....5] [ip4][..tcp] [..10.54.169.250][52288] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] RISK: Unidirectional Traffic new: [.....6] [ip4][..tcp] [..10.54.169.250][33277] -> [..120.28.26.231][...80] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [..10.54.169.250][33277] -> [..120.28.26.231][...80] [HTTP.Google][Unknown][Web][Acceptable][clients3.google.com] RISK: Unidirectional Traffic + detection-update: [.....6] [ip4][..tcp] [..10.54.169.250][33277] -> [..120.28.26.231][...80] [HTTP.Google][Unknown][Web][Acceptable][clients3.google.com] + detection-update: [.....5] [ip4][..tcp] [..10.54.169.250][52288] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] new: [.....7] [ip4][..tcp] [..10.54.169.250][44793] -> [....31.13.68.49][...80] [MIDSTREAM] detected: [.....7] [ip4][..tcp] [..10.54.169.250][44793] -> [....31.13.68.49][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] RISK: Unidirectional Traffic + detection-update: [.....7] [ip4][..tcp] [..10.54.169.250][44793] -> [....31.13.68.49][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun][www.facebook.com] new: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [MIDSTREAM] detected: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable][play-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable][play-singtelhawk.quickplay.com] new: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic new: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [MIDSTREAM] detected: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun][hkextshort.weixin.qq.com] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] + detection-update: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun][hkextshort.weixin.qq.com] + RISK: Known Proto on Non Std Port new: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic @@ -44,6 +55,7 @@ RISK: Binary App Transfer, Known Proto on Non Std Port detection-update: [....13] [ip4][..tcp] [..10.54.169.250][54885] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Download][Fun][hkextshort.weixin.qq.com] RISK: Binary App Transfer, Known Proto on Non Std Port + detection-update: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] new: [....14] [ip4][..tcp] [..10.54.169.250][42762] -> [203.205.129.101][...80] [MIDSTREAM] detected: [....14] [ip4][..tcp] [..10.54.169.250][42762] -> [203.205.129.101][...80] [HTTP_Proxy.QQ][Tencent][Chat][Fun][hkextshort.weixin.qq.com] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -67,44 +79,51 @@ new: [....16] [ip4][..tcp] [..10.54.169.250][56381] -> [..54.179.140.65][...80] [MIDSTREAM] detected: [....16] [ip4][..tcp] [..10.54.169.250][56381] -> [..54.179.140.65][...80] [HTTP.Xiaomi][AmazonAWS][Web][Acceptable][api.account.xiaomi.com] RISK: Unidirectional Traffic + detection-update: [....16] [ip4][..tcp] [..10.54.169.250][56381] -> [..54.179.140.65][...80] [HTTP.Xiaomi][AmazonAWS][Web][Acceptable][api.account.xiaomi.com] new: [....17] [ip4][..tcp] [..10.54.169.250][52017] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....17] [ip4][..tcp] [..10.54.169.250][52017] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [....17] [ip4][..tcp] [..10.54.169.250][52017] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] end: [....13] [ip4][..tcp] [..10.54.169.250][54885] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Download][Fun] RISK: Binary App Transfer, Known Proto on Non Std Port new: [....18] [ip4][..tcp] [..10.54.169.250][52018] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....18] [ip4][..tcp] [..10.54.169.250][52018] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [....18] [ip4][..tcp] [..10.54.169.250][52018] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] new: [....19] [ip4][..tcp] [..10.54.169.250][52019] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....19] [ip4][..tcp] [..10.54.169.250][52019] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [....19] [ip4][..tcp] [..10.54.169.250][52019] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] new: [....20] [ip4][..tcp] [..10.54.169.250][52021] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....20] [ip4][..tcp] [..10.54.169.250][52021] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [....20] [ip4][..tcp] [..10.54.169.250][52021] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] new: [....21] [ip4][..tcp] [..10.54.169.250][52022] -> [...120.28.35.40][...80] [MIDSTREAM] detected: [....21] [ip4][..tcp] [..10.54.169.250][52022] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] RISK: Unidirectional Traffic + detection-update: [....21] [ip4][..tcp] [..10.54.169.250][52022] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable][vod-singtelhawk.quickplay.com] idle: [.....1] [ip4][..tcp] [..10.54.169.250][50668] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable] idle: [.....2] [ip4][..tcp] [..10.54.169.250][50669] -> [...120.28.35.41][...80] [HTTP][Unknown][Streaming][Acceptable] idle: [.....7] [ip4][..tcp] [..10.54.169.250][44793] -> [....31.13.68.49][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun] - idle: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] + idle: [....10] [ip4][..tcp] [..10.54.169.250][54883] -> [203.205.151.160][...80] [HTTP_Proxy.QQ][Unknown][Chat][Fun] + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..tcp] [..10.54.169.250][42761] -> [203.205.129.101][...80] [HTTP_Proxy.QQ][Tencent][Download][Fun] RISK: Binary App Transfer, Known Proto on Non Std Port idle: [....14] [ip4][..tcp] [..10.54.169.250][42762] -> [203.205.129.101][...80] [HTTP_Proxy.QQ][Tencent][Download][Fun] RISK: Binary App Transfer, Known Proto on Non Std Port - idle: [.....3] [ip4][..tcp] [..10.54.169.250][33064] -> [....120.28.5.18][...80] + idle: [.....3] [ip4][..tcp] [..10.54.169.250][33064] -> [....120.28.5.18][...80] [HTTP][Unknown][Streaming][Acceptable] idle: [.....6] [ip4][..tcp] [..10.54.169.250][33277] -> [..120.28.26.231][...80] [HTTP.Google][Unknown][Web][Acceptable] idle: [....16] [ip4][..tcp] [..10.54.169.250][56381] -> [..54.179.140.65][...80] [HTTP.Xiaomi][AmazonAWS][Web][Acceptable] - idle: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] + idle: [.....9] [ip4][..tcp] [..10.54.169.250][52007] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] idle: [....11] [ip4][..tcp] [..10.54.169.250][52009] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] - idle: [....17] [ip4][..tcp] [..10.54.169.250][52017] -> [...120.28.35.40][...80] - idle: [....18] [ip4][..tcp] [..10.54.169.250][52018] -> [...120.28.35.40][...80] + idle: [....17] [ip4][..tcp] [..10.54.169.250][52017] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] + idle: [....18] [ip4][..tcp] [..10.54.169.250][52018] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] end: [....19] [ip4][..tcp] [..10.54.169.250][52019] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] - idle: [....20] [ip4][..tcp] [..10.54.169.250][52021] -> [...120.28.35.40][...80] - idle: [....21] [ip4][..tcp] [..10.54.169.250][52022] -> [...120.28.35.40][...80] + idle: [....20] [ip4][..tcp] [..10.54.169.250][52021] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] + idle: [....21] [ip4][..tcp] [..10.54.169.250][52022] -> [...120.28.35.40][...80] [HTTP][Unknown][Streaming][Acceptable] idle: [.....4] [ip4][..tcp] [..10.54.169.250][52285] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun] idle: [.....5] [ip4][..tcp] [..10.54.169.250][52288] -> [..173.252.74.22][...80] [HTTP.Facebook][Facebook][SocialNetwork][Fun] idle: [....15] [ip4][..tcp] [..10.54.169.250][35670] -> [203.205.147.215][...80] [HTTP_Proxy.QQ][Tencent][Download][Fun] RISK: Binary App Transfer, Known Proto on Non Std Port - idle: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] + idle: [.....8] [ip4][..tcp] [..10.54.169.250][44256] -> [....120.28.5.41][...80] [HTTP][Unknown][Streaming][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/raknet.pcap.out b/test/results/flow-info/default/raknet.pcap.out index 71ab4cfc1..bed72abc2 100644 --- a/test/results/flow-info/default/raknet.pcap.out +++ b/test/results/flow-info/default/raknet.pcap.out @@ -35,51 +35,36 @@ RISK: Unidirectional Traffic new: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] update: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][60031] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.148.153.35.205][60005] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][32951] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] update: [.....4] [ip4][..udp] [.148.153.35.205][60022] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.2.100][32952] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [..192.168.2.100][32953] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.148.153.35.205][60025] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] update: [....10] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][60031] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.148.153.35.205][60005] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [..192.168.2.100][32951] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] update: [.....4] [ip4][..udp] [.148.153.35.205][60022] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.2.100][32952] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [..192.168.2.100][32953] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.148.153.35.205][60025] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic detected: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][60690] -> [.148.153.35.205][60028] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][60031] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.148.153.35.205][60005] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][32951] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] idle: [.....5] [ip4][..udp] [..192.168.2.100][32952] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.148.153.35.205][60022] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][32953] -> [.148.153.35.205][60021] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.148.153.35.205][60025] -> [..192.168.2.100][32951] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] @@ -90,5 +75,4 @@ idle: [....11] [ip4][..udp] [..192.168.2.100][44501] -> [.148.153.35.205][59935] [RakNet][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [.148.153.35.205][43582] -> [..192.168.2.100][44501] [RakNet][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/reasm_segv_anon.pcapng.out b/test/results/flow-info/default/reasm_segv_anon.pcapng.out index 5b3b89d16..be68010d4 100644 --- a/test/results/flow-info/default/reasm_segv_anon.pcapng.out +++ b/test/results/flow-info/default/reasm_segv_anon.pcapng.out @@ -31,5 +31,4 @@ ERROR-EVENT: Captured packet size is smaller than expected packet size [15/16] ERROR-EVENT: Captured packet size is smaller than expected packet size [16/16] idle: [.....1] [ip4][..udp] [...145.76.2.236][.2152] -> [...187.96.52.85][.2152] [GTP.GTP_U][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/reddit.pcap.out b/test/results/flow-info/default/reddit.pcap.out index 8412fa4bb..fe30eba35 100644 --- a/test/results/flow-info/default/reddit.pcap.out +++ b/test/results/flow-info/default/reddit.pcap.out @@ -89,7 +89,7 @@ detection-update: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56592] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][emoji.redditmedia.com] detection-update: [....19] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56590] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][emoji.redditmedia.com] detection-update: [....19] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56590] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][emoji.redditmedia.com] - analyse: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56592] -> [.....................64:ff9b::9765:798c][..443] + analyse: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56592] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.052| 0.010| 0.019| 355.472| 2.800] [PKTLEN......: 72.000| 1120.000| 363.000| 422.800| 178733.300| 4.100] @@ -104,7 +104,7 @@ detected: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][b.thumbs.redditmedia.com] detection-update: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][b.thumbs.redditmedia.com] detection-update: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][b.thumbs.redditmedia.com] - analyse: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] + analyse: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.092| 0.011| 0.022| 490.869| 2.800] [PKTLEN......: 72.000| 1120.000| 363.300| 424.000| 179781.300| 4.100] @@ -134,7 +134,7 @@ [IATS(ms)....: 31.5,31.5,0.2,36.8,7.0,0.0,43.6,0.0,0.6,0.6,2.4,0.2,0.1,37.7,0.7,1.1,36.8,0.1,0.1,0.0,0.5,8.6,9.1,0.1,0.1,0.2,0.0,0.2,0.0,0.1,0.0] [PKTLENS.....: 80,80,72,589,72,1280,1280,72,72,533,72,136,164,333,72,72,652,72,103,72,103,72,778,72,1280,72,1280,1280,72,72,1280,1280] [ENTROPIES...: 4.8,5.3,5.1,4.6,5.2,7.8,7.8,5.2,5.2,7.6,5.2,6.2,6.5,7.2,5.1,5.1,7.6,5.2,5.8,5.2,5.9,5.2,7.7,5.2,7.8,5.2,7.8,7.8,5.2,5.2,7.8,7.8] - analyse: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] + analyse: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.051| 0.008| 0.015| 226.995| 3.000] [PKTLEN......: 72.000| 1460.000| 461.600| 586.500| 343946.100| 4.000] @@ -185,7 +185,7 @@ detection-update: [....32] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48648] -> [...2620:116:800d:21:f916:5049:f87f:108e][..443] [TLS][Unknown][Web][Safe][secure.quantserve.com] detection-update: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][syndication.twitter.com] detection-update: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun][syndication.twitter.com] - analyse: [....32] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48648] -> [...2620:116:800d:21:f916:5049:f87f:108e][..443] + analyse: [....32] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48648] -> [...2620:116:800d:21:f916:5049:f87f:108e][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.180| 0.021| 0.039| 1506.599| 3.300] [PKTLEN......: 72.000| 1460.000| 446.900| 554.600| 307585.900| 4.000] @@ -215,7 +215,7 @@ [IATS(ms)....: 41.1,41.1,0.2,31.9,11.0,42.7,0.5,0.0,0.5,0.0,2.8,1.3,0.1,34.2,10.2,0.0,40.2,0.5,1.5,0.0,0.9,16.6,0.0,0.0,16.5,0.0,0.0,4.4,0.3,12.7,24.5] [PKTLENS.....: 80,80,72,589,72,1460,72,1460,172,72,72,136,164,486,72,652,72,72,103,72,103,72,793,103,111,72,72,72,111,107,282,72] [ENTROPIES...: 4.9,5.3,5.3,4.5,5.1,7.8,5.3,7.9,6.5,5.3,5.3,6.1,6.5,7.4,5.2,7.6,5.1,5.3,5.9,5.1,5.8,5.3,7.7,5.7,6.0,5.3,5.3,5.3,6.1,5.9,7.1,5.2] - analyse: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] + analyse: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.217| 0.047| 0.068| 4568.099| 3.600] [PKTLEN......: 72.000| 1460.000| 258.400| 353.400| 124913.600| 4.100] @@ -281,7 +281,7 @@ detected: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][gateway.reddit.com] detection-update: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][gateway.reddit.com] detection-update: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun][gateway.reddit.com] - analyse: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] + analyse: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.144| 0.016| 0.036| 1331.147| 2.700] [PKTLEN......: 72.000| 1120.000| 263.200| 320.800| 102914.800| 4.200] @@ -382,64 +382,64 @@ detection-update: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] [TLS][Unknown][Web][Safe][d9.flashtalking.com] idle: [....39] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57282] -> [...............2a00:1450:4007:805::2004][..443] [TLS.Google][Google][Web][Acceptable] idle: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59336] -> [...............2a00:1450:4007:80b::2002][..443] [TLS.Google][Google][Web][Acceptable] - idle: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] + idle: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun] idle: [....55] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36964] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] - end: [....56] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36966] -> [...............2a00:1450:4007:80f::2001][..443] - end: [....57] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36968] -> [...............2a00:1450:4007:80f::2001][..443] - end: [....58] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36970] -> [...............2a00:1450:4007:80f::2001][..443] + end: [....56] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36966] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] + end: [....57] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36968] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] + end: [....58] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36970] -> [...............2a00:1450:4007:80f::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] guessed: [....59] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36972] -> [...............2a00:1450:4007:80f::2001][..443] [TLS][Google][Web][Safe] RISK: TCP Connection Issues end: [....59] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][36972] -> [...............2a00:1450:4007:80f::2001][..443] - idle: [....33] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44264] -> [.....................64:ff9b::1736:86f1][..443] - idle: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56558] -> [.....................64:ff9b::9765:798c][..443] - idle: [....42] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47302] -> [...............2a00:1450:4007:80c::2003][..443] - idle: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56560] -> [.....................64:ff9b::9765:798c][..443] - end: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47304] -> [...............2a00:1450:4007:80c::2003][..443] - end: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56562] -> [.....................64:ff9b::9765:798c][..443] - idle: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56564] -> [.....................64:ff9b::9765:798c][..443] - end: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56566] -> [.....................64:ff9b::9765:798c][..443] - end: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56568] -> [.....................64:ff9b::9765:798c][..443] - end: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56570] -> [.....................64:ff9b::9765:798c][..443] - end: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56572] -> [.....................64:ff9b::9765:798c][..443] - end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56574] -> [.....................64:ff9b::9765:798c][..443] - end: [....12] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56576] -> [.....................64:ff9b::9765:798c][..443] - idle: [....13] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56578] -> [.....................64:ff9b::9765:798c][..443] - end: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56580] -> [.....................64:ff9b::9765:798c][..443] - idle: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56582] -> [.....................64:ff9b::9765:798c][..443] - end: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56584] -> [.....................64:ff9b::9765:798c][..443] - end: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56586] -> [.....................64:ff9b::9765:798c][..443] - end: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56588] -> [.....................64:ff9b::9765:798c][..443] - end: [....19] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56590] -> [.....................64:ff9b::9765:798c][..443] + idle: [....33] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44264] -> [.....................64:ff9b::1736:86f1][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] + idle: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56558] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + idle: [....42] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47302] -> [...............2a00:1450:4007:80c::2003][..443] [TLS.Google][Google][Web][Acceptable] + idle: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56560] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47304] -> [...............2a00:1450:4007:80c::2003][..443] [TLS.Google][Google][Web][Acceptable] + end: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56562] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + idle: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56564] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56566] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56568] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56570] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56572] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56574] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....12] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56576] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + idle: [....13] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56578] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56580] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + idle: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56582] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56584] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56586] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56588] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] + end: [....19] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56590] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] idle: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56592] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] idle: [....48] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][59624] -> [...............2a00:1450:4007:80b::2001][..443] [TLS.Google][Google][Advertisement][Acceptable] idle: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] idle: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS.Reddit][Unknown][SocialNetwork][Fun] - idle: [....36] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56186] -> [...2600:9000:219c:ee00:6:44e3:f8c0:93a1][..443] - idle: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] + idle: [....36] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56186] -> [...2600:9000:219c:ee00:6:44e3:f8c0:93a1][..443] [TLS][AmazonAWS][Web][Safe] + idle: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38320] -> [.....................64:ff9b::6853:b3b6][..443] [TLS][Unknown][Web][Safe] idle: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS.Twitter][Unknown][SocialNetwork][Fun] - idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] + idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46646] -> [.....................64:ff9b::345f:7ca5][..443] [TLS.Amazon][Unknown][Web][Acceptable] idle: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39736] -> [.....2606:2800:134:1a0d:1429:742:782:b6][..443] [TLS.Twitter][Edgecast][SocialNetwork][Fun] idle: [....27] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39520] -> [...............2a00:1450:4007:816::2008][..443] [TLS.GoogleServices][Google][Web][Acceptable] idle: [....40] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58122] -> [...............2a00:1450:4007:805::2001][..443] [TLS.YouTube][Google][Media][Fun] - idle: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51026] -> [.....................64:ff9b::acd9:12c2][..443] + idle: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51026] -> [.....................64:ff9b::acd9:12c2][..443] [TLS.Google][Unknown][Advertisement][Acceptable] idle: [....34] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51100] -> [.....................64:ff9b::d83a:d1e6][..443] [TLS.Google][Unknown][Advertisement][Acceptable] - idle: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] - end: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51102] -> [.....................64:ff9b::d83a:d1e6][..443] - idle: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][52296] -> [...............2a00:1450:4007:815::2016][..443] + idle: [....60] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47006] -> [.....................64:ff9b::34d3:acec][..443] [TLS][Unknown][Web][Safe] + end: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51102] -> [.....................64:ff9b::d83a:d1e6][..443] [TLS.Google][Unknown][Advertisement][Acceptable] + idle: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][52296] -> [...............2a00:1450:4007:815::2016][..443] [TLS.YouTube][Google][Media][Fun] idle: [.....1] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40028] -> [...............2a00:1450:4007:80a::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable] - end: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40030] -> [...............2a00:1450:4007:80a::200a][..443] - idle: [....28] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][32970] -> [.....................64:ff9b::6853:b3d1][..443] + end: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40030] -> [...............2a00:1450:4007:80a::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable] + idle: [....28] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][32970] -> [.....................64:ff9b::6853:b3d1][..443] [TLS][Unknown][Web][Safe] idle: [....32] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48648] -> [...2620:116:800d:21:f916:5049:f87f:108e][..443] [TLS][Unknown][Web][Safe] idle: [....54] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38166] -> [...............2a00:1450:4007:811::200a][..443] [TLS.GoogleServices][Google][Web][Acceptable] idle: [....23] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43492] -> [......................64:ff9b::df9:21c6][..443] [TLS.Amazon][Unknown][Web][Acceptable] idle: [....38] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54726] -> [...............2a00:1450:4007:808::2006][..443] [TLS.Google][Google][Advertisement][Acceptable] - idle: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54862] -> [...............2a00:1450:4007:806::200e][..443] + idle: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][54862] -> [...............2a00:1450:4007:806::200e][..443] [TLS.YouTube][Google][Media][Fun] idle: [....30] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39626] -> [.....................64:ff9b::2278:cf94][..443] [TLS][Unknown][Web][Safe] idle: [....49] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46806] -> [...............2a00:1450:4007:808::2001][..443] [TLS.Google][Google][Web][Acceptable] - end: [....50] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46808] -> [...............2a00:1450:4007:808::2001][..443] - end: [....51] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46810] -> [...............2a00:1450:4007:808::2001][..443] - end: [....52] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46812] -> [...............2a00:1450:4007:808::2001][..443] - end: [....53] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46814] -> [...............2a00:1450:4007:808::2001][..443] + end: [....50] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46808] -> [...............2a00:1450:4007:808::2001][..443] [TLS.Google][Google][Web][Acceptable] + end: [....51] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46810] -> [...............2a00:1450:4007:808::2001][..443] [TLS.Google][Google][Web][Acceptable] + end: [....52] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46812] -> [...............2a00:1450:4007:808::2001][..443] [TLS.Google][Google][Web][Acceptable] + end: [....53] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][46814] -> [...............2a00:1450:4007:808::2001][..443] [TLS.Google][Google][Web][Acceptable] idle: [....22] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50960] -> [...............2a00:1450:4007:805::2002][..443] [TLS.GoogleServices][Google][Web][Acceptable] idle: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51006] -> [...............2a00:1450:4007:805::2002][..443] [TLS.Google][Google][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/riot.pcapng.out b/test/results/flow-info/default/riot.pcapng.out index 8d091d64c..809bdb887 100644 --- a/test/results/flow-info/default/riot.pcapng.out +++ b/test/results/flow-info/default/riot.pcapng.out @@ -10,5 +10,6 @@ guessed: [.....1] [ip4][..tcp] [..52.41.135.135][..443] -> [..192.168.26.22][51817] [TLS][AmazonAWS][Web][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [..52.41.135.135][..443] -> [..192.168.26.22][51817] - idle: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] + idle: [.....2] [ip4][..tcp] [..35.234.85.218][..443] -> [..192.168.26.22][51949] [TLS.RiotGames][GoogleCloud][Game][Fun] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/riotgames.pcap.out b/test/results/flow-info/default/riotgames.pcap.out index f5ebcb307..47e52e0c5 100644 --- a/test/results/flow-info/default/riotgames.pcap.out +++ b/test/results/flow-info/default/riotgames.pcap.out @@ -10,56 +10,47 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][48526] -> [213.179.216.242][50004] [Discord][Discord][Collaborative][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][59956] -> [...162.249.72.1][.7194] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][62854] -> [...162.249.72.1][.8181] detected: [.....3] [ip4][..udp] [..192.168.2.100][62854] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][48526] -> [213.179.216.242][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..udp] [..192.168.2.100][54231] -> [....43.229.65.1][.7998] detected: [.....4] [ip4][..udp] [..192.168.2.100][54231] -> [....43.229.65.1][.7998] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][62854] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 21 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..udp] [..192.168.2.100][58106] -> [...162.249.72.1][.8181] detected: [.....5] [ip4][..udp] [..192.168.2.100][58106] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.2.100][54231] -> [....43.229.65.1][.7998] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 23 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....6] [ip4][..udp] [..192.168.2.100][50004] -> [...162.249.72.1][.8181] detected: [.....6] [ip4][..udp] [..192.168.2.100][50004] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][58106] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 25 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....7] [ip4][..udp] [..192.168.2.100][63038] -> [....43.229.65.1][.7998] detected: [.....7] [ip4][..udp] [..192.168.2.100][63038] -> [....43.229.65.1][.7998] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.2.100][50004] -> [...162.249.72.1][.8181] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 27 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....8] [ip4][..udp] [..192.168.2.100][61099] -> [....66.22.241.8][50004] detected: [.....8] [ip4][..udp] [..192.168.2.100][61099] -> [....66.22.241.8][50004] [Discord][Discord][Collaborative][Fun] RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][63038] -> [....43.229.65.1][.7998] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 29 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....9] [ip4][..udp] [..192.168.2.100][49298] -> [...162.249.72.1][.7194] detected: [.....9] [ip4][..udp] [..192.168.2.100][49298] -> [...162.249.72.1][.7194] [RiotGames][RiotGames][Game][Fun] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.2.100][61099] -> [....66.22.241.8][50004] [Discord][Discord][Collaborative][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.2.100][49298] -> [...162.249.72.1][.7194] [RiotGames][RiotGames][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/rmcp.pcap.out b/test/results/flow-info/default/rmcp.pcap.out index 33864283d..f514d99f6 100644 --- a/test/results/flow-info/default/rmcp.pcap.out +++ b/test/results/flow-info/default/rmcp.pcap.out @@ -13,16 +13,13 @@ detected: [.....3] [ip4][..udp] [..137.141.61.18][59937] -> [...82.132.4.178][..623] [RMCP][Unknown][System][Safe] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.123.212.25.229][49531] -> [..171.47.173.23][..623] [RMCP][Unknown][System][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..udp] [.129.222.153.30][58065] -> [190.219.142.148][..623] detected: [.....4] [ip4][..udp] [.129.222.153.30][58065] -> [190.219.142.148][..623] [RMCP][Unknown][System][Safe] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..137.141.61.18][59937] -> [...82.132.4.178][..623] [RMCP][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.54.229.154.152][59937] -> [...14.85.79.172][..623] [RMCP][AmazonAWS][System][Safe] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [..64.240.55.240][57984] -> [...30.144.16.67][..623] detected: [.....5] [ip4][..udp] [..64.240.55.240][57984] -> [...30.144.16.67][..623] [RMCP][Unknown][System][Safe] RISK: Unidirectional Traffic @@ -30,9 +27,6 @@ detected: [.....6] [ip4][..udp] [..127.36.88.103][34698] -> [.164.114.97.252][..623] [RMCP][Unknown][System][Safe] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..127.36.88.103][34698] -> [.164.114.97.252][..623] [RMCP][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..64.240.55.240][57984] -> [...30.144.16.67][..623] [RMCP][Unknown][System][Safe] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.129.222.153.30][58065] -> [190.219.142.148][..623] [RMCP][Unknown][System][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/roblox.pcapng.out b/test/results/flow-info/default/roblox.pcapng.out index 6f2cf229b..d59289b60 100644 --- a/test/results/flow-info/default/roblox.pcapng.out +++ b/test/results/flow-info/default/roblox.pcapng.out @@ -7,7 +7,7 @@ new: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] detected: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] [TLS.Roblox][Roblox][Game][Fun][assetgame.roblox.com] detection-update: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] [TLS.Roblox][Roblox][Game][Fun][assetgame.roblox.com] - analyse: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] + analyse: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] [TLS.Roblox][Roblox][Game][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 10.786| 0.747| 2.538| 6441959.162| 1.700] [PKTLEN......: 40.000| 1500.000| 357.700| 487.700| 237869.300| 3.900] @@ -24,7 +24,6 @@ detected: [.....3] [ip4][..udp] [.192.168.12.156][45693] -> [..128.116.44.33][53385] [RakNet][Roblox][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.192.168.12.156][42965] -> [.128.116.89.113][63862] [RakNet][Roblox][Game][Fun] - RISK: Unidirectional Traffic end: [.....2] [ip4][..tcp] [.192.168.12.156][39034] -> [..128.116.122.4][..443] [TLS.Roblox][Roblox][Game][Fun] DAEMON-EVENT: [Processed: 64 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] @@ -32,7 +31,5 @@ detected: [.....4] [ip4][..udp] [.192.168.12.156][46507] -> [..128.116.44.33][51438] [RakNet][Roblox][Game][Fun] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.192.168.12.156][45693] -> [..128.116.44.33][53385] [RakNet][Roblox][Game][Fun] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.192.168.12.156][46507] -> [..128.116.44.33][51438] [RakNet][Roblox][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/rsh-syslog-false-positive.pcap.out b/test/results/flow-info/default/rsh-syslog-false-positive.pcap.out index abde4e11a..9a42444ff 100644 --- a/test/results/flow-info/default/rsh-syslog-false-positive.pcap.out +++ b/test/results/flow-info/default/rsh-syslog-false-positive.pcap.out @@ -7,5 +7,4 @@ ERROR-EVENT: Captured packet size is smaller than expected packet size [1/16] ERROR-EVENT: Captured packet size is smaller than expected packet size [2/16] idle: [.....1] [ip4][..tcp] [..172.31.78.129][.9039] -> [..172.29.43.201][..514] [Syslog][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out b/test/results/flow-info/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out index d862662e2..d37c83053 100644 --- a/test/results/flow-info/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out +++ b/test/results/flow-info/default/rtcp_multiple_pkts_in_the_same_datagram.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..217.12.244.34][25963] -> [..217.12.247.98][31601] [RTCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..217.12.244.34][25963] -> [..217.12.247.98][31601] [RTCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/rtsp.pcap.out b/test/results/flow-info/default/rtsp.pcap.out index f5106e3f4..7c6e4915f 100644 --- a/test/results/flow-info/default/rtsp.pcap.out +++ b/test/results/flow-info/default/rtsp.pcap.out @@ -57,7 +57,7 @@ [PKTLENS.....: 52,52,52,52,46,40,46,46,52,52,52,52,52,52,52,52,46,46,40,46,156,156,156,156,46,46,40,46,165,165,165,165] [ENTROPIES...: 4.4,4.4,4.4,4.4,3.5,3.8,3.5,3.5,4.4,4.4,4.4,4.4,4.6,4.7,4.6,4.7,4.3,4.3,4.6,4.3,5.7,5.7,5.7,5.7,4.3,4.3,4.6,4.3,5.7,5.7,5.7,5.7] end: [.....1] [ip4][..tcp] [......10.1.1.10][52470] -> [.......10.2.2.2][.8554] [RTSP][Unknown][Media][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port new: [.....6] [ip4][..tcp] [......10.1.1.10][52480] -> [.......10.2.2.2][.8554] detected: [.....6] [ip4][..tcp] [......10.1.1.10][52480] -> [.......10.2.2.2][.8554] [RTSP][Unknown][Media][Fun] RISK: Known Proto on Non Std Port diff --git a/test/results/flow-info/default/rtsp_setup_http.pcapng.out b/test/results/flow-info/default/rtsp_setup_http.pcapng.out index 9d621c5a8..ac4c981d5 100644 --- a/test/results/flow-info/default/rtsp_setup_http.pcapng.out +++ b/test/results/flow-info/default/rtsp_setup_http.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..tcp] [...172.28.5.170][63840] -> [....172.28.4.26][.8554] [RTSP][Unknown][Media][Fun] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....1] [ip4][..tcp] [...172.28.5.170][63840] -> [....172.28.4.26][.8554] [RTSP][Unknown][Media][Fun] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/s7comm.pcap.out b/test/results/flow-info/default/s7comm.pcap.out index eb5e7becd..4a202fc22 100644 --- a/test/results/flow-info/default/s7comm.pcap.out +++ b/test/results/flow-info/default/s7comm.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 62,62,65,67,47,73,121,47,73,121,47,73,261,47,73,121,47,69,101,47,69,101,47,69,101,47,69,101,47,71,77,47] [ENTROPIES...: 4.4,4.3,4.3,3.9,4.5,4.6,3.9,4.5,4.4,3.5,4.5,4.5,2.4,4.4,4.5,3.9,4.5,4.4,4.4,4.5,4.4,4.4,4.4,4.4,4.4,4.5,4.4,4.4,4.4,4.7,4.4,4.5] idle: [.....1] [ip4][..tcp] [...192.168.1.10][.4185] -> [...192.168.1.40][..102] [s7comm][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/safari.pcap.out b/test/results/flow-info/default/safari.pcap.out index 27bc4bfb8..202a4feab 100644 --- a/test/results/flow-info/default/safari.pcap.out +++ b/test/results/flow-info/default/safari.pcap.out @@ -44,7 +44,7 @@ detected: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] detection-update: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe][www.iit.cnr.it] - idle: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.178][55262] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.178][55265] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [.....3] [ip4][..tcp] [..192.168.1.178][55266] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] @@ -55,5 +55,5 @@ RISK: TLS (probably) Not Carrying HTTPS idle: [.....6] [ip4][..tcp] [..192.168.1.178][55269] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS - idle: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] + idle: [.....7] [ip4][..tcp] [..192.168.1.178][55285] -> [...146.48.58.18][..443] [TLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/salesforce.pcap.out b/test/results/flow-info/default/salesforce.pcap.out index 795e2c77c..92d8bf055 100644 --- a/test/results/flow-info/default/salesforce.pcap.out +++ b/test/results/flow-info/default/salesforce.pcap.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..tcp] [..192.168.1.178][54399] -> [...85.222.142.6][..443] [TLS.Salesforce][Unknown][Cloud][Safe][help.salesforce.com] detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][54399] -> [...85.222.142.6][..443] [TLS.Salesforce][Unknown][Cloud][Safe][help.salesforce.com] detection-update: [.....1] [ip4][..tcp] [..192.168.1.178][54399] -> [...85.222.142.6][..443] [TLS.Salesforce][Unknown][Cloud][Safe][help.salesforce.com] - idle: [.....1] [ip4][..tcp] [..192.168.1.178][54399] -> [...85.222.142.6][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.178][54399] -> [...85.222.142.6][..443] [TLS.Salesforce][Unknown][Cloud][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/sctp.cap.out b/test/results/flow-info/default/sctp.cap.out index fa1070f7e..cbf8b5936 100644 --- a/test/results/flow-info/default/sctp.cap.out +++ b/test/results/flow-info/default/sctp.cap.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][..132] [.....10.28.6.42] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..132] [.....10.28.6.42] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..132] [.....10.28.6.43] -> [.....10.28.6.44] [SCTP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/selfsigned.pcap.out b/test/results/flow-info/default/selfsigned.pcap.out index eaf890614..30d00363e 100644 --- a/test/results/flow-info/default/selfsigned.pcap.out +++ b/test/results/flow-info/default/selfsigned.pcap.out @@ -6,5 +6,6 @@ RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..tcp] [......127.0.0.1][51607] -> [......127.0.0.1][.3001] [TLS.ntop][Unknown][Network][Safe][localhost] RISK: Known Proto on Non Std Port, Self-signed Cert, TLS Cert Expired - end: [.....1] [ip4][..tcp] [......127.0.0.1][51607] -> [......127.0.0.1][.3001] + end: [.....1] [ip4][..tcp] [......127.0.0.1][51607] -> [......127.0.0.1][.3001] [TLS.ntop][Unknown][Network][Safe] + RISK: Known Proto on Non Std Port, Self-signed Cert, TLS Cert Expired DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/signal.pcap.out b/test/results/flow-info/default/signal.pcap.out index 2d344d729..d28261b5e 100644 --- a/test/results/flow-info/default/signal.pcap.out +++ b/test/results/flow-info/default/signal.pcap.out @@ -101,11 +101,12 @@ new: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [MIDSTREAM] detected: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] new: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] detected: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun][cdn.signal.org] detection-update: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun][cdn.signal.org] detection-update: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun][cdn.signal.org] - analyse: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] + analyse: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.043| 0.012| 0.016| 257.340| 3.700] [PKTLEN......: 52.000| 1492.000| 498.200| 608.000| 369644.200| 4.000] @@ -120,8 +121,7 @@ end: [.....8] [ip4][..tcp] [...192.168.2.17][56996] -> [.17.248.146.144][..443] [TLS][Apple][Web][Safe] RISK: Unidirectional Traffic idle: [....16] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - end: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] + end: [....18] [ip4][..tcp] [....23.57.24.16][..443] -> [...192.168.2.17][57016] [TLS][Unknown][Web][Safe] end: [.....4] [ip4][..tcp] [...192.168.2.17][57018] -> [....23.57.24.16][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] end: [....11] [ip4][..tcp] [...192.168.2.17][57022] -> [....23.57.24.16][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun] end: [.....5] [ip4][..tcp] [...192.168.2.17][57019] -> [.34.225.240.173][..443] [TLS.Signal][AmazonAWS][Chat][Fun] @@ -132,9 +132,10 @@ idle: [....15] [ip4][..tcp] [...192.168.2.17][57025] -> [....35.169.3.40][..443] [TLS.Signal][AmazonAWS][Chat][Fun] idle: [....17] [ip4][..tcp] [...192.168.2.17][57026] -> [....35.169.3.40][..443] [TLS.Signal][AmazonAWS][Chat][Fun] end: [.....9] [ip4][..tcp] [...192.168.2.17][57017] -> [...2.18.232.118][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - end: [.....3] [ip4][..tcp] [...192.168.2.17][49226] -> [.34.225.240.173][..443] - idle: [....10] [ip4][..tcp] [...192.168.2.17][49227] -> [....35.169.3.40][..443] + end: [.....3] [ip4][..tcp] [...192.168.2.17][49226] -> [.34.225.240.173][..443] [TLS.Signal][AmazonAWS][Chat][Fun] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....10] [ip4][..tcp] [...192.168.2.17][49227] -> [....35.169.3.40][..443] [TLS.Signal][AmazonAWS][Chat][Fun] + RISK: TLS (probably) Not Carrying HTTPS idle: [....19] [ip4][..tcp] [...192.168.2.17][57027] -> [...13.35.253.42][..443] [TLS.Signal][AmazonAWS][Chat][Fun] idle: [....12] [ip4][..udp] [...192.168.2.17][56263] -> [....192.168.2.1][...53] [DNS.Signal][Unknown][Network][Fun] idle: [.....2] [ip4][..udp] [...192.168.2.17][60793] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable] diff --git a/test/results/flow-info/default/simple-dnscrypt.pcap.out b/test/results/flow-info/default/simple-dnscrypt.pcap.out index b80c755bb..e43bb09bb 100644 --- a/test/results/flow-info/default/simple-dnscrypt.pcap.out +++ b/test/results/flow-info/default/simple-dnscrypt.pcap.out @@ -5,7 +5,7 @@ detected: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] [TLS][Unknown][Web][Safe][simplednscrypt.org] detection-update: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] [TLS][Unknown][Web][Safe][simplednscrypt.org] detection-update: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable][simplednscrypt.org] - analyse: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] + analyse: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.222| 0.042| 0.052| 2741.004| 3.900] [PKTLEN......: 40.000| 1350.000| 383.400| 516.900| 267229.700| 3.900] @@ -28,7 +28,7 @@ detection-update: [.....2] [ip4][..tcp] [.192.168.43.167][50253] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable][simplednscrypt.org] detection-update: [.....3] [ip4][..tcp] [.192.168.43.167][50258] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable][simplednscrypt.org] detection-update: [.....3] [ip4][..tcp] [.192.168.43.167][50258] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable][simplednscrypt.org] - analyse: [.....4] [ip4][..tcp] [.192.168.43.167][50259] -> [..134.119.26.24][..443] + analyse: [.....4] [ip4][..tcp] [.192.168.43.167][50259] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.106| 0.025| 0.036| 1289.953| 3.600] [PKTLEN......: 40.000| 1350.000| 319.100| 456.800| 208637.000| 3.900] @@ -40,7 +40,7 @@ [ENTROPIES...: 4.7,5.0,4.8,5.5,4.8,7.3,7.3,4.8,7.6,7.5,4.7,7.6,7.4,4.8,6.3,5.6,5.8,5.5,7.3,6.0,6.1,7.2,6.3,4.9,4.9,5.8,4.8,5.4,4.9,7.5,7.4,4.9] detection-update: [.....4] [ip4][..tcp] [.192.168.43.167][50259] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable][simplednscrypt.org] idle: [.....1] [ip4][..tcp] [.192.168.43.167][50233] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] - idle: [.....2] [ip4][..tcp] [.192.168.43.167][50253] -> [..134.119.26.24][..443] - idle: [.....3] [ip4][..tcp] [.192.168.43.167][50258] -> [..134.119.26.24][..443] + idle: [.....2] [ip4][..tcp] [.192.168.43.167][50253] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] + idle: [.....3] [ip4][..tcp] [.192.168.43.167][50258] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] idle: [.....4] [ip4][..tcp] [.192.168.43.167][50259] -> [..134.119.26.24][..443] [TLS.DNScrypt][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/sip.pcap.out b/test/results/flow-info/default/sip.pcap.out index 6fb09f272..79fccfe15 100644 --- a/test/results/flow-info/default/sip.pcap.out +++ b/test/results/flow-info/default/sip.pcap.out @@ -5,32 +5,21 @@ detected: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] detected: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic analyse: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.026| 279.042| 42.751| 57.874| 3349363405.357| 4.000] @@ -42,44 +31,28 @@ [PKTLENS.....: 495,514,708,334,374,495,514,708,519,495,514,708,519,495,514,708,334,498,33,33,33,33,33,33,33,33,33,853,853,853,621,368] [ENTROPIES...: 5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.6,4.1,4.1,4.1,4.1,4.1,4.1,4.0,4.1,4.1,5.7,5.7,5.7,5.8,5.7] update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [....192.168.1.2][.5060] -> [..200.68.120.81][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 68 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 17] update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] detected: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] new: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] detected: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] update: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....192.168.1.2][.5060] -> [..212.242.33.35][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [....192.168.1.2][30000] -> [..212.242.33.36][40392] [RTP][Unknown][Media][Acceptable] idle: [.....4] [ip4][..udp] [....192.168.1.2][30001] -> [..212.242.33.36][40393] [RTCP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/sites.pcapng.out b/test/results/flow-info/default/sites.pcapng.out index 24da00684..43dd7aba8 100644 --- a/test/results/flow-info/default/sites.pcapng.out +++ b/test/results/flow-info/default/sites.pcapng.out @@ -9,20 +9,20 @@ new: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] detected: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun][vcs-va.tiktokv.com] detection-update: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun][vcs-va.tiktokv.com] - idle: [.....1] [ip4][..tcp] [.192.168.12.169][46160] -> [..69.171.250.20][..443] + idle: [.....1] [ip4][..tcp] [.192.168.12.169][46160] -> [..69.171.250.20][..443] [TLS.Messenger][Facebook][Chat][Acceptable] DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0] new: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] detected: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com] detection-update: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com] detection-update: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable][presence.fuze.com] - end: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] + end: [.....2] [ip4][..tcp] [..192.168.1.250][41878] -> [...92.122.95.99][..443] [TLS.TikTok][Unknown][SocialNetwork][Fun] DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 0] new: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] detected: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org] detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org] - analyse: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] + analyse: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.053| 0.010| 0.020| 390.951| 2.800] [PKTLEN......: 52.000| 1500.000| 599.800| 646.400| 417856.700| 4.100] @@ -33,7 +33,7 @@ [PKTLENS.....: 60,60,52,569,52,1500,1500,1252,152,52,52,52,52,132,222,290,355,95,83,1500,1500,1500,1500,1500,1500,1500,1500,374,52,52,52,83] [ENTROPIES...: 4.7,5.2,5.0,5.4,5.1,7.8,7.9,7.8,6.5,5.0,5.0,5.1,5.1,6.3,6.9,7.1,7.4,6.0,5.7,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.4,5.1,5.0,5.1,5.6] detection-update: [.....4] [ip4][..tcp] [..192.168.1.128][50620] -> [.91.198.174.208][..443] [TLS.Wikipedia][Unknown][Web][Safe][upload.wikimedia.org] - end: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] + end: [.....3] [ip4][..tcp] [..192.168.1.227][50071] -> [...52.73.71.226][..443] [TLS.Fuze][AmazonAWS][VoIP][Acceptable] DAEMON-EVENT: [Processed: 118 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 0] new: [.....5] [ip4][..tcp] [..192.168.1.250][39890] -> [...45.82.241.51][...80] @@ -61,26 +61,25 @@ new: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] detected: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun][prod-static.disney-plus.net] detection-update: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun][prod-static.disney-plus.net] - end: [.....6] [ip4][..tcp] [..192.168.1.128][46724] -> [.199.232.82.109][..443] + end: [.....6] [ip4][..tcp] [..192.168.1.128][46724] -> [.199.232.82.109][..443] [TLS.Vimeo][Unknown][Streaming][Fun] DAEMON-EVENT: [Processed: 284 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 7|skipped: 0|!detected: 0|guessed: 0|detection-updates: 9|updates: 0] new: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] detected: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun][api.accuweather.com] detection-update: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun][api.accuweather.com] - end: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] + end: [.....7] [ip4][..tcp] [..192.168.1.128][48918] -> [...143.204.9.65][..443] [TLS.DisneyPlus][AmazonAWS][Streaming][Fun] DAEMON-EVENT: [Processed: 314 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 0] new: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443] detected: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443] [QUIC.GoogleClassroom][Google][Collaborative][Safe][classroom.google.com] RISK: Unidirectional Traffic - end: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] + end: [.....8] [ip4][..tcp] [.192.168.12.169][39248] -> [...23.12.104.83][..443] [TLS.AccuWeather][Unknown][Web][Fun] DAEMON-EVENT: [Processed: 315 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 10|updates: 0] new: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] detected: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun][www.badoo.com] detection-update: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun][www.badoo.com] idle: [.....9] [ip4][..udp] [..192.168.1.123][59102] -> [..216.58.209.46][..443] [QUIC.GoogleClassroom][Google][Collaborative][Safe] - RISK: Unidirectional Traffic new: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] detected: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun][www.gitlab.com] detection-update: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun][www.gitlab.com] @@ -164,37 +163,38 @@ new: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] detected: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable][guzzoni.apple.com] detection-update: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable][guzzoni.apple.com] - idle: [....22] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] + idle: [....22] [ip4][..tcp] [..192.168.1.128][51432] -> [.95.101.195.214][..443] [TLS.Hulu][Unknown][Streaming][Fun] guessed: [....23] [ip4][..tcp] [..192.168.1.128][44954] -> [..34.96.123.111][...80] [HTTP][GoogleCloud][Web][Acceptable][] idle: [....23] [ip4][..tcp] [..192.168.1.128][44954] -> [..34.96.123.111][...80] guessed: [....25] [ip4][..tcp] [..192.168.1.128][39036] -> [..69.191.252.15][...80] [HTTP][Bloomberg][Web][Acceptable][] idle: [....25] [ip4][..tcp] [..192.168.1.128][39036] -> [..69.191.252.15][...80] - idle: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] - idle: [....26] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443] - idle: [....12] [ip4][..tcp] [..192.168.1.128][42580] -> [...2.17.141.128][..443] - idle: [....13] [ip4][..tcp] [..192.168.1.128][46084] -> [..146.75.62.167][..443] - idle: [....31] [ip4][..tcp] [..192.168.1.128][46264] -> [...23.51.246.65][..443] + idle: [....10] [ip4][..tcp] [..192.168.1.128][35054] -> [..31.222.67.112][..443] [TLS.Badoo][Unknown][SocialNetwork][Fun] + idle: [....26] [ip4][..tcp] [..192.168.1.128][43412] -> [.151.101.193.73][..443] [TLS.Bloomberg][Unknown][Cloud][Acceptable] + idle: [....12] [ip4][..tcp] [..192.168.1.128][42580] -> [...2.17.141.128][..443] [TLS.Activision][Unknown][Game][Fun] + idle: [....13] [ip4][..tcp] [..192.168.1.128][46084] -> [..146.75.62.167][..443] [TLS.Twitch][Unknown][Video][Fun] + idle: [....31] [ip4][..tcp] [..192.168.1.128][46264] -> [...23.51.246.65][..443] [TLS.Playstation][Unknown][Game][Fun] guessed: [....14] [ip4][..tcp] [..192.168.1.128][45936] -> [..208.85.40.158][...80] [HTTP][Unknown][Web][Acceptable][] idle: [....14] [ip4][..tcp] [..192.168.1.128][45936] -> [..208.85.40.158][...80] - idle: [....35] [ip4][..tcp] [..192.168.1.128][48902] -> [....2.17.140.63][..443] - idle: [....18] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] - idle: [....30] [ip4][..tcp] [..192.168.1.128][57336] -> [....23.1.68.189][..443] - idle: [....28] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443] - idle: [....24] [ip4][..tcp] [..192.168.1.128][47122] -> [.35.201.112.136][..443] - idle: [....27] [ip4][..tcp] [..192.168.1.128][57014] -> [108.139.210.102][..443] - idle: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] - idle: [....34] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443] - idle: [....32] [ip4][..tcp] [..192.168.1.128][43150] -> [.108.138.199.67][..443] + idle: [....35] [ip4][..tcp] [..192.168.1.128][48902] -> [....2.17.140.63][..443] [TLS.Xbox][Unknown][Game][Fun] + idle: [....18] [ip4][..tcp] [..192.168.1.128][40832] -> [....2.17.141.49][..443] [TLS.eBay][Unknown][Shopping][Safe] + idle: [....30] [ip4][..tcp] [..192.168.1.128][57336] -> [....23.1.68.189][..443] [TLS.Playstation][Unknown][Game][Fun] + idle: [....28] [ip4][..tcp] [..192.168.1.128][48654] -> [...13.107.42.14][..443] [TLS.LinkedIn][Azure][SocialNetwork][Fun] + idle: [....24] [ip4][..tcp] [..192.168.1.128][47122] -> [.35.201.112.136][..443] [TLS.LastFM][GoogleCloud][Music][Fun] + idle: [....27] [ip4][..tcp] [..192.168.1.128][57014] -> [108.139.210.102][..443] [TLS.Bloomberg][AmazonAWS][Cloud][Acceptable] + idle: [....16] [ip4][..tcp] [..192.168.1.128][56468] -> [.151.101.192.92][..443] [TLS.Vevo][Unknown][Music][Fun] + idle: [....34] [ip4][..tcp] [..192.168.1.128][38858] -> [142.250.180.142][..443] [TLS.GoogleMaps][Google][Web][Safe] + idle: [....32] [ip4][..tcp] [..192.168.1.128][43150] -> [.108.138.199.67][..443] [TLS.Deezer][AmazonAWS][Music][Fun] guessed: [....33] [ip4][..tcp] [..192.168.1.128][52070] -> [....18.65.82.67][...80] [HTTP][AmazonAWS][Web][Acceptable][] idle: [....33] [ip4][..tcp] [..192.168.1.128][52070] -> [....18.65.82.67][...80] - idle: [....29] [ip4][..tcp] [..192.168.1.128][39934] -> [..104.23.98.190][..443] - idle: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] - idle: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443] - idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] - idle: [....36] [ip4][..tcp] [..192.168.1.128][39828] -> [....40.97.160.2][..443] - idle: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443] - idle: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443] - idle: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] + idle: [....29] [ip4][..tcp] [..192.168.1.128][39934] -> [..104.23.98.190][..443] [TLS.Pastebin][Cloudflare][Download][Potentially Dangerous] + RISK: Unsafe Protocol + idle: [....20] [ip4][..tcp] [..192.168.1.128][51248] -> [..95.131.169.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable] + idle: [....15] [ip4][..tcp] [..192.168.1.128][51806] -> [..18.66.196.102][..443] [TLS.SoundCloud][AmazonAWS][Music][Fun] + idle: [....11] [ip4][..tcp] [..192.168.1.128][53998] -> [..172.65.251.78][..443] [TLS.GitLab][Cloudflare][Collaborative][Fun] + idle: [....36] [ip4][..tcp] [..192.168.1.128][39828] -> [....40.97.160.2][..443] [TLS.Outlook][Outlook][Email][Acceptable] + idle: [....21] [ip4][..tcp] [..192.168.1.128][39302] -> [..95.131.170.91][..443] [TLS.Tuenti][Unknown][VoIP][Acceptable] + idle: [....17] [ip4][..tcp] [..192.168.1.128][48140] -> [.....23.1.66.79][..443] [TLS.CNN][Unknown][Web][Safe] + idle: [....19] [ip4][..tcp] [..192.168.1.128][42884] -> [.185.125.190.21][..443] [TLS.UbuntuONE][UbuntuONE][Cloud][Acceptable] new: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] detected: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][teams.office.com] detection-update: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][teams.office.com] @@ -224,24 +224,21 @@ detected: [....46] [ip4][..udp] [..192.168.1.128][36832] -> [142.250.181.238][..443] [QUIC.GooglePlus][Google][SocialNetwork][Fun][plus.google.com] RISK: Unidirectional Traffic update: [....44] [ip4][..udp] [..192.168.1.128][38642] -> [.216.58.212.142][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 512 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 10 / 46|skipped: 0|!detected: 0|guessed: 4|detection-updates: 48|updates: 1] new: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] detected: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com] detection-update: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com] detection-update: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun][pandora.com] - idle: [....39] [ip4][..tcp] [..192.168.1.128][33664] -> [108.138.185.106][..443] - idle: [....40] [ip4][..tcp] [..192.168.1.128][56458] -> [142.250.185.142][..443] - idle: [....45] [ip4][..tcp] [..192.168.1.128][50608] -> [142.250.185.206][..443] - idle: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] - idle: [....42] [ip4][..tcp] [..192.168.1.128][56836] -> [...13.107.42.13][..443] + idle: [....39] [ip4][..tcp] [..192.168.1.128][33664] -> [108.138.185.106][..443] [TLS.AmazonVideo][AmazonAWS][Video][Fun] + idle: [....40] [ip4][..tcp] [..192.168.1.128][56458] -> [142.250.185.142][..443] [TLS.GoogleDrive][Google][Cloud][Acceptable] + idle: [....45] [ip4][..tcp] [..192.168.1.128][50608] -> [142.250.185.206][..443] [TLS][Google][Web][Safe] + idle: [....47] [ip4][..tcp] [..192.168.1.128][53978] -> [..208.85.40.158][..443] [TLS.Pandora][Unknown][Streaming][Fun] + idle: [....42] [ip4][..tcp] [..192.168.1.128][56836] -> [...13.107.42.13][..443] [TLS.MS_OneDrive][Azure][Cloud][Acceptable] idle: [....44] [ip4][..udp] [..192.168.1.128][38642] -> [.216.58.212.142][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic - idle: [....43] [ip4][..tcp] [..192.168.1.128][45014] -> [129.226.107.210][..443] - idle: [....41] [ip4][..tcp] [..192.168.1.128][33102] -> [...13.81.118.91][..443] + idle: [....43] [ip4][..tcp] [..192.168.1.128][45014] -> [129.226.107.210][..443] [TLS.IFLIX][Tencent][Video][Fun] + idle: [....41] [ip4][..tcp] [..192.168.1.128][33102] -> [...13.81.118.91][..443] [TLS.Microsoft][Azure][Cloud][Safe] idle: [....46] [ip4][..udp] [..192.168.1.128][36832] -> [142.250.181.238][..443] [QUIC.GooglePlus][Google][SocialNetwork][Fun] - RISK: Unidirectional Traffic - idle: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] - idle: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] + idle: [....38] [ip4][..tcp] [..192.168.1.128][57878] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] + idle: [....37] [ip4][..tcp] [..192.168.1.128][45898] -> [..15.160.39.187][..443] [TLS.AppleSiri][AmazonAWS][VirtAssistant][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skinny.pcap.out b/test/results/flow-info/default/skinny.pcap.out index 6d3230aa3..2be1ac309 100644 --- a/test/results/flow-info/default/skinny.pcap.out +++ b/test/results/flow-info/default/skinny.pcap.out @@ -94,16 +94,12 @@ detected: [.....9] [ip4][.icmp] [.192.168.195.50] -> [.192.168.195.58] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....9] [ip4][.icmp] [.192.168.195.50] -> [.192.168.195.58] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.192.168.195.58][49399] -> [.192.168.193.12][.2000] [CiscoSkinny][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [.192.168.193.12][.2000] -> [.192.168.195.50][51532] [CiscoSkinny][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.192.168.195.50][17726] -> [.192.168.193.24][.9399] [RTP][Unknown][Media][Acceptable] idle: [.....7] [ip4][..udp] [.192.168.195.50][17732] -> [.192.168.193.24][.9400] [RTP][Unknown][Media][Acceptable] idle: [.....3] [ip4][..udp] [.192.168.195.58][32150] -> [.192.168.193.24][.9395] [RTP][Unknown][Media][Acceptable] idle: [.....6] [ip4][..udp] [.192.168.195.58][32152] -> [.192.168.193.24][.9396] [RTP][Unknown][Media][Acceptable] idle: [.....4] [ip4][..udp] [.192.168.195.58][32144] -> [.192.168.195.50][17718] [RTP][Unknown][Media][Acceptable] idle: [.....8] [ip4][..tcp] [.192.168.195.58][50917] -> [.....10.16.2.25][.2000] [CiscoSkinny][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype-conference-call.pcap.out b/test/results/flow-info/default/skype-conference-call.pcap.out index 3c53e65de..3d473e173 100644 --- a/test/results/flow-info/default/skype-conference-call.pcap.out +++ b/test/results/flow-info/default/skype-conference-call.pcap.out @@ -15,5 +15,5 @@ [PKTLENS.....: 132,132,100,100,132,100,136,138,131,123,195,63,155,155,155,155,155,155,155,155,155,155,100,71,943,943,943,943,943,943,155,121] [ENTROPIES...: 5.5,5.4,5.7,5.6,5.4,5.7,5.6,6.5,6.5,6.4,6.8,5.2,6.5,6.5,6.6,6.6,6.5,6.5,6.4,6.6,6.5,6.5,5.6,5.6,7.8,7.8,7.8,7.8,7.8,7.8,6.6,6.3] idle: [.....1] [ip4][..udp] [...192.168.2.20][49282] -> [...104.46.40.49][60642] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype.pcap.out b/test/results/flow-info/default/skype.pcap.out index 7681146fd..24eda655d 100644 --- a/test/results/flow-info/default/skype.pcap.out +++ b/test/results/flow-info/default/skype.pcap.out @@ -80,6 +80,7 @@ new: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [MIDSTREAM] detected: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [TLS][Dropbox][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [TLS][Dropbox][Web][Safe] new: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] detected: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -602,28 +603,17 @@ new: [...216] [ip4][..tcp] [...192.168.1.34][50091] -> [.157.55.235.146][..443] new: [...217] [ip4][..tcp] [...192.168.1.34][50092] -> [.157.55.130.155][40020] update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...218] [ip4][..tcp] [...192.168.1.34][50094] -> [.157.55.130.155][..443] new: [...219] [ip4][..tcp] [...192.168.1.34][50096] -> [..111.221.74.46][40027] new: [...220] [ip4][..tcp] [...192.168.1.34][50097] -> [.157.55.235.176][40022] @@ -644,109 +634,59 @@ [PKTLENS.....: 319,337,391,383,313,355,387,333,385,379,319,337,391,383,385,379,319,337,391,383,313,355,387,333,385,379,319,337,391,383,313,355] [ENTROPIES...: 5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.8,5.7,5.7] update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] new: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] detected: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900] @@ -818,6 +758,8 @@ new: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [MIDSTREAM] detected: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [TLS][Apple][Web][Safe] + RISK: Known Proto on Non Std Port new: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] new: [...257] [ip4][..tcp] [...192.168.1.34][50126] -> [..91.190.216.23][12350] new: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] @@ -842,76 +784,41 @@ [PKTLENS.....: 64,46,40,273,46,132,77,40,40,46,77,666,606,46,46,46,46,373,76,40,40,1480,1207,66,40,40,659,618,46,46,373,76] [ENTROPIES...: 4.6,5.0,4.8,6.0,4.6,6.1,5.8,4.8,4.8,4.8,5.7,7.7,7.7,4.6,4.6,4.7,4.5,7.4,5.7,4.7,4.8,7.9,7.8,5.5,4.8,4.8,7.7,7.6,4.6,4.6,7.4,5.8] update: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] update: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] detected: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][335.0.7.7.3.rst5.r.skype.net] RISK: Unidirectional Traffic @@ -954,31 +861,20 @@ update: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -986,33 +882,19 @@ update: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] detected: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -1027,20 +909,16 @@ update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -1049,34 +927,22 @@ update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic analyse: [...248] [ip4][..tcp] [...192.168.1.34][50117] -> [...71.238.7.203][18767] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 25.524| 1.927| 6.197| 38401982.071| 2.000] @@ -1096,280 +962,165 @@ RISK: Unidirectional Traffic new: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] detected: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] detected: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] [NTP][Apple][System][Acceptable] RISK: Unidirectional Traffic update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....45] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] + update: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] - update: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] + update: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] + update: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...280] [ip4][..tcp] [...192.168.1.34][50135] -> [...76.167.161.6][20274] new: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] new: [...282] [ip4][..tcp] [...192.168.1.34][50137] -> [..5.248.186.221][31010] update: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] update: [...265] [ip4][..udp] [...192.168.1.34][51802] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...259] [ip4][..udp] [...192.168.1.34][62454] -> [....192.168.1.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable] update: [...263] [ip4][..udp] [...192.168.1.34][56387] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] new: [...284] [ip4][..tcp] [...192.168.1.34][50139] -> [..5.248.186.221][31010] new: [...285] [ip4][..tcp] [...192.168.1.34][50140] -> [...76.167.161.6][20274] update: [...150] [ip4][..udp] [...192.168.1.34][63108] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...149] [ip4][..udp] [...192.168.1.34][55159] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] RISK: Unidirectional Traffic update: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...176] [ip4][..udp] [...192.168.1.34][58368] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...175] [ip4][..udp] [...192.168.1.34][54343] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -1377,33 +1128,19 @@ update: [...157] [ip4][..udp] [...192.168.1.34][58458] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] new: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] new: [...288] [ip4][..tcp] [...192.168.1.34][50143] -> [.78.202.226.115][29059] @@ -1427,20 +1164,16 @@ update: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....21] [ip4][..udp] [...192.168.1.34][57726] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [...192.168.1.34][55711] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -1450,36 +1183,25 @@ update: [....20] [ip4][..udp] [...192.168.1.34][60288] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [...192.168.1.34][54396] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...274] [ip4][..udp] [...192.168.1.34][56886] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] + update: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] new: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] new: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] detected: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable][ui.skype.com] @@ -1497,29 +1219,18 @@ guessed: [....63] [ip4][..tcp] [...192.168.1.34][50036] -> [...157.56.52.44][..443] [TLS][Unknown][Web][Safe] end: [....63] [ip4][..tcp] [...192.168.1.34][50036] -> [...157.56.52.44][..443] update: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] update: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic analyse: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 30.126| 1.349| 5.301| 28102044.418| 1.900] @@ -1586,29 +1297,17 @@ RISK: Fully encrypted flow end: [...195] [ip4][..tcp] [...192.168.1.34][50075] -> [213.199.179.142][40003] idle: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.21][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.28][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...108] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.26][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.47][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.37][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...214] [ip4][..udp] [...192.168.1.34][63321] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] not-detected: [....49] [ip4][..tcp] [...192.168.1.34][50032] -> [...157.56.52.44][40032] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow @@ -1622,7 +1321,6 @@ end: [...227] [ip4][..tcp] [...192.168.1.34][50108] -> [...157.56.52.28][40009] idle: [...228] [ip4][..udp] [...192.168.1.34][49485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...231] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [...267] [ip4][..udp] [...192.168.1.34][63421] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] @@ -1633,15 +1331,14 @@ idle: [...278] [ip4][....2] [....192.168.1.1] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] idle: [...100] [ip4][....2] [...192.168.1.92] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] idle: [....93] [ip4][....2] [..192.168.0.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] - idle: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] + idle: [...230] [ip4][..udp] [...192.168.1.34][54067] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...192.168.1.34][49163] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...192.168.1.34][57406] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...210] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....46] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [...260] [ip4][..tcp] [...192.168.1.34][50128] -> [..17.172.100.36][..443] [TLS.AppleiCloud][Apple][Web][Acceptable] @@ -1650,7 +1347,7 @@ end: [...226] [ip4][..tcp] [...192.168.1.34][50103] -> [....64.4.23.166][..443] idle: [...158] [ip4][..udp] [...192.168.1.34][49360] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] + idle: [...239] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] not-detected: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...266] [ip4][..tcp] [...192.168.1.34][50130] -> [...212.161.8.36][13392] @@ -1671,7 +1368,6 @@ RISK: TCP Connection Issues end: [...285] [ip4][..tcp] [...192.168.1.34][50140] -> [...76.167.161.6][20274] idle: [...273] [ip4][..udp] [...192.168.1.34][13021] -> [106.188.249.186][15120] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...256] [ip4][..tcp] [...192.168.1.34][50125] -> [.91.190.218.125][12350] @@ -1688,7 +1384,7 @@ end: [...143] [ip4][..tcp] [...192.168.1.34][50058] -> [..111.221.74.47][..443] guessed: [...153] [ip4][..tcp] [...192.168.1.34][50063] -> [..111.221.74.38][..443] [TLS][Unknown][Web][Safe] end: [...153] [ip4][..tcp] [...192.168.1.34][50063] -> [..111.221.74.38][..443] - idle: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] + idle: [...238] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] guessed: [...212] [ip4][..tcp] [...192.168.1.34][50087] -> [.111.221.77.142][..443] [TLS][Unknown][Web][Safe] end: [...212] [ip4][..tcp] [...192.168.1.34][50087] -> [.111.221.77.142][..443] guessed: [...223] [ip4][..tcp] [...192.168.1.34][50100] -> [..111.221.74.46][..443] [TLS][Unknown][Web][Safe] @@ -1696,10 +1392,11 @@ idle: [...121] [ip4][..udp] [...192.168.1.92][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] idle: [...272] [ip4][..udp] [...192.168.1.92][50084] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - end: [....18] [ip4][..tcp] [...192.168.1.34][50029] -> [..23.206.33.166][..443] + end: [....18] [ip4][..tcp] [...192.168.1.34][50029] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [....23] [ip4][..tcp] [.108.160.170.46][..443] -> [...192.168.1.34][49445] [TLS][Dropbox][Web][Safe] - idle: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] + idle: [...293] [ip4][..udp] [...192.168.1.34][55893] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [...192.168.1.34][64085] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] not-detected: [...244] [ip4][..tcp] [...192.168.1.34][50113] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow @@ -1717,14 +1414,11 @@ end: [...258] [ip4][..tcp] [...192.168.1.34][50127] -> [...80.14.46.121][.4415] idle: [....22] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...109] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...286] [ip4][..tcp] [...192.168.1.34][50141] -> [...80.14.46.121][.4415] idle: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.141][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...287] [ip4][..tcp] [...192.168.1.34][50142] -> [...80.14.46.121][.4415] @@ -1732,46 +1426,31 @@ RISK: Fully encrypted flow end: [...281] [ip4][..tcp] [...192.168.1.34][50136] -> [...71.238.7.203][18767] idle: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...283] [ip4][..tcp] [...192.168.1.34][50138] -> [...71.238.7.203][18767] idle: [....73] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - end: [...215] [ip4][..tcp] [...192.168.1.34][50090] -> [..23.206.33.166][..443] + end: [...215] [ip4][..tcp] [...192.168.1.34][50090] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older) idle: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [...192.168.1.34][49793] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...147] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...275] [ip4][..udp] [...192.168.1.34][64560] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....17] [ip4][..udp] [...192.168.1.34][51879] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] idle: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - end: [...242] [ip4][..tcp] [...192.168.1.34][50111] -> [.91.190.216.125][..443] + end: [...242] [ip4][..tcp] [...192.168.1.34][50111] -> [.91.190.216.125][..443] [TLS][Unknown][Web][Safe] idle: [...241] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.39][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [...192.168.1.34][49903] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...247] [ip4][..tcp] [...192.168.1.34][50116] -> [...81.83.77.141][17639] [Unknown][Unknown][Unrated] @@ -1786,9 +1465,9 @@ not-detected: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...250] [ip4][..tcp] [...192.168.1.34][50119] -> [....86.31.35.30][59621] - end: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] + end: [....12] [ip4][..tcp] [...192.168.1.34][50027] -> [...23.223.73.34][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [...240] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.145][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [...192.168.1.34][49990] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...222] [ip4][..tcp] [...192.168.1.34][50099] -> [....64.4.23.166][40022] [Unknown][Unknown][Unrated] @@ -1802,88 +1481,50 @@ guessed: [...167] [ip4][..tcp] [...192.168.1.34][50066] -> [...65.55.223.12][..443] [TLS][Unknown][Web][Safe] end: [...167] [ip4][..tcp] [...192.168.1.34][50066] -> [...65.55.223.12][..443] idle: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...146] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [.....71.62.0.85][33647] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.168][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...255] [ip4][..tcp] [..17.143.160.22][.5223] -> [...192.168.1.34][49447] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port idle: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.48][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...127] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.32][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.172][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.166][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...236] [ip4][..udp] [...192.168.1.34][13021] -> [.176.97.100.249][26635] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.176][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.141][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...186] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.31][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....56] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.153][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.29][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...277] [ip4][..tcp] [...192.168.1.34][50134] -> [...157.56.53.47][12350] idle: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [...225] [ip4][..tcp] [...192.168.1.34][50102] -> [...65.55.223.15][..443] [TLS][Unknown][Web][Safe] end: [...225] [ip4][..tcp] [...192.168.1.34][50102] -> [...65.55.223.15][..443] idle: [....28] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....97] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...170] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...291] [ip4][..tcp] [...192.168.1.34][50145] -> [...157.56.53.51][12350] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic idle: [...291] [ip4][..tcp] [...192.168.1.34][50145] -> [...157.56.53.51][12350] @@ -1957,47 +1598,31 @@ not-detected: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...270] [ip4][..tcp] [...192.168.1.34][50132] -> [...149.13.32.15][13392] - end: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] + end: [...271] [ip4][..tcp] [...192.168.1.34][50133] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port end: [....15] [ip4][..tcp] [...192.168.1.34][50028] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) idle: [...235] [ip4][..udp] [...192.168.1.34][13021] -> [..76.185.207.12][45493] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...279] [ip4][..udp] [...192.168.1.34][..123] -> [..17.253.48.245][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [...192.168.1.34][58681] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] guessed: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [...292] [ip4][..tcp] [...192.168.1.34][50146] -> [...157.56.53.51][..443] idle: [....60] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...160] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.26][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.45][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.21][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.41][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.25][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...252] [ip4][..tcp] [...192.168.1.34][50122] -> [..81.133.19.185][44431] @@ -2005,123 +1630,70 @@ RISK: Fully encrypted flow end: [...254] [ip4][..tcp] [...192.168.1.34][50124] -> [..81.133.19.185][44431] idle: [...234] [ip4][..udp] [...192.168.1.34][13021] -> [..176.26.55.167][63773] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.152][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...208] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.162][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....59] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.148][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.157][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...130] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.161][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....61] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...156] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.175][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...191] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.151][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...120] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.143][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.172][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.147][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...178] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.165][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.147][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.155][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.159][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...159] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.145][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.166][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.153][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.142][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...155] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...139] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...207] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...229] [ip4][..udp] [...192.168.1.34][51066] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.151][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...166] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...198] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...185] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...264] [ip4][..udp] [...192.168.1.34][52714] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.150][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.168][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...262] [ip4][..udp] [...192.168.1.34][52742] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...268] [ip4][..udp] [...192.168.1.34][65037] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...140] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...199] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.152][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [...192.168.1.34][65045] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] + idle: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...276] [ip4][..udp] [...192.168.1.34][49511] -> [....192.168.1.1][.5351] idle: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.162][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40034] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...161] [ip4][..tcp] [...192.168.1.34][50065] -> [...65.55.223.12][40031] [Unknown][Unknown][Unrated] end: [...161] [ip4][..tcp] [...192.168.1.34][50065] -> [...65.55.223.12][40031] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/skype_no_unknown.pcap.out b/test/results/flow-info/default/skype_no_unknown.pcap.out index 4fb3f6ca9..8c65ab998 100644 --- a/test/results/flow-info/default/skype_no_unknown.pcap.out +++ b/test/results/flow-info/default/skype_no_unknown.pcap.out @@ -59,6 +59,8 @@ new: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [MIDSTREAM] detected: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] + RISK: Known Proto on Non Std Port analyse: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.302| 0.085| 0.091| 8331.101| 4.100] @@ -79,6 +81,7 @@ new: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [MIDSTREAM] detected: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] analyse: [....23] [ip4][..tcp] [...192.168.1.34][51227] -> [..17.172.100.36][..443] [TLS][Apple][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.077| 0.148| 0.323| 104108.532| 2.700] @@ -366,6 +369,7 @@ new: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [MIDSTREAM] detected: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [TLS][Dropbox][Web][Safe] RISK: Unidirectional Traffic + detection-update: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [TLS][Dropbox][Web][Safe] new: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] detected: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic @@ -571,7 +575,8 @@ new: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] detected: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] RISK: Unidirectional Traffic - update: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] + update: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -693,40 +698,28 @@ new: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] new: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] update: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol update: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....32] [ip4][..udp] [...192.168.1.92][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] new: [...251] [ip4][..tcp] [...192.168.1.34][51302] -> [.91.190.216.125][..443] new: [...252] [ip4][..tcp] [...192.168.1.34][51303] -> [...80.121.84.93][62381] @@ -754,110 +747,60 @@ new: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] new: [...261] [ip4][..tcp] [...192.168.1.34][51314] -> [..93.79.224.176][14506] update: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....56] [ip4][..udp] [...192.168.1.34][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....58] [ip4][..udp] [...192.168.1.92][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] update: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] detected: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port @@ -881,10 +824,10 @@ [ENTROPIES...: 5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.7,5.8,5.7,5.7,5.7,5.7,5.7] new: [...267] [ip4][..tcp] [...192.168.1.34][51319] -> [...212.161.8.36][13392] idle: [...233] [ip4][..udp] [...192.168.1.34][13021] -> [189.188.134.174][22436] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [....75] [ip4][..tcp] [...192.168.1.34][51240] -> [..111.221.74.45][..443] [TLS][Unknown][Web][Safe] end: [....75] [ip4][..tcp] [...192.168.1.34][51240] -> [..111.221.74.45][..443] - idle: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] + idle: [.....8] [ip4][..udp] [...192.168.1.34][61016] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic guessed: [...120] [ip4][..tcp] [...192.168.1.34][51250] -> [.111.221.77.175][..443] [TLS][Unknown][Web][Safe] end: [...120] [ip4][..tcp] [...192.168.1.34][51250] -> [.111.221.77.175][..443] guessed: [...157] [ip4][..tcp] [...192.168.1.34][51259] -> [.111.221.77.142][..443] [TLS][Unknown][Web][Safe] @@ -895,60 +838,43 @@ RISK: TCP Connection Issues end: [...219] [ip4][..tcp] [...192.168.1.34][51283] -> [..111.221.74.48][..443] idle: [...266] [ip4][..udp] [...192.168.1.34][13021] -> [..133.236.67.25][49195] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...166] [ip4][..udp] [...192.168.1.34][61095] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...231] [ip4][..udp] [...192.168.1.34][13021] -> [...83.31.12.173][23939] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...102] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...114] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.42][40005] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...202] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...201] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.29][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.25][40010] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...214] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.17][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...165] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...169] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.40][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.19][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...110] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.13][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.27][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.15][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.12][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....65] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.39][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...118] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...115] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...123] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [...192.168.1.34][59113] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...235] [ip4][..tcp] [...192.168.1.34][51289] -> [...71.238.7.203][18767] - end: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] + end: [....18] [ip4][..tcp] [...192.168.1.34][51231] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS not-detected: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow idle: [...240] [ip4][..tcp] [...192.168.1.34][51292] -> [...71.238.7.203][18767] idle: [.....2] [ip4][..udp] [...192.168.1.34][55028] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - end: [...244] [ip4][..tcp] [...192.168.1.34][51295] -> [..23.206.33.166][..443] + end: [...244] [ip4][..tcp] [...192.168.1.34][51295] -> [..23.206.33.166][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older) idle: [....93] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - idle: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] + idle: [....19] [ip4][..tcp] [.17.143.160.149][.5223] -> [...192.168.1.34][50407] [TLS][Apple][Web][Safe] + RISK: Known Proto on Non Std Port guessed: [...229] [ip4][..tcp] [...192.168.1.34][51286] -> [.91.190.218.125][..443] [TLS][Unknown][Web][Safe] end: [...229] [ip4][..tcp] [...192.168.1.34][51286] -> [.91.190.218.125][..443] idle: [...155] [ip4][..udp] [...192.168.1.34][63342] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -974,7 +900,6 @@ RISK: Fully encrypted flow idle: [...250] [ip4][..tcp] [...192.168.1.34][51301] -> [.82.224.110.241][38895] idle: [...226] [ip4][.icmp] [....192.168.1.1] -> [...192.168.1.34] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [...192.168.1.92][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....55] [ip4][..udp] [...192.168.1.34][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] not-detected: [...121] [ip4][..tcp] [...192.168.1.34][51251] -> [....64.4.23.166][40029] [Unknown][Unknown][Unrated] @@ -991,9 +916,7 @@ guessed: [....74] [ip4][..tcp] [...192.168.1.34][51239] -> [...65.55.223.45][..443] [TLS][Unknown][Web][Safe] end: [....74] [ip4][..tcp] [...192.168.1.34][51239] -> [...65.55.223.45][..443] idle: [...203] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...154] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [...192.168.1.34][53372] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic guessed: [....73] [ip4][..tcp] [...192.168.1.34][51238] -> [.157.55.235.147][..443] [TLS][Unknown][Web][Safe] @@ -1013,7 +936,6 @@ guessed: [...159] [ip4][..tcp] [...192.168.1.34][51261] -> [.157.55.235.170][..443] [TLS][Unknown][Web][Safe] end: [...159] [ip4][..tcp] [...192.168.1.34][51261] -> [.157.55.235.170][..443] idle: [...230] [ip4][..udp] [...192.168.1.34][13021] -> [.174.49.171.224][32011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [...191] [ip4][..tcp] [...192.168.1.34][51274] -> [.157.55.235.152][..443] [TLS][Unknown][Web][Safe] end: [...191] [ip4][..tcp] [...192.168.1.34][51274] -> [.157.55.235.152][..443] guessed: [...216] [ip4][..tcp] [...192.168.1.34][51280] -> [.157.55.235.146][..443] [TLS][Unknown][Web][Safe] @@ -1030,18 +952,16 @@ end: [....61] [ip4][..tcp] [...192.168.1.34][51236] -> [..111.221.74.45][40008] idle: [....28] [ip4][..udp] [...192.168.1.92][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....25] [ip4][..udp] [....192.168.1.1][..137] -> [...192.168.1.34][..137] [NetBIOS][Unknown][System][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [...192.168.1.34][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....29] [ip4][..udp] [...192.168.1.92][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [....27] [ip4][..udp] [....192.168.1.1][..138] -> [...192.168.1.34][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] - RISK: Unsafe Protocol, Unidirectional Traffic + RISK: Unsafe Protocol idle: [....26] [ip4][..udp] [...192.168.1.34][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [....31] [ip6][..udp] [...............fe80::c62c:3ff:fe06:49fe][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [...174] [ip4][....2] [..192.168.1.219] -> [...233.89.188.1] [IGMP][Unknown][Network][Acceptable] idle: [...232] [ip4][..udp] [...192.168.1.34][13021] -> [.189.138.161.88][19521] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...147] [ip4][..tcp] [...192.168.1.34][51256] -> [.111.221.77.142][40013] @@ -1057,9 +977,8 @@ RISK: Fully encrypted flow end: [...170] [ip4][..tcp] [...192.168.1.34][51267] -> [..111.221.74.18][40025] idle: [...237] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.14][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...224] [ip4][..udp] [...192.168.1.34][58061] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] - idle: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] + idle: [...127] [ip4][..tcp] [108.160.163.108][..443] -> [...192.168.1.34][51222] [TLS][Dropbox][Web][Safe] not-detected: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...253] [ip4][..tcp] [...192.168.1.34][51305] -> [...149.13.32.15][13392] @@ -1073,7 +992,8 @@ not-detected: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...263] [ip4][..tcp] [...192.168.1.34][51316] -> [...149.13.32.15][13392] - end: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] + end: [...264] [ip4][..tcp] [...192.168.1.34][51317] -> [...149.13.32.15][13392] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port idle: [.....9] [ip4][..udp] [...192.168.1.34][57694] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....13] [ip4][..tcp] [...192.168.1.34][51230] -> [.157.56.126.211][..443] [TLS.Skype_Teams][Unknown][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) @@ -1086,55 +1006,35 @@ idle: [....21] [ip4][..udp] [...192.168.1.34][51753] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.65][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...167] [ip4][..udp] [...192.168.1.34][55866] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [..192.168.0.254][.1025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [...136] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.176][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...175] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...221] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.155][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...215] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.170][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [...256] [ip4][..tcp] [...192.168.1.34][51308] -> [...80.121.84.93][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic idle: [...256] [ip4][..tcp] [...192.168.1.34][51308] -> [...80.121.84.93][..443] idle: [....71] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.173][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....79] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...176] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.158][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....92] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.142][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.145][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.148][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...142] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...171] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.171][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...101] [ip4][..udp] [...192.168.1.34][13021] -> [....64.4.23.154][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...132] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...112] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [...192.168.1.92][53826] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] not-detected: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [....60] [ip4][..tcp] [...192.168.1.34][51235] -> [...65.55.223.45][40009] idle: [....76] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [...192.168.1.34][49864] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [...192.168.1.34][64240] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] @@ -1157,14 +1057,14 @@ RISK: Fully encrypted flow end: [...207] [ip4][..tcp] [...192.168.1.34][51276] -> [.157.55.235.146][40021] idle: [...238] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.141][..443] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...186] [ip4][..tcp] [...192.168.1.34][51272] -> [.157.55.235.152][40029] not-detected: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...208] [ip4][..tcp] [...192.168.1.34][51277] -> [.157.55.235.156][40026] - idle: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] + idle: [...225] [ip4][..udp] [...192.168.1.34][59052] -> [....192.168.1.1][.5351] [NAT-PMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic not-detected: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...149] [ip4][..tcp] [...192.168.1.34][51258] -> [213.199.179.176][40021] @@ -1176,59 +1076,32 @@ idle: [....20] [ip4][..udp] [...192.168.1.34][50055] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...182] [ip4][..udp] [...192.168.1.34][13021] -> [...157.56.52.18][33033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...172] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.43][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...151] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.19][40001] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...125] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.42][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.33][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...212] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.173][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...168] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.38][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...150] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.149][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...129] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.160][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...141] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.44][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...194] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.170][40021] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.143][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....86] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...206] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.40][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...131] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.28][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.15][40026] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....83] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.46][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...111] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.27][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.34][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....95] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.151][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...143] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.171][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [...192.168.1.34][13021] -> [.111.221.77.159][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...128] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.24][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...119] [ip4][..udp] [...192.168.1.34][13021] -> [..111.221.74.20][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...198] [ip4][..udp] [...192.168.1.34][60413] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic not-detected: [....10] [ip4][..tcp] [...192.168.1.34][51229] -> [...157.56.52.28][40009] [Unknown][Unknown][Unrated] @@ -1253,39 +1126,25 @@ guessed: [...218] [ip4][..tcp] [...192.168.1.34][51282] -> [....64.4.23.159][..443] [TLS][Unknown][Web][Safe] end: [...218] [ip4][..tcp] [...192.168.1.34][51282] -> [....64.4.23.159][..443] idle: [....35] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.33][40002] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...183] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.43][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....85] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.22][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.13][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.28][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.44][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.32][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.20][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...163] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.42][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...188] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.18][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.17][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...195] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.24][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....99] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.27][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...204] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.15][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...197] [ip4][..udp] [...192.168.1.34][13021] -> [...65.55.223.16][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...260] [ip4][..tcp] [...192.168.1.34][51313] -> [...212.161.8.36][13392] - end: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] + end: [...262] [ip4][..tcp] [...192.168.1.34][51315] -> [...212.161.8.36][13392] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port not-detected: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow idle: [...265] [ip4][..tcp] [...192.168.1.34][51318] -> [...212.161.8.36][13392] @@ -1295,100 +1154,57 @@ idle: [....11] [ip4][..udp] [...192.168.1.34][62875] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [...180] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.173][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...211] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.175][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...179] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.171][40006] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...223] [ip4][..udp] [...192.168.1.34][59237] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....3] [ip4][..udp] [...192.168.1.34][64971] -> [....192.168.1.1][...53] [DNS.Skype_Teams][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [....87] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.150][40007] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...113] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.160][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.145][40008] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.140][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....94] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.149][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.171][40012] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...220] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.157][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.142][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....69] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.154][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...187] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.147][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...184] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.150][40014] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...161] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.166][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.170][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...193] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.159][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...122] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.144][40016] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...234] [ip4][..tcp] [...192.168.1.34][51288] -> [...76.167.161.6][20274] idle: [...192] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.170][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...181] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...137] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.148][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....98] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.156][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.174][40019] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.172][40020] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...189] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.160][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...133] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.152][40022] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...213] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.175][40023] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.167][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.168][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...196] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.158][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...138] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.155][40027] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.165][40028] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] [Unknown][Unknown][Unrated] RISK: TCP Connection Issues end: [...249] [ip4][..tcp] [...192.168.1.34][51300] -> [...76.167.161.6][20274] idle: [...105] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.167][40029] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...190] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.143][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...153] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.167][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...144] [ip4][..udp] [...192.168.1.34][13021] -> [..157.55.56.161][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...117] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.176][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...124] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.144][40032] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...145] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.148][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...126] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.130.146][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....89] [ip4][..udp] [...192.168.1.34][13021] -> [.157.55.235.162][40033] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic not-detected: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] [Unknown][Unknown][Unrated] RISK: Fully encrypted flow end: [...227] [ip4][..tcp] [...192.168.1.34][51284] -> [.91.190.218.125][12350] @@ -1403,31 +1219,17 @@ not-detected: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] [Unknown][Unknown][Unrated] end: [...248] [ip4][..tcp] [...192.168.1.34][51299] -> [.91.190.216.125][12350] idle: [....64] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.140][40003] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....96] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.165][40004] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...205] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.144][40009] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...134] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.172][40011] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.173][40013] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...222] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.141][40015] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.154][40017] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...116] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.143][40018] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...162] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.145][40024] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.174][40025] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...200] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.149][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...164] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.146][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.160][40030] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [...192.168.1.34][13021] -> [213.199.179.156][40031] [Skype_Teams.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/smb_deletefile.pcap.out b/test/results/flow-info/default/smb_deletefile.pcap.out index 9c6454baf..52b919685 100644 --- a/test/results/flow-info/default/smb_deletefile.pcap.out +++ b/test/results/flow-info/default/smb_deletefile.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 420,540,40,364,508,40,380,524,40,452,166,40,540,40,144,140,46,144,40,116,40,380,524,40,420,396,40,284,356,40,388,452] [ENTROPIES...: 3.1,3.4,4.5,2.7,3.0,4.5,2.9,3.2,4.5,3.0,3.5,4.5,2.9,4.5,3.5,3.2,4.4,3.7,4.5,3.4,4.5,2.9,3.2,4.5,3.1,2.8,4.5,2.8,3.0,4.5,2.6,3.0] idle: [.....1] [ip4][..tcp] [..192.168.1.118][56848] -> [..192.168.1.187][..445] [NetBIOS.SMBv23][Unknown][System][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/snapchat_call.pcapng.out b/test/results/flow-info/default/snapchat_call.pcapng.out index ee2cf1f04..46ec666e5 100644 --- a/test/results/flow-info/default/snapchat_call.pcapng.out +++ b/test/results/flow-info/default/snapchat_call.pcapng.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [.192.168.12.169][42083] -> [.18.184.138.142][..443] detected: [.....1] [ip4][..udp] [.192.168.12.169][42083] -> [.18.184.138.142][..443] [QUIC][AmazonAWS][Web][Acceptable] RISK: Missing SNI TLS Extn, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.12.169][42083] -> [.18.184.138.142][..443] [QUIC][AmazonAWS][Web][Acceptable] + RISK: Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.192.168.12.169][42083] -> [.18.184.138.142][..443] [QUIC.SnapchatCall][AmazonAWS][VoIP][Acceptable] RISK: Missing SNI TLS Extn analyse: [.....1] [ip4][..udp] [.192.168.12.169][42083] -> [.18.184.138.142][..443] [QUIC.SnapchatCall][AmazonAWS][VoIP][Acceptable] diff --git a/test/results/flow-info/default/snapchat_call_v1.pcapng.out b/test/results/flow-info/default/snapchat_call_v1.pcapng.out index 2a97db288..486d9ddbf 100644 --- a/test/results/flow-info/default/snapchat_call_v1.pcapng.out +++ b/test/results/flow-info/default/snapchat_call_v1.pcapng.out @@ -4,6 +4,7 @@ new: [.....1] [ip4][..udp] [.192.168.12.169][47520] -> [.34.246.231.140][..443] detected: [.....1] [ip4][..udp] [.192.168.12.169][47520] -> [.34.246.231.140][..443] [QUIC.Snapchat][AmazonAWS][SocialNetwork][Fun][str1-euwest1-34-246-231-140.addlive.io] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.12.169][47520] -> [.34.246.231.140][..443] [QUIC.Snapchat][AmazonAWS][SocialNetwork][Fun][str1-euwest1-34-246-231-140.addlive.io] detection-update: [.....1] [ip4][..udp] [.192.168.12.169][47520] -> [.34.246.231.140][..443] [QUIC.SnapchatCall][AmazonAWS][VoIP][Acceptable][str1-euwest1-34-246-231-140.addlive.io] analyse: [.....1] [ip4][..udp] [.192.168.12.169][47520] -> [.34.246.231.140][..443] [QUIC.SnapchatCall][AmazonAWS][VoIP][Acceptable] min| max| avg| stddev| variance| entropy diff --git a/test/results/flow-info/default/snmp.pcap.out b/test/results/flow-info/default/snmp.pcap.out index cb0cf31ec..8cc858544 100644 --- a/test/results/flow-info/default/snmp.pcap.out +++ b/test/results/flow-info/default/snmp.pcap.out @@ -45,9 +45,7 @@ new: [....10] [ip4][..udp] [.131.179.49.165][35970] -> [..254.158.1.169][..161] detected: [....10] [ip4][..udp] [.131.179.49.165][35970] -> [..254.158.1.169][..161] [SNMP][Unknown][Network][Acceptable] update: [.....7] [ip4][..udp] [..35.95.158.217][60440] -> [...30.79.214.36][..161] [SNMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..35.95.158.217][49306] -> [...30.79.214.36][..161] [SNMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 52 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 4 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 7] new: [....11] [ip4][..udp] [..92.135.15.240][54318] -> [.137.49.110.186][..162] @@ -55,39 +53,37 @@ RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.131.179.49.165][60694] -> [..254.158.1.169][..161] [SNMP][Unknown][Network][Acceptable] idle: [.....7] [ip4][..udp] [..35.95.158.217][60440] -> [...30.79.214.36][..161] [SNMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..35.95.158.217][49306] -> [...30.79.214.36][..161] [SNMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [.131.179.49.165][35970] -> [..254.158.1.169][..161] [SNMP][Unknown][Network][Acceptable] new: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] detected: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [....11] [ip4][..udp] [..92.135.15.240][54318] -> [.137.49.110.186][..162] + idle: [....11] [ip4][..udp] [..92.135.15.240][54318] -> [.137.49.110.186][..162] [SNMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] detected: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] + update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic new: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] detected: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] detected: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] - update: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] + update: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + update: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 4 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 10] new: [....16] [ip4][..udp] [...10.231.2.134][..161] -> [....10.72.247.4][61088] detected: [....16] [ip4][..udp] [...10.231.2.134][..161] -> [....10.72.247.4][61088] [SNMP][Unknown][Network][Acceptable] RISK: Error Code, Unidirectional Traffic - idle: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] - idle: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] + idle: [....12] [ip4][..udp] [.200.76.132.137][54318] -> [189.111.255.214][..162] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic + idle: [....13] [ip4][..udp] [.113.19.156.111][54318] -> [.135.201.124.55][..162] [SNMP][Unknown][Network][Acceptable] idle: [....15] [ip4][..udp] [.124.53.196.176][54318] -> [..103.248.22.47][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..205.83.36.228][54318] -> [.160.174.106.32][..162] [SNMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic new: [....17] [ip4][..udp] [.....10.99.8.88][43242] -> [.10.100.253.146][..161] detected: [....17] [ip4][..udp] [.....10.99.8.88][43242] -> [.10.100.253.146][..161] [SNMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic @@ -96,5 +92,5 @@ idle: [....17] [ip4][..udp] [.....10.99.8.88][43242] -> [.10.100.253.146][..161] [SNMP][Unknown][Network][Acceptable] RISK: Error Code idle: [....16] [ip4][..udp] [...10.231.2.134][..161] -> [....10.72.247.4][61088] [SNMP][Unknown][Network][Acceptable] - RISK: Error Code, Unidirectional Traffic + RISK: Error Code DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/soap.pcap.out b/test/results/flow-info/default/soap.pcap.out index e3f42b449..66dd0ad54 100644 --- a/test/results/flow-info/default/soap.pcap.out +++ b/test/results/flow-info/default/soap.pcap.out @@ -10,7 +10,8 @@ new: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] detected: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] [SOAP][Unknown][RPC][Acceptable] idle: [.....3] [ip4][..tcp] [..185.32.192.30][...80] -> [.85.154.114.113][56028] [SOAP][Unknown][RPC][Acceptable] - idle: [.....2] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][.4176] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][.4176] [HTTP.SOAP][Unknown][Cloud][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic guessed: [.....1] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][...80] [HTTP][Unknown][Web][Acceptable][] end: [.....1] [ip4][..tcp] [..192.168.2.100][50100] -> [...23.2.213.165][...80] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/softether.pcap.out b/test/results/flow-info/default/softether.pcap.out index 0fbe92379..2dbf121f3 100644 --- a/test/results/flow-info/default/softether.pcap.out +++ b/test/results/flow-info/default/softether.pcap.out @@ -16,9 +16,9 @@ DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] new: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] detected: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] - idle: [.....2] [ip4][..tcp] [..192.168.2.100][37504] -> [..130.158.75.45][...80] - update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] - update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] + idle: [.....2] [ip4][..tcp] [..192.168.2.100][37504] -> [..130.158.75.45][...80] [HTTP.Softether][Unknown][VPN][Acceptable] + update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 34 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -26,6 +26,7 @@ new: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] detected: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] @@ -34,43 +35,43 @@ update: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 55 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 11] + DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 11] idle: [.....3] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 15] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 15] new: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] detected: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.105][.5004] [Softether][Unknown][VPN][Acceptable] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] - update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] + update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 85 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 18] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 18] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 100 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 22] + DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 22] new: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] detected: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.112][.5004] [Softether][Unknown][VPN][Acceptable] - update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] + update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] detection-update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 115 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 25] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 25] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 130 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 29] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 29] analyse: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.257| 1566.080| 9319.382| 0.000| 0.000| 1.100] @@ -86,13 +87,13 @@ update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 145 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 33] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 33] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] DAEMON-EVENT: [Processed: 162 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 5|updates: 37] + DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 37] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] update: [.....6] [ip4][..udp] [..192.168.2.100][51381] -> [..130.158.6.113][.5004] [Softether][Unknown][VPN][Acceptable] diff --git a/test/results/flow-info/default/someip-tp.pcap.out b/test/results/flow-info/default/someip-tp.pcap.out index ed9faf888..4236cc72f 100644 --- a/test/results/flow-info/default/someip-tp.pcap.out +++ b/test/results/flow-info/default/someip-tp.pcap.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..udp] [.....10.0.1.207][56772] -> [.......10.0.1.1][18193] [SOMEIP][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....1] [ip4][..udp] [.....10.0.1.207][56772] -> [.......10.0.1.1][18193] [SOMEIP][Unknown][RPC][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/someip-udp-method-call.pcapng.out b/test/results/flow-info/default/someip-udp-method-call.pcapng.out index cbe58a2c6..6d113528e 100644 --- a/test/results/flow-info/default/someip-udp-method-call.pcapng.out +++ b/test/results/flow-info/default/someip-udp-method-call.pcapng.out @@ -8,7 +8,7 @@ detected: [.....2] [ip4][..udp] [..192.168.0.125][49191] -> [....192.168.0.1][49201] [SOMEIP][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.0.125][49191] -> [....192.168.0.1][49201] [SOMEIP][Unknown][RPC][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..udp] [....192.168.0.1][49190] -> [......224.0.0.1][49190] [SOMEIP][Unknown][RPC][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/source_engine.pcap.out b/test/results/flow-info/default/source_engine.pcap.out index 07faea3f6..28ec2f2bb 100644 --- a/test/results/flow-info/default/source_engine.pcap.out +++ b/test/results/flow-info/default/source_engine.pcap.out @@ -10,108 +10,86 @@ detected: [.....2] [ip4][..udp] [.174.134.158.83][47464] -> [206.125.246.217][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.222.204.159.87][20595] -> [206.125.246.211][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 2 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [237.117.185.247][41251] -> [206.125.246.219][27015] detected: [.....3] [ip4][..udp] [237.117.185.247][41251] -> [206.125.246.219][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.174.134.158.83][47464] -> [206.125.246.217][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....4] [ip4][..udp] [.252.187.173.26][42155] -> [206.125.246.211][27015] detected: [.....4] [ip4][..udp] [.252.187.173.26][42155] -> [206.125.246.211][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [237.117.185.247][41251] -> [206.125.246.219][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 4 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....5] [ip4][..udp] [167.166.182.152][53321] -> [206.125.246.212][27015] detected: [.....5] [ip4][..udp] [167.166.182.152][53321] -> [206.125.246.212][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.252.187.173.26][42155] -> [206.125.246.211][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....6] [ip4][..udp] [.151.182.246.17][52464] -> [206.125.246.217][27015] detected: [.....6] [ip4][..udp] [.151.182.246.17][52464] -> [206.125.246.217][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [167.166.182.152][53321] -> [206.125.246.212][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [197.114.186.247][64888] -> [206.125.246.213][27015] detected: [.....7] [ip4][..udp] [197.114.186.247][64888] -> [206.125.246.213][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [167.166.182.152][53321] -> [206.125.246.212][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.151.182.246.17][52464] -> [206.125.246.217][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [197.114.186.247][38846] -> [206.125.246.222][27015] detected: [.....8] [ip4][..udp] [197.114.186.247][38846] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.151.182.246.17][52464] -> [206.125.246.217][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [197.114.186.247][64888] -> [206.125.246.213][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 8 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 8|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [.....9] [ip4][..udp] [237.117.153.178][24647] -> [206.125.246.215][27015] detected: [.....9] [ip4][..udp] [237.117.153.178][24647] -> [206.125.246.215][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [197.114.186.247][38846] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [.252.141.177.26][21572] -> [206.125.246.216][27015] detected: [....10] [ip4][..udp] [.252.141.177.26][21572] -> [206.125.246.216][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [197.114.186.247][38846] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [237.117.153.178][24647] -> [206.125.246.215][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....11] [ip4][..udp] [165.165.117.188][48822] -> [206.125.246.211][27015] detected: [....11] [ip4][..udp] [165.165.117.188][48822] -> [206.125.246.211][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [.252.141.177.26][21572] -> [206.125.246.216][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [197.114.186.247][38846] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [237.117.153.178][24647] -> [206.125.246.215][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....12] [ip4][..udp] [.140.151.209.84][.8335] -> [206.125.246.214][27015] detected: [....12] [ip4][..udp] [.140.151.209.84][.8335] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [165.165.117.188][48822] -> [206.125.246.211][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [197.114.186.247][41194] -> [206.125.246.214][27015] detected: [....13] [ip4][..udp] [197.114.186.247][41194] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [.140.151.209.84][.8335] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 13 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 13|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....14] [ip4][..udp] [222.158.181.242][58235] -> [206.125.246.222][27015] detected: [....14] [ip4][..udp] [222.158.181.242][58235] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [197.114.186.247][41194] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [237.139.153.112][.3722] -> [206.125.246.219][27015] detected: [....15] [ip4][..udp] [237.139.153.112][.3722] -> [206.125.246.219][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [222.158.181.242][58235] -> [206.125.246.222][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....16] [ip4][..udp] [118.149.186.147][21285] -> [206.125.246.214][27015] detected: [....16] [ip4][..udp] [118.149.186.147][21285] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [237.139.153.112][.3722] -> [206.125.246.219][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....17] [ip4][..udp] [.151.182.246.17][17890] -> [206.125.246.221][27015] detected: [....17] [ip4][..udp] [.151.182.246.17][17890] -> [206.125.246.221][27015] [Source_Engine][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [118.149.186.147][21285] -> [206.125.246.214][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [.151.182.246.17][17890] -> [206.125.246.221][27015] [Source_Engine][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/sql_injection.pcap.out b/test/results/flow-info/default/sql_injection.pcap.out index 942a74760..ac0b0afa9 100644 --- a/test/results/flow-info/default/sql_injection.pcap.out +++ b/test/results/flow-info/default/sql_injection.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..tcp] [..192.168.3.109][53528] -> [..192.168.3.107][...80] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..192.168.3.109][53528] -> [..192.168.3.107][...80] [HTTP][Unknown][Web][Acceptable][192.168.3.107] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [..192.168.3.109][53528] -> [..192.168.3.107][...80] [HTTP][Unknown][Web][Acceptable][192.168.3.107] + RISK: SQL Injection, HTTP/TLS/QUIC Numeric Hostname/SNI idle: [.....1] [ip4][..tcp] [..192.168.3.109][53528] -> [..192.168.3.107][...80] [HTTP][Unknown][Web][Acceptable] RISK: SQL Injection, HTTP/TLS/QUIC Numeric Hostname/SNI DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/srvloc-v1.pcapng.out b/test/results/flow-info/default/srvloc-v1.pcapng.out index 7778e19ba..3d29e8a6e 100644 --- a/test/results/flow-info/default/srvloc-v1.pcapng.out +++ b/test/results/flow-info/default/srvloc-v1.pcapng.out @@ -8,7 +8,5 @@ detected: [.....2] [ip4][..udp] [..250.83.105.78][51708] -> [.172.30.246.115][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.23.220.116.175][..427] -> [.192.168.199.71][57782] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..250.83.105.78][51708] -> [.172.30.246.115][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/srvloc.pcap.out b/test/results/flow-info/default/srvloc.pcap.out index 9edf91c2a..0a884ba03 100644 --- a/test/results/flow-info/default/srvloc.pcap.out +++ b/test/results/flow-info/default/srvloc.pcap.out @@ -10,35 +10,28 @@ detected: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..37.40.101.196][53106] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] detected: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 3 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] new: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] detected: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..44.99.113.150][40623] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.27.134.169.220][45163] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] detected: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 5 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] detected: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [208.100.177.136][33246] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..44.99.113.150][34697] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [.....7] [ip4][..udp] [.45.124.147.156][50663] -> [.165.114.202.61][..427] @@ -48,461 +41,379 @@ detected: [.....8] [ip4][..udp] [.45.124.147.156][41268] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.45.124.147.156][33510] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] detected: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.45.124.147.156][41268] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.45.124.147.156][50663] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 10 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] detected: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.236.155.96.147][43154] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] detected: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [.45.124.147.156][57141] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 12 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] detected: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [184.180.168.240][38061] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 13 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 2] new: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] detected: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [236.131.162.157][38756] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] detected: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [.200.31.144.158][39908] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] detected: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 15|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] detected: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [.200.31.144.158][37600] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [.200.31.144.158][40656] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] detected: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..70.28.101.252][53651] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] detected: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 19 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 18|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 4] new: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] detected: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [.200.31.144.158][38913] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [.200.31.144.158][33453] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] detected: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 21 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 20|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] detected: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [.200.31.144.158][60963] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [.200.31.144.158][41259] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 22 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 21|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] detected: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [...62.230.4.248][56007] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] detected: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [.200.31.144.158][52741] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] detected: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 25 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 24|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] detected: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [.200.31.144.158][43074] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [.200.31.144.158][39516] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 26 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 25|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] detected: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [198.229.224.110][56395] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 27 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] detected: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [..67.159.16.150][27095] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] detected: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [.217.217.186.39][52663] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 29 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 28|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] detected: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [..35.252.69.113][26160] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] detected: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [.34.102.125.120][45441] -> [...90.141.37.56][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 31 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 30|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] detected: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [.27.134.169.220][58691] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 32 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 31|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 6] new: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] detected: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [134.180.144.149][33386] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] detected: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [.36.231.109.217][50939] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] detected: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 34|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 7] new: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] detected: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [.227.199.90.122][41334] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [182.180.120.139][58970] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] detected: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [200.180.144.114][55489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] detected: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] detected: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [.70.180.111.241][60983] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 38|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] detected: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [236.131.162.157][38679] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [.47.123.189.155][56038] -> [..90.147.171.51][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] detected: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [.70.180.111.241][48096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 41 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 40|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] detected: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [182.180.120.139][46563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 42 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 41|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] detected: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [..218.19.29.186][56315] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 43 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 42|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] detected: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [186.213.158.225][51349] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 44 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 43|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] detected: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [231.223.121.213][.7086] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 46 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 44|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] detected: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [..20.133.112.32][11510] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 47 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 45|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] detected: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [..83.48.216.235][51745] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 48 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 46|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] detected: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [.154.97.132.119][64306] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 49 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 47|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] detected: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [..83.48.216.235][56358] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] detected: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [.....72.30.8.39][43690] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 51 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 49|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 9] new: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] detected: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [.....71.38.8.47][42689] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] detected: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] detected: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [.121.106.247.20][12409] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 54 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 52|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 11] new: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] detected: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [..185.225.247.8][48375] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [.....55.94.8.63][43995] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] detected: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [.....121.82.8.7][60170] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 56 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 54|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 11] new: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] detected: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [.121.106.247.20][55474] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] detected: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 58 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 56|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 12] new: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] detected: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [.121.106.247.20][55474] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....56] [ip4][..udp] [..200.97.247.24][22124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] detected: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] detected: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [..121.35.244.56][30580] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 61 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 59|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] detected: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [...154.96.5.121][26060] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....59] [ip4][..udp] [..38.236.38.224][52729] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 62 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 60|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] detected: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....60] [ip4][..udp] [..69.230.164.78][55275] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 64 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 61|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] detected: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....61] [ip4][..udp] [..235.98.65.133][31778] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 65 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 62|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] detected: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....62] [ip4][..udp] [..88.31.110.219][50660] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 66 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 63|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] detected: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [...35.0.100.115][62892] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 67 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 64|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] detected: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....64] [ip4][..udp] [.34.102.125.120][17423] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 68 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 65|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] detected: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....65] [ip4][..udp] [.70.232.230.229][51197] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 69 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 66|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] detected: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [172.237.152.209][51708] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 70 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 67|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] detected: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....67] [ip4][..udp] [...58.36.157.61][53238] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 71 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 68|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] detected: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....68] [ip4][..udp] [.227.134.81.212][37207] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 72 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 69|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] detected: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....69] [ip4][..udp] [..39.59.139.121][51157] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 70|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] detected: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [.227.134.81.212][45177] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 74 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 71|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] detected: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....71] [ip4][..udp] [.103.71.146.222][47772] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 72|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] detected: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....72] [ip4][..udp] [238.132.112.150][44248] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] detected: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....73] [ip4][..udp] [134.180.144.149][47037] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 77 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 74|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] detected: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....74] [ip4][..udp] [.236.155.96.147][44475] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] detected: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....75] [ip4][..udp] [182.180.120.139][33156] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 79 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 76|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....77] [ip4][..udp] [.47.123.177.154][44018] -> [.165.114.202.61][..427] @@ -512,219 +423,177 @@ detected: [....78] [ip4][..udp] [..46.100.97.147][37387] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....76] [ip4][..udp] [..19.99.147.148][49052] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 81 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 78|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 14] new: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] detected: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....78] [ip4][..udp] [..46.100.97.147][37387] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....77] [ip4][..udp] [.47.123.177.154][44018] -> [.165.114.202.61][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] detected: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] detected: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [200.180.144.114][57533] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....79] [ip4][..udp] [134.180.144.149][48737] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 84 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 81|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15] new: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] detected: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [.47.123.177.154][35950] -> [...85.111.52.57][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] detected: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....82] [ip4][..udp] [.....44.49.31.2][51197] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 86 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 83|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 15] new: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] detected: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....83] [ip4][..udp] [..19.99.146.156][54379] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] detected: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 88 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 85|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] detected: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [....174.50.7.11][55450] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....85] [ip4][..udp] [.58.218.184.177][54059] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 89 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 86|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] detected: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....86] [ip4][..udp] [...31.0.154.114][40383] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 90 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 87|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] detected: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....87] [ip4][..udp] [.66.228.194.219][53105] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 91 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 88|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] detected: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....88] [ip4][..udp] [..67.159.16.150][43759] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 92 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 89|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] detected: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....89] [ip4][..udp] [.200.31.144.158][53596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] detected: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....90] [ip4][..udp] [.200.31.144.158][47879] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 94 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 91|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 16] new: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] detected: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....91] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] detected: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] detected: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....92] [ip4][..udp] [.200.31.144.158][51364] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 97 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 94|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 18] new: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] detected: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....93] [ip4][..udp] [.200.31.144.158][41690] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....94] [ip4][..udp] [.200.31.144.158][51228] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] detected: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] detected: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....95] [ip4][..udp] [..35.252.69.113][59682] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 100 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 97|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] detected: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....96] [ip4][..udp] [..208.209.71.22][55733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [....97] [ip4][..udp] [.200.31.144.158][40943] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 101 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 98|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] detected: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....98] [ip4][..udp] [.200.31.144.158][33048] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 102 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 99|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] detected: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [....99] [ip4][..udp] [.19.156.188.155][47964] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 103 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 100|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] detected: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...100] [ip4][..udp] [.210.12.216.151][54477] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 104 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 101|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] detected: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...101] [ip4][..udp] [..70.28.101.252][52969] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] detected: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...102] [ip4][..udp] [....57.3.49.213][25820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 106 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 103|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] detected: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...103] [ip4][..udp] [.70.193.198.250][29011] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] detected: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [...87.0.217.242][54220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 108 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 105|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 20] new: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] detected: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...105] [ip4][..udp] [.54.251.198.222][40998] -> [..165.144.84.62][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] detected: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [...87.39.57.211][42486] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] detected: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] detected: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...107] [ip4][..udp] [..88.219.46.235][.7636] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] detected: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...108] [ip4][..udp] [..173.241.63.36][56717] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 113 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 110|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 23] new: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] @@ -734,83 +603,67 @@ detected: [...112] [ip4][..udp] [..88.219.46.235][44462] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...109] [ip4][..udp] [..167.57.49.219][49798] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 115 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 112|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] detected: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...112] [ip4][..udp] [..88.219.46.235][44462] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...110] [ip4][..udp] [.168.222.38.193][38055] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...111] [ip4][..udp] [..46.204.255.75][55098] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] detected: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...113] [ip4][..udp] [..167.57.49.219][62479] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 117 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 114|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] detected: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...114] [ip4][..udp] [...83.14.224.14][55733] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 118 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 115|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] detected: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...115] [ip4][..udp] [.159.60.180.118][43688] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 119 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 116|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] detected: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...116] [ip4][..udp] [134.180.144.149][38375] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 120 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 117|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] detected: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...117] [ip4][..udp] [134.180.144.149][52853] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 121 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 118|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 25] new: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] detected: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...118] [ip4][..udp] [239.100.141.153][53222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] detected: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 123 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 120|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] detected: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...120] [ip4][..udp] [182.180.120.139][60043] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...119] [ip4][..udp] [..45.99.146.146][34238] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 124 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 121|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] detected: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...121] [ip4][..udp] [..46.100.97.147][55816] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] detected: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -818,82 +671,68 @@ detected: [...124] [ip4][..udp] [.70.180.111.241][39226] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...122] [ip4][..udp] [.47.123.177.154][47805] -> [..69.109.187.54][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...123] [ip4][..udp] [134.180.144.149][51113] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 127 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 124|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] detected: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...124] [ip4][..udp] [.70.180.111.241][39226] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] detected: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...125] [ip4][..udp] [...35.0.100.115][.9681] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 129 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 126|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] detected: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...126] [ip4][..udp] [226.158.252.127][24595] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 130 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 127|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] detected: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...127] [ip4][..udp] [...66.24.225.77][56086] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 131 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 128|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] detected: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...128] [ip4][..udp] [...83.14.224.14][49307] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 132 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] detected: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...129] [ip4][..udp] [.98.103.253.115][44099] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 133 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 130|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] detected: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...130] [ip4][..udp] [226.128.122.118][29946] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 134 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 131|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 26] new: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] detected: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...131] [ip4][..udp] [..64.63.219.226][57092] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] detected: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 136 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 133|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 27] new: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] detected: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...133] [ip4][..udp] [..64.63.219.226][57092] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...132] [ip4][..udp] [160.184.203.250][41825] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] detected: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] detected: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -901,166 +740,137 @@ detected: [...137] [ip4][..udp] [.161.193.58.225][64776] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...135] [ip4][..udp] [...64.65.52.246][10179] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...136] [ip4][..udp] [..64.63.219.226][10207] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...134] [ip4][..udp] [..64.71.218.224][20366] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 140 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 137|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] new: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] detected: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...137] [ip4][..udp] [.161.193.58.225][64776] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 141 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 138|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] new: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] detected: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...138] [ip4][..udp] [..65.62.197.248][45675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 142 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 139|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] new: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] detected: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...139] [ip4][..udp] [..16.99.147.146][48728] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] detected: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...140] [ip4][..udp] [.75.153.126.243][54378] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 144 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 141|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 28] new: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] detected: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...141] [ip4][..udp] [.70.216.186.103][55880] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] detected: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] detected: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...142] [ip4][..udp] [..82.14.191.177][51704] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 147 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 144|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] detected: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...143] [ip4][..udp] [..70.28.101.252][49306] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...144] [ip4][..udp] [..166.235.162.1][50338] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 148 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 145|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] detected: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...145] [ip4][..udp] [...38.238.166.9][56529] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 149 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 146|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] detected: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...146] [ip4][..udp] [..206.204.24.90][51495] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 150 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 147|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] detected: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...147] [ip4][..udp] [165.128.253.116][.5073] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 151 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 148|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] detected: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...148] [ip4][..udp] [.217.31.231.255][56070] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 152 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 149|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] detected: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...149] [ip4][..udp] [.28.102.134.210][45382] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 153 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 150|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] detected: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...150] [ip4][..udp] [..173.241.63.36][50984] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 154 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 151|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] detected: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...151] [ip4][..udp] [...81.24.43.106][60145] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 155 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 152|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 30] new: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] detected: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...152] [ip4][..udp] [...81.24.43.106][57096] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] detected: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 157 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 154|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] new: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] detected: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...153] [ip4][..udp] [...81.24.43.106][58419] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...154] [ip4][..udp] [...81.24.43.106][52243] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 158 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 155|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] new: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] detected: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...155] [ip4][..udp] [.70.180.111.241][39508] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] detected: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...156] [ip4][..udp] [208.100.177.136][45704] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 160 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 157|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] new: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] detected: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...157] [ip4][..udp] [...81.24.43.106][47011] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] detected: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...158] [ip4][..udp] [182.180.120.139][33316] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 162 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 159|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] new: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] detected: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...159] [ip4][..udp] [182.180.120.139][38297] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] detected: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -1070,26 +880,21 @@ detected: [...162] [ip4][..udp] [.45.124.147.156][57093] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...161] [ip4][..udp] [.246.75.104.115][50697] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...160] [ip4][..udp] [.246.75.104.115][49217] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] detected: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...162] [ip4][..udp] [.45.124.147.156][57093] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 166 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 163|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 31] new: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] detected: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...163] [ip4][..udp] [...81.24.43.106][60815] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] detected: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] detected: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -1099,98 +904,82 @@ detected: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...166] [ip4][..udp] [184.180.168.240][39574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...164] [ip4][..udp] [.246.75.104.115][34990] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...165] [ip4][..udp] [239.100.141.153][41989] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 170 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 167|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] detected: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...167] [ip4][..udp] [...81.24.43.106][58836] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 171 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 168|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] detected: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...168] [ip4][..udp] [.100.56.155.112][.1724] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 172 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 169|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] detected: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...169] [ip4][..udp] [.227.134.81.212][10457] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 173 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 170|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] detected: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...170] [ip4][..udp] [.75.137.134.242][.6448] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 174 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 171|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] detected: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] [Service_Location_Protocol][Google][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...171] [ip4][..udp] [..91.33.106.218][.2534] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 175 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 172|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] detected: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...172] [ip4][..udp] [.34.119.122.126][.6239] -> [...85.111.52.57][..427] [Service_Location_Protocol][Google][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 176 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 173|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] detected: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...173] [ip4][..udp] [..46.100.97.147][52664] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 177 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 174|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] detected: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...174] [ip4][..udp] [...81.24.43.106][48098] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 178 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 175|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] detected: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...175] [ip4][..udp] [...81.24.43.106][43525] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] detected: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...176] [ip4][..udp] [...33.216.90.56][53342] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 180 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 177|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] detected: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...177] [ip4][..udp] [..161.47.199.37][50010] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 181 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 178|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 32] new: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] detected: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...178] [ip4][..udp] [.93.102.124.112][41596] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] detected: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...179] [ip4][..udp] [.119.34.147.222][56878] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] detected: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -1198,35 +987,27 @@ detected: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...180] [ip4][..udp] [249.149.111.219][57636] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] detected: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...181] [ip4][..udp] [118.158.148.196][44102] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 186 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 183|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] detected: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...183] [ip4][..udp] [..185.97.76.211][42268] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...182] [ip4][..udp] [134.217.184.242][23876] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] detected: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...184] [ip4][..udp] [.71.170.115.245][44124] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] detected: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...185] [ip4][..udp] [.198.153.87.225][34996] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] detected: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -1236,920 +1017,762 @@ detected: [...188] [ip4][..udp] [..56.82.128.250][53705] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...187] [ip4][..udp] [134.217.184.242][41215] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...186] [ip4][..udp] [.71.170.115.245][44124] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 191 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 188|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] detected: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...188] [ip4][..udp] [..56.82.128.250][53705] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 192 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 189|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] detected: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...189] [ip4][..udp] [.218.211.196.58][52158] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 193 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 190|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] detected: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...190] [ip4][..udp] [236.131.162.157][34095] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 194 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 191|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] detected: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...191] [ip4][..udp] [.177.48.184.247][56640] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 195 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 192|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] detected: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...192] [ip4][..udp] [..69.36.231.230][53489] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 196 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 193|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] detected: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...193] [ip4][..udp] [...44.239.95.30][56105] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 197 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 194|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] detected: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...194] [ip4][..udp] [....80.16.0.251][49389] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 198 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 195|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] detected: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...195] [ip4][..udp] [...165.37.39.94][49159] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 199 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 196|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] detected: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...196] [ip4][..udp] [..178.14.64.233][55586] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 200 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 197|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] detected: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...197] [ip4][..udp] [.200.31.144.158][47437] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] detected: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...198] [ip4][..udp] [.200.31.144.158][44893] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 202 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 199|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] detected: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...199] [ip4][..udp] [.200.31.144.158][46878] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 203 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 200|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] detected: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...200] [ip4][..udp] [.200.31.144.158][39691] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] detected: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...201] [ip4][..udp] [.200.31.144.158][59069] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 205 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 202|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 34] new: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] detected: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] detected: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...202] [ip4][..udp] [.200.31.144.158][51406] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 207 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 204|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 36] new: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] detected: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...203] [ip4][..udp] [.200.31.144.158][35296] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...204] [ip4][..udp] [.200.31.144.158][48172] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 208 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 205|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 36] new: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] detected: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...205] [ip4][..udp] [.200.31.144.158][53249] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] detected: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] detected: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...206] [ip4][..udp] [..16.100.83.145][60232] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...207] [ip4][..udp] [184.180.168.240][36840] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 211 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 208|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] detected: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...208] [ip4][..udp] [..16.99.147.146][34236] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 212 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 209|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] detected: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...209] [ip4][..udp] [182.180.120.139][53230] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 213 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 210|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] detected: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...210] [ip4][..udp] [182.180.120.139][38609] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] detected: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...211] [ip4][..udp] [..19.99.147.148][36797] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 215 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 212|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] detected: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...212] [ip4][..udp] [.45.131.161.152][36751] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 216 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 213|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] detected: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...213] [ip4][..udp] [.45.100.140.153][54538] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 217 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 214|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 37] new: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] detected: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...214] [ip4][..udp] [.103.71.146.222][26355] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] detected: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 219 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 216|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 38] new: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] detected: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...215] [ip4][..udp] [.103.71.146.222][64387] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...216] [ip4][..udp] [.100.56.155.112][53130] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] detected: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 221 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 218|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] detected: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...218] [ip4][..udp] [..167.7.154.125][.8220] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...217] [ip4][..udp] [...186.27.5.237][51315] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 222 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 219|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] detected: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...219] [ip4][..udp] [..46.100.97.147][59003] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 223 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 220|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] detected: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...220] [ip4][..udp] [..67.159.16.150][35493] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 224 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 221|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] detected: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...221] [ip4][..udp] [..67.159.16.150][35856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 225 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 222|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] detected: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...222] [ip4][..udp] [....34.220.38.0][54720] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 226 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 223|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] detected: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...223] [ip4][..udp] [..173.49.159.50][54834] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 227 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 224|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] detected: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...224] [ip4][..udp] [.206.17.216.171][53625] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 228 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 225|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 39] new: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] detected: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...225] [ip4][..udp] [..64.56.203.178][42341] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] detected: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] detected: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...226] [ip4][..udp] [..166.70.59.181][46093] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] detected: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...227] [ip4][..udp] [167.185.203.175][.8162] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] detected: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...229] [ip4][..udp] [.88.192.213.176][63574] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...228] [ip4][..udp] [...33.26.187.87][52761] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 233 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 230|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 42] new: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] detected: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 234 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 231|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] detected: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...230] [ip4][..udp] [184.199.219.188][30639] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...231] [ip4][..udp] [166.199.219.182][28881] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] detected: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...232] [ip4][..udp] [..95.64.196.186][18841] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 236 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 233|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] detected: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...233] [ip4][..udp] [..88.63.218.184][51027] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 237 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 234|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] detected: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...234] [ip4][..udp] [...71.64.36.183][57381] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 238 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 235|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] detected: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...235] [ip4][..udp] [165.211.188.239][50862] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 239 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 236|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] detected: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] [Service_Location_Protocol][Google][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...236] [ip4][..udp] [...31.0.154.114][31214] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] detected: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...237] [ip4][..udp] [.34.119.122.126][19055] -> [..165.144.84.62][..427] [Service_Location_Protocol][Google][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 241 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 238|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] detected: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...238] [ip4][..udp] [..89.214.56.129][50635] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 242 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 239|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] detected: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...239] [ip4][..udp] [..193.209.38.96][56783] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 243 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 240|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] detected: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...240] [ip4][..udp] [..34.16.223.107][49482] -> [..165.144.84.62][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 245 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 241|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] detected: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...241] [ip4][..udp] [..235.96.127.30][30596] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 246 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 242|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] detected: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...242] [ip4][..udp] [...154.96.5.121][30879] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 247 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 243|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] detected: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...243] [ip4][..udp] [208.123.176.154][53775] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 248 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 244|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 43] new: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] detected: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...244] [ip4][..udp] [.236.131.82.145][40660] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] detected: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 250 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 246|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] detected: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...246] [ip4][..udp] [237.132.176.136][34418] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...245] [ip4][..udp] [.19.156.188.155][47749] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 251 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 247|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] detected: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...247] [ip4][..udp] [.45.124.147.156][55189] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 252 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 248|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] detected: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...248] [ip4][..udp] [.70.180.111.241][37873] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 253 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 249|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] detected: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...249] [ip4][..udp] [.47.123.177.154][50527] -> [..90.111.212.50][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 254 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 250|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] detected: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...250] [ip4][..udp] [.227.199.90.122][22596] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 255 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 251|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] detected: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...251] [ip4][..udp] [...161.45.5.172][56443] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 256 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 252|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] detected: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...252] [ip4][..udp] [...66.24.225.77][55319] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 257 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 253|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] detected: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...253] [ip4][..udp] [..88.56.155.126][14639] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 258 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 254|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 44] new: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] detected: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...254] [ip4][..udp] [..35.252.69.113][15055] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] detected: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] detected: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...256] [ip4][..udp] [..94.46.221.227][49978] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...255] [ip4][..udp] [...93.22.25.240][53557] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 261 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 257|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] detected: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...257] [ip4][..udp] [..211.49.103.57][55377] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 262 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 258|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] detected: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...258] [ip4][..udp] [..67.159.16.150][57227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 263 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 259|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] detected: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...259] [ip4][..udp] [..70.210.130.41][50379] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 264 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 260|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] detected: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...260] [ip4][..udp] [.217.23.159.199][54694] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 265 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 261|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] detected: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...261] [ip4][..udp] [208.243.248.212][54962] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 267 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 262|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] detected: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...262] [ip4][..udp] [..42.224.153.12][15346] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] detected: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...263] [ip4][..udp] [199.221.139.233][45906] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 269 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 264|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 45] new: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] detected: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...264] [ip4][..udp] [.246.237.99.253][12689] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] detected: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...265] [ip4][..udp] [.247.45.112.206][20029] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] detected: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 272 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 267|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] detected: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...266] [ip4][..udp] [..56.174.92.201][12782] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...267] [ip4][..udp] [..70.38.107.241][.3833] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] detected: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...268] [ip4][..udp] [..70.106.99.214][10633] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 274 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 269|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] detected: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...269] [ip4][..udp] [.246.237.99.253][28232] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 275 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 270|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] detected: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...270] [ip4][..udp] [.200.29.108.217][55185] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 276 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 271|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] detected: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...271] [ip4][..udp] [..67.159.16.150][48238] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 277 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 272|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] detected: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...272] [ip4][..udp] [...35.0.100.115][24038] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] detected: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...273] [ip4][..udp] [.91.255.107.116][29445] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 279 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 274|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] detected: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...274] [ip4][..udp] [...98.137.3.114][.5334] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 280 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 275|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] detected: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...275] [ip4][..udp] [.224.127.98.214][19171] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 281 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 276|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] detected: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...276] [ip4][..udp] [157.120.252.123][37363] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 282 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 277|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] detected: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...277] [ip4][..udp] [.246.75.104.115][37519] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 283 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 278|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] detected: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...278] [ip4][..udp] [.236.155.96.147][47606] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 284 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 279|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 46] new: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] detected: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...279] [ip4][..udp] [..45.99.146.146][32910] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] detected: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] detected: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...281] [ip4][..udp] [134.180.144.149][36409] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...280] [ip4][..udp] [200.180.144.114][52790] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 287 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 282|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] new: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] detected: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...282] [ip4][..udp] [182.180.120.139][60621] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] detected: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...283] [ip4][..udp] [..45.99.146.146][60327] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 289 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 284|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] new: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] detected: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...284] [ip4][..udp] [200.180.144.114][56239] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 290 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 285|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] new: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] detected: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...285] [ip4][..udp] [.236.155.96.147][41408] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 291 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 286|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 47] new: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] detected: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...286] [ip4][..udp] [162.219.248.180][51156] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] detected: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 293 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 288|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 48] new: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] detected: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...287] [ip4][..udp] [.200.31.144.158][55455] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...288] [ip4][..udp] [.200.31.144.158][50780] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 294 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 289|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 48] new: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] detected: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...289] [ip4][..udp] [.200.31.144.158][56478] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] detected: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] detected: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...290] [ip4][..udp] [.200.31.144.158][48895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...291] [ip4][..udp] [.200.31.144.158][37856] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 298 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 292|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 49] new: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] detected: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...292] [ip4][..udp] [212.154.223.103][55839] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] detected: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...293] [ip4][..udp] [.75.137.134.242][59307] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 300 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 294|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 49] new: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] detected: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...294] [ip4][..udp] [.200.31.144.158][53742] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] detected: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] detected: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] detected: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...295] [ip4][..udp] [.200.31.144.158][33892] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] detected: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...296] [ip4][..udp] [.197.23.155.213][51534] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...298] [ip4][..udp] [.200.31.144.158][49681] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...297] [ip4][..udp] [.200.31.144.158][50776] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 305 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 299|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] detected: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...299] [ip4][..udp] [.200.31.144.158][36077] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 306 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 300|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] detected: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...300] [ip4][..udp] [.66.224.226.183][52476] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 307 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 301|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] detected: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...301] [ip4][..udp] [..91.33.106.218][59902] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 308 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 302|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] detected: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...302] [ip4][..udp] [..206.204.24.90][50356] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] detected: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...303] [ip4][..udp] [..76.45.103.228][55007] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 310 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 304|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] detected: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...304] [ip4][..udp] [218.118.131.113][.8622] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 311 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 305|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] detected: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...305] [ip4][..udp] [.189.229.250.75][50111] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 312 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 306|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] detected: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...306] [ip4][..udp] [165.128.253.116][21256] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] detected: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...307] [ip4][..udp] [..94.230.158.79][55750] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 314 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 308|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] detected: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...308] [ip4][..udp] [..35.252.69.113][37602] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 315 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 309|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] detected: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...309] [ip4][..udp] [152.255.170.124][46606] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 316 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 310|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] detected: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...310] [ip4][..udp] [..67.159.16.150][54818] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 317 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 311|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] detected: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...311] [ip4][..udp] [...93.26.159.17][57065] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 318 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 312|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] detected: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...312] [ip4][..udp] [.217.31.231.255][49891] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 319 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 313|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] detected: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...313] [ip4][..udp] [..67.159.16.150][12620] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] detected: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...314] [ip4][..udp] [.91.255.107.116][12480] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 321 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 315|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] detected: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...315] [ip4][..udp] [175.239.255.217][53820] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 322 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 316|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] detected: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...316] [ip4][..udp] [..67.159.16.150][53644] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 323 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 317|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 54] new: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] detected: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...317] [ip4][..udp] [..7.110.179.205][58317] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] detected: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 325 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 319|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] detected: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...319] [ip4][..udp] [.57.162.128.234][63808] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...318] [ip4][..udp] [201.237.135.210][37975] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 326 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 320|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] detected: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...320] [ip4][..udp] [..120.46.80.212][60012] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] detected: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...321] [ip4][..udp] [.57.162.128.234][48188] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 328 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 322|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] detected: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...322] [ip4][..udp] [.57.162.128.234][19665] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] detected: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2157,37 +1780,31 @@ detected: [...325] [ip4][..udp] [.247.93.183.197][.8213] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...323] [ip4][..udp] [201.237.135.210][.6545] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 331 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 325|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] detected: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...325] [ip4][..udp] [.247.93.183.197][.8213] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...324] [ip4][..udp] [.247.93.183.197][10997] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 332 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 326|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] detected: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...326] [ip4][..udp] [....37.97.4.125][16072] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 333 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 327|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] detected: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...327] [ip4][..udp] [.246.75.104.115][34761] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 334 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 328|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] detected: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...328] [ip4][..udp] [182.180.120.139][51620] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] detected: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2197,56 +1814,47 @@ detected: [...331] [ip4][..udp] [200.180.144.114][34997] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...329] [ip4][..udp] [..19.99.146.156][41843] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...330] [ip4][..udp] [.98.103.253.115][29266] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 337 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 331|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] detected: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...331] [ip4][..udp] [200.180.144.114][34997] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 338 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 332|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] detected: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...332] [ip4][..udp] [200.180.144.114][32881] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 339 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 333|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] detected: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...333] [ip4][..udp] [200.180.144.114][36679] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 340 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 334|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] detected: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...334] [ip4][..udp] [.19.156.188.155][50741] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] detected: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...335] [ip4][..udp] [134.180.144.149][52293] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 342 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 336|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] detected: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...336] [ip4][..udp] [200.180.144.114][57184] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 343 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 337|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 55] new: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] detected: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...337] [ip4][..udp] [..46.100.97.147][54751] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] detected: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2260,90 +1868,73 @@ detected: [...342] [ip4][..udp] [..199.17.16.175][58914] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 348 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 5 / 342|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] detected: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...342] [ip4][..udp] [..199.17.16.175][58914] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...341] [ip4][..udp] [..199.17.16.175][58914] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...339] [ip4][..udp] [..199.17.16.175][58914] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...338] [ip4][..udp] [..199.17.16.175][58914] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...340] [ip4][..udp] [..199.17.16.175][58914] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] detected: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...343] [ip4][..udp] [..198.215.2.104][55462] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 350 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 344|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] detected: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...344] [ip4][..udp] [.27.134.169.220][54219] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 351 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 345|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] detected: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...345] [ip4][..udp] [....80.16.56.40][49864] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 352 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 346|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] detected: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] [Service_Location_Protocol][Azure][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...346] [ip4][..udp] [206.240.152.225][52955] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 353 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 347|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] detected: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...347] [ip4][..udp] [.172.206.191.39][55684] -> [..165.144.84.62][..427] [Service_Location_Protocol][Azure][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 354 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 348|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] detected: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...348] [ip4][..udp] [..175.206.31.84][52553] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 355 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 349|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] detected: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...349] [ip4][..udp] [...80.51.127.74][54217] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 356 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 350|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] detected: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...350] [ip4][..udp] [...198.23.89.28][51231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] detected: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...351] [ip4][..udp] [...98.137.3.114][25821] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 358 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 352|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] detected: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...352] [ip4][..udp] [219.160.101.209][10322] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 359 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 353|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...354] [ip4][..udp] [..166.191.37.51][27637] -> [.165.114.202.61][..427] @@ -2353,26 +1944,21 @@ detected: [...355] [ip4][..udp] [...70.63.213.48][64393] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...353] [ip4][..udp] [161.231.128.245][50837] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 361 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 355|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 57] new: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] detected: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...355] [ip4][..udp] [...70.63.213.48][64393] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...354] [ip4][..udp] [..166.191.37.51][27637] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] detected: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...356] [ip4][..udp] [..89.198.219.40][13087] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] detected: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] detected: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2382,11 +1968,8 @@ detected: [...360] [ip4][..udp] [...94.70.203.49][.9065] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...358] [ip4][..udp] [.191.198.219.36][43241] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...359] [ip4][..udp] [..166.191.37.51][27637] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...357] [ip4][..udp] [..190.65.219.43][.9161] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] detected: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2394,143 +1977,118 @@ detected: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...360] [ip4][..udp] [...94.70.203.49][.9065] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] detected: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 369 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 363|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] detected: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...362] [ip4][..udp] [...166.65.42.37][37412] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...363] [ip4][..udp] [...185.211.4.13][55127] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...361] [ip4][..udp] [..166.191.37.51][27637] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 370 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 364|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] detected: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...364] [ip4][..udp] [.100.56.155.112][12751] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 371 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 365|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] detected: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...365] [ip4][..udp] [.227.199.90.122][44046] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 372 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 366|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] detected: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...366] [ip4][..udp] [200.180.144.114][47863] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 373 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 367|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] detected: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...367] [ip4][..udp] [..19.99.146.156][32952] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 374 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 368|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] detected: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...368] [ip4][..udp] [209.124.163.157][55599] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 375 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 369|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] detected: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...369] [ip4][..udp] [.227.134.81.212][54859] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] detected: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...370] [ip4][..udp] [.45.131.161.152][49844] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 377 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 371|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] detected: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...371] [ip4][..udp] [134.180.144.149][49951] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] detected: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...372] [ip4][..udp] [184.180.168.240][42561] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 379 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 373|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] detected: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...373] [ip4][..udp] [210.124.156.149][41895] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] detected: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...374] [ip4][..udp] [182.180.120.139][45313] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 381 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 375|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] detected: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...375] [ip4][..udp] [208.123.176.154][58457] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] detected: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...376] [ip4][..udp] [.27.134.169.220][38445] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 383 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 377|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] detected: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...377] [ip4][..udp] [239.100.141.153][47597] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 384 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 378|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] detected: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...378] [ip4][..udp] [157.121.130.117][.7470] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 385 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 379|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 60] new: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] detected: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...379] [ip4][..udp] [.36.231.109.217][49319] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] detected: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 387 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 381|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 61] new: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] detected: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...381] [ip4][..udp] [..99.199.77.211][45829] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...380] [ip4][..udp] [...209.44.167.7][53096] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] detected: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2538,7 +2096,6 @@ detected: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] detected: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2549,221 +2106,169 @@ detected: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] detected: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] detected: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] detected: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...382] [ip4][..udp] [.215.48.253.201][44733] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...383] [ip4][..udp] [.215.48.253.201][56846] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 396 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 7 / 390|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] detected: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...388] [ip4][..udp] [.215.48.253.201][44352] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...386] [ip4][..udp] [.215.48.253.201][39194] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...387] [ip4][..udp] [.215.48.253.201][46653] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...385] [ip4][..udp] [.215.48.253.201][42457] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...390] [ip4][..udp] [.215.48.253.201][49672] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...384] [ip4][..udp] [.215.48.253.201][50630] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...389] [ip4][..udp] [.215.48.253.201][53506] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] detected: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...391] [ip4][..udp] [..44.242.231.77][50261] -> [.186.112.202.53][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 398 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 392|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] detected: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...392] [ip4][..udp] [..37.234.100.32][56813] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 399 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 393|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] detected: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...393] [ip4][..udp] [.27.134.169.220][44054] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 400 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 394|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] detected: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...394] [ip4][..udp] [..67.159.16.150][46249] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] detected: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...395] [ip4][..udp] [.27.134.169.220][64251] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 402 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 396|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] detected: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...396] [ip4][..udp] [....88.71.42.58][15464] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] detected: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...397] [ip4][..udp] [..191.62.219.57][29227] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 404 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 398|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] detected: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...398] [ip4][..udp] [...190.71.42.54][47364] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] detected: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...399] [ip4][..udp] [..166.62.197.60][35606] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 406 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 400|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 78] new: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] detected: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...400] [ip4][..udp] [..191.62.219.57][18685] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] detected: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] detected: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...402] [ip4][..udp] [..184.199.42.59][42047] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...401] [ip4][..udp] [...88.70.212.56][65013] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 409 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 403|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] new: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] detected: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...403] [ip4][..udp] [..161.199.58.19][64864] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 410 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 404|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] new: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] detected: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...404] [ip4][..udp] [..161.62.218.52][37093] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 411 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 405|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] new: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] detected: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...405] [ip4][..udp] [.194.43.223.106][55142] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 412 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 406|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] new: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] detected: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...406] [ip4][..udp] [226.158.252.127][33255] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 413 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 407|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 79] new: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] detected: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...407] [ip4][..udp] [.200.31.144.158][36149] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] detected: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...408] [ip4][..udp] [.200.31.144.158][45294] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] detected: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 416 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 410|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 80] new: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] detected: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...409] [ip4][..udp] [.200.31.144.158][45056] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...410] [ip4][..udp] [.93.102.124.112][10968] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] detected: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...411] [ip4][..udp] [.200.31.144.158][54431] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] detected: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 419 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 413|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] detected: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...413] [ip4][..udp] [.200.31.144.158][51675] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...412] [ip4][..udp] [.200.31.144.158][59262] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] detected: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...414] [ip4][..udp] [.174.237.64.176][49218] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] detected: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2773,89 +2278,75 @@ detected: [...417] [ip4][..udp] [193.219.252.221][51650] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...416] [ip4][..udp] [.200.31.144.158][57245] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...415] [ip4][..udp] [.200.31.144.158][57345] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 423 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 417|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] detected: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...417] [ip4][..udp] [193.219.252.221][51650] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 424 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 418|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] detected: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...418] [ip4][..udp] [.200.31.144.158][41180] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 425 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 419|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] detected: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...419] [ip4][..udp] [.200.31.144.158][40785] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] detected: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...420] [ip4][..udp] [..174.18.32.224][53272] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 427 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 421|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] detected: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...421] [ip4][..udp] [237.132.176.136][59095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 428 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 422|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] detected: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...422] [ip4][..udp] [...37.36.31.210][53791] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 429 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 423|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] detected: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...423] [ip4][..udp] [.91.255.107.116][34976] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 430 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 424|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] detected: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...424] [ip4][..udp] [....47.51.0.222][53190] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] detected: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...425] [ip4][..udp] [.238.156.97.151][35769] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 432 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 426|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] detected: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...426] [ip4][..udp] [134.180.144.149][33745] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 433 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 427|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] detected: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...427] [ip4][..udp] [.246.75.104.115][37012] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 434 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 428|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] detected: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...428] [ip4][..udp] [.70.180.111.241][54319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] detected: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -2863,138 +2354,116 @@ detected: [...431] [ip4][..udp] [..227.7.178.223][16085] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...430] [ip4][..udp] [.246.75.104.115][46227] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...429] [ip4][..udp] [..19.99.146.156][59479] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 437 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 431|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] detected: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...431] [ip4][..udp] [..227.7.178.223][16085] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 438 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 432|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] detected: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...432] [ip4][..udp] [.246.75.104.115][37571] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 439 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 433|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] detected: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...433] [ip4][..udp] [.70.180.111.241][52184] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 440 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 434|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] detected: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...434] [ip4][..udp] [.246.75.104.115][40378] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 441 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 435|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] detected: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...435] [ip4][..udp] [.138.18.252.120][11561] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 442 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 436|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] detected: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...436] [ip4][..udp] [219.160.101.209][55022] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 443 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 437|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] detected: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...437] [ip4][..udp] [..66.228.166.55][51471] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 444 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 438|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] detected: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...438] [ip4][..udp] [172.237.152.209][53093] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 445 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 439|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] detected: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...439] [ip4][..udp] [...82.19.88.220][49990] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 446 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 440|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] detected: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...440] [ip4][..udp] [..167.7.154.125][.2538] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 447 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 441|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] detected: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...441] [ip4][..udp] [..206.204.24.90][54057] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 448 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 442|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] detected: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...442] [ip4][..udp] [..185.33.65.208][52802] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 449 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 443|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] detected: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...443] [ip4][..udp] [..35.252.69.113][28374] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 450 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 444|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 81] new: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] detected: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...444] [ip4][..udp] [.47.236.248.231][52985] -> [...90.141.37.56][..427] [Service_Location_Protocol][Alibaba][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] detected: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Mullvad][RPC][Acceptable] RISK: Unidirectional Traffic update: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] detected: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...445] [ip4][..udp] [.173.161.10.173][43924] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...446] [ip4][..udp] [185.213.154.138][52528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Mullvad][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 453 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 447|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] new: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] detected: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...447] [ip4][..udp] [..191.184.52.78][64609] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] detected: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...448] [ip4][..udp] [..167.65.212.80][.3597] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 455 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 449|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] new: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] detected: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...449] [ip4][..udp] [..185.62.196.74][50485] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] detected: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3002,304 +2471,251 @@ detected: [...452] [ip4][..udp] [....64.64.43.81][58560] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...451] [ip4][..udp] [....65.70.43.75][46615] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...450] [ip4][..udp] [..167.65.212.80][.8856] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 458 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 452|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 82] new: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] detected: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...452] [ip4][..udp] [....64.64.43.81][58560] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] detected: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 460 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 454|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 83] new: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] detected: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...454] [ip4][..udp] [..167.65.212.80][16286] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...453] [ip4][..udp] [....65.70.43.75][24868] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] detected: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 462 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 456|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 84] new: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] detected: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...455] [ip4][..udp] [.34.119.122.126][.2631] -> [..74.111.203.55][..427] [Service_Location_Protocol][Google][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...456] [ip4][..udp] [..211.50.152.79][55356] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] detected: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...457] [ip4][..udp] [.173.161.10.173][45539] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] detected: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] detected: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 466 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 460|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 87] new: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] detected: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...460] [ip4][..udp] [209.239.135.211][55124] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...458] [ip4][..udp] [...88.185.36.86][.4763] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...459] [ip4][..udp] [...94.64.218.76][16452] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 467 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 461|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 87] new: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] detected: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...461] [ip4][..udp] [226.128.122.118][58464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] detected: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 469 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 463|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] detected: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...463] [ip4][..udp] [.173.161.10.173][42304] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...462] [ip4][..udp] [.34.102.125.120][51324] -> [.165.114.202.61][..427] [Service_Location_Protocol][GoogleCloud][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 470 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 464|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] detected: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...464] [ip4][..udp] [.173.161.10.173][53096] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] detected: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...465] [ip4][..udp] [134.180.144.149][51824] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] detected: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...466] [ip4][..udp] [236.131.162.157][35531] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 473 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 467|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] detected: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...467] [ip4][..udp] [.45.131.161.152][57860] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 474 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 468|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] detected: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...468] [ip4][..udp] [.173.161.10.173][60345] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 475 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 469|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] detected: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...469] [ip4][..udp] [..16.99.147.146][60624] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] detected: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...470] [ip4][..udp] [182.180.120.139][50595] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 477 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 471|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] detected: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...471] [ip4][..udp] [..19.99.147.148][58452] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 478 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 472|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] detected: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...472] [ip4][..udp] [210.124.156.149][52931] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 479 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 473|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] detected: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...473] [ip4][..udp] [134.180.144.149][57887] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 480 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 474|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] detected: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...474] [ip4][..udp] [184.180.168.240][56968] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] detected: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...475] [ip4][..udp] [.16.131.191.144][57563] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 482 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 476|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] detected: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...476] [ip4][..udp] [.173.161.10.173][33195] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 483 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 477|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] detected: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...477] [ip4][..udp] [.173.161.10.173][48688] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 484 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 478|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] detected: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...478] [ip4][..udp] [..231.38.82.221][41269] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 485 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 479|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] detected: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...479] [ip4][..udp] [..35.252.69.113][14173] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 486 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 480|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] detected: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...480] [ip4][..udp] [.173.19.223.218][54527] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] detected: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...481] [ip4][..udp] [208.243.248.212][52104] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 488 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 482|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] detected: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...482] [ip4][..udp] [..39.59.139.121][18087] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 489 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 483|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] detected: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...483] [ip4][..udp] [.173.161.10.173][33095] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] detected: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...484] [ip4][..udp] [.173.161.10.173][42481] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 491 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 485|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] detected: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...485] [ip4][..udp] [..70.210.68.170][50121] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 492 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 486|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] detected: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...486] [ip4][..udp] [.227.199.90.122][51729] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] detected: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...487] [ip4][..udp] [161.231.128.245][56820] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 494 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 488|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] detected: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...488] [ip4][..udp] [.173.161.10.173][55131] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 495 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 489|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] detected: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...489] [ip4][..udp] [..99.199.77.211][14222] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 496 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 490|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] detected: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...490] [ip4][..udp] [...222.41.7.222][55970] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 497 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 491|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] detected: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...491] [ip4][..udp] [...89.28.95.249][56710] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] detected: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...492] [ip4][..udp] [..85.47.224.171][16312] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] detected: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...493] [ip4][..udp] [..85.47.224.171][46040] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 500 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 494|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] detected: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...494] [ip4][..udp] [..74.142.40.174][10528] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 501 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 495|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 88] new: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] detected: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...495] [ip4][..udp] [..85.174.88.154][20504] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] detected: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...496] [ip4][..udp] [170.238.168.143][62476] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] detected: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3307,105 +2723,86 @@ detected: [...499] [ip4][..udp] [.170.243.40.186][35528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 505 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 499|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] detected: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...498] [ip4][..udp] [..85.47.224.171][16312] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...497] [ip4][..udp] [..170.18.87.162][58469] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...499] [ip4][..udp] [.170.243.40.186][35528] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 506 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 500|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] detected: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...500] [ip4][..udp] [..74.239.16.156][46464] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 507 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 501|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] detected: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...501] [ip4][..udp] [...35.0.100.115][46588] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 508 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 502|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] detected: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...502] [ip4][..udp] [.227.134.81.212][17542] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 509 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 503|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] detected: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...503] [ip4][..udp] [...93.36.35.136][56600] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] detected: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...504] [ip4][..udp] [..76.50.135.245][51836] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 511 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 505|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] detected: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...505] [ip4][..udp] [..69.36.231.230][55374] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 512 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 506|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] detected: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...506] [ip4][..udp] [..122.122.167.9][43646] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 513 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 507|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 89] new: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] detected: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...507] [ip4][..udp] [.200.31.144.158][48498] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] detected: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 515 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 509|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 90] new: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] detected: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...509] [ip4][..udp] [.200.31.144.158][38264] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...508] [ip4][..udp] [.200.31.144.158][35848] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] detected: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 517 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 511|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 91] new: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] detected: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...510] [ip4][..udp] [.200.31.144.158][49404] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...511] [ip4][..udp] [239.131.160.152][40653] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] detected: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...512] [ip4][..udp] [.200.31.144.158][33216] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] detected: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3415,355 +2812,295 @@ detected: [...515] [ip4][..udp] [.246.75.104.115][50377] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...513] [ip4][..udp] [.200.31.144.158][42236] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...514] [ip4][..udp] [237.132.176.136][51278] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] detected: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...515] [ip4][..udp] [.246.75.104.115][50377] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] detected: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 523 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 517|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] new: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] detected: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...517] [ip4][..udp] [.200.31.144.158][48231] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...516] [ip4][..udp] [.70.180.111.241][51457] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] detected: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...518] [ip4][..udp] [.200.31.144.158][55658] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 525 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 519|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] new: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] detected: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...519] [ip4][..udp] [.70.180.111.241][58316] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 526 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 520|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 92] new: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] detected: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...520] [ip4][..udp] [.200.31.144.158][45270] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] detected: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...521] [ip4][..udp] [200.180.144.114][54554] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] detected: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 529 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 523|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] detected: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...522] [ip4][..udp] [208.123.176.154][56229] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...523] [ip4][..udp] [.246.75.104.115][57365] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 530 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 524|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] detected: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...524] [ip4][..udp] [.194.23.249.243][54741] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 531 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 525|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] detected: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...525] [ip4][..udp] [165.128.253.116][53358] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 532 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 526|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] detected: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...526] [ip4][..udp] [157.120.252.123][11982] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 533 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 527|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] detected: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...527] [ip4][..udp] [..79.210.95.146][54728] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 534 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 528|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] detected: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] [Service_Location_Protocol][Google][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...528] [ip4][..udp] [..185.31.153.50][50851] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 535 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 529|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] detected: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...529] [ip4][..udp] [.34.119.122.126][34795] -> [...90.141.37.56][..427] [Service_Location_Protocol][Google][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 536 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 530|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] detected: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...530] [ip4][..udp] [.253.112.232.91][40051] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] detected: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...531] [ip4][..udp] [.98.103.253.115][47719] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 538 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 532|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] detected: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...532] [ip4][..udp] [.228.255.84.119][61523] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] detected: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...533] [ip4][..udp] [.178.240.255.34][54964] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 540 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 534|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] detected: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...534] [ip4][..udp] [.89.236.122.100][51926] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 541 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 535|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] detected: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...535] [ip4][..udp] [154.129.123.124][35057] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] detected: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...536] [ip4][..udp] [..35.252.69.113][61013] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 543 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 537|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] detected: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...537] [ip4][..udp] [..94.210.194.31][53432] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] detected: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...538] [ip4][..udp] [..231.38.82.221][16953] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 545 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 539|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] detected: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...539] [ip4][..udp] [..88.31.110.219][39592] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 546 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 540|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 93] new: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] detected: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...540] [ip4][..udp] [231.223.121.213][.4034] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] detected: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] detected: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...542] [ip4][..udp] [..71.191.53.138][45513] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...541] [ip4][..udp] [...64.63.36.139][49841] -> [.165.114.202.61][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] detected: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...543] [ip4][..udp] [...64.63.52.142][14637] -> [..90.147.171.51][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 550 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 544|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 94] new: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] detected: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] detected: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...544] [ip4][..udp] [...64.63.36.139][49841] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] detected: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...545] [ip4][..udp] [..191.57.36.135][30888] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] detected: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...547] [ip4][..udp] [...64.63.52.142][45266] -> [...85.111.52.57][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...546] [ip4][..udp] [.184.193.58.134][21356] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 554 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 548|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] detected: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...548] [ip4][..udp] [.184.193.58.134][.6016] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 555 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 549|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] detected: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...549] [ip4][..udp] [.184.193.58.134][21356] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 556 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 550|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] detected: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...550] [ip4][..udp] [..51.242.192.58][51989] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 557 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 551|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] detected: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...551] [ip4][..udp] [.64.193.196.133][45764] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 558 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 552|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] detected: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...552] [ip4][..udp] [.185.29.253.207][55308] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 559 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 553|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] detected: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...553] [ip4][..udp] [...49.49.71.169][56940] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 560 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 554|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] detected: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...554] [ip4][..udp] [...198.23.89.28][55179] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 561 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 555|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] detected: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...555] [ip4][..udp] [..231.38.82.221][33154] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 563 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 556|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] detected: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...556] [ip4][..udp] [...43.95.195.22][50287] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 565 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 557|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] detected: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...557] [ip4][..udp] [..235.98.65.133][26337] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 566 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 558|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] detected: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...558] [ip4][..udp] [.159.60.180.118][39471] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 567 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 559|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] detected: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...559] [ip4][..udp] [.164.192.91.117][41275] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 568 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 560|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] detected: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...560] [ip4][..udp] [155.160.165.208][51124] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 569 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 561|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] detected: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...561] [ip4][..udp] [...35.0.100.115][65092] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 570 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 562|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] detected: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...562] [ip4][..udp] [231.223.121.213][15170] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 571 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 563|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] detected: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...563] [ip4][..udp] [...65.218.6.160][55146] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 572 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 564|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] detected: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...564] [ip4][..udp] [.93.102.124.112][64449] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 573 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 565|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] detected: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...565] [ip4][..udp] [..32.248.84.127][45264] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 574 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 566|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 97] new: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] detected: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...566] [ip4][..udp] [....69.24.27.60][56117] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] detected: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3771,9 +3108,7 @@ detected: [...569] [ip4][..udp] [...64.63.52.142][50624] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...568] [ip4][..udp] [...64.63.52.142][21065] -> [..90.111.212.50][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...567] [ip4][..udp] [..64.62.219.130][17454] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] detected: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3783,9 +3118,7 @@ detected: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...570] [ip4][..udp] [...9.160.170.26][53573] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...569] [ip4][..udp] [...64.63.52.142][50624] -> [..69.109.187.54][..427] [Service_Location_Protocol][Twitter][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] detected: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3793,86 +3126,70 @@ detected: [...573] [ip4][..udp] [.160.71.213.140][41896] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 581 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 3 / 573|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] new: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] detected: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...572] [ip4][..udp] [...80.51.127.74][51252] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...571] [ip4][..udp] [.64.193.196.133][51380] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...573] [ip4][..udp] [.160.71.213.140][41896] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] detected: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...574] [ip4][..udp] [..191.57.36.135][38472] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 583 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 575|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] new: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] detected: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...575] [ip4][..udp] [.65.193.203.129][63990] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 584 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 576|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] new: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] detected: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...576] [ip4][..udp] [..71.191.53.138][59582] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 585 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 577|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] new: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] detected: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...577] [ip4][..udp] [.160.71.213.140][32482] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 586 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 578|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 99] new: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] detected: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...578] [ip4][..udp] [.98.103.253.115][41415] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] detected: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...579] [ip4][..udp] [...33.216.90.56][56415] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] detected: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 589 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 581|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] detected: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...581] [ip4][..udp] [.210.12.216.151][55745] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...580] [ip4][..udp] [154.129.123.124][.6873] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 590 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 582|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] detected: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...582] [ip4][..udp] [..65.20.223.151][51977] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 591 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 583|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] detected: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...583] [ip4][..udp] [..88.31.110.219][54342] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] detected: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -3882,183 +3199,152 @@ detected: [...586] [ip4][..udp] [..227.7.178.223][63301] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...584] [ip4][..udp] [206.206.184.241][50350] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...585] [ip4][..udp] [..190.35.225.89][52867] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 594 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 586|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] detected: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...586] [ip4][..udp] [..227.7.178.223][63301] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 595 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 587|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] detected: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...587] [ip4][..udp] [.34.214.128.211][50699] -> [..74.111.203.55][..427] [Service_Location_Protocol][AmazonAWS][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 596 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 588|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] detected: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...588] [ip4][..udp] [..67.159.16.150][44047] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 597 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 589|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] detected: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...589] [ip4][..udp] [231.223.121.213][38016] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 598 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 590|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] detected: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...590] [ip4][..udp] [.218.225.124.29][52381] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] detected: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...591] [ip4][..udp] [.200.31.144.158][47273] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 600 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 592|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] detected: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...592] [ip4][..udp] [..49.45.160.215][52110] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 601 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 593|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] detected: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...593] [ip4][..udp] [.200.31.144.158][56053] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 602 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 594|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] detected: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...594] [ip4][..udp] [.200.31.144.158][44785] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] detected: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...595] [ip4][..udp] [.200.31.144.158][54403] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 604 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 596|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] detected: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...596] [ip4][..udp] [152.255.170.124][.5941] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 605 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 597|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] detected: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...597] [ip4][..udp] [.200.31.144.158][41849] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 606 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 598|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] detected: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...598] [ip4][..udp] [.200.31.144.158][55801] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 607 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 599|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] detected: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...599] [ip4][..udp] [.200.31.144.158][59938] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 608 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 600|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] detected: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...600] [ip4][..udp] [157.120.252.123][42800] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 609 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 601|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] detected: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...601] [ip4][..udp] [.155.185.93.215][16031] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 610 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 602|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] detected: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...602] [ip4][..udp] [....174.50.7.11][49286] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 611 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 603|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] detected: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...603] [ip4][..udp] [..89.214.56.129][54129] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 612 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 604|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 100] new: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] detected: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...604] [ip4][..udp] [.166.209.36.168][54765] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] detected: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...605] [ip4][..udp] [..70.191.37.189][53867] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] detected: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] detected: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic update: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic update: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] detected: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...608] [ip4][..udp] [.88.192.213.176][12807] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...606] [ip4][..udp] [..166.70.59.181][28945] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...607] [ip4][..udp] [.88.192.213.176][12807] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 617 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 609|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] detected: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...609] [ip4][..udp] [..95.185.37.180][56601] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 618 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 610|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] detected: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...610] [ip4][..udp] [..88.63.218.184][57760] -> [.186.112.202.53][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] detected: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...611] [ip4][..udp] [.95.190.219.185][65399] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] detected: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -4068,37 +3354,31 @@ detected: [...614] [ip4][..udp] [.93.102.124.112][43680] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...613] [ip4][..udp] [..64.56.203.178][58318] -> [..74.111.203.55][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...612] [ip4][..udp] [...71.64.36.183][43664] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 622 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 614|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] detected: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...614] [ip4][..udp] [.93.102.124.112][43680] -> [..69.109.187.54][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 623 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 615|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] detected: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...615] [ip4][..udp] [..185.27.37.156][54712] -> [..90.145.180.58][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 624 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 616|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] detected: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...616] [ip4][..udp] [186.213.158.225][53551] -> [..90.111.212.50][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 625 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 617|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 103] new: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] detected: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...617] [ip4][..udp] [..167.7.154.125][55642] -> [...90.141.37.56][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] detected: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic @@ -4108,14 +3388,10 @@ detected: [...620] [ip4][..udp] [....58.22.67.22][52092] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...618] [ip4][..udp] [.70.216.186.103][52251] -> [..90.147.171.51][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...619] [ip4][..udp] [..67.159.16.150][26319] -> [.165.114.202.61][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic new: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] detected: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] RISK: Unidirectional Traffic idle: [...620] [ip4][..udp] [....58.22.67.22][52092] -> [...85.111.52.57][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic idle: [...621] [ip4][..udp] [..217.39.155.99][51503] -> [..165.144.84.62][..427] [Service_Location_Protocol][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ssl-cert-name-mismatch.pcap.out b/test/results/flow-info/default/ssl-cert-name-mismatch.pcap.out index 0d536972c..869f0e2c6 100644 --- a/test/results/flow-info/default/ssl-cert-name-mismatch.pcap.out +++ b/test/results/flow-info/default/ssl-cert-name-mismatch.pcap.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..tcp] [..192.168.2.222][54772] -> [.104.154.89.105][..443] [TLS][GoogleCloud][Web][Safe][wrong.host.badssl.com] detection-update: [.....1] [ip4][..tcp] [..192.168.2.222][54772] -> [.104.154.89.105][..443] [TLS][GoogleCloud][Web][Safe][wrong.host.badssl.com] detection-update: [.....1] [ip4][..tcp] [..192.168.2.222][54772] -> [.104.154.89.105][..443] [TLS][GoogleCloud][Web][Safe][wrong.host.badssl.com] - end: [.....1] [ip4][..tcp] [..192.168.2.222][54772] -> [.104.154.89.105][..443] + end: [.....1] [ip4][..tcp] [..192.168.2.222][54772] -> [.104.154.89.105][..443] [TLS][GoogleCloud][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/starcraft_battle.pcap.out b/test/results/flow-info/default/starcraft_battle.pcap.out index 6d65bb66c..78cbcdfe2 100644 --- a/test/results/flow-info/default/starcraft_battle.pcap.out +++ b/test/results/flow-info/default/starcraft_battle.pcap.out @@ -4,6 +4,7 @@ new: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] [TLS][Github][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] [TLS][Github][Web][Safe] new: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] detected: [.....2] [ip4][..udp] [..192.168.1.100][58818] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][91.252.30.192.in-addr.arpa] RISK: Unidirectional Traffic @@ -64,6 +65,8 @@ new: [....16] [ip4][..tcp] [..192.168.1.100][.3512] -> [..12.129.222.54][...80] detected: [....16] [ip4][..tcp] [..192.168.1.100][.3512] -> [..12.129.222.54][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] RISK: HTTP Susp User-Agent + detection-update: [....16] [ip4][..tcp] [..192.168.1.100][.3512] -> [..12.129.222.54][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] + RISK: HTTP Susp User-Agent, HTTP Obsolete Server new: [....17] [ip4][..tcp] [..192.168.1.100][.3492] -> [...2.228.46.104][..443] [MIDSTREAM] new: [....18] [ip4][..tcp] [..192.168.1.100][.3489] -> [...2.228.46.104][..443] [MIDSTREAM] new: [....19] [ip4][..tcp] [..192.168.1.100][.3490] -> [...2.228.46.104][..443] [MIDSTREAM] @@ -172,8 +175,8 @@ idle: [....47] [ip4][..tcp] [..192.168.1.100][.3529] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] idle: [....48] [ip4][..tcp] [..192.168.1.100][.3530] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] idle: [....49] [ip4][..tcp] [..192.168.1.100][.3531] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] - idle: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] - idle: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] + idle: [....50] [ip4][..tcp] [..192.168.1.100][.3532] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] + idle: [....51] [ip4][..tcp] [..192.168.1.100][.3533] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable] guessed: [....52] [ip4][..tcp] [..192.168.1.100][.3534] -> [...2.228.46.112][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....52] [ip4][..tcp] [..192.168.1.100][.3534] -> [...2.228.46.112][...80] @@ -188,7 +191,7 @@ end: [....17] [ip4][..tcp] [..192.168.1.100][.3492] -> [...2.228.46.104][..443] [TLS][Unknown][Web][Safe] idle: [....14] [ip4][..udp] [..192.168.1.100][60026] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] RISK: Susp DGA Domain name, Risky Domain Name - idle: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] + idle: [.....1] [ip4][..tcp] [..192.30.252.91][..443] -> [..192.168.1.100][.3213] [TLS][Github][Web][Safe] guessed: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] [Starcraft][Unknown][Game][Fun] idle: [....37] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.166][.1119] guessed: [....36] [ip4][..udp] [..192.168.1.100][.6113] -> [213.248.127.212][.1119] [Starcraft][Unknown][Game][Fun] diff --git a/test/results/flow-info/default/steam.pcap.out b/test/results/flow-info/default/steam.pcap.out index 6062f97f6..007e24c44 100644 --- a/test/results/flow-info/default/steam.pcap.out +++ b/test/results/flow-info/default/steam.pcap.out @@ -172,129 +172,71 @@ detected: [....56] [ip4][..udp] [...118.105.60.5][14963] -> [....2.95.26.169][27036] [Steam][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.7][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.8][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.5][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.6][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.6][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....29] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.5][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.7][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.8][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.7][27019] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.5][27019] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.6][27019] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [192.168.188.149][45665] -> [...81.171.115.8][27019] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.171][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....15] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.172][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.170][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....54] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.171][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.170][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [192.168.188.149][45665] -> [..69.28.145.172][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....55] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.176][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....43] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.185][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....38] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.187][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.175][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.174][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.188][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....50] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.188][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....48] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.175][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.176][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....34] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.174][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.185][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [192.168.188.149][45665] -> [..72.165.61.187][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [192.168.188.149][45665] -> [...203.77.185.5][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....18] [ip4][..udp] [192.168.188.149][45665] -> [...203.77.185.4][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [192.168.188.149][45665] -> [...68.142.91.35][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [192.168.188.149][45665] -> [.68.142.116.178][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [192.168.188.149][45665] -> [.68.142.116.179][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....17] [ip4][..udp] [192.168.188.149][45665] -> [...68.142.91.34][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [192.168.188.149][45665] -> [...68.142.91.36][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.133.85][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....35] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.133.84][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.171.82][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.171.83][27017] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.133.84][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [192.168.188.149][45665] -> [.208.111.133.85][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.15][27017] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.14][27017] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....36] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.12][27017] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.13][27017] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.14][27018] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....32] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.15][27018] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.12][27018] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.13][27018] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....33] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.15][27019] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....45] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.13][27019] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.14][27019] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [192.168.188.149][45665] -> [..146.66.152.12][27019] [Steam][Steam][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 56|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....57] [ip4][..udp] [245.111.219.147][27380] -> [104.191.198.151][27036] detected: [....57] [ip4][..udp] [245.111.219.147][27380] -> [104.191.198.151][27036] [Steam][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....56] [ip4][..udp] [...118.105.60.5][14963] -> [....2.95.26.169][27036] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 106 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 57|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [....58] [ip4][..udp] [...98.10.157.76][10595] -> [164.144.140.184][27036] detected: [....58] [ip4][..udp] [...98.10.157.76][10595] -> [164.144.140.184][27036] [Steam][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....57] [ip4][..udp] [245.111.219.147][27380] -> [104.191.198.151][27036] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....58] [ip4][..udp] [...98.10.157.76][10595] -> [164.144.140.184][27036] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/steam_datagram_relay_ping.pcapng.out b/test/results/flow-info/default/steam_datagram_relay_ping.pcapng.out index 5892974c7..9735ad5fe 100644 --- a/test/results/flow-info/default/steam_datagram_relay_ping.pcapng.out +++ b/test/results/flow-info/default/steam_datagram_relay_ping.pcapng.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [..192.168.2.100][52157] -> [..139.45.193.10][27018] [Steam][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][52157] -> [..139.45.193.10][27018] [Steam][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun.pcap.out b/test/results/flow-info/default/stun.pcap.out index 0de2b76b4..5060a0975 100644 --- a/test/results/flow-info/default/stun.pcap.out +++ b/test/results/flow-info/default/stun.pcap.out @@ -8,6 +8,7 @@ new: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] detected: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic + detection-update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable][] end: [.....1] [ip4][..tcp] [...10.77.110.51][41588] -> [..10.206.50.239][42000] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] @@ -23,7 +24,7 @@ [ENTROPIES...: 5.4,5.5,5.4,5.5,5.5,5.5,5.5,5.5,5.5,5.6,5.5,5.6,5.4,5.6,5.5,5.6,5.4,5.5,5.5,5.5,5.4,5.6,5.4,5.5,5.5,5.6,5.5,5.6,5.5,5.5,5.4,5.5] update: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 57 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] new: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] detected: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN][Facebook][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -41,14 +42,14 @@ [ENTROPIES...: 4.9,5.6,5.9,5.8,5.9,6.0,5.6,5.8,5.5,5.6,5.9,6.0,6.0,5.9,5.8,5.5,6.0,5.9,6.0,5.9,5.9,6.0,5.8,6.0,5.9,6.0,5.9,5.9,5.8,5.6,6.1,6.0] idle: [.....2] [ip6][..udp] [3516:bf0b:fc53:75e7:70af:f67f:8e49:f603][56880] -> [....2a38:e156:8167:a333:face:b00c::24d9][.3478] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 132 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 3|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 3] new: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] detected: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][] detection-update: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable][apps-host.com] idle: [.....3] [ip4][..udp] [.192.168.12.169][38123] -> [....31.13.86.54][40003] [STUN.FacebookVoip][Facebook][VoIP][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: [Processed: 152 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 3] + DAEMON-EVENT: [Flows][active: 1 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 3] new: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] detected: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable][] RISK: Unidirectional Traffic @@ -63,6 +64,5 @@ [PKTLENS.....: 136,120,181,140,1226,574,120,109,598,109,140,145,161,120,141,93,97,93,113,62,93,140,120,62,110,140,120,94,94,95,95,95] [ENTROPIES...: 5.9,5.9,5.0,5.9,7.3,6.7,5.8,5.7,7.4,5.7,6.0,6.2,6.4,5.9,6.1,5.4,5.4,5.6,5.9,5.3,5.2,5.9,5.8,5.2,6.1,5.9,6.0,6.1,6.0,5.9,6.1,5.9] idle: [.....5] [ip4][..udp] [.192.168.12.169][49153] -> [..142.250.82.99][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..tcp] [...87.47.100.17][.3478] -> [....54.1.57.155][37257] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_classic.pcap.out b/test/results/flow-info/default/stun_classic.pcap.out index 8bf7926a9..0cc136d14 100644 --- a/test/results/flow-info/default/stun_classic.pcap.out +++ b/test/results/flow-info/default/stun_classic.pcap.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [..172.16.63.224][55050] -> [...172.16.63.21][13958] detected: [.....1] [ip4][..udp] [..172.16.63.224][55050] -> [...172.16.63.21][13958] [STUN][Unknown][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [..172.16.63.224][55050] -> [...172.16.63.21][13958] [STUN][Unknown][Network][Acceptable][] + RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..udp] [..172.16.63.224][55050] -> [...172.16.63.21][13958] [STUN.RTP][Unknown][Network][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_google_meet.pcapng.out b/test/results/flow-info/default/stun_google_meet.pcapng.out index 7e0434b56..a0abe29fd 100644 --- a/test/results/flow-info/default/stun_google_meet.pcapng.out +++ b/test/results/flow-info/default/stun_google_meet.pcapng.out @@ -7,6 +7,10 @@ new: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] detected: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN][Google][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN][Google][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN][Google][Network][Acceptable][] + RISK: Known Proto on Non Std Port new: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] detected: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -54,15 +58,13 @@ [PKTLENS.....: 152,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92,144,92] [ENTROPIES...: 6.0,5.6,6.1,5.6,6.0,5.5,6.0,5.6,6.1,5.7,5.9,5.8,6.1,5.6,6.0,5.6,6.1,5.6,6.0,5.6,6.0,5.6,6.0,5.6,6.1,5.6,6.0,5.7,6.0,5.7,6.0,5.7] idle: [.....4] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][19305] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....6] [ip4][..udp] [.192.168.12.156][45400] -> [..142.250.82.76][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.192.168.12.156][45400] -> [.74.125.128.127][19302] [STUN.GoogleHangoutDuo][Google][Network][Acceptable] RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][19305] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....5] [ip4][..udp] [.192.168.12.156][38152] -> [..142.250.82.76][.3478] [STUN.GoogleHangoutDuo][Google][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.192.168.12.156][38152] -> [.74.125.128.127][19302] [STUN.GoogleHangoutDuo][Google][Network][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_msteams_unidir.pcapng.out b/test/results/flow-info/default/stun_msteams_unidir.pcapng.out index 1cff431c9..40776fbdc 100644 --- a/test/results/flow-info/default/stun_msteams_unidir.pcapng.out +++ b/test/results/flow-info/default/stun_msteams_unidir.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..udp] [..52.115.136.55][.3479] -> [.......10.0.0.1][50006] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....1] [ip4][..udp] [..52.115.136.55][.3479] -> [.......10.0.0.1][50006] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_signal.pcapng.out b/test/results/flow-info/default/stun_signal.pcapng.out index 6fa1870b2..066827658 100644 --- a/test/results/flow-info/default/stun_signal.pcapng.out +++ b/test/results/flow-info/default/stun_signal.pcapng.out @@ -22,6 +22,8 @@ new: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] detected: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN][AmazonAWS][Network][Acceptable][] + detection-update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN][AmazonAWS][Network][Acceptable][] detection-update: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable][signal.org] detection-update: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][Network][Acceptable][] detection-update: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable][] @@ -53,6 +55,8 @@ new: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] detected: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable][] + RISK: Known Proto on Non Std Port analyse: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.679| 0.149| 0.201| 40331.911| 3.900] @@ -64,7 +68,6 @@ [PKTLENS.....: 124,92,124,92,132,132,92,124,92,92,124,92,84,56,84,56,124,92,84,84,124,92,56,84,56,56,56,124,92,84,56,84] [ENTROPIES...: 5.8,5.8,5.9,5.8,5.7,5.6,5.9,5.9,5.8,5.8,5.9,5.8,5.7,5.1,5.8,5.3,5.9,5.8,5.8,5.7,5.9,5.8,5.1,5.8,5.2,5.2,5.1,5.8,5.8,5.6,5.1,5.8] update: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic analyse: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 17.079| 1.597| 3.547| 12584568.750| 2.800] @@ -123,33 +126,28 @@ [PKTLENS.....: 124,92,124,92,132,132,92,124,92,92,124,92,84,56,84,56,124,92,124,92,84,84,56,56,56,84,124,84,56,92,124,92] [ENTROPIES...: 5.9,5.8,5.9,5.7,5.9,5.8,5.8,6.0,5.8,5.8,5.9,5.8,5.8,5.2,5.7,5.1,5.8,5.8,5.9,5.7,5.7,5.9,5.2,5.1,5.1,5.8,5.9,5.8,5.1,5.8,5.8,5.8] update: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] RISK: Known Proto on Non Std Port update: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....22] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][54054] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....10] [ip4][..udp] [.192.168.12.169][43068] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....2] [ip4][..udp] [.192.168.12.169][47204] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....14] [ip4][..udp] [.192.168.12.169][43068] -> [.18.195.131.143][61156] [STUN][AmazonAWS][Network][Acceptable] @@ -157,29 +155,25 @@ idle: [.....6] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....17] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....1] [ip4][..udp] [.192.168.12.169][39518] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][Network][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [....15] [ip4][..udp] [.192.168.12.169][47767] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [.192.168.12.169][39950] -> [.35.158.183.167][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....8] [ip4][..udp] [.192.168.12.169][43068] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.192.168.12.169][47204] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][Network][Acceptable] idle: [....18] [ip4][..udp] [.192.168.12.169][37970] -> [.35.158.122.211][..443] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....11] [ip4][..udp] [.192.168.12.169][39950] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....16] [ip4][..udp] [.192.168.12.169][37970] -> [172.253.121.127][19302] [STUN.SignalVoip][Google][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....23] [ip4][..udp] [.192.168.12.169][47767] -> [.18.195.131.143][61498] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....21] [ip4][.icmp] [.35.158.122.211] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][.icmp] [.35.158.183.167] -> [.192.168.12.169] [ICMP][AmazonAWS][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.192.168.12.169][39518] -> [.35.158.183.167][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] idle: [....19] [ip4][..udp] [.192.168.12.169][47767] -> [.35.158.122.211][.3478] [STUN.SignalVoip][AmazonAWS][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out b/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out index bff999994..aeffac795 100644 --- a/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out +++ b/test/results/flow-info/default/stun_tcp_multiple_msgs_same_pkt.pcap.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] detected: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] [STUN][Unknown][Network][Acceptable][] - end: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] + end: [.....1] [ip4][..tcp] [166.172.142.131][.3479] -> [..23.183.197.71][42849] [STUN][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_wa_call.pcapng.out b/test/results/flow-info/default/stun_wa_call.pcapng.out index 817f5d950..f4cde44f1 100644 --- a/test/results/flow-info/default/stun_wa_call.pcapng.out +++ b/test/results/flow-info/default/stun_wa_call.pcapng.out @@ -61,39 +61,23 @@ detected: [....13] [ip4][.icmp] [..93.63.100.129] -> [.192.168.12.156] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][.icmp] [..93.63.100.129] -> [.192.168.12.156] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.192.168.12.156][49526] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [.192.168.12.156][49526] -> [...10.82.40.241][40436] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....12] [ip4][..udp] [.192.168.12.156][49526] -> [...93.33.118.87][41107] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....9] [ip4][..udp] [.192.168.12.156][49526] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [.192.168.12.156][49526] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.231.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.195.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.192.168.12.156][46652] -> [..157.240.21.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.192.168.12.156][46652] -> [.157.240.203.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.192.168.12.156][46652] -> [..93.57.123.227][.3478] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/stun_zoom.pcapng.out b/test/results/flow-info/default/stun_zoom.pcapng.out index 47ab35d5a..f7e772742 100644 --- a/test/results/flow-info/default/stun_zoom.pcapng.out +++ b/test/results/flow-info/default/stun_zoom.pcapng.out @@ -4,6 +4,8 @@ new: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] detected: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS][Zoom][Safe] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn new: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] @@ -13,6 +15,8 @@ RISK: Known Proto on Non Std Port, Missing SNI TLS Extn detection-update: [.....1] [ip4][..udp] [.192.168.43.169][48854] -> [.134.224.90.111][.8801] [DTLS.Zoom][Zoom][Video][Acceptable] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn + detection-update: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable][] + RISK: Known Proto on Non Std Port analyse: [.....2] [ip4][..udp] [.192.168.43.169][53065] -> [.134.224.90.111][.8801] [STUN][Zoom][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.194| 0.048| 0.051| 2615.352| 4.100] diff --git a/test/results/flow-info/default/tailscale.pcap.out b/test/results/flow-info/default/tailscale.pcap.out index 485236e68..a4c184fe9 100644 --- a/test/results/flow-info/default/tailscale.pcap.out +++ b/test/results/flow-info/default/tailscale.pcap.out @@ -15,5 +15,4 @@ [PKTLENS.....: 120,120,138,156,156,156,156,120,138,156,120,138,156,120,138,120,138,120,156,138,156,156,120,138,120,156,156,138,156,156,156,120] [ENTROPIES...: 6.3,6.3,6.6,6.3,6.3,6.4,6.3,6.4,6.6,6.4,6.5,6.5,6.4,6.3,6.5,6.3,6.6,6.5,6.5,6.6,6.4,6.4,6.4,6.5,6.5,6.6,6.5,6.5,6.4,6.5,6.3,6.3] idle: [.....1] [ip4][..udp] [...192.168.88.3][41641] -> [..18.196.71.179][41641] [Tailscale][AmazonAWS][VPN][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/targusdataspeed_false_positives.pcap.out b/test/results/flow-info/default/targusdataspeed_false_positives.pcap.out index 510394e34..17eabd574 100644 --- a/test/results/flow-info/default/targusdataspeed_false_positives.pcap.out +++ b/test/results/flow-info/default/targusdataspeed_false_positives.pcap.out @@ -2,9 +2,15 @@ new: [.....1] [ip4][..udp] [......10.0.2.15][23994] -> [..79.164.55.123][.5001] detected: [.....1] [ip4][..udp] [......10.0.2.15][23994] -> [..79.164.55.123][.5001] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [.....1] [ip4][..udp] [......10.0.2.15][23994] -> [..79.164.55.123][.5001] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port new: [.....2] [ip4][..udp] [......10.0.2.15][23994] -> [...89.64.45.227][.5201] detected: [.....2] [ip4][..udp] [......10.0.2.15][23994] -> [...89.64.45.227][.5201] [BitTorrent][Unknown][Download][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [.....2] [ip4][..udp] [......10.0.2.15][23994] -> [...89.64.45.227][.5201] - idle: [.....1] [ip4][..udp] [......10.0.2.15][23994] -> [..79.164.55.123][.5001] + detection-update: [.....2] [ip4][..udp] [......10.0.2.15][23994] -> [...89.64.45.227][.5201] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port + idle: [.....2] [ip4][..udp] [......10.0.2.15][23994] -> [...89.64.45.227][.5201] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port + idle: [.....1] [ip4][..udp] [......10.0.2.15][23994] -> [..79.164.55.123][.5001] [BitTorrent][Unknown][Download][Acceptable] + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/teams.pcap.out b/test/results/flow-info/default/teams.pcap.out index 38d1d16df..97785a9f8 100644 --- a/test/results/flow-info/default/teams.pcap.out +++ b/test/results/flow-info/default/teams.pcap.out @@ -20,7 +20,7 @@ detection-update: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][teams.microsoft.com] detected: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe][mobile.pipe.aria.microsoft.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] + analyse: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.030| 0.006| 0.009| 77.930| 3.700] [PKTLEN......: 40.000| 1492.000| 393.900| 548.100| 300365.600| 3.900] @@ -37,7 +37,7 @@ new: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] detected: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Azure][Collaborative][Acceptable][login.microsoftonline.com] detection-update: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Azure][Collaborative][Acceptable][login.microsoftonline.com] - analyse: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] + analyse: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.221| 0.032| 0.054| 2931.592| 3.400] [PKTLEN......: 52.000| 1492.000| 907.900| 687.500| 472618.500| 4.400] @@ -89,6 +89,7 @@ new: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [MIDSTREAM] detected: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] ERROR-EVENT: Unknown packet type [13/16] new: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53] detected: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53] [DNS.Apple][Unknown][Network][Safe][captive.apple.com.edgekey.net] @@ -144,9 +145,10 @@ new: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [MIDSTREAM] detected: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [TLS][Dropbox][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [TLS][Dropbox][Web][Safe] detected: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Azure][Collaborative][Safe][presence.teams.microsoft.com] detection-update: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Azure][Collaborative][Safe][presence.teams.microsoft.com] - analyse: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] + analyse: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.153| 0.028| 0.040| 1626.047| 3.600] [PKTLEN......: 52.000| 1492.000| 819.700| 699.200| 488828.900| 4.300] @@ -201,7 +203,7 @@ new: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] detected: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Outlook][Collaborative][Acceptable][substrate.office.com] detection-update: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Outlook][Collaborative][Acceptable][substrate.office.com] - analyse: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] + analyse: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.010| 0.146| 0.490| 239614.050| 1.700] [PKTLEN......: 40.000| 1492.000| 305.200| 468.100| 219152.800| 3.800] @@ -212,7 +214,7 @@ [PKTLENS.....: 64,52,40,257,46,1492,1492,40,1492,40,1492,181,40,198,46,366,109,40,40,133,78,561,46,78,40,46,46,440,40,342,46,345] [ENTROPIES...: 4.4,5.0,4.6,5.5,4.5,7.3,7.5,4.6,7.5,4.6,7.7,6.8,4.7,6.5,4.5,7.2,6.0,4.6,4.6,6.2,5.2,7.6,4.4,5.4,4.6,4.5,4.5,7.5,4.7,7.2,4.5,7.3] detection-update: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe][config.teams.microsoft.com] - analyse: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] + analyse: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Outlook][Collaborative][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.540| 0.024| 0.095| 8949.939| 1.900] [PKTLEN......: 40.000| 1492.000| 331.500| 473.500| 224192.200| 3.900] @@ -271,7 +273,7 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443] [TLS.Teams][Azure][Collaborative][Safe][trouter2-asse-a.trouter.teams.microsoft.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] + analyse: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.154| 0.015| 0.036| 1274.324| 2.800] [PKTLEN......: 40.000| 1492.000| 585.700| 671.400| 450756.000| 4.000] @@ -334,7 +336,7 @@ RISK: Unidirectional Traffic detection-update: [....54] [ip4][..udp] [....192.168.1.6][62735] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][euno-1.api.microsoftstream.com] new: [....55] [ip4][..tcp] [....192.168.1.6][60563] -> [.52.169.186.119][..443] - analyse: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] + analyse: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.162| 0.032| 0.044| 1964.919| 3.600] [PKTLEN......: 52.000| 1492.000| 736.700| 694.000| 481656.100| 4.200] @@ -483,26 +485,28 @@ [IATS(ms)....: 24.8,0.2,101.3,1168.2,1167.0,967.1,50.8,1119.2,0.0,0.0,51.0,80.3,2.0,2.7,3.7,0.0,0.0,0.0,10.7,24.2,9.3,21.5,4.5,19.9,25.3,9.2,24.4,24.6,9.5,26.0,24.3] [PKTLENS.....: 140,116,140,116,144,116,138,136,66,1242,1242,136,101,66,1242,1242,70,194,126,94,96,103,108,110,102,98,112,106,103,101,102,102] [ENTROPIES...: 5.4,5.4,5.6,5.5,5.5,5.5,6.4,5.5,5.3,7.8,7.8,5.4,6.1,5.3,7.8,7.8,5.4,6.9,6.4,5.9,6.0,6.1,5.4,6.3,6.1,6.0,6.3,6.0,6.1,6.2,6.1,6.2] - idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] + idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Azure][Collaborative][Safe] + RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS end: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS (probably) Not Carrying HTTPS end: [....67] [ip4][..tcp] [....192.168.1.6][50021] -> [.52.114.250.123][..443] [TLS.Teams][Azure][Collaborative][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - end: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443] + end: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443] [TLS.Teams][Azure][Collaborative][Safe] + RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS idle: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] - idle: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] + idle: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] idle: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] idle: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] RISK: TLS (probably) Not Carrying HTTPS - idle: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443] + idle: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443] [TLS.Teams][Skype_Teams][Collaborative][Safe] + RISK: TLS (probably) Not Carrying HTTPS idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....55] [ip4][..tcp] [....192.168.1.6][60563] -> [.52.169.186.119][..443] [TLS.Skype_Teams][Azure][VoIP][Acceptable] idle: [....17] [ip4][..udp] [....192.168.1.6][63106] -> [....192.168.1.1][...53] [DNS.Teams][Unknown][Network][Safe] idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....38] [ip4][..udp] [....192.168.1.6][65230] -> [....192.168.1.1][...53] [DNS.Teams][Unknown][Network][Safe] idle: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....36] [ip4][..udp] [....192.168.1.6][61245] -> [....192.168.1.1][...53] [DNS.Teams][Unknown][Network][Safe] @@ -512,21 +516,26 @@ RISK: TLS (probably) Not Carrying HTTPS end: [.....7] [ip4][..tcp] [....192.168.1.6][60535] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] RISK: TLS (probably) Not Carrying HTTPS - end: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443] + end: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS (probably) Not Carrying HTTPS idle: [....18] [ip4][..tcp] [....192.168.1.6][60538] -> [...52.114.75.70][..443] [TLS.Teams][Azure][Collaborative][Safe] idle: [....19] [ip4][..tcp] [....192.168.1.6][60539] -> [...52.114.75.69][..443] [TLS.Skype_Teams][Azure][VoIP][Acceptable] idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] idle: [....20] [ip4][..tcp] [....192.168.1.6][60540] -> [...52.114.75.70][..443] [TLS.Teams][Azure][Collaborative][Safe] - idle: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443] + idle: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443] [TLS.Skype_Teams][Azure][VoIP][Acceptable] end: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443] [TLS.Teams][Azure][Collaborative][Safe] idle: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Azure][Collaborative][Safe] idle: [....32] [ip4][..tcp] [....192.168.1.6][60547] -> [...52.114.88.59][..443] [TLS.Teams][Azure][Collaborative][Safe] - end: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443] - idle: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443] - end: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443] - idle: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443] + end: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443] [TLS.Teams][Azure][Collaborative][Safe] + RISK: TLS (probably) Not Carrying HTTPS + end: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS (probably) Not Carrying HTTPS end: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] RISK: TLS (probably) Not Carrying HTTPS end: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Azure][Cloud][Safe] @@ -555,37 +564,31 @@ idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS.Teams][Unknown][Network][Safe] idle: [....78] [ip4][..udp] [..93.71.110.205][16332] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....37] [ip4][..udp] [....192.168.1.6][53678] -> [....192.168.1.1][...53] [DNS.Teams][Unknown][Network][Safe] idle: [....56] [ip4][..udp] [....192.168.1.6][63930] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] idle: [....65] [ip4][..udp] [....192.168.1.6][55765] -> [....192.168.1.1][...53] [DNS.Azure][Unknown][Network][Acceptable] idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] - idle: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] + idle: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [TLS][Dropbox][Web][Safe] idle: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe] RISK: Error Code idle: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....63] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.123][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....81] [ip4][..udp] [...52.114.252.8][.3479] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....69] [ip4][..udp] [....192.168.1.6][50017] -> [.52.114.250.141][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....66] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.123][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....71] [ip4][..udp] [....192.168.1.6][50037] -> [.52.114.250.137][.3478] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][Azure][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....52] [ip4][..udp] [....192.168.1.6][54069] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] end: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Azure][Collaborative][Acceptable] end: [....46] [ip4][..tcp] [....192.168.1.6][60556] -> [.....40.126.9.7][..443] [TLS.Microsoft365][Azure][Collaborative][Acceptable] - end: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443] - end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] + end: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443] [TLS.Microsoft365][Azure][Collaborative][Acceptable] + end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Unknown][Web][Safe] idle: [....41] [ip4][..udp] [....192.168.1.6][58457] -> [....192.168.1.1][...53] [DNS.Microsoft365][Unknown][Network][Acceptable] idle: [....57] [ip4][..tcp] [....192.168.1.6][60564] -> [...40.79.138.41][..443] [TLS.Skype_Teams][Azure][VoIP][Acceptable] idle: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Skype_Teams][Azure][VoIP][Acceptable] diff --git a/test/results/flow-info/default/teamspeak3.pcap.out b/test/results/flow-info/default/teamspeak3.pcap.out index ae7f0a0b3..c679808eb 100644 --- a/test/results/flow-info/default/teamspeak3.pcap.out +++ b/test/results/flow-info/default/teamspeak3.pcap.out @@ -9,7 +9,6 @@ new: [.....2] [ip4][..udp] [...193.31.25.70][.2011] -> [...51.68.181.92][.2010] detected: [.....2] [ip4][..udp] [...193.31.25.70][.2011] -> [...51.68.181.92][.2010] [TeamSpeak][Unknown][VoIP][Fun] idle: [.....1] [ip4][..udp] [.......10.0.0.1][53187] -> [.......10.0.0.2][.9987] [TeamSpeak][Unknown][VoIP][Fun] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [...193.31.25.70][.2011] -> [...51.68.181.92][.2010] [TeamSpeak][Unknown][VoIP][Fun] DAEMON-EVENT: [Processed: 21 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1] diff --git a/test/results/flow-info/default/telegram.pcap.out b/test/results/flow-info/default/telegram.pcap.out index 17aa1429c..f3b331bf4 100644 --- a/test/results/flow-info/default/telegram.pcap.out +++ b/test/results/flow-info/default/telegram.pcap.out @@ -193,7 +193,6 @@ update: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] update: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] @@ -216,20 +215,14 @@ idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable] RISK: Minor Issues - idle: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] + idle: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] @@ -238,12 +231,10 @@ RISK: Unsafe Protocol idle: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] - idle: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] + idle: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] not-detected: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] [Unknown][Unknown][Unrated] RISK: Unidirectional Traffic @@ -252,26 +243,19 @@ idle: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] idle: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [OpenVPN][Unknown][VPN][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe] idle: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] [Telegram][Telegram][Chat][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe] - idle: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] + idle: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Unknown][Network][Acceptable] idle: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe] @@ -279,6 +263,5 @@ not-detected: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unrated] idle: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] idle: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/telegram_videocall.pcapng.out b/test/results/flow-info/default/telegram_videocall.pcapng.out index 5298fef61..27e76fb33 100644 --- a/test/results/flow-info/default/telegram_videocall.pcapng.out +++ b/test/results/flow-info/default/telegram_videocall.pcapng.out @@ -53,6 +53,10 @@ new: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] detected: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic + detection-update: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port new: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] detected: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN][Telegram][Network][Acceptable][] RISK: Known Proto on Non Std Port, Unidirectional Traffic @@ -75,6 +79,14 @@ RISK: Known Proto on Non Std Port detection-update: [....18] [ip4][..udp] [.192.168.12.169][40643] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port + detection-update: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port + detection-update: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN][Telegram][Network][Acceptable][] + RISK: Known Proto on Non Std Port detection-update: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] RISK: Known Proto on Non Std Port detection-update: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable][telegram.org] @@ -158,14 +170,17 @@ RISK: Known Proto on Non Std Port idle: [....28] [ip6][icmp6] [...............fe80::abe:acff:fe0b:176e] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - idle: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] - idle: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] - idle: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] + idle: [....14] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....13] [ip4][..udp] [.192.168.12.169][40906] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....12] [ip4][..udp] [.192.168.12.169][40906] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port idle: [....24] [ip4][..udp] [.192.168.12.169][42405] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + RISK: Known Proto on Non Std Port + idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....1] [ip6][icmp6] [..............fe80::98df:58ff:fefa:ebdc] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - idle: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] + idle: [....29] [ip6][..udp] [...............fe80::abe:acff:fe0b:176e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] guessed: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] [TLS][Telegram][Web][Safe] RISK: Fully encrypted flow end: [.....5] [ip4][..tcp] [.192.168.12.169][46862] -> [.149.154.167.51][..443] @@ -184,27 +199,29 @@ idle: [....19] [ip4][..udp] [.192.168.12.169][49667] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....25] [ip4][..udp] [.192.168.12.169][40906] -> [..10.46.103.200][42554] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] + RISK: Known Proto on Non Std Port + idle: [....23] [ip4][..udp] [.192.168.12.169][37444] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] + RISK: Known Proto on Non Std Port idle: [....26] [ip4][..udp] [.192.168.12.169][42405] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....20] [ip4][..udp] [.192.168.12.169][49780] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] RISK: Known Proto on Non Std Port idle: [....33] [ip4][.icmp] [.192.168.12.169] -> [....91.108.17.2] [ICMP][Telegram][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....32] [ip4][.icmp] [.192.168.12.169] -> [...91.108.13.23] [ICMP][Telegram][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][.icmp] [.192.168.12.169] -> [....91.108.9.35] [ICMP][Telegram][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400] + idle: [....22] [ip4][..udp] [.192.168.12.169][37530] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] + RISK: Known Proto on Non Std Port end: [....34] [ip4][..tcp] [..18.195.162.93][..443] -> [.192.168.12.169][38956] [TLS][AmazonAWS][Web][Safe] - RISK: Unidirectional Traffic guessed: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] [AmazonAWS][AmazonAWS][Cloud][Acceptable] idle: [....30] [ip4][..tcp] [.192.168.12.169][40710] -> [....52.58.18.25][.5222] - idle: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400] + idle: [....21] [ip4][..udp] [.192.168.12.169][37849] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][VoIP][Acceptable] + RISK: Known Proto on Non Std Port idle: [....27] [ip4][..udp] [.192.168.12.169][40906] -> [...93.36.13.115][35393] [STUN.TelegramVoip][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] - idle: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] - idle: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] + RISK: Known Proto on Non Std Port + idle: [....17] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.17.2][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....16] [ip4][..udp] [.192.168.12.169][42197] -> [...91.108.13.23][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....15] [ip4][..udp] [.192.168.12.169][42197] -> [....91.108.9.35][.1400] [STUN.TelegramVoip][Telegram][Network][Acceptable] + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/telnet.pcap.out b/test/results/flow-info/default/telnet.pcap.out index d731a9a02..aa842932b 100644 --- a/test/results/flow-info/default/telnet.pcap.out +++ b/test/results/flow-info/default/telnet.pcap.out @@ -8,7 +8,7 @@ RISK: Unsafe Protocol detection-update: [.....1] [ip4][..tcp] [....192.168.0.2][.1550] -> [....192.168.0.1][...23] [Telnet][Unknown][RemoteAccess][Unsafe] RISK: Unsafe Protocol - analyse: [.....1] [ip4][..tcp] [....192.168.0.2][.1550] -> [....192.168.0.1][...23] + analyse: [.....1] [ip4][..tcp] [....192.168.0.2][.1550] -> [....192.168.0.1][...23] [Telnet][Unknown][RemoteAccess][Unsafe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.233| 0.125| 0.337| 113396.253| 2.200] [PKTLEN......: 52.000| 137.000| 63.200| 18.800| 354.000| 4.900] diff --git a/test/results/flow-info/default/teredo.pcap.out b/test/results/flow-info/default/teredo.pcap.out index bccaf7c05..1a26725f6 100644 --- a/test/results/flow-info/default/teredo.pcap.out +++ b/test/results/flow-info/default/teredo.pcap.out @@ -17,13 +17,8 @@ detected: [.....5] [ip4][..udp] [...10.112.16.67][51812] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [...10.112.16.67][51812] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...10.112.16.64][56154] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...10.112.16.89][60381] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..10.112.16.106][52513] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...10.112.16.92][63448] -> [..194.136.28.76][.3544] [Teredo][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tftp.pcap.out b/test/results/flow-info/default/tftp.pcap.out index 2ef4f5eac..6c2682597 100644 --- a/test/results/flow-info/default/tftp.pcap.out +++ b/test/results/flow-info/default/tftp.pcap.out @@ -33,7 +33,6 @@ idle: [.....4] [ip4][..udp] [...192.168.0.10][.3445] -> [..192.168.0.253][50618] [TFTP][Unknown][DataTransfer][Acceptable] RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [..192.168.0.253][50618] -> [...192.168.0.10][...69] [TFTP][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 102 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 2|detection-updates: 0|updates: 0] new: [.....6] [ip4][..udp] [....172.28.5.91][44618] -> [...172.28.5.170][...69] @@ -45,7 +44,5 @@ idle: [.....7] [ip4][..udp] [...172.28.5.170][62058] -> [....172.28.5.91][44618] [TFTP][Unknown][DataTransfer][Acceptable] RISK: Known Proto on Non Std Port idle: [.....5] [ip4][..udp] [....172.28.4.53][54627] -> [...172.16.5.170][...69] [TFTP][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [....172.28.5.91][44618] -> [...172.28.5.170][...69] [TFTP][Unknown][DataTransfer][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/thrift.pcap.out b/test/results/flow-info/default/thrift.pcap.out index 12b574e48..275248cee 100644 --- a/test/results/flow-info/default/thrift.pcap.out +++ b/test/results/flow-info/default/thrift.pcap.out @@ -20,5 +20,4 @@ RISK: Unidirectional Traffic end: [.....1] [ip4][..tcp] [.169.254.59.247][53387] -> [...169.254.46.4][11010] [Thrift][Unknown][RPC][Acceptable] idle: [.....2] [ip4][..udp] [......127.0.0.1][49164] -> [......127.0.0.1][.6831] [Thrift][Unknown][RPC][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tinc.pcap.out b/test/results/flow-info/default/tinc.pcap.out index 743e75857..44f9910dd 100644 --- a/test/results/flow-info/default/tinc.pcap.out +++ b/test/results/flow-info/default/tinc.pcap.out @@ -36,9 +36,9 @@ end: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][Unknown][VPN][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls-appdata.pcap.out b/test/results/flow-info/default/tls-appdata.pcap.out index 758c0995a..e67aea23c 100644 --- a/test/results/flow-info/default/tls-appdata.pcap.out +++ b/test/results/flow-info/default/tls-appdata.pcap.out @@ -4,13 +4,15 @@ new: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] DAEMON-EVENT: [Processed: 6 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] RISK: Unidirectional Traffic - end: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] - analyse: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] + detection-update: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] + end: [.....1] [ip4][..tcp] [.179.60.195.173][..443] -> [..192.168.2.100][60636] [TLS][Facebook][Web][Safe] + analyse: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 15.956| 1.031| 3.918| 15346982.453| 1.000] [PKTLEN......: 40.000| 2944.000| 1129.200| 1252.100| 1567845.600| 4.000] @@ -22,10 +24,10 @@ [ENTROPIES...: 7.9,5.5,4.7,7.9,7.9,5.0,7.9,4.9,4.9,7.9,7.9,5.0,4.9,4.9,5.0,7.9,5.5,4.6,7.9,7.9,4.9,7.9,4.9,7.9,7.9,5.6,4.5,7.9,7.9,4.9,7.9,4.9] detection-update: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] DAEMON-EVENT: [Processed: 45 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] DAEMON-EVENT: [Processed: 75 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] DAEMON-EVENT: [Processed: 105 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 3|updates: 0] idle: [.....2] [ip4][..tcp] [..192.168.2.100][58976] -> [...52.223.198.7][..443] [TLS][Twitch][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls-esni-fuzzed.pcap.out b/test/results/flow-info/default/tls-esni-fuzzed.pcap.out index 9bd4bd450..cff13746e 100644 --- a/test/results/flow-info/default/tls-esni-fuzzed.pcap.out +++ b/test/results/flow-info/default/tls-esni-fuzzed.pcap.out @@ -10,7 +10,10 @@ new: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe][] RISK: Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch - idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] - idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] - idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] + idle: [.....1] [ip4][..tcp] [...192.168.1.12][49886] -> [..104.27.129.77][..443] [TLS][Cloudflare][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [...192.168.1.12][49897] -> [..104.22.71.197][..443] [TLS][Cloudflare][Web][Safe] + RISK: Missing SNI TLS Extn, Unidirectional Traffic, ALPN/SNI Mismatch + idle: [.....2] [ip4][..tcp] [...192.168.1.12][49887] -> [.104.16.125.175][..443] [TLS][Cloudflare][Web][Safe] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls-rdn-extract.pcap.out b/test/results/flow-info/default/tls-rdn-extract.pcap.out index 649de1887..0eed70463 100644 --- a/test/results/flow-info/default/tls-rdn-extract.pcap.out +++ b/test/results/flow-info/default/tls-rdn-extract.pcap.out @@ -8,5 +8,6 @@ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][31337] -> [213.199.149.251][..443] [TLS.Microsoft][Unknown][Web][Safe][ads1.msads.net] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher, TLS Cert Expired - idle: [.....1] [ip4][..tcp] [.......10.0.0.1][31337] -> [213.199.149.251][..443] + idle: [.....1] [ip4][..tcp] [.......10.0.0.1][31337] -> [213.199.149.251][..443] [TLS.Microsoft][Unknown][Web][Safe] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher, TLS Cert Expired DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_2_reasms_b.pcapng.out b/test/results/flow-info/default/tls_2_reasms_b.pcapng.out index 4df800b59..52ee4ed98 100644 --- a/test/results/flow-info/default/tls_2_reasms_b.pcapng.out +++ b/test/results/flow-info/default/tls_2_reasms_b.pcapng.out @@ -4,5 +4,5 @@ new: [.....1] [ip4][..tcp] [..88.14.137.195][..443] -> [196.234.165.216][37658] detected: [.....1] [ip4][..tcp] [..88.14.137.195][..443] -> [196.234.165.216][37658] [TLS.FbookReelStory][Unknown][SocialNetwork][Fun][video.fmct2-3.fna.fbcdn.net] detection-update: [.....1] [ip4][..tcp] [..88.14.137.195][..443] -> [196.234.165.216][37658] [TLS.FbookReelStory][Unknown][SocialNetwork][Fun][video.fmct2-3.fna.fbcdn.net] - idle: [.....1] [ip4][..tcp] [..88.14.137.195][..443] -> [196.234.165.216][37658] + idle: [.....1] [ip4][..tcp] [..88.14.137.195][..443] -> [196.234.165.216][37658] [TLS.FbookReelStory][Unknown][SocialNetwork][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_alert.pcap.out b/test/results/flow-info/default/tls_alert.pcap.out index c7cffc462..3a3049ced 100644 --- a/test/results/flow-info/default/tls_alert.pcap.out +++ b/test/results/flow-info/default/tls_alert.pcap.out @@ -4,12 +4,14 @@ new: [.....1] [ip4][..tcp] [..192.168.1.192][63158] -> [...192.168.1.20][..443] detected: [.....1] [ip4][..tcp] [..192.168.1.192][63158] -> [...192.168.1.20][..443] [TLS.Google][Unknown][Advertisement][Acceptable][www.google-analytics.com] RISK: Obsolete TLS (v1.1 or older) + detection-update: [.....1] [ip4][..tcp] [..192.168.1.192][63158] -> [...192.168.1.20][..443] [TLS.Google][Unknown][Advertisement][Acceptable][www.google-analytics.com] + RISK: Obsolete TLS (v1.1 or older), TLS Fatal Alert DAEMON-EVENT: [Processed: 11 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....2] [ip4][..tcp] [..192.168.2.100][37780] -> [.160.44.202.202][..443] [MIDSTREAM] detected: [.....2] [ip4][..tcp] [..192.168.2.100][37780] -> [.160.44.202.202][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic - end: [.....1] [ip4][..tcp] [..192.168.1.192][63158] -> [...192.168.1.20][..443] + end: [.....1] [ip4][..tcp] [..192.168.1.192][63158] -> [...192.168.1.20][..443] [TLS.Google][Unknown][Advertisement][Acceptable] + RISK: Obsolete TLS (v1.1 or older), TLS Fatal Alert end: [.....2] [ip4][..tcp] [..192.168.2.100][37780] -> [.160.44.202.202][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_certificate_too_long.pcap.out b/test/results/flow-info/default/tls_certificate_too_long.pcap.out index a210f0fb6..49212f67e 100644 --- a/test/results/flow-info/default/tls_certificate_too_long.pcap.out +++ b/test/results/flow-info/default/tls_certificate_too_long.pcap.out @@ -90,6 +90,8 @@ detected: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] RISK: Unidirectional Traffic detection-update: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][235.33.22.2.in-addr.arpa] + detection-update: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] + detection-update: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] analyse: [....24] [ip4][..tcp] [..192.168.1.121][53429] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.067| 0.004| 0.014| 198.149| 1.700] @@ -146,6 +148,7 @@ new: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [MIDSTREAM] detected: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [TLS][GoogleCloud][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [TLS][GoogleCloud][Web][Safe] idle: [....11] [ip4][..udp] [..192.168.1.121][65492] -> [........8.8.8.8][...53] [DNS.Azure][Google][Network][Acceptable] idle: [.....8] [ip4][....2] [..192.168.1.139] -> [....224.0.0.251] [IGMP][Unknown][Network][Acceptable] idle: [.....7] [ip4][....2] [..192.168.1.139] -> [......224.0.0.2] [IGMP][Unknown][Network][Acceptable] @@ -157,17 +160,13 @@ idle: [.....9] [ip4][..udp] [..192.168.1.121][55567] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe] idle: [....16] [ip4][..udp] [..192.168.1.121][55578] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....28] [ip4][..udp] [..192.168.1.121][50288] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.1.121][.5353] -> [..192.168.1.139][.5353] [MDNS][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic - idle: [.....4] [ip4][..udp] [..192.168.1.139][.5353] -> [....224.0.0.251][.5353] + idle: [.....4] [ip4][..udp] [..192.168.1.139][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [..192.168.1.121][53884] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe] idle: [....23] [ip4][..udp] [..192.168.1.121][51998] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] idle: [....15] [ip4][..udp] [..192.168.1.121][58161] -> [........8.8.8.8][...53] [DNS.Microsoft][Google][Network][Safe] idle: [....34] [ip4][..udp] [..192.168.1.121][56865] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic idle: [....31] [ip4][..udp] [..192.168.1.121][65099] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.1.121][52251] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] RISK: Error Code idle: [....25] [ip4][..tcp] [..192.168.1.121][53428] -> [...52.98.163.18][..443] [TLS][Outlook][Web][Safe] @@ -175,18 +174,25 @@ guessed: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443] [TLS][Azure][Web][Safe] idle: [.....1] [ip4][..tcp] [..192.168.1.121][52746] -> [...52.149.21.60][..443] idle: [....17] [ip4][..udp] [..192.168.1.121][54561] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable] - end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] - end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] - end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] - end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] - end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] - end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] - end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] - end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] + end: [....12] [ip4][..tcp] [..192.168.1.121][53910] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....13] [ip4][..tcp] [..192.168.1.121][53911] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....26] [ip4][..tcp] [..192.168.1.121][53914] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....27] [ip4][..tcp] [..192.168.1.121][53915] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....29] [ip4][..tcp] [..192.168.1.121][53916] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....30] [ip4][..tcp] [..192.168.1.121][53917] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....32] [ip4][..tcp] [..192.168.1.121][53918] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long + end: [....33] [ip4][..tcp] [..192.168.1.121][53919] -> [...40.113.10.47][..443] [TLS.Microsoft][Azure][Cloud][Safe] + RISK: TLS Cert Validity Too Long idle: [....22] [ip4][..udp] [..192.168.1.121][49216] -> [..17.253.54.251][..123] [NTP][Apple][System][Acceptable] - RISK: Unidirectional Traffic - idle: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] - idle: [.....5] [ip6][..udp] [..............fe80::1059:a858:f9e7:cf94][.5353] -> [...............................ff02::fb][.5353] + idle: [....35] [ip4][..tcp] [.130.211.33.145][..443] -> [..192.168.1.121][53432] [TLS][GoogleCloud][Web][Safe] + idle: [.....5] [ip6][..udp] [..............fe80::1059:a858:f9e7:cf94][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] end: [....20] [ip4][..tcp] [..192.168.1.121][53905] -> [..140.82.113.26][..443] [TLS][Github][Web][Safe] not-detected: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] [Unknown][Unknown][Unrated] idle: [.....2] [ip4][..tcp] [..192.168.1.121][52721] -> [..192.168.1.139][55367] diff --git a/test/results/flow-info/default/tls_cipher_lens.pcap.out b/test/results/flow-info/default/tls_cipher_lens.pcap.out index a7607fe2e..3c8154c57 100644 --- a/test/results/flow-info/default/tls_cipher_lens.pcap.out +++ b/test/results/flow-info/default/tls_cipher_lens.pcap.out @@ -16,9 +16,14 @@ new: [.....5] [ip4][..tcp] [..192.168.11.11][51591] -> [.173.194.35.191][..443] [MIDSTREAM] detected: [.....5] [ip4][..tcp] [..192.168.11.11][51591] -> [.173.194.35.191][..443] [TLS][Google][Web][Safe][] RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [..192.168.11.11][51587] -> [.173.194.35.191][..443] - idle: [.....4] [ip4][..tcp] [..192.168.11.11][51588] -> [.173.194.35.191][..443] - idle: [.....3] [ip4][..tcp] [..192.168.11.11][51589] -> [.173.194.35.191][..443] - idle: [.....2] [ip4][..tcp] [..192.168.11.11][51590] -> [.173.194.35.191][..443] - idle: [.....5] [ip4][..tcp] [..192.168.11.11][51591] -> [.173.194.35.191][..443] + idle: [.....1] [ip4][..tcp] [..192.168.11.11][51587] -> [.173.194.35.191][..443] [TLS.Google][Google][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + idle: [.....4] [ip4][..tcp] [..192.168.11.11][51588] -> [.173.194.35.191][..443] [TLS][Google][Web][Safe] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + idle: [.....3] [ip4][..tcp] [..192.168.11.11][51589] -> [.173.194.35.191][..443] [TLS][Google][Web][Safe] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + idle: [.....2] [ip4][..tcp] [..192.168.11.11][51590] -> [.173.194.35.191][..443] [TLS][Google][Web][Safe] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic + idle: [.....5] [ip4][..tcp] [..192.168.11.11][51591] -> [.173.194.35.191][..443] [TLS][Google][Web][Safe] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_client_certificate_with_missing_server_one.pcapng.out b/test/results/flow-info/default/tls_client_certificate_with_missing_server_one.pcapng.out index 9920b8d41..045be7a88 100644 --- a/test/results/flow-info/default/tls_client_certificate_with_missing_server_one.pcapng.out +++ b/test/results/flow-info/default/tls_client_certificate_with_missing_server_one.pcapng.out @@ -9,6 +9,8 @@ new: [.....2] [ip4][..tcp] [..192.168.1.128][59754] -> [..192.168.1.181][.7070] detected: [.....2] [ip4][..tcp] [..192.168.1.128][59754] -> [..192.168.1.181][.7070] [TLS][Unknown][Web][Safe][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - idle: [.....1] [ip4][..tcp] [195.181.174.176][..443] -> [..192.168.1.128][48260] - idle: [.....2] [ip4][..tcp] [..192.168.1.128][59754] -> [..192.168.1.181][.7070] + idle: [.....1] [ip4][..tcp] [195.181.174.176][..443] -> [..192.168.1.128][48260] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable] + RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN + idle: [.....2] [ip4][..tcp] [..192.168.1.128][59754] -> [..192.168.1.181][.7070] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_ech.pcapng.out b/test/results/flow-info/default/tls_ech.pcapng.out index 72702c407..bb565cb0c 100644 --- a/test/results/flow-info/default/tls_ech.pcapng.out +++ b/test/results/flow-info/default/tls_ech.pcapng.out @@ -4,5 +4,5 @@ new: [.....1] [ip6][..tcp] [..2001:b07:a3d:c112:ce16:b409:3d0a:9177][47460] -> [...................2606:4700::6812:1e4e][..443] detected: [.....1] [ip6][..tcp] [..2001:b07:a3d:c112:ce16:b409:3d0a:9177][47460] -> [...................2606:4700::6812:1e4e][..443] [TLS.Cloudflare][Cloudflare][Web][Acceptable][performance.radar.cloudflare.com] detection-update: [.....1] [ip6][..tcp] [..2001:b07:a3d:c112:ce16:b409:3d0a:9177][47460] -> [...................2606:4700::6812:1e4e][..443] [TLS.Cloudflare][Cloudflare][Web][Acceptable][performance.radar.cloudflare.com] - idle: [.....1] [ip6][..tcp] [..2001:b07:a3d:c112:ce16:b409:3d0a:9177][47460] -> [...................2606:4700::6812:1e4e][..443] + idle: [.....1] [ip6][..tcp] [..2001:b07:a3d:c112:ce16:b409:3d0a:9177][47460] -> [...................2606:4700::6812:1e4e][..443] [TLS.Cloudflare][Cloudflare][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_esni_sni_both.pcap.out b/test/results/flow-info/default/tls_esni_sni_both.pcap.out index e65574a95..a08c7b272 100644 --- a/test/results/flow-info/default/tls_esni_sni_both.pcap.out +++ b/test/results/flow-info/default/tls_esni_sni_both.pcap.out @@ -11,6 +11,8 @@ RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage detection-update: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe][you-think-thats-normal-tls-traffic-youre-seeing.com] RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage - end: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] - end: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] + end: [.....1] [ip4][..tcp] [...192.168.1.21][55500] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage + end: [.....2] [ip4][..tcp] [...192.168.1.21][55514] -> [..104.17.175.85][..443] [TLS][Cloudflare][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS, TLS Susp ESNI Usage DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_missing_ch_frag.pcap.out b/test/results/flow-info/default/tls_missing_ch_frag.pcap.out index c404591de..078bf4928 100644 --- a/test/results/flow-info/default/tls_missing_ch_frag.pcap.out +++ b/test/results/flow-info/default/tls_missing_ch_frag.pcap.out @@ -3,5 +3,5 @@ DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][33063] detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][33063] [TLS][Unknown][Web][Safe][] - end: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][33063] + end: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][33063] [TLS][Unknown][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_multiple_synack_different_seq.pcapng.out b/test/results/flow-info/default/tls_multiple_synack_different_seq.pcapng.out index 6eaad9e20..93fb60896 100644 --- a/test/results/flow-info/default/tls_multiple_synack_different_seq.pcapng.out +++ b/test/results/flow-info/default/tls_multiple_synack_different_seq.pcapng.out @@ -5,5 +5,5 @@ detected: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][59927] [TLS.AmazonAWS][Unknown][Cloud][Acceptable][bolt-prod-s3-eu-west-1.s3.eu-west-1.amazonaws.com] detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][59927] [TLS.AmazonAWS][Unknown][Cloud][Acceptable][bolt-prod-s3-eu-west-1.s3.eu-west-1.amazonaws.com] detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][59927] [TLS.AmazonAWS][Unknown][Cloud][Acceptable][bolt-prod-s3-eu-west-1.s3.eu-west-1.amazonaws.com] - idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][59927] + idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][59927] [TLS.AmazonAWS][Unknown][Cloud][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_port_80.pcapng.out b/test/results/flow-info/default/tls_port_80.pcapng.out index 906c2d72b..51b324381 100644 --- a/test/results/flow-info/default/tls_port_80.pcapng.out +++ b/test/results/flow-info/default/tls_port_80.pcapng.out @@ -6,5 +6,6 @@ RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn detection-update: [.....1] [ip4][..tcp] [..57.91.202.194][50541] -> [..132.49.141.56][...80] [TLS][Unknown][Web][Safe][] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn - idle: [.....1] [ip4][..tcp] [..57.91.202.194][50541] -> [..132.49.141.56][...80] + idle: [.....1] [ip4][..tcp] [..57.91.202.194][50541] -> [..132.49.141.56][...80] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS, Missing SNI TLS Extn DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_torrent.pcapng.out b/test/results/flow-info/default/tls_torrent.pcapng.out index c54d0ae65..45838247c 100644 --- a/test/results/flow-info/default/tls_torrent.pcapng.out +++ b/test/results/flow-info/default/tls_torrent.pcapng.out @@ -8,5 +8,6 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS.BitTorrent][Unknown][Download][Acceptable][web.utorrent.com] RISK: TLS (probably) Not Carrying HTTPS - idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] + idle: [.....1] [ip4][..tcp] [.....10.10.10.1][..443] -> [....192.168.0.1][58842] [TLS.BitTorrent][Unknown][Download][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_unidirectional.pcap.out b/test/results/flow-info/default/tls_unidirectional.pcap.out index 402647bf6..d59be472e 100644 --- a/test/results/flow-info/default/tls_unidirectional.pcap.out +++ b/test/results/flow-info/default/tls_unidirectional.pcap.out @@ -11,6 +11,8 @@ new: [.....2] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] detected: [.....2] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable][] RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN, Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [.142.250.27.188][.5228] -> [...10.140.72.24][12654] - idle: [.....2] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] + idle: [.....1] [ip4][..tcp] [.142.250.27.188][.5228] -> [...10.140.72.24][12654] [TLS.Google][Google][Web][Acceptable] + RISK: Known Proto on Non Std Port, Unidirectional Traffic + idle: [.....2] [ip4][..tcp] [..192.168.1.128][48260] -> [195.181.174.176][..443] [TLS.AnyDesk][Unknown][RemoteAccess][Acceptable] + RISK: Missing SNI TLS Extn, Desktop/File Sharing, Uncommon TLS ALPN, Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/tls_verylong_certificate.pcap.out b/test/results/flow-info/default/tls_verylong_certificate.pcap.out index 4995043bd..6a0a933e6 100644 --- a/test/results/flow-info/default/tls_verylong_certificate.pcap.out +++ b/test/results/flow-info/default/tls_verylong_certificate.pcap.out @@ -5,7 +5,7 @@ detected: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] detection-update: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe][feodotracker.abuse.ch] - analyse: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] + analyse: [.....1] [ip4][..tcp] [..192.168.1.160][54804] -> [..151.101.66.49][..443] [TLS.Cybersec][Unknown][Cybersecurity][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.022| 0.005| 0.007| 43.853| 3.500] [PKTLEN......: 52.000| 1420.000| 518.600| 615.300| 378610.900| 4.000] diff --git a/test/results/flow-info/default/toca-boca.pcap.out b/test/results/flow-info/default/toca-boca.pcap.out index 99ba6373e..72a4df1bc 100644 --- a/test/results/flow-info/default/toca-boca.pcap.out +++ b/test/results/flow-info/default/toca-boca.pcap.out @@ -10,14 +10,12 @@ detected: [.....2] [ip4][..udp] [..192.168.2.100][42022] -> [...92.38.154.49][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [..192.168.2.100][50173] -> [..91.199.81.225][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 16 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....3] [ip4][..udp] [..192.168.2.100][55544] -> [...92.38.154.49][.5055] detected: [.....3] [ip4][..udp] [..192.168.2.100][55544] -> [...92.38.154.49][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [..192.168.2.100][42022] -> [...92.38.154.49][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....4] [ip4][..udp] [...92.38.154.49][.5055] -> [..192.168.2.100][32867] detected: [.....4] [ip4][..udp] [...92.38.154.49][.5055] -> [..192.168.2.100][32867] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic @@ -30,51 +28,39 @@ detected: [.....6] [ip4][..udp] [..91.199.81.130][.5055] -> [..192.168.2.100][43064] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...92.38.154.49][.5055] -> [..192.168.2.100][32867] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [..192.168.2.100][55544] -> [...92.38.154.49][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....7] [ip4][..udp] [..192.168.2.100][44818] -> [..91.199.81.123][.5055] detected: [.....7] [ip4][..udp] [..192.168.2.100][44818] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....5] [ip4][..udp] [..192.168.2.100][54983] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [..91.199.81.130][.5055] -> [..192.168.2.100][43064] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][60837] detected: [.....8] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][60837] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [..192.168.2.100][54983] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [..192.168.2.100][44818] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [..91.199.81.130][.5055] -> [..192.168.2.100][43064] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [.....9] [ip4][..udp] [..192.168.2.100][37218] -> [..91.199.81.123][.5055] detected: [.....9] [ip4][..udp] [..192.168.2.100][37218] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][60837] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 51 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 9|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [....10] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][33311] detected: [....10] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][33311] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][60837] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.2.100][37218] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 52 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 10|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3] new: [....11] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][40290] detected: [....11] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][40290] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][33311] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....12] [ip4][..udp] [..192.168.2.100][33024] -> [..91.199.81.123][.5055] detected: [....12] [ip4][..udp] [..192.168.2.100][33024] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....11] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][40290] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....13] [ip4][..udp] [..192.168.2.100][56864] -> [..91.199.81.123][.5055] detected: [....13] [ip4][..udp] [..192.168.2.100][56864] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic @@ -84,19 +70,14 @@ detected: [....14] [ip4][..udp] [..192.168.2.100][50600] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [..192.168.2.100][56864] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..192.168.2.100][33024] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....15] [ip4][..udp] [..192.168.2.100][35671] -> [..91.199.81.123][.5055] detected: [....15] [ip4][..udp] [..192.168.2.100][35671] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic update: [....14] [ip4][..udp] [..192.168.2.100][50600] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic new: [....16] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][37167] idle: [....14] [ip4][..udp] [..192.168.2.100][50600] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic update: [....15] [ip4][..udp] [..192.168.2.100][35671] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 72 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 16|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 5] new: [....17] [ip4][..udp] [..91.199.81.122][.5055] -> [..192.168.2.100][34503] @@ -106,12 +87,10 @@ RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [..91.199.81.123][.5055] -> [..192.168.2.100][37167] idle: [....15] [ip4][..udp] [..192.168.2.100][35671] -> [..91.199.81.123][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 73 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 5] new: [....18] [ip4][..udp] [..91.199.81.225][.5055] -> [..192.168.2.100][50337] idle: [....17] [ip4][..udp] [..91.199.81.122][.5055] -> [..192.168.2.100][34503] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: [Processed: 74 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 18|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 5] new: [....19] [ip4][..udp] [..91.199.81.122][.5055] -> [..192.168.2.100][56920] @@ -128,7 +107,6 @@ RISK: Unidirectional Traffic idle: [....19] [ip4][..udp] [..91.199.81.122][.5055] -> [..192.168.2.100][56920] idle: [....20] [ip4][..udp] [..192.168.2.100][45096] -> [..91.199.81.208][.5055] [TocaBoca][Unknown][Game][Fun] - RISK: Unidirectional Traffic guessed: [....21] [ip4][..udp] [..91.199.81.225][.5055] -> [..192.168.2.100][43151] [TocaBoca][Unknown][Game][Fun] RISK: Unidirectional Traffic idle: [....21] [ip4][..udp] [..91.199.81.225][.5055] -> [..192.168.2.100][43151] diff --git a/test/results/flow-info/default/tumblr.pcap.out b/test/results/flow-info/default/tumblr.pcap.out index 157025c13..070f0164b 100644 --- a/test/results/flow-info/default/tumblr.pcap.out +++ b/test/results/flow-info/default/tumblr.pcap.out @@ -13,6 +13,9 @@ new: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [MIDSTREAM] detected: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] [TLS][Unknown][Web][Safe] + detection-update: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [TLS][Unknown][Web][Safe] + detection-update: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] new: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [MIDSTREAM] analyse: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy @@ -30,9 +33,11 @@ new: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [MIDSTREAM] detected: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] new: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] + detection-update: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] detected: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe][consent.cmp.oath.com] - analyse: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] + analyse: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.045| 0.004| 0.009| 88.667| 2.800] [PKTLEN......: 72.000| 1472.000| 608.300| 669.700| 448506.000| 4.100] @@ -65,7 +70,8 @@ new: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [MIDSTREAM] detected: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic - analyse: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] + detection-update: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] + analyse: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.037| 0.003| 0.009| 73.545| 2.400] [PKTLEN......: 72.000| 1472.000| 435.700| 586.000| 343353.700| 3.900] @@ -79,6 +85,7 @@ new: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [MIDSTREAM] detected: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....15] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][51874] -> [.....................64:ff9b::c000:4c03][..443] [TLS][Unknown][Web][Safe] detection-update: [....13] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47118] -> [.................2001:4998:14:800::1001][..443] [TLS.Yahoo][Unknown][Web][Safe][cookiex.ngd.yahoo.com] new: [....16] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56582] -> [.....................64:ff9b::9765:798c][..443] [MIDSTREAM] new: [....17] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56564] -> [.....................64:ff9b::9765:798c][..443] [MIDSTREAM] @@ -112,7 +119,7 @@ new: [....42] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][55560] -> [...............2a00:1450:4007:817::200a][..443] [MIDSTREAM] detection-update: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43328] -> [.....................64:ff9b::4a72:9a16][..443] [TLS.Tumblr][Unknown][SocialNetwork][Fun][catasters.tumblr.com] detection-update: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43328] -> [.....................64:ff9b::4a72:9a16][..443] [TLS.Tumblr][Unknown][SocialNetwork][Fun][catasters.tumblr.com] - analyse: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43328] -> [.....................64:ff9b::4a72:9a16][..443] + analyse: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43328] -> [.....................64:ff9b::4a72:9a16][..443] [TLS.Tumblr][Unknown][SocialNetwork][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.189| 0.028| 0.050| 2454.248| 3.200] [PKTLEN......: 72.000| 1472.000| 454.000| 568.300| 322990.400| 4.000] @@ -128,7 +135,8 @@ RISK: Unidirectional Traffic detected: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49548] -> [...............2a00:1450:4007:809::200e][..443] [TLS.Google][Google][Web][Acceptable][apis.google.com] new: [....44] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][38608] -> [...............2a00:1450:4007:80b::200a][..443] - analyse: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] + detection-update: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] + analyse: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 19.514| 1.259| 4.789| 22930555.666| 1.000] [PKTLEN......: 72.000| 1120.000| 600.100| 520.100| 270533.200| 4.400] @@ -183,7 +191,7 @@ idle: [....36] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48988] -> [...............2a00:1450:4007:811::2004][..443] guessed: [....40] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49002] -> [...............2a00:1450:4007:811::2004][..443] [TLS][Google][Web][Safe] idle: [....40] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49002] -> [...............2a00:1450:4007:811::2004][..443] - idle: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] + idle: [.....4] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][41266] -> [....2620:116:800d:21:8c6e:cf2c:8d6:9fb5][..443] [TLS][Unknown][Web][Safe] idle: [.....2] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][48240] -> [.....................64:ff9b::9765:789d][..443] [TLS][Unknown][Web][Safe] guessed: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56558] -> [.....................64:ff9b::9765:798c][..443] [TLS][Unknown][Web][Safe] idle: [....21] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56558] -> [.....................64:ff9b::9765:798c][..443] @@ -198,7 +206,7 @@ guessed: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] [TLS][Unknown][Web][Safe] idle: [....18] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56594] -> [.....................64:ff9b::9765:798c][..443] idle: [....13] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][47118] -> [.................2001:4998:14:800::1001][..443] [TLS.Yahoo][Unknown][Web][Safe] - idle: [....42] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][55560] -> [...............2a00:1450:4007:817::200a][..443] + idle: [....42] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][55560] -> [...............2a00:1450:4007:817::200a][..443] [TLS][Google][Web][Safe] guessed: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] [TLS][Unknown][Web][Safe] idle: [.....3] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56640] -> [.....................64:ff9b::9765:798c][..443] guessed: [....28] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49462] -> [...............2a00:1450:4007:809::200e][..443] [TLS][Google][Web][Safe] @@ -210,13 +218,13 @@ guessed: [....30] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49546] -> [...............2a00:1450:4007:815::2003][..443] [TLS][Google][Web][Safe] idle: [....30] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49546] -> [...............2a00:1450:4007:815::2003][..443] idle: [....43] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][49548] -> [...............2a00:1450:4007:809::200e][..443] [TLS.Google][Google][Web][Acceptable] - idle: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] + idle: [.....7] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56782] -> [.....................64:ff9b::68f4:2ac8][..443] [TLS][Unknown][Web][Safe] guessed: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57770] -> [...............2a00:1450:4007:80b::200e][..443] [TLS][Google][Web][Safe] idle: [....37] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57770] -> [...............2a00:1450:4007:80b::200e][..443] idle: [....14] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56794] -> [.....................64:ff9b::c000:4d03][..443] [TLS][Unknown][Web][Safe] guessed: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57788] -> [...............2a00:1450:4007:80b::200e][..443] [TLS][Google][Web][Safe] idle: [....29] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57788] -> [...............2a00:1450:4007:80b::200e][..443] - idle: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56842] -> [.....................64:ff9b::c000:4d03][..443] + idle: [....20] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][56842] -> [.....................64:ff9b::c000:4d03][..443] [TLS.Tumblr][Unknown][SocialNetwork][Fun] guessed: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42674] -> [.....................64:ff9b::4a72:9a15][..443] [TLS][Unknown][Web][Safe] idle: [....46] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42674] -> [.....................64:ff9b::4a72:9a15][..443] guessed: [....26] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][45706] -> [...............2a00:1450:4007:80a::200e][..443] [TLS][Google][Web][Safe] @@ -226,15 +234,15 @@ guessed: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50906] -> [.....................64:ff9b::d83a:d582][..443] [TLS][Unknown][Web][Safe] idle: [....35] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][50906] -> [.....................64:ff9b::d83a:d582][..443] idle: [.....6] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][42908] -> [.....................64:ff9b::98c7:1593][..443] [TLS][Unknown][Web][Safe] - idle: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] + idle: [.....5] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][57286] -> [.....................64:ff9b::8fcc:d927][..443] [TLS][Unknown][Web][Safe] idle: [....10] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58380] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe] - end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] + end: [....11] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58382] -> [..2606:2800:135:155a:23ba:b2a:25ff:122d][..443] [TLS][Edgecast][Web][Safe] guessed: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][35892] -> [...............2a00:1450:4007:815::2002][..443] [TLS][Google][Web][Safe] idle: [....25] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][35892] -> [...............2a00:1450:4007:815::2002][..443] guessed: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44164] -> [...............2a00:1450:4007:805::2003][..443] [TLS][Google][Web][Safe] idle: [....31] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][44164] -> [...............2a00:1450:4007:805::2003][..443] idle: [....12] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39152] -> [......................64:ff9b::6006:749][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] - idle: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39164] -> [......................64:ff9b::6006:749][..443] + idle: [....45] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][39164] -> [......................64:ff9b::6006:749][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] guessed: [....34] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58614] -> [...............2a00:1450:4007:805::200e][..443] [TLS][Google][Web][Safe] idle: [....34] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58614] -> [...............2a00:1450:4007:805::200e][..443] guessed: [....33] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][58616] -> [...............2a00:1450:4007:805::200e][..443] [TLS][Google][Web][Safe] @@ -244,7 +252,7 @@ guessed: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40190] -> [...............2a00:1450:4007:80a::200a][..443] [TLS][Google][Web][Safe] idle: [....47] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][40190] -> [...............2a00:1450:4007:80a::200a][..443] idle: [....41] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43328] -> [.....................64:ff9b::4a72:9a16][..443] [TLS.Tumblr][Unknown][SocialNetwork][Fun] - idle: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] + idle: [.....8] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43420] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] idle: [.....9] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43434] -> [.....................64:ff9b::c000:4d28][..443] [TLS][Unknown][Web][Safe] guessed: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43602] -> [......................64:ff9b::df9:21c6][..443] [TLS][Unknown][Web][Safe] idle: [....24] [ip6][..tcp] [2a01:cb01:2049:8b07:991d:ec85:28df:f629][43602] -> [......................64:ff9b::df9:21c6][..443] diff --git a/test/results/flow-info/default/tunnelbear.pcap.out b/test/results/flow-info/default/tunnelbear.pcap.out index 93e7228c5..e2597db16 100644 --- a/test/results/flow-info/default/tunnelbear.pcap.out +++ b/test/results/flow-info/default/tunnelbear.pcap.out @@ -65,9 +65,9 @@ detected: [....13] [ip4][..tcp] [.......10.8.0.1][47046] -> [.74.125.200.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable][mtalk.google.com] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS end: [.....2] [ip4][..tcp] [.......10.8.0.1][45104] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] - end: [.....3] [ip4][..tcp] [.......10.8.0.1][45106] -> [..104.17.115.40][..443] - end: [.....4] [ip4][..tcp] [.......10.8.0.1][45108] -> [..104.17.115.40][..443] - end: [.....5] [ip4][..tcp] [.......10.8.0.1][45114] -> [..104.17.115.40][..443] + end: [.....3] [ip4][..tcp] [.......10.8.0.1][45106] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] + end: [.....4] [ip4][..tcp] [.......10.8.0.1][45108] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] + end: [.....5] [ip4][..tcp] [.......10.8.0.1][45114] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [.....7] [ip4][..tcp] [.......10.8.0.1][45124] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [.....8] [ip4][..tcp] [.......10.8.0.1][45126] -> [..104.17.115.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][47046] -> [.74.125.200.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable][mtalk.google.com] @@ -105,20 +105,24 @@ [ENTROPIES...: 4.5,4.5,4.5,6.1,4.6,6.0,4.6,5.4,4.6,5.5,4.6,5.9,4.5,7.6,4.5,7.6,4.6,6.8,4.5,5.9,5.3,4.6,5.3,7.2,4.6,7.6,4.6,6.5,4.6,7.3,4.5,7.9] new: [....21] [ip4][..tcp] [.......10.8.0.1][33858] -> [..104.17.114.40][..443] detected: [....21] [ip4][..tcp] [.......10.8.0.1][33858] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable][api.polargrizzly.com] - idle: [....13] [ip4][..tcp] [.......10.8.0.1][47046] -> [.74.125.200.188][.5228] - idle: [....15] [ip4][..tcp] [.......10.8.0.1][50904] -> [.104.17.154.236][..443] - idle: [.....6] [ip4][..tcp] [.......10.8.0.1][47496] -> [162.247.243.188][..443] - idle: [....11] [ip4][..tcp] [.......10.8.0.1][60224] -> [...157.240.7.32][..443] - idle: [....20] [ip4][..tcp] [.......10.8.0.1][48222] -> [162.247.243.188][..443] + idle: [....13] [ip4][..tcp] [.......10.8.0.1][47046] -> [.74.125.200.188][.5228] [TLS.GoogleServices][Google][Web][Acceptable] + RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS + idle: [....15] [ip4][..tcp] [.......10.8.0.1][50904] -> [.104.17.154.236][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] + idle: [.....6] [ip4][..tcp] [.......10.8.0.1][47496] -> [162.247.243.188][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] + idle: [....11] [ip4][..tcp] [.......10.8.0.1][60224] -> [...157.240.7.32][..443] [TLS.Messenger][Facebook][Chat][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + idle: [....20] [ip4][..tcp] [.......10.8.0.1][48222] -> [162.247.243.188][..443] [TLS.ADS_Analytic_Track][Unknown][Advertisement][Tracker/Ads] guessed: [....10] [ip4][..tcp] [..10.158.132.91][51120] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][] end: [....10] [ip4][..tcp] [..10.158.132.91][51120] -> [........8.8.8.8][...53] - idle: [....12] [ip4][..tcp] [.......10.8.0.1][47594] -> [..99.83.135.170][..443] - end: [.....9] [ip4][..tcp] [..10.158.132.91][38398] -> [..104.17.114.40][..443] + idle: [....12] [ip4][..tcp] [.......10.8.0.1][47594] -> [..99.83.135.170][..443] [TLS][AmazonAWS][Web][Safe] + RISK: TLS (probably) Not Carrying HTTPS + end: [.....9] [ip4][..tcp] [..10.158.132.91][38398] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] + RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.......10.8.0.1][50178] -> [.104.17.154.236][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [....14] [ip4][..tcp] [.......10.8.0.1][33830] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [....16] [ip4][..tcp] [.......10.8.0.1][33838] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [....17] [ip4][..tcp] [.......10.8.0.1][33842] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [....18] [ip4][..tcp] [.......10.8.0.1][33846] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] end: [....19] [ip4][..tcp] [.......10.8.0.1][33848] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] - idle: [....21] [ip4][..tcp] [.......10.8.0.1][33858] -> [..104.17.114.40][..443] + idle: [....21] [ip4][..tcp] [.......10.8.0.1][33858] -> [..104.17.114.40][..443] [TLS.TunnelBear][Cloudflare][VPN][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/ultrasurf.pcap.out b/test/results/flow-info/default/ultrasurf.pcap.out index f1d19792b..4369a4a12 100644 --- a/test/results/flow-info/default/ultrasurf.pcap.out +++ b/test/results/flow-info/default/ultrasurf.pcap.out @@ -45,7 +45,6 @@ [PKTLENS.....: 60,60,52,569,52,1340,1340,1256,52,52,52,116,368,107,87,139,52,83,1400,428,1400,480,250,234,52,87,113,200,244,87,187,1340] [ENTROPIES...: 4.7,5.2,5.0,6.1,5.2,7.8,7.9,7.9,5.2,5.2,5.1,6.0,7.4,6.0,5.8,6.3,5.1,5.7,7.9,7.4,7.8,7.6,7.1,7.0,5.1,5.9,6.1,6.8,6.9,5.9,6.8,7.9] idle: [.....1] [ip4][..tcp] [....65.49.68.25][50053] -> [....10.132.0.23][37898] [UltraSurf][Unknown][VPN][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [....10.132.0.23][38120] -> [....65.49.68.25][50053] [TLS][Unknown][Web][Safe] RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, ALPN/SNI Mismatch idle: [.....3] [ip4][..tcp] [....10.132.0.23][38152] -> [....65.49.68.25][50053] [TLS][Unknown][Web][Safe] diff --git a/test/results/flow-info/default/viber.pcap.out b/test/results/flow-info/default/viber.pcap.out index f12f9777c..ae8297d34 100644 --- a/test/results/flow-info/default/viber.pcap.out +++ b/test/results/flow-info/default/viber.pcap.out @@ -37,7 +37,7 @@ detected: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] [TLS.Viber][AmazonAWS][Chat][Fun][dl-media.viber.com] detection-update: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] [TLS.Viber][AmazonAWS][Chat][Fun][dl-media.viber.com] detection-update: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] [TLS.Viber][AmazonAWS][Chat][Fun][dl-media.viber.com] - analyse: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] + analyse: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] [TLS.Viber][AmazonAWS][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.048| 0.009| 0.015| 217.133| 3.300] [PKTLEN......: 52.000| 1500.000| 714.100| 673.400| 453425.200| 4.300] @@ -130,35 +130,30 @@ DAEMON-EVENT: [Flows][active: 26 / 26|skipped: 0|!detected: 0|guessed: 0|detection-updates: 20|updates: 4] new: [....27] [ip4][..tcp] [..192.168.2.100][48690] -> [...52.0.252.145][.4244] detected: [....27] [ip4][..tcp] [..192.168.2.100][48690] -> [...52.0.252.145][.4244] [Viber][Viber][VoIP][Fun] - end: [.....5] [ip4][..tcp] [...192.168.0.17][36986] -> [..54.69.166.226][..443] + end: [.....5] [ip4][..tcp] [...192.168.0.17][36986] -> [..54.69.166.226][..443] [TLS][AmazonAWS][Web][Safe] end: [.....6] [ip4][..tcp] [...192.168.0.17][36988] -> [..54.69.166.226][..443] [TLS][AmazonAWS][Web][Safe] guessed: [....11] [ip4][..udp] [...192.168.0.17][41993] -> [.172.217.23.106][..443] [QUIC][Google][Web][Acceptable] idle: [....11] [ip4][..udp] [...192.168.0.17][41993] -> [.172.217.23.106][..443] idle: [....19] [ip4][..udp] [...192.168.0.17][47171] -> [....18.201.4.32][.7985] [Viber][AmazonAWS][VoIP][Fun] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [...192.168.0.17][47171] -> [....18.201.4.32][.7987] [Viber][AmazonAWS][VoIP][Fun] - RISK: Unidirectional Traffic - idle: [.....8] [ip4][..tcp] [...192.168.0.17][57520] -> [...54.230.93.96][..443] + idle: [.....8] [ip4][..tcp] [...192.168.0.17][57520] -> [...54.230.93.96][..443] [TLS.Viber][AmazonAWS][Chat][Fun] idle: [....26] [ip4][.icmp] [...192.168.0.17] -> [...192.168.0.15] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....17] [ip4][..tcp] [...192.168.0.17][55746] -> [..151.101.1.130][..443] [TLS][Unknown][Web][Safe] guessed: [.....1] [ip4][..tcp] [...192.168.0.17][33208] -> [...52.0.253.101][.4244] [Viber][Viber][VoIP][Fun] idle: [.....1] [ip4][..tcp] [...192.168.0.17][33208] -> [...52.0.253.101][.4244] idle: [....10] [ip4][..tcp] [...192.168.0.17][53934] -> [...54.230.93.53][..443] [TLS.Viber][AmazonAWS][Chat][Fun] idle: [....15] [ip6][icmp6] [..............fe80::3207:4dff:fea3:5fa7] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] - idle: [....14] [ip4][..udp] [...192.168.0.17][.5353] -> [....224.0.0.251][.5353] + idle: [....14] [ip4][..udp] [...192.168.0.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....3] [ip4][..udp] [...192.168.0.17][35283] -> [...192.168.0.15][...53] [DNS.ADS_Analytic_Track][Unknown][Network][Tracker/Ads] idle: [....12] [ip4][..udp] [...192.168.0.17][35331] -> [...192.168.0.15][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [.....7] [ip4][..udp] [...192.168.0.17][37418] -> [...192.168.0.15][...53] [DNS.Viber][Unknown][Network][Fun] idle: [.....2] [ip4][..udp] [...192.168.0.17][45743] -> [...192.168.0.15][...53] [DNS.Facebook][Unknown][Network][Fun] guessed: [....18] [ip4][..tcp] [...192.168.0.17][45424] -> [....18.201.4.32][..443] [TLS][AmazonAWS][Web][Safe] end: [....18] [ip4][..tcp] [...192.168.0.17][45424] -> [....18.201.4.32][..443] - end: [....21] [ip4][..tcp] [...192.168.0.17][49048] -> [..54.187.91.182][..443] + end: [....21] [ip4][..tcp] [...192.168.0.17][49048] -> [..54.187.91.182][..443] [TLS][AmazonAWS][Web][Safe] idle: [....25] [ip4][..udp] [...192.168.0.17][50097] -> [...192.168.0.15][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....23] [ip4][..udp] [...192.168.0.17][38190] -> [.....18.201.4.3][.7985] [Viber][AmazonAWS][VoIP][Fun] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [...192.168.0.17][38190] -> [.....18.201.4.3][.7987] [Viber][AmazonAWS][VoIP][Fun] - RISK: Unidirectional Traffic idle: [....13] [ip4][..tcp] [...192.168.0.17][43702] -> [..172.217.23.78][..443] [TLS.Google][Google][Web][Acceptable] idle: [....16] [ip4][..udp] [...192.168.0.17][44376] -> [...192.168.0.15][...53] [DNS][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [...192.168.0.17][62872] -> [...192.168.0.15][...53] [DNS][Unknown][Network][Acceptable] @@ -175,7 +170,6 @@ detected: [....29] [ip4][..tcp] [..192.168.2.100][42900] -> [..44.192.202.74][.4244] [Viber][AmazonAWS][VoIP][Fun] RISK: Unidirectional Traffic idle: [....29] [ip4][..tcp] [..192.168.2.100][42900] -> [..44.192.202.74][.4244] [Viber][AmazonAWS][VoIP][Fun] - RISK: Unidirectional Traffic end: [....28] [ip4][..tcp] [..192.168.2.100][41184] -> [.....52.0.252.2][.5242] [Viber][Viber][VoIP][Fun] idle: [....27] [ip4][..tcp] [..192.168.2.100][48690] -> [...52.0.252.145][.4244] [Viber][Viber][VoIP][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/vk.pcapng.out b/test/results/flow-info/default/vk.pcapng.out index 51a8ee6ea..d4065b1cf 100644 --- a/test/results/flow-info/default/vk.pcapng.out +++ b/test/results/flow-info/default/vk.pcapng.out @@ -10,7 +10,7 @@ new: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [MIDSTREAM] detected: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic - analyse: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] + analyse: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.010| 0.043| 0.181| 32751.438| 1.300] [PKTLEN......: 52.000| 758.000| 125.300| 191.100| 36507.600| 4.000] @@ -31,7 +31,7 @@ new: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [MIDSTREAM] detected: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic - analyse: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] + analyse: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.007| 0.151| 0.451| 203470.717| 2.100] [PKTLEN......: 52.000| 1017.000| 241.000| 249.500| 62251.300| 4.300] @@ -57,14 +57,22 @@ RISK: Unidirectional Traffic idle: [.....2] [ip4][..tcp] [..192.168.1.249][40344] -> [.87.240.129.140][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic - idle: [.....4] [ip4][..tcp] [..192.168.1.249][59154] -> [.87.240.185.137][..443] - idle: [.....5] [ip4][..tcp] [..192.168.1.249][32990] -> [..87.240.169.10][..443] - idle: [.....8] [ip4][..tcp] [..192.168.1.249][59722] -> [..87.240.169.11][..443] - idle: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] - idle: [.....7] [ip4][..tcp] [..192.168.1.249][47934] -> [...87.240.169.3][..443] - idle: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] + idle: [.....4] [ip4][..tcp] [..192.168.1.249][59154] -> [.87.240.185.137][..443] [TLS.VK][VK][SocialNetwork][Fun] + RISK: Unidirectional Traffic + idle: [.....5] [ip4][..tcp] [..192.168.1.249][32990] -> [..87.240.169.10][..443] [TLS.VK][VK][SocialNetwork][Fun] + RISK: Unidirectional Traffic + idle: [.....8] [ip4][..tcp] [..192.168.1.249][59722] -> [..87.240.169.11][..443] [TLS.VK][VK][SocialNetwork][Fun] + RISK: Unidirectional Traffic + idle: [....10] [ip4][..tcp] [..192.168.1.249][43644] -> [..87.240.132.67][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....7] [ip4][..tcp] [..192.168.1.249][47934] -> [...87.240.169.3][..443] [TLS.VK][VK][SocialNetwork][Fun] + RISK: Unidirectional Traffic + idle: [.....9] [ip4][..tcp] [..192.168.1.249][43938] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [..192.168.1.249][60436] -> [..87.240.132.78][..443] [TLS][VK][Web][Safe] RISK: Unidirectional Traffic - idle: [.....1] [ip4][..tcp] [..192.168.1.249][33904] -> [.87.240.129.131][..443] - idle: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.249][33904] -> [.87.240.129.131][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....6] [ip4][..tcp] [..192.168.1.249][56504] -> [.87.240.129.135][..443] [TLS][VK][Web][Safe] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/vxlan.pcap.out b/test/results/flow-info/default/vxlan.pcap.out index a4b324ded..392c2f67b 100644 --- a/test/results/flow-info/default/vxlan.pcap.out +++ b/test/results/flow-info/default/vxlan.pcap.out @@ -49,21 +49,12 @@ [PKTLENS.....: 110,102,420,102,102,102,166,267,102,102,285,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102,102] [ENTROPIES...: 5.3,5.6,6.2,5.6,5.6,5.6,6.3,6.9,5.6,5.6,7.0,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.5,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.6,5.7] idle: [.....5] [ip4][..udp] [...192.168.22.4][60351] -> [...192.168.22.5][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [...192.168.22.5][50251] -> [...192.168.22.4][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [...192.168.22.5][36286] -> [...192.168.22.4][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [...192.168.22.4][60887] -> [...192.168.22.5][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [...192.168.22.4][40646] -> [...192.168.22.5][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...192.168.22.4][49762] -> [...192.168.22.5][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [...192.168.22.4][60230] -> [...192.168.22.5][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...192.168.22.5][60230] -> [...192.168.22.4][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...192.168.22.5][43866] -> [...192.168.22.4][.4789] [VXLAN][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wa_video.pcap.out b/test/results/flow-info/default/wa_video.pcap.out index aecbfafd7..762b96ec6 100644 --- a/test/results/flow-info/default/wa_video.pcap.out +++ b/test/results/flow-info/default/wa_video.pcap.out @@ -68,23 +68,18 @@ idle: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....9] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [...192.168.2.12][51458] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....1] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [...192.168.2.12][65025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port guessed: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] idle: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] idle: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wa_voice.pcap.out b/test/results/flow-info/default/wa_voice.pcap.out index 387b65009..2b44150de 100644 --- a/test/results/flow-info/default/wa_voice.pcap.out +++ b/test/results/flow-info/default/wa_voice.pcap.out @@ -133,42 +133,34 @@ detected: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] [ICMP][Unknown][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....3] [ip4][..tcp] [...192.168.2.12][49354] -> [...17.242.60.84][.5223] [ApplePush][Apple][Cloud][Acceptable] - RISK: Unidirectional Traffic not-detected: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [Unknown][Unknown][Unrated] idle: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] end: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] [TLS.WhatsApp][WhatsApp][Chat][Acceptable] idle: [....22] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....27] [ip4][..udp] [...192.168.2.12][57546] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS.WhatsAppFiles][Unknown][Network][Acceptable] - idle: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] + idle: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....8] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] [DNS.Google][Unknown][Network][Acceptable] end: [.....9] [ip4][..tcp] [...17.171.47.85][..443] -> [...192.168.2.12][50502] [TLS][Apple][Web][Safe] - RISK: Unidirectional Traffic idle: [....10] [ip4][..udp] [169.254.162.244][50384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic - idle: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] + idle: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....4] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....26] [ip4][..udp] [...192.168.2.12][50191] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] [TLS.WhatsAppFiles][WhatsApp][Download][Acceptable] idle: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....11] [ip4][..udp] [....192.168.2.1][50384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic idle: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] [DNS.WhatsApp][Unknown][Network][Acceptable] idle: [.....5] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][WhatsApp][Chat][Acceptable] idle: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] [DNS.WhatsApp][Unknown][Network][Acceptable] idle: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/waze.pcap.out b/test/results/flow-info/default/waze.pcap.out index efcbd7325..56961dba0 100644 --- a/test/results/flow-info/default/waze.pcap.out +++ b/test/results/flow-info/default/waze.pcap.out @@ -68,7 +68,7 @@ [IATS(ms)....: 3.7,3.9,21.8,22.4,3678.0,3680.6,286.1,284.3,338.9,393.5,330.3,329.4,54.6,2.0,179.3,179.5,2.6,51.2,50.7,3.1,28.5,76.3,51.1,51.3,122.7,73.5,10.2,59.1,52.6,58.3,56.5] [PKTLENS.....: 60,40,40,303,40,1408,40,2776,40,5512,40,8248,40,2673,40,1408,40,1408,40,9616,40,2776,40,5512,40,5512,40,2776,40,11819,40,40] [ENTROPIES...: 4.4,4.7,4.7,5.5,4.6,7.0,4.6,6.9,4.6,5.6,4.7,6.8,4.7,7.0,4.6,3.0,4.6,7.0,4.7,6.2,4.7,6.6,4.7,1.7,4.7,1.7,4.7,1.4,4.6,1.7,4.7,4.7] - analyse: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] + analyse: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.659| 0.289| 0.505| 255075.107| 3.300] [PKTLEN......: 40.000| 5501.000| 553.800| 1270.800| 1615041.000| 3.000] @@ -133,7 +133,7 @@ [IATS(ms)....: 1.3,1.6,226.9,227.5,336.5,387.2,51.3,1.2,297.2,297.8,252.5,309.4,358.7,415.9,0.8,0.5,0.5,0.6,254.3,305.5,51.8,52.5,211.3,161.3,248.0,249.1,81.3,79.5,208.7,209.7,0.6] [PKTLENS.....: 60,40,40,222,40,1408,40,2163,40,174,40,274,40,189,40,576,40,63,40,1408,40,12352,40,5512,40,21928,40,11345,40,40,40,40] [ENTROPIES...: 4.4,4.8,4.7,5.3,4.7,7.2,4.7,7.6,4.7,6.5,4.8,7.1,4.7,6.9,4.8,7.6,4.7,5.6,4.7,7.9,4.7,8.0,4.7,8.0,4.6,8.0,4.7,8.0,4.7,4.7,4.7,4.7] - analyse: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] + analyse: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.449| 0.192| 0.280| 78147.936| 3.800] [PKTLEN......: 40.000|11172.000| 1380.300| 2994.000| 8963944.000| 2.900] @@ -185,22 +185,30 @@ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher - end: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] - end: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] + end: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older) - end: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] - end: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] + end: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) + end: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) guessed: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] [TLS][Unknown][Web][Safe] end: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] - end: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] + end: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) idle: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] RISK: Obsolete TLS (v1.1 or older) - end: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] - end: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] - end: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] + end: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) + end: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) + end: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older) guessed: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] end: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] guessed: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] [HTTP][Unknown][Web][Acceptable][] @@ -214,7 +222,6 @@ guessed: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] [TLS][Unknown][Web][Safe] end: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] idle: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] [NTP][Unknown][System][Acceptable] - RISK: Unidirectional Traffic guessed: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][] end: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] not-detected: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [Unknown][Unknown][Unrated] diff --git a/test/results/flow-info/default/webex.pcap.out b/test/results/flow-info/default/webex.pcap.out index ab1a64361..53ba95bea 100644 --- a/test/results/flow-info/default/webex.pcap.out +++ b/test/results/flow-info/default/webex.pcap.out @@ -6,7 +6,7 @@ RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable][radcom.webex.com] RISK: TLS (probably) Not Carrying HTTPS - analyse: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] + analyse: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.557| 0.113| 0.156| 24421.341| 3.700] [PKTLEN......: 40.000| 2760.000| 387.900| 588.900| 346810.600| 3.800] @@ -227,7 +227,6 @@ detection-update: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] [TLS.Webex][Webex][VoIP][Acceptable][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher update: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] detected: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] [TLS][Webex][Web][Safe][] RISK: Obsolete TLS (v1.1 or older) @@ -243,6 +242,10 @@ new: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] detected: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable][cp.pushwoosh.com] detected: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable][cp.pushwoosh.com] + detection-update: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable][cp.pushwoosh.com] + RISK: HTTP Obsolete Server + detection-update: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable][cp.pushwoosh.com] + RISK: HTTP Obsolete Server detection-update: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS][AmazonAWS][Web][Safe][api.crittercism.com] RISK: Obsolete TLS (v1.1 or older) detection-update: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS][AmazonAWS][Web][Safe][api.crittercism.com] @@ -301,61 +304,85 @@ detection-update: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] [TLS.Webex][Webex][VoIP][Acceptable][] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher update: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic end: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Obsolete Server end: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] [HTTP][Unknown][Web][Acceptable] RISK: HTTP Obsolete Server idle: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][Unknown][VoIP][Acceptable] - RISK: Unidirectional Traffic - end: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] - end: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] - end: [....28] [ip4][..tcp] [.......10.8.0.1][51676] -> [..114.29.204.49][..443] - end: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] - end: [....40] [ip4][..tcp] [.......10.8.0.1][51833] -> [.62.109.229.158][..443] - end: [....43] [ip4][..tcp] [.......10.8.0.1][51839] -> [.62.109.229.158][..443] + end: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....28] [ip4][..tcp] [.......10.8.0.1][51676] -> [..114.29.204.49][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....40] [ip4][..tcp] [.......10.8.0.1][51833] -> [.62.109.229.158][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....43] [ip4][..tcp] [.......10.8.0.1][51839] -> [.62.109.229.158][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) end: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher guessed: [....54] [ip4][..tcp] [.......10.8.0.1][51859] -> [.62.109.229.158][..443] [TLS][Webex][Web][Safe] RISK: TCP Connection Issues end: [....54] [ip4][..tcp] [.......10.8.0.1][51859] -> [.62.109.229.158][..443] - end: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] - end: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] - end: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] - end: [....10] [ip4][..tcp] [.......10.8.0.1][41726] -> [.114.29.213.212][..443] - end: [....27] [ip4][..tcp] [.......10.8.0.1][41757] -> [.114.29.213.212][..443] + end: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....10] [ip4][..tcp] [.......10.8.0.1][41726] -> [.114.29.213.212][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....27] [ip4][..tcp] [.......10.8.0.1][41757] -> [.114.29.213.212][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) guessed: [....53] [ip4][..udp] [.......10.8.0.1][51772] -> [.62.109.229.158][.9000] [Webex][Webex][VoIP][Acceptable] idle: [....53] [ip4][..udp] [.......10.8.0.1][51772] -> [.62.109.229.158][.9000] guessed: [.....6] [ip4][..tcp] [..10.133.206.47][59447] -> [..107.20.242.44][..443] [TLS][AmazonAWS][Web][Safe] end: [.....6] [ip4][..tcp] [..10.133.206.47][59447] -> [..107.20.242.44][..443] - end: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] + end: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....33] [ip4][..tcp] [..10.133.206.47][33459] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] - RISK: Unidirectional Traffic - end: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] + end: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher guessed: [.....5] [ip4][..tcp] [..10.133.206.47][54651] -> [..185.63.147.10][..443] [TLS][Unknown][Web][Safe] end: [.....5] [ip4][..tcp] [..10.133.206.47][54651] -> [..185.63.147.10][..443] - end: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] - idle: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] - end: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] - end: [....31] [ip4][..tcp] [.......10.8.0.1][51134] -> [.62.109.224.120][..443] - end: [....32] [ip4][..tcp] [.......10.8.0.1][51135] -> [.62.109.224.120][..443] + end: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] [TLS.Webex][Unknown][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + idle: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] [TLS.Google][Google][Advertisement][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + end: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....31] [ip4][..tcp] [.......10.8.0.1][51134] -> [.62.109.224.120][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....32] [ip4][..tcp] [.......10.8.0.1][51135] -> [.62.109.224.120][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) end: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher idle: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher - end: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] - end: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] - end: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] - idle: [....55] [ip4][..tcp] [.......10.8.0.1][51190] -> [.62.109.224.120][..443] - end: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] - end: [....34] [ip4][..tcp] [.......10.8.0.1][33511] -> [...80.74.110.68][..443] + end: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + idle: [....55] [ip4][..tcp] [.......10.8.0.1][51190] -> [.62.109.224.120][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....34] [ip4][..tcp] [.......10.8.0.1][33511] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) idle: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....35] [ip4][..tcp] [.......10.8.0.1][33512] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) - idle: [....57] [ip4][..tcp] [.......10.8.0.1][51195] -> [.62.109.224.120][..443] - end: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] - end: [....29] [ip4][..tcp] [.......10.8.0.1][37139] -> [...64.68.105.98][..443] + idle: [....57] [ip4][..tcp] [.......10.8.0.1][51195] -> [.62.109.224.120][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....29] [ip4][..tcp] [.......10.8.0.1][37139] -> [...64.68.105.98][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) end: [....47] [ip4][..tcp] [.......10.8.0.1][33551] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [....48] [ip4][..tcp] [.......10.8.0.1][33553] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] @@ -364,10 +391,14 @@ RISK: Obsolete TLS (v1.1 or older) idle: [....51] [ip4][..tcp] [.......10.8.0.1][33559] -> [...80.74.110.68][..443] [TLS][Unknown][Web][Safe] RISK: Obsolete TLS (v1.1 or older) - end: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] - end: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] - end: [....26] [ip4][..tcp] [.......10.8.0.1][47135] -> [.114.29.202.139][..443] - end: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] + end: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....26] [ip4][..tcp] [.......10.8.0.1][47135] -> [.114.29.202.139][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS][AmazonAWS][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) idle: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] @@ -380,7 +411,10 @@ RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher - end: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] - end: [....30] [ip4][..tcp] [.......10.8.0.1][41394] -> [..64.68.105.103][..443] - end: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] + end: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher + end: [....30] [ip4][..tcp] [.......10.8.0.1][41394] -> [..64.68.105.103][..443] [TLS][Webex][Web][Safe] + RISK: Obsolete TLS (v1.1 or older) + end: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] [TLS.Webex][Webex][VoIP][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/websocket.pcap.out b/test/results/flow-info/default/websocket.pcap.out index 43ff7be85..3b9e5d1fc 100644 --- a/test/results/flow-info/default/websocket.pcap.out +++ b/test/results/flow-info/default/websocket.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..tcp] [.192.168.43.135][12345] -> [...192.168.43.1][50999] [WebSocket][Unknown][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..tcp] [.192.168.43.135][12345] -> [...192.168.43.1][50999] [WebSocket][Unknown][Web][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/wechat.pcap.out b/test/results/flow-info/default/wechat.pcap.out index 155e5e666..0ad41e287 100644 --- a/test/results/flow-info/default/wechat.pcap.out +++ b/test/results/flow-info/default/wechat.pcap.out @@ -34,6 +34,7 @@ new: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [MIDSTREAM] detected: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] new: [....14] [ip4][..tcp] [..192.168.1.103][40741] -> [203.205.151.211][..443] [MIDSTREAM] new: [....15] [ip4][..tcp] [..192.168.1.103][54085] -> [203.205.151.162][..443] [MIDSTREAM] new: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] @@ -114,10 +115,8 @@ update: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] - RISK: Unidirectional Traffic new: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] new: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] detected: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] @@ -168,10 +167,8 @@ update: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] - RISK: Unidirectional Traffic new: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] new: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] detected: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] @@ -205,7 +202,7 @@ detected: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] - analyse: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] + analyse: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.647| 0.130| 0.182| 33080.510| 3.500] [PKTLEN......: 52.000| 3120.000| 817.600| 861.600| 742326.200| 4.200] @@ -241,31 +238,29 @@ detection-update: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443] [MIDSTREAM] end: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] - end: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] + end: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] + end: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] guessed: [....20] [ip4][..tcp] [..192.168.1.103][54093] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....20] [ip4][..tcp] [..192.168.1.103][54093] -> [203.205.151.162][..443] end: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] + end: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] + end: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] + end: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] + end: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] idle: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] - end: [.....7] [ip4][..tcp] [..192.168.1.103][53220] -> [..172.217.23.78][..443] + end: [.....7] [ip4][..tcp] [..192.168.1.103][53220] -> [..172.217.23.78][..443] [TLS][Google][Web][Safe] idle: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] - RISK: Unidirectional Traffic - end: [.....6] [ip4][..tcp] [..192.168.1.103][47627] -> [..216.58.205.78][..443] + end: [.....6] [ip4][..tcp] [..192.168.1.103][47627] -> [..216.58.205.78][..443] [TLS][Google][Web][Safe] end: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [TLS][Unknown][Web][Safe] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] @@ -321,7 +316,6 @@ update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic analyse: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.807| 0.648| 1.839| 3381034.746| 2.500] @@ -381,7 +375,6 @@ update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic new: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] detected: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][web.wechat.com] RISK: Unidirectional Traffic @@ -391,7 +384,7 @@ detected: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] - end: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] + end: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] guessed: [....40] [ip4][..tcp] [..192.168.1.103][54112] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....40] [ip4][..tcp] [..192.168.1.103][54112] -> [203.205.151.162][..443] new: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] @@ -441,19 +434,18 @@ update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic guessed: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443] [TLS][Unknown][Web][Safe] end: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443] guessed: [....43] [ip4][..tcp] [..192.168.1.103][54114] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....43] [ip4][..tcp] [..192.168.1.103][54114] -> [203.205.151.162][..443] update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] - end: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] + end: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Unknown][Chat][Fun] + RISK: Weak TLS Cipher end: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] + end: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] idle: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] idle: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] - RISK: Unidirectional Traffic update: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] @@ -480,7 +472,7 @@ detected: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] - analyse: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] + analyse: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.577| 0.182| 0.352| 123851.137| 3.200] [PKTLEN......: 52.000| 1480.000| 545.600| 599.000| 358844.300| 4.100] @@ -495,7 +487,7 @@ detection-update: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] end: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] - end: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] + end: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] update: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] update: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] @@ -526,7 +518,7 @@ update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] update: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 1552 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 30 / 75|skipped: 0|!detected: 0|guessed: 11|detection-updates: 63|updates: 72] + DAEMON-EVENT: [Flows][active: 30 / 75|skipped: 0|!detected: 0|guessed: 11|detection-updates: 64|updates: 72] new: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [MIDSTREAM] detected: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic @@ -547,8 +539,8 @@ guessed: [....58] [ip4][..tcp] [..192.168.1.103][58039] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] end: [....58] [ip4][..tcp] [..192.168.1.103][58039] -> [203.205.147.171][..443] end: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] - end: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] - end: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] + end: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] + end: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] idle: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] @@ -596,11 +588,14 @@ new: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] detected: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] update: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] + update: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + update: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + update: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + update: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] RISK: Unidirectional Traffic - update: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] - update: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] - update: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] - update: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] detected: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic new: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] @@ -642,12 +637,14 @@ new: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] detected: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] RISK: Unidirectional Traffic - idle: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] - idle: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] - end: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] + idle: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] + end: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [TLS][Google][Web][Safe] + RISK: Unidirectional Traffic idle: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] + idle: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] RISK: Unidirectional Traffic - idle: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] idle: [....96] [ip4][....2] [..192.168.1.108] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....95] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....94] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] @@ -655,31 +652,44 @@ guessed: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] - idle: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] + idle: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic idle: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol - idle: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] - idle: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] - idle: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] + idle: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + idle: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic guessed: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] idle: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] guessed: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [Google][Google][Web][Acceptable] idle: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] idle: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable] idle: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] - idle: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] + idle: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] guessed: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] RISK: Unidirectional Traffic end: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] - idle: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] - idle: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] - idle: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] - idle: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] - idle: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] - idle: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] - idle: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] - idle: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] - idle: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] + idle: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] + RISK: Unidirectional Traffic + idle: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + idle: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + idle: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic + idle: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] + RISK: Unidirectional Traffic + idle: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable] + RISK: Unidirectional Traffic guessed: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] diff --git a/test/results/flow-info/default/weibo.pcap.out b/test/results/flow-info/default/weibo.pcap.out index ef01a067a..98fd6219e 100644 --- a/test/results/flow-info/default/weibo.pcap.out +++ b/test/results/flow-info/default/weibo.pcap.out @@ -151,7 +151,7 @@ [IATS(ms)....: 50.2,50.2,0.1,181.5,70.9,252.2,2.7,2.7,2.6,2.5,4.2,4.3,31.8,31.8,8.1,8.1,11.4,11.4,8.7,8.7,2.6,2.6,7.1,7.1,13.6,13.6,66.3,66.3,92.4,92.4,2.8] [PKTLENS.....: 60,60,52,525,52,493,52,1488,52,1488,52,1488,52,1488,52,1488,52,1488,52,1488,52,1488,52,1488,52,1488,52,493,64,1488,52,1488] [ENTROPIES...: 4.7,5.2,5.0,5.9,5.1,5.8,5.0,7.3,5.0,7.9,5.1,7.9,5.0,7.9,5.0,7.8,5.0,7.9,5.0,7.9,5.1,7.9,4.9,7.9,4.9,7.9,5.0,5.8,5.1,7.9,5.1,7.9] - idle: [....30] [ip4][..tcp] [..192.168.1.105][42275] -> [...222.73.28.96][...80] + idle: [....30] [ip4][..tcp] [..192.168.1.105][42275] -> [...222.73.28.96][...80] [HTTP.Sina][Unknown][SocialNetwork][Fun] guessed: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic idle: [....37] [ip4][..tcp] [..192.168.1.105][42280] -> [...222.73.28.96][...80] @@ -167,14 +167,14 @@ guessed: [....27] [ip4][..tcp] [..192.168.1.105][35808] -> [.93.188.134.246][...80] [HTTP][Unknown][Web][Acceptable][] idle: [....27] [ip4][..tcp] [..192.168.1.105][35808] -> [.93.188.134.246][...80] idle: [....28] [ip4][..tcp] [..192.168.1.105][35809] -> [.93.188.134.246][...80] [HTTP.Sina][Unknown][SocialNetwork][Fun] - idle: [....32] [ip4][..tcp] [..192.168.1.105][35811] -> [.93.188.134.246][...80] + idle: [....32] [ip4][..tcp] [..192.168.1.105][35811] -> [.93.188.134.246][...80] [HTTP.Sina][Unknown][SocialNetwork][Fun] guessed: [....13] [ip4][..tcp] [..192.168.1.105][40440] -> [.54.225.163.210][..443] [TLS][AmazonAWS][Web][Safe] idle: [....13] [ip4][..tcp] [..192.168.1.105][40440] -> [.54.225.163.210][..443] guessed: [.....2] [ip4][..tcp] [..192.168.1.105][58480] -> [..216.58.214.78][..443] [TLS][Google][Web][Safe] idle: [.....2] [ip4][..tcp] [..192.168.1.105][58480] -> [..216.58.214.78][..443] guessed: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] [TLS][Google][Web][Safe] idle: [.....3] [ip4][..tcp] [..192.168.1.105][58481] -> [..216.58.214.78][..443] - idle: [....34] [ip4][..tcp] [..192.168.1.105][50827] -> [...47.89.65.229][..443] + idle: [....34] [ip4][..tcp] [..192.168.1.105][50827] -> [...47.89.65.229][..443] [TLS.Alibaba][Unknown][Web][Acceptable] guessed: [....38] [ip4][..tcp] [..192.168.1.105][50831] -> [...47.89.65.229][..443] [TLS][Unknown][Web][Safe] idle: [....38] [ip4][..tcp] [..192.168.1.105][50831] -> [...47.89.65.229][..443] guessed: [....42] [ip4][..tcp] [..192.168.1.105][47721] -> [.140.205.170.63][..443] [TLS][Alibaba][Web][Safe] @@ -197,7 +197,8 @@ idle: [....15] [ip4][..udp] [..192.168.1.105][53543] -> [....192.168.1.1][...53] [DNS.Sina][Unknown][Network][Fun] RISK: Minor Issues idle: [....19] [ip4][..udp] [..192.168.1.105][41352] -> [....192.168.1.1][...53] [DNS.Sina][Unknown][Network][Fun] - idle: [....31] [ip4][..udp] [..192.168.1.105][16804] -> [....192.168.1.1][...53] + idle: [....31] [ip4][..udp] [..192.168.1.105][16804] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun] + RISK: Unidirectional Traffic guessed: [....14] [ip4][..tcp] [..192.168.1.105][34699] -> [..216.58.212.65][..443] [TLS][Google][Web][Safe] idle: [....14] [ip4][..tcp] [..192.168.1.105][34699] -> [..216.58.212.65][..443] guessed: [....35] [ip4][..tcp] [..192.168.1.105][48352] -> [..140.205.174.1][..443] [TLS][Alibaba][Web][Safe] @@ -222,9 +223,11 @@ idle: [.....9] [ip4][..tcp] [..192.168.1.105][35154] -> [.216.58.210.206][..443] guessed: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] [QUIC][Google][Web][Acceptable] idle: [.....4] [ip4][..udp] [..192.168.1.105][53656] -> [.216.58.210.227][..443] - idle: [....33] [ip4][..udp] [..192.168.1.105][50533] -> [....192.168.1.1][...53] + idle: [....33] [ip4][..udp] [..192.168.1.105][50533] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun] + RISK: Unidirectional Traffic idle: [....11] [ip4][..tcp] [..192.168.1.105][51698] -> [.93.188.134.137][...80] [HTTP.SinaWeibo][Unknown][SocialNetwork][Fun] idle: [....21] [ip4][..udp] [..192.168.1.105][50640] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Susp DGA Domain name, Risky Domain Name - idle: [....29] [ip4][..udp] [..192.168.1.105][11798] -> [....192.168.1.1][...53] + idle: [....29] [ip4][..udp] [..192.168.1.105][11798] -> [....192.168.1.1][...53] [DNS.SinaWeibo][Unknown][Network][Fun] + RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/whatsapp_login_call.pcap.out b/test/results/flow-info/default/whatsapp_login_call.pcap.out index 2da82cff4..a28f976b5 100644 --- a/test/results/flow-info/default/whatsapp_login_call.pcap.out +++ b/test/results/flow-info/default/whatsapp_login_call.pcap.out @@ -4,6 +4,7 @@ new: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [MIDSTREAM] detected: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] RISK: Unidirectional Traffic + detection-update: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] new: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [MIDSTREAM] new: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [MIDSTREAM] new: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [MIDSTREAM] @@ -33,7 +34,7 @@ detected: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable] RISK: Unidirectional Traffic detected: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable] - analyse: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] + analyse: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.712| 0.120| 0.179| 32210.293| 3.400] [PKTLEN......: 40.000| 1480.000| 432.900| 595.100| 354099.200| 3.800] @@ -144,21 +145,13 @@ detection-update: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] detection-update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local] update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] detected: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][] RISK: Unidirectional Traffic @@ -202,11 +195,10 @@ [PKTLENS.....: 72,72,72,72,72,134,124,306,167,54,232,134,228,212,103,134,151,54,172,156,161,172,156,134,114,140,205,140,209,54,134,171] [ENTROPIES...: 5.6,5.6,5.6,5.5,5.6,6.3,6.4,7.3,6.7,5.2,7.0,6.6,7.1,7.0,6.2,6.5,6.6,5.2,6.7,6.6,6.7,6.7,6.7,6.4,6.3,6.5,6.9,6.5,6.9,5.2,6.6,6.7] update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port new: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [MIDSTREAM] update: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] @@ -214,21 +206,13 @@ update: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS.WhatsApp][Unknown][Network][Acceptable] update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] new: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] @@ -273,97 +257,70 @@ guessed: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] end: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe] guessed: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] [TLS][Unknown][Web][Safe] end: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] idle: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] guessed: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [TLS][Apple][Web][Safe] end: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] guessed: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [TLS][Apple][Web][Safe] end: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] idle: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic guessed: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe] end: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] guessed: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe] end: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] idle: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] end: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable] idle: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable] - RISK: Unidirectional Traffic idle: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port idle: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe] end: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS.WhatsApp][Unknown][Network][Acceptable] idle: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [TLS][Apple][Web][Safe] end: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] guessed: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [TLS][Apple][Web][Safe] @@ -372,7 +329,7 @@ end: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] idle: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic + RISK: Known Proto on Non Std Port end: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe] RISK: TLS (probably) Not Carrying HTTPS idle: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe] diff --git a/test/results/flow-info/default/whatsapp_login_chat.pcap.out b/test/results/flow-info/default/whatsapp_login_chat.pcap.out index 35e4a9d9e..9dbc9cc62 100644 --- a/test/results/flow-info/default/whatsapp_login_chat.pcap.out +++ b/test/results/flow-info/default/whatsapp_login_chat.pcap.out @@ -12,6 +12,7 @@ new: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [MIDSTREAM] detected: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] RISK: Unidirectional Traffic + detection-update: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] analyse: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 3.031| 0.229| 0.711| 505750.847| 2.000] @@ -34,13 +35,13 @@ detected: [.....9] [ip4][..tcp] [..17.110.229.14][.5223] -> [....192.168.2.4][49193] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic idle: [.....6] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] - idle: [.....8] [ip6][..udp] [...............fe80::189c:c31b:1298:224][.5353] -> [...............................ff02::fb][.5353] + idle: [.....8] [ip6][..udp] [...............fe80::189c:c31b:1298:224][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....5] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....2] [ip4][..udp] [....192.168.2.4][61697] -> [....192.168.2.1][...53] [DNS.WhatsApp][Unknown][Network][Acceptable] end: [.....3] [ip4][..tcp] [....192.168.2.4][49206] -> [...158.85.58.15][.5222] [WhatsApp][Unknown][Chat][Acceptable] end: [.....9] [ip4][..tcp] [..17.110.229.14][.5223] -> [....192.168.2.4][49193] [TLS][Apple][Web][Safe] RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [.....7] [ip4][..udp] [....192.168.2.4][.5353] -> [....224.0.0.251][.5353] + idle: [.....7] [ip4][..udp] [....192.168.2.4][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....1] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun] idle: [.....4] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/whatsapp_voice_and_message.pcap.out b/test/results/flow-info/default/whatsapp_voice_and_message.pcap.out index f5ae45020..8485778e1 100644 --- a/test/results/flow-info/default/whatsapp_voice_and_message.pcap.out +++ b/test/results/flow-info/default/whatsapp_voice_and_message.pcap.out @@ -52,21 +52,13 @@ [PKTLENS.....: 60,40,40,214,40,118,40,545,70,40,40,63,40,40,65,40,62,121,40,285,40,62,64,40,94,40,58,91,40,209,40,40] [ENTROPIES...: 4.5,4.7,4.8,6.6,4.6,6.1,4.7,7.6,5.6,4.6,4.6,5.4,4.6,4.8,5.5,4.6,5.3,6.3,4.6,7.2,4.5,5.4,5.5,4.6,5.9,4.7,5.4,5.9,4.6,7.0,4.8,4.7] update: [.....5] [ip4][..udp] [.......10.8.0.1][53620] -> [..173.252.121.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.......10.8.0.1][53620] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [.......10.8.0.1][53620] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [....12] [ip4][..tcp] [.......10.8.0.1][49721] -> [..158.85.58.109][.5222] detected: [....12] [ip4][..tcp] [.......10.8.0.1][49721] -> [..158.85.58.109][.5222] [WhatsApp][Unknown][Chat][Acceptable] analyse: [....12] [ip4][..tcp] [.......10.8.0.1][49721] -> [..158.85.58.109][.5222] [WhatsApp][Unknown][Chat][Acceptable] @@ -80,21 +72,13 @@ [PKTLENS.....: 60,40,40,214,40,118,40,294,70,40,63,40,65,40,62,121,40,62,285,40,40,40,209,98,40,99,40,165,40,62,40,76] [ENTROPIES...: 4.5,4.7,4.7,6.8,4.7,6.1,4.7,7.2,5.5,4.7,5.6,4.7,5.5,4.7,5.5,6.4,4.7,5.5,7.2,4.7,4.9,4.9,6.9,6.1,4.7,6.0,4.8,6.7,4.8,5.4,4.8,5.7] update: [.....5] [ip4][..udp] [.......10.8.0.1][53620] -> [..173.252.121.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.......10.8.0.1][53620] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....2] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....4] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....9] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [.......10.8.0.1][53620] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic new: [....13] [ip4][..tcp] [.......10.8.0.1][51570] -> [...158.85.5.199][..443] detected: [....13] [ip4][..tcp] [.......10.8.0.1][51570] -> [...158.85.5.199][..443] [WhatsApp][Unknown][Chat][Acceptable] idle: [....13] [ip4][..tcp] [.......10.8.0.1][51570] -> [...158.85.5.199][..443] [WhatsApp][Unknown][Chat][Acceptable] @@ -102,20 +86,12 @@ end: [.....1] [ip4][..tcp] [.......10.8.0.1][35480] -> [.184.173.179.46][..443] [WhatsApp][Unknown][Chat][Acceptable] end: [....11] [ip4][..tcp] [.......10.8.0.1][42241] -> [173.192.222.189][.5222] [WhatsApp][Unknown][Chat][Acceptable] idle: [.....5] [ip4][..udp] [.......10.8.0.1][53620] -> [..173.252.121.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....6] [ip4][..udp] [.......10.8.0.1][53620] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....7] [ip4][..udp] [.......10.8.0.1][53620] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [.......10.8.0.1][53620] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable] - RISK: Unidirectional Traffic end: [....12] [ip4][..tcp] [.......10.8.0.1][49721] -> [..158.85.58.109][.5222] [WhatsApp][Unknown][Chat][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/whois.pcapng.out b/test/results/flow-info/default/whois.pcapng.out index f9be7a375..6faaeefa8 100644 --- a/test/results/flow-info/default/whois.pcapng.out +++ b/test/results/flow-info/default/whois.pcapng.out @@ -14,7 +14,8 @@ DAEMON-EVENT: [Processed: 18 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....3] [ip4][..tcp] [...192.30.45.30][...43] -> [..10.160.63.128][53217] - idle: [.....2] [ip4][..tcp] [...10.17.34.139][64016] -> [.....10.17.51.8][.4343] + idle: [.....2] [ip4][..tcp] [...10.17.34.139][64016] -> [.....10.17.51.8][.4343] [TLS][Unknown][Web][Safe] + RISK: Known Proto on Non Std Port, Missing SNI TLS Extn, ALPN/SNI Mismatch guessed: [.....3] [ip4][..tcp] [...192.30.45.30][...43] -> [..10.160.63.128][53217] [Whois-DAS][Unknown][Network][Acceptable][] RISK: Unidirectional Traffic end: [.....3] [ip4][..tcp] [...192.30.45.30][...43] -> [..10.160.63.128][53217] diff --git a/test/results/flow-info/default/wow.pcap.out b/test/results/flow-info/default/wow.pcap.out index 67768f6f6..ee9d6a922 100644 --- a/test/results/flow-info/default/wow.pcap.out +++ b/test/results/flow-info/default/wow.pcap.out @@ -7,12 +7,14 @@ RISK: HTTP Susp User-Agent detected: [.....2] [ip4][..tcp] [.192.168.178.20][39312] -> [...24.105.29.21][...80] [HTTP.WorldOfWarcraft][Starcraft][Game][Fun][launcher.worldofwarcraft.com] RISK: HTTP Susp User-Agent + detection-update: [.....1] [ip4][..tcp] [.192.168.178.20][39309] -> [..12.129.222.53][...80] [HTTP.WorldOfWarcraft][Unknown][Game][Fun][us.scan.worldofwarcraft.com] + RISK: HTTP Susp User-Agent, HTTP Obsolete Server new: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] detected: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] new: [.....4] [ip4][..tcp] [.192.168.178.20][39364] -> [.12.129.228.153][.3724] detected: [.....4] [ip4][..tcp] [.192.168.178.20][39364] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] DAEMON-EVENT: [Processed: 82 pkts][ZLib][compressions: 0|diff: 0 / 0] - DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 1|updates: 0] new: [.....5] [ip4][..tcp] [.192.168.178.20][39593] -> [.12.129.228.152][.3724] detected: [.....5] [ip4][..tcp] [.192.168.178.20][39593] -> [.12.129.228.152][.3724] [WorldOfWarcraft][Unknown][Game][Fun] idle: [.....3] [ip4][..tcp] [.192.168.178.20][39329] -> [.12.129.228.153][.3724] [WorldOfWarcraft][Unknown][Game][Fun] diff --git a/test/results/flow-info/default/xdmcp.pcap.out b/test/results/flow-info/default/xdmcp.pcap.out index 2e027304b..ef739a693 100644 --- a/test/results/flow-info/default/xdmcp.pcap.out +++ b/test/results/flow-info/default/xdmcp.pcap.out @@ -5,5 +5,4 @@ detected: [.....1] [ip4][..udp] [.......10.1.2.2][61426] -> [.......10.1.2.4][..177] [XDMCP][Unknown][RemoteAccess][Acceptable] RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [.......10.1.2.2][61426] -> [.......10.1.2.4][..177] [XDMCP][Unknown][RemoteAccess][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/xiaomi.pcap.out b/test/results/flow-info/default/xiaomi.pcap.out index d100f0782..4a96bf29a 100644 --- a/test/results/flow-info/default/xiaomi.pcap.out +++ b/test/results/flow-info/default/xiaomi.pcap.out @@ -11,7 +11,6 @@ new: [.....3] [ip4][..tcp] [.115.164.74.232][.5222] -> [.192.168.247.13][38018] detected: [.....3] [ip4][..tcp] [.115.164.74.232][.5222] -> [.192.168.247.13][38018] [Xiaomi][Unknown][Web][Acceptable][47.241.35.73] idle: [.....1] [ip4][..tcp] [....47.241.7.88][.5222] -> [..10.52.151.160][39180] [Xiaomi][Alibaba][Web][Acceptable] - RISK: Unidirectional Traffic new: [.....4] [ip4][..tcp] [..97.39.119.172][.5222] -> [..192.168.93.59][51488] detected: [.....4] [ip4][..tcp] [..97.39.119.172][.5222] -> [..192.168.93.59][51488] [Xiaomi][Unknown][Web][Acceptable][47.241.59.87] DAEMON-EVENT: [Processed: 18 pkts][ZLib][compressions: 0|diff: 0 / 0] @@ -31,6 +30,7 @@ new: [.....7] [ip4][..tcp] [..192.168.2.100][48698] -> [...203.107.1.65][...80] detected: [.....7] [ip4][..tcp] [..192.168.2.100][48698] -> [...203.107.1.65][...80] [HTTP.Xiaomi][Alibaba][Web][Acceptable][203.107.1.65] RISK: HTTP/TLS/QUIC Numeric Hostname/SNI - idle: [.....7] [ip4][..tcp] [..192.168.2.100][48698] -> [...203.107.1.65][...80] + idle: [.....7] [ip4][..tcp] [..192.168.2.100][48698] -> [...203.107.1.65][...80] [HTTP.Xiaomi][Alibaba][Web][Acceptable] + RISK: HTTP/TLS/QUIC Numeric Hostname/SNI idle: [.....6] [ip4][..tcp] [..192.168.2.100][45106] -> [.18.193.233.122][.5222] [Xiaomi][AmazonAWS][Web][Acceptable] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/yandex.pcapng.out b/test/results/flow-info/default/yandex.pcapng.out index 2c26dee95..1bd70ea33 100644 --- a/test/results/flow-info/default/yandex.pcapng.out +++ b/test/results/flow-info/default/yandex.pcapng.out @@ -35,13 +35,18 @@ new: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] detected: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe][metrika.yandex.kz] detection-update: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe][metrika.yandex.kz] - idle: [.....3] [ip4][..tcp] [..192.168.1.249][42102] -> [178.154.131.216][..443] - idle: [.....7] [ip4][..tcp] [..192.168.1.249][42954] -> [...77.88.21.127][..443] - idle: [.....6] [ip4][..tcp] [..192.168.1.249][58832] -> [.87.250.250.134][..443] - idle: [.....8] [ip4][..tcp] [..192.168.1.249][45224] -> [....77.88.21.37][..443] - idle: [.....2] [ip4][..tcp] [..192.168.1.249][57126] -> [178.154.131.216][..443] - idle: [.....1] [ip4][..tcp] [..192.168.1.249][40218] -> [213.180.204.186][..443] - idle: [.....4] [ip4][..tcp] [..192.168.1.249][40870] -> [..87.250.251.22][..443] - idle: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] - idle: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] + idle: [.....3] [ip4][..tcp] [..192.168.1.249][42102] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....7] [ip4][..tcp] [..192.168.1.249][42954] -> [...77.88.21.127][..443] [TLS.YandexDisk][Yandex][Cloud][Safe] + RISK: TLS Cert About To Expire + idle: [.....6] [ip4][..tcp] [..192.168.1.249][58832] -> [.87.250.250.134][..443] [TLS.YandexDirect][Yandex][Advertisement][Tracker/Ads] + idle: [.....8] [ip4][..tcp] [..192.168.1.249][45224] -> [....77.88.21.37][..443] [TLS.YandexMail][Yandex][Email][Safe] + RISK: Unidirectional Traffic + idle: [.....2] [ip4][..tcp] [..192.168.1.249][57126] -> [178.154.131.216][..443] [TLS.Yandex][Yandex][Web][Safe] + RISK: Unidirectional Traffic + idle: [.....1] [ip4][..tcp] [..192.168.1.249][40218] -> [213.180.204.186][..443] [TLS.YandexMusic][Yandex][Music][Fun] + idle: [.....4] [ip4][..tcp] [..192.168.1.249][40870] -> [..87.250.251.22][..443] [TLS.YandexMarket][Yandex][Shopping][Safe] + RISK: Unidirectional Traffic + idle: [.....5] [ip4][..tcp] [..192.168.1.249][57322] -> [.87.250.250.108][..443] [TLS.YandexCloud][Yandex][Cloud][Safe] + idle: [.....9] [ip4][..tcp] [..192.168.1.249][51462] -> [..87.250.251.77][..443] [TLS.YandexMetrika][Yandex][Web][Safe] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/youtube_quic.pcap.out b/test/results/flow-info/default/youtube_quic.pcap.out index 3be13ab4e..b5638cac5 100644 --- a/test/results/flow-info/default/youtube_quic.pcap.out +++ b/test/results/flow-info/default/youtube_quic.pcap.out @@ -21,9 +21,6 @@ detected: [.....3] [ip4][..udp] [....192.168.1.7][53859] -> [..216.58.205.66][..443] [QUIC.Google][Google][Advertisement][Acceptable][googleads.g.doubleclick.net] RISK: Unidirectional Traffic idle: [.....2] [ip4][..udp] [....192.168.1.7][56074] -> [..216.58.198.33][..443] [QUIC.YouTube][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....1] [ip4][..udp] [....192.168.1.7][54997] -> [..216.58.205.66][..443] [QUIC.Google][Google][Advertisement][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [....192.168.1.7][53859] -> [..216.58.205.66][..443] [QUIC.Google][Google][Advertisement][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/youtubeupload.pcap.out b/test/results/flow-info/default/youtubeupload.pcap.out index 432f5c37d..ecd3ec752 100644 --- a/test/results/flow-info/default/youtubeupload.pcap.out +++ b/test/results/flow-info/default/youtubeupload.pcap.out @@ -21,9 +21,7 @@ [IATS(ms)....: 56.1,1.0,59.8,1.8,0.4,60.9,0.1,57.5,0.4,30.7,1096.9,0.5,1126.8,0.7,1825.8,1883.1,71.2,0.1,128.5,3.3,2.8,0.4,0.7,1.0,1.1,1.2,1.1,1.2,1.1,1.2,1.2] [PKTLENS.....: 1378,1378,1378,66,1378,410,1378,59,69,66,58,44,597,69,63,330,64,140,44,69,373,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378,1378] [ENTROPIES...: 2.6,7.5,7.4,5.3,4.6,7.4,7.9,5.4,5.7,5.8,5.5,5.0,7.7,5.6,5.7,7.3,5.5,6.6,5.0,5.7,7.5,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.8,7.9] - idle: [.....2] [ip4][..tcp] [...192.168.2.27][57452] -> [.172.217.23.111][..443] + idle: [.....2] [ip4][..tcp] [...192.168.2.27][57452] -> [.172.217.23.111][..443] [TLS.YouTubeUpload][Google][Media][Fun] idle: [.....1] [ip4][..udp] [...192.168.2.27][51925] -> [.172.217.23.111][..443] [QUIC.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [...192.168.2.27][62232] -> [.172.217.23.111][..443] [QUIC.YouTubeUpload][Google][Media][Fun] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/zattoo.pcap.out b/test/results/flow-info/default/zattoo.pcap.out index 0a0aa2eab..b973ca1e2 100644 --- a/test/results/flow-info/default/zattoo.pcap.out +++ b/test/results/flow-info/default/zattoo.pcap.out @@ -8,6 +8,7 @@ RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, TLS Cert Validity Too Long new: [.....2] [ip4][..tcp] [.....10.101.0.2][.2936] -> [.....10.102.0.2][...80] detected: [.....2] [ip4][..tcp] [.....10.101.0.2][.2936] -> [.....10.102.0.2][...80] [HTTP.Zattoo][Unknown][Video][Fun][zattosecurehd2-f.akamaihd.net] - end: [.....1] [ip4][..tcp] [.....10.101.0.2][.2930] -> [.....10.102.0.2][..443] + end: [.....1] [ip4][..tcp] [.....10.101.0.2][.2930] -> [.....10.102.0.2][..443] [TLS.Zattoo][Unknown][Video][Fun] + RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS, TLS Cert Validity Too Long end: [.....2] [ip4][..tcp] [.....10.101.0.2][.2936] -> [.....10.102.0.2][...80] [HTTP.Zattoo][Unknown][Video][Fun] DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/zoom.pcap.out b/test/results/flow-info/default/zoom.pcap.out index 598185f7b..5114097fc 100644 --- a/test/results/flow-info/default/zoom.pcap.out +++ b/test/results/flow-info/default/zoom.pcap.out @@ -49,6 +49,7 @@ new: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [MIDSTREAM] detected: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] RISK: Unidirectional Traffic + detection-update: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] new: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] detected: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] [ICMP][Zoom][Network][Acceptable] RISK: Unidirectional Traffic @@ -67,7 +68,7 @@ detection-update: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS.Zoom][Zoom][Video][Acceptable][zoom.us] detection-update: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable][www3.zoom.us] detection-update: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable][www3.zoom.us] - analyse: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] + analyse: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.211| 0.038| 0.059| 3527.760| 3.300] [PKTLEN......: 40.000| 1492.000| 663.000| 660.100| 435695.100| 4.200] @@ -158,47 +159,46 @@ detected: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] RISK: Unidirectional Traffic idle: [....17] [ip4][.icmp] [..192.168.1.117] -> [..162.255.38.14] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic idle: [.....9] [ip4][..udp] [..192.168.1.117][65394] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable] RISK: Error Code idle: [....18] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....10] [ip4][.icmp] [..192.168.1.117] -> [....192.168.1.1] [ICMP][Unknown][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....11] [ip4][..tcp] [..192.168.1.117][54798] -> [..13.225.84.182][..443] [TLS][AmazonAWS][Web][Safe] RISK: TCP Connection Issues end: [....11] [ip4][..tcp] [..192.168.1.117][54798] -> [..13.225.84.182][..443] idle: [....29] [ip4][..udp] [..192.168.1.117][51185] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] - idle: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.117][54854] -> [..172.217.21.72][..443] [TLS.GoogleServices][Google][Web][Acceptable] + RISK: Obsolete TLS (v1.1 or older), Unidirectional Traffic idle: [.....6] [ip4][..udp] [..192.168.1.117][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....33] [ip4][..udp] [..192.168.1.117][61731] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] - RISK: Unidirectional Traffic guessed: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] [HTTP][Google][Web][Acceptable][] idle: [....15] [ip4][..tcp] [..192.168.1.117][53867] -> [..104.199.65.42][...80] - idle: [.....8] [ip4][..tcp] [..192.168.1.117][54864] -> [..52.202.62.238][..443] - idle: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] + idle: [.....8] [ip4][..tcp] [..192.168.1.117][54864] -> [..52.202.62.238][..443] [TLS.Zoom][Zoom][Video][Acceptable] + idle: [....19] [ip4][..tcp] [..192.168.1.117][54865] -> [..52.202.62.196][..443] [TLS.Zoom][Zoom][Video][Acceptable] idle: [....21] [ip4][..tcp] [..192.168.1.117][54866] -> [..52.202.62.236][..443] [TLS.Zoom][Zoom][Video][Acceptable] idle: [....13] [ip4][..udp] [..192.168.1.117][23903] -> [..162.255.38.14][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [..192.168.1.117][23903] -> [..162.255.37.14][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic idle: [....14] [ip4][..udp] [..192.168.1.117][23903] -> [..162.255.38.14][.3479] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Known Proto on Non Std Port, Unidirectional Traffic - idle: [.....2] [ip4][..udp] [..192.168.1.117][.5353] -> [....224.0.0.251][.5353] + RISK: Known Proto on Non Std Port + idle: [.....2] [ip4][..udp] [..192.168.1.117][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....22] [ip4][..udp] [..192.168.1.117][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun] end: [.....3] [ip4][..tcp] [..192.168.1.117][54863] -> [.167.99.215.164][.4434] [TLS.ntop][Unknown][Network][Safe] RISK: Known Proto on Non Std Port, TLS (probably) Not Carrying HTTPS idle: [....24] [ip4][..udp] [..192.168.1.117][58063] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] - end: [....25] [ip4][..tcp] [..192.168.1.117][54867] -> [.213.19.144.105][..443] - end: [....26] [ip4][..tcp] [..192.168.1.117][54868] -> [.213.19.144.104][..443] + end: [....25] [ip4][..tcp] [..192.168.1.117][54867] -> [.213.19.144.105][..443] [TLS.Zoom][Zoom][Video][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + end: [....26] [ip4][..tcp] [..192.168.1.117][54868] -> [.213.19.144.104][..443] [TLS.Zoom][Zoom][Video][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [.....7] [ip4][..udp] [..192.168.1.117][64352] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] idle: [....31] [ip4][..udp] [..192.168.1.117][58327] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] - RISK: Unidirectional Traffic - end: [....27] [ip4][..tcp] [..192.168.1.117][54869] -> [.213.244.140.85][..443] - end: [....28] [ip4][..tcp] [..192.168.1.117][54870] -> [.213.244.140.84][..443] + end: [....27] [ip4][..tcp] [..192.168.1.117][54869] -> [.213.244.140.85][..443] [TLS.Zoom][Zoom][Video][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS + end: [....28] [ip4][..tcp] [..192.168.1.117][54870] -> [.213.244.140.84][..443] [TLS.Zoom][Zoom][Video][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [....23] [ip4][..udp] [..192.168.1.117][62563] -> [....192.168.1.1][...53] [DNS.Zoom][Unknown][Network][Acceptable] - idle: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] - idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] + idle: [.....4] [ip4][..tcp] [..192.168.1.117][54341] -> [.62.149.152.153][..993] [IMAPS][Unknown][Email][Safe] RISK: Unidirectional Traffic + idle: [....32] [ip4][..udp] [..192.168.1.117][60620] -> [..109.94.160.99][.8801] [Zoom][Unknown][Video][Acceptable] idle: [.....5] [ip4][..udp] [..192.168.1.117][57025] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable] idle: [....16] [ip4][..tcp] [..192.168.1.117][53872] -> [..35.186.224.53][..443] [TLS][GoogleCloud][Web][Safe] idle: [....30] [ip4][..tcp] [..192.168.1.117][54871] -> [..109.94.160.99][..443] [TLS.Zoom][Unknown][Video][Acceptable] diff --git a/test/results/flow-info/default/zoom2.pcap.out b/test/results/flow-info/default/zoom2.pcap.out index 30dc952ae..388d329d4 100644 --- a/test/results/flow-info/default/zoom2.pcap.out +++ b/test/results/flow-info/default/zoom2.pcap.out @@ -48,9 +48,9 @@ detected: [.....5] [ip4][.icmp] [..192.168.1.178] -> [.144.195.73.154] [ICMP][Zoom][Network][Acceptable] RISK: Unidirectional Traffic idle: [.....4] [ip4][..udp] [..192.168.1.178][57953] -> [.144.195.73.154][.8801] [SRTP.Zoom][Zoom][Video][Acceptable] - idle: [.....1] [ip4][..tcp] [..192.168.1.178][50076] -> [.144.195.73.154][..443] + idle: [.....1] [ip4][..tcp] [..192.168.1.178][50076] -> [.144.195.73.154][..443] [TLS.Zoom][Zoom][Video][Acceptable] + RISK: TLS (probably) Not Carrying HTTPS idle: [.....3] [ip4][..udp] [..192.168.1.178][58117] -> [.144.195.73.154][.8801] [SRTP.Zoom][Zoom][Video][Acceptable] idle: [.....2] [ip4][..udp] [..192.168.1.178][60653] -> [.144.195.73.154][.8801] [SRTP.Zoom][Zoom][Video][Acceptable] idle: [.....5] [ip4][.icmp] [..192.168.1.178] -> [.144.195.73.154] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown diff --git a/test/results/flow-info/default/zoom_p2p.pcapng.out b/test/results/flow-info/default/zoom_p2p.pcapng.out index 2ee53ee34..9934d100c 100644 --- a/test/results/flow-info/default/zoom_p2p.pcapng.out +++ b/test/results/flow-info/default/zoom_p2p.pcapng.out @@ -6,9 +6,9 @@ new: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] detected: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_ipps._tcp.local] update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] - update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] detected: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable][] RISK: Unidirectional Traffic @@ -21,8 +21,7 @@ update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] new: [.....6] [ip4][..udp] [.192.168.12.156][38453] -> [..192.168.1.226][41036] update: [.....5] [ip4][.icmp] [.206.247.87.213] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic - update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] analyse: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] min| max| avg| stddev| variance| entropy @@ -35,34 +34,24 @@ [PKTLENS.....: 113,113,113,113,113,113,113,113,113,113,113,1246,1056,1056,1246,800,1245,119,1245,800,800,1245,800,799,118,831,1245,1277,1043,1043,1257,1043] [ENTROPIES...: 4.9,4.8,4.8,4.9,4.9,4.8,4.8,4.9,4.8,4.8,4.8,7.8,0.5,0.5,7.8,7.7,7.8,5.8,7.8,7.7,7.7,7.8,7.7,7.7,5.8,7.7,7.8,7.8,7.8,7.8,7.8,7.8] update: [.....4] [ip4][..udp] [.192.168.12.156][38453] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][.icmp] [.206.247.87.213] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] update: [.....6] [ip4][..udp] [.192.168.12.156][38453] -> [..192.168.1.226][41036] update: [.....5] [ip4][.icmp] [.206.247.87.213] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] - update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [.192.168.12.156][38453] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic update: [.....5] [ip4][.icmp] [.206.247.87.213] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....5] [ip4][.icmp] [.206.247.87.213] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic update: [.....6] [ip4][..udp] [.192.168.12.156][38453] -> [..192.168.1.226][41036] update: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] - update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + update: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [.192.168.12.156][38453] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic update: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - idle: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + idle: [.....2] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] guessed: [.....6] [ip4][..udp] [.192.168.12.156][38453] -> [..192.168.1.226][41036] [Zoom][Unknown][Video][Acceptable] RISK: Unidirectional Traffic @@ -70,9 +59,7 @@ guessed: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] [Zoom][Unknown][Video][Acceptable] idle: [.....7] [ip4][..udp] [.192.168.12.156][39065] -> [..192.168.1.226][46757] idle: [.....4] [ip4][..udp] [.192.168.12.156][38453] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic idle: [.....3] [ip4][..udp] [.192.168.12.156][39065] -> [.206.247.87.213][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic new: [.....8] [ip4][..udp] [.192.168.12.156][49579] -> [.206.247.10.253][.3478] detected: [.....8] [ip4][..udp] [.192.168.12.156][49579] -> [.206.247.10.253][.3478] [STUN.Zoom][Zoom][Video][Acceptable][] RISK: Unidirectional Traffic @@ -98,7 +85,6 @@ new: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] new: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] update: [....10] [ip4][.icmp] [.206.247.10.253] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic analyse: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.052| 0.013| 0.016| 253.890| 4.000] @@ -120,17 +106,14 @@ [PKTLENS.....: 112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112,112] [ENTROPIES...: 4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9,4.9] idle: [....10] [ip4][.icmp] [.206.247.10.253] -> [.192.168.12.156] [ICMP][Zoom][Network][Acceptable] - RISK: Unidirectional Traffic guessed: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] [Zoom][Unknown][Video][Acceptable] RISK: Unidirectional Traffic idle: [....13] [ip4][..udp] [.192.168.12.156][49579] -> [...10.78.14.178][49586] idle: [.....1] [ip4][..udp] [...192.168.12.1][17500] -> [.192.168.12.255][17500] [Dropbox][Unknown][Cloud][Acceptable] idle: [.....9] [ip4][..udp] [.192.168.12.156][42208] -> [.206.247.10.253][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic - idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] + idle: [....11] [ip4][..udp] [...192.168.12.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] guessed: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] [Zoom][Unknown][Video][Acceptable] RISK: Unidirectional Traffic idle: [....12] [ip4][..udp] [.192.168.12.156][42208] -> [...10.78.14.178][47312] idle: [.....8] [ip4][..udp] [.192.168.12.156][49579] -> [.206.247.10.253][.3478] [STUN.Zoom][Zoom][Video][Acceptable] - RISK: Unidirectional Traffic DAEMON-EVENT: shutdown |