aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/fpc
diff options
context:
space:
mode:
Diffstat (limited to 'test/results/flow-info/fpc')
-rw-r--r--test/results/flow-info/fpc/1kxun.pcap.out171
-rw-r--r--test/results/flow-info/fpc/signal_videocall.pcapng.out5
2 files changed, 71 insertions, 105 deletions
diff --git a/test/results/flow-info/fpc/1kxun.pcap.out b/test/results/flow-info/fpc/1kxun.pcap.out
index 7b3376352..3e1a35e08 100644
--- a/test/results/flow-info/fpc/1kxun.pcap.out
+++ b/test/results/flow-info/fpc/1kxun.pcap.out
@@ -4,16 +4,16 @@
new: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355]
detected: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900]
- detected: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900]
- detected: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68]
detected: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Unknown][Network][Acceptable][]
new: [.....5] [ip4][..tcp] [...192.168.5.16][53605] -> [.68.233.253.133][...80] [MIDSTREAM]
new: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900]
- detected: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900]
- detected: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][shen]
new: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547]
@@ -23,20 +23,16 @@
new: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355]
detected: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900]
- detected: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355]
detected: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53]
- detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][jp.kankan.1kxun.mobi]
- detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][jp.kankan.1kxun.mobi]
- RISK: Unidirectional Traffic
- detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][jp.kankan.1kxun.mobi]
+ detected: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi]
+ detection-update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi]
new: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80]
detected: [....15] [ip4][..tcp] [..192.168.115.8][49597] -> [.106.185.35.110][...80] [HTTP.1kxun][Unknown][Streaming][Fun][jp.kankan.1kxun.mobi]
new: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53]
- detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][kankan.1kxun.com]
- detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][kankan.1kxun.com]
- RISK: Unidirectional Traffic
+ detected: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com]
new: [....17] [ip4][..tcp] [...192.168.5.16][53622] -> [.192.168.115.75][..443] [MIDSTREAM]
new: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137]
detected: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad]
@@ -47,22 +43,18 @@
detected: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
RISK: Non-Printable/Invalid Chars Detected
new: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900]
- detected: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976]
new: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976]
new: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53]
- detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Unknown][Network][Fun][kankan.1kxun.com]
- detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Unknown][Network][Fun][kankan.1kxun.com]
- RISK: Unidirectional Traffic
- detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Unknown][Network][Fun][kankan.1kxun.com]
+ detected: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com]
+ detection-update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com]
new: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80]
- detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][kankan.1kxun.com]
+ detection-update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com]
detected: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com]
new: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53]
- detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][pic.1kxun.com]
- detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][pic.1kxun.com]
- RISK: Unidirectional Traffic
- detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][pic.1kxun.com]
+ detected: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com]
+ detection-update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com]
new: [....27] [ip4][..tcp] [..192.168.115.8][49599] -> [.106.187.35.246][...80]
new: [....28] [ip4][..tcp] [..192.168.115.8][49600] -> [.106.187.35.246][...80]
new: [....29] [ip4][..tcp] [..192.168.115.8][49601] -> [.106.187.35.246][...80]
@@ -153,10 +145,8 @@
detected: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Alibaba][Web][Acceptable][218.244.135.170]
RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI
new: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53]
- detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Google][Network][Fun][vv.video.qq.com]
- detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Google][Network][Fun][vv.video.qq.com]
- RISK: Unidirectional Traffic
- detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Google][Network][Fun][vv.video.qq.com]
+ detected: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com]
+ detection-update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com]
new: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80]
detected: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com]
new: [....41] [ip4][..tcp] [..192.168.115.8][49609] -> [..42.120.51.152][.8080]
@@ -166,7 +156,7 @@
new: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355]
detected: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900]
- detected: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443]
detected: [....45] [ip4][..tcp] [...192.168.5.16][53623] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75]
RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS
@@ -195,15 +185,15 @@
detection-update: [....49] [ip4][..tcp] [..192.168.115.8][49613] -> [.183.131.48.144][...80] [HTTP][Unknown][Media][Acceptable][183.131.48.144]
RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
new: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900]
- detected: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900]
- detected: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355]
detected: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355]
detected: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900]
- detected: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67]
detected: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Unknown][Network][Acceptable][macbook-air]
new: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947]
@@ -240,7 +230,7 @@
new: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67]
detected: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][joanna-pc]
new: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900]
- detected: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353]
detected: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local]
new: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947]
@@ -255,9 +245,9 @@
new: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355]
detected: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900]
- detected: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ detected: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
new: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900]
- detected: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable][[ff02::c]:1900]
+ detected: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable][[ff02]
new: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355]
detected: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947]
@@ -306,16 +296,13 @@
new: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [MIDSTREAM]
detected: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe]
new: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443]
- detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe]
- RISK: Unidirectional Traffic
- detection-update: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe]
detected: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75]
RISK: HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS
detection-update: [...107] [ip4][..tcp] [...192.168.5.16][53626] -> [.192.168.115.75][..443] [TLS][Unknown][Web][Safe][192.168.115.75]
RISK: Weak TLS Cipher, HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS
new: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53]
- detected: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS.Line][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
- detection-update: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS.Line][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
+ detected: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
+ detection-update: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
new: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80]
new: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80]
detected: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp]
@@ -339,26 +326,26 @@
RISK: Weak TLS Cipher, HTTP/TLS/QUIC Numeric Hostname/SNI, TLS (probably) Not Carrying HTTPS
update: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][shen]
update: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wpad]
- update: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- update: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ update: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable]
update: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
update: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976]
update: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976]
- update: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- update: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ update: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [....20] [ip4][..udp] [...192.168.3.95][58779] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
update: [.....1] [ip4][..udp] [...192.168.5.44][59571] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][jason-pc]
update: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Unknown][Network][Acceptable]
- update: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
update: [....18] [ip4][..udp] [..192.168.115.8][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][wpad]
- update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Unknown][Network][Fun][kankan.1kxun.com]
- update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][jp.kankan.1kxun.mobi]
- update: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][kankan.1kxun.com]
+ update: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com]
+ update: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi]
+ update: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ update: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com]
update: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
analyse: [....31] [ip4][..tcp] [..192.168.115.8][49603] -> [.106.187.35.246][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com]
min| max| avg| stddev| variance| entropy
@@ -394,15 +381,15 @@
detected: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable]
new: [...129] [ip4][..udp] [..192.168.3.236][65496] -> [....224.0.0.252][.5355]
detected: [...129] [ip4][..udp] [..192.168.3.236][65496] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable]
- update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Google][Network][Fun][vv.video.qq.com]
- update: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- update: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com]
+ update: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ update: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976]
- update: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
update: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook]
- update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][pic.1kxun.com]
+ update: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com]
update: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
update: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
update: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad]
@@ -410,11 +397,11 @@
update: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad]
update: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Unknown][Network][Acceptable][macbook-air]
update: [....35] [ip4][..udp] [...192.168.5.67][..138] -> [192.168.255.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][sanji-lifebook-]
- update: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ update: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
update: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
DAEMON-EVENT: [Processed: 1032 pkts][ZLib][compressions: 0|diff: 0 / 0]
- DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 19|updates: 38]
+ DAEMON-EVENT: [Flows][active: 129 / 129|skipped: 0|!detected: 0|guessed: 0|detection-updates: 12|updates: 38]
new: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [MIDSTREAM]
detected: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi]
RISK: Known Proto on Non Std Port
@@ -434,7 +421,7 @@
detected: [...135] [ip4][..tcp] [..192.168.2.126][47246] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.com]
new: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [MIDSTREAM]
detected: [...136] [ip4][..tcp] [..192.168.2.126][47262] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][kankan.1kxun.com]
- idle: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS.Line][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
+ idle: [...108] [ip4][..udp] [...192.168.5.16][63372] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][dl-obs.official.line.naver.jp]
idle: [.....8] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][shen]
idle: [...126] [ip4][..udp] [...192.168.5.50][49766] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
idle: [....85] [ip4][..udp] [...192.168.5.50][50030] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
@@ -442,19 +429,19 @@
RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI
idle: [....38] [ip4][..tcp] [..192.168.115.8][49607] -> [218.244.135.170][.9099] [HTTP][Alibaba][Web][Acceptable][218.244.135.170]
RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI
- idle: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS.QQ][Google][Network][Fun][vv.video.qq.com]
+ idle: [....39] [ip4][..udp] [..192.168.115.8][54420] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][vv.video.qq.com]
idle: [....79] [ip4][..udp] [..192.168.0.100][50925] -> [255.255.255.255][.5678] [Mikrotik][Unknown][Network][Acceptable]
idle: [....98] [ip4][..udp] [...192.168.3.95][51451] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
idle: [....13] [ip4][..udp] [..192.168.115.8][51458] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wpad]
- idle: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [.....7] [ip4][..udp] [...192.168.5.41][55312] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....63] [ip4][..udp] [..192.168.3.236][51714] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][isatap]
- idle: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- idle: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....51] [ip4][..udp] [....192.168.5.9][55484] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ idle: [....50] [ip4][..udp] [.192.168.101.33][55485] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [...113] [ip4][..tcp] [.....31.13.87.1][..443] -> [...192.168.5.16][53578] [TLS][Facebook][Web][Safe]
idle: [...106] [ip4][..tcp] [...192.168.5.16][53580] -> [....31.13.87.36][..443] [TLS][Facebook][Web][Safe]
- idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated]
+ idle: [.....2] [ip4][..udp] [...192.168.5.57][55809] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ not-detected: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....42] [ip4][..udp] [.192.168.10.110][60480] -> [255.255.255.255][62976]
idle: [.....9] [ip6][..udp] [...............fe80::406:55a8:6453:25dd][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable]
idle: [....19] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][58779] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
@@ -462,32 +449,32 @@
idle: [....89] [ip6][..udp] [................fe80::4e5e:cff:feea:365][.5678] -> [................................ff02::1][.5678] [Mikrotik][Unknown][Network][Acceptable]
idle: [....60] [ip6][..udp] [...............fe80::4e5e:cff:fe9a:ec54][.5678] -> [................................ff02::1][.5678] [Mikrotik][Unknown][Network][Acceptable]
idle: [...128] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][58468] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw]
- idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....44] [ip4][..udp] [...192.168.5.37][57325] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [...125] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][49766] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
- not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated]
+ not-detected: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....66] [ip6][..udp] [.......2001:b020:6::c2a0:bbff:fe73:eb57][62976] -> [................................ff02::1][62976]
- not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unrated]
+ not-detected: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....23] [ip6][..udp] [..2001:b030:214:100:c2a0:bbff:fe73:eb47][62976] -> [................................ff02::1][62976]
idle: [....96] [ip4][..udp] [...192.168.5.47][53962] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
idle: [....73] [ip4][..udp] [...192.168.5.41][54470] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc]
idle: [...102] [ip4][..udp] [...192.168.5.37][54506] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook]
- not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated]
+ not-detected: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....65] [ip4][..udp] [192.168.140.140][62976] -> [255.255.255.255][62976]
- not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated]
+ not-detected: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....71] [ip4][..udp] [...192.168.10.7][62976] -> [255.255.255.255][62976]
- not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unrated]
+ not-detected: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976] [Unknown][Unknown][Unspecified][Unrated]
idle: [....22] [ip4][..udp] [.192.168.125.30][62976] -> [255.255.255.255][62976]
idle: [....34] [ip4][..udp] [...192.168.3.95][54888] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
idle: [...121] [ip4][..udp] [...192.168.5.41][55593] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc]
- idle: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....21] [ip4][..udp] [...192.168.3.95][59468] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [...100] [ip4][..udp] [..192.168.3.236][56043] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][isatap]
idle: [...114] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][61172] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][sonusav]
idle: [....43] [ip4][..udp] [...192.168.5.37][56366] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][notebook]
- idle: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....12] [ip4][..udp] [...192.168.5.47][60267] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....88] [ip4][..udp] [..192.168.119.1][56861] -> [255.255.255.255][.5678] [Mikrotik][Unknown][Network][Acceptable]
idle: [...124] [ip4][..udp] [...192.168.5.50][57143] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
- idle: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][pic.1kxun.com]
+ idle: [....26] [ip4][..udp] [..192.168.115.8][60724] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][pic.1kxun.com]
idle: [....48] [ip4][..udp] [....192.168.5.9][58456] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
idle: [....47] [ip4][..udp] [.192.168.101.33][58456] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
idle: [....92] [ip4][..udp] [...192.168.5.44][58702] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][jason-pc]
@@ -523,20 +510,20 @@
idle: [...105] [ip4][..udp] [...192.168.5.41][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][kevin-pc]
idle: [....74] [ip4][..udp] [....192.168.5.9][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][joanna-pc]
idle: [.....4] [ip4][..udp] [..192.168.119.1][...67] -> [255.255.255.255][...68] [DHCP][Unknown][Network][Acceptable]
- idle: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [.....6] [ip4][..udp] [...192.168.5.50][64674] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [...123] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][57143] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
guessed: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443] [TLS][Unknown][Web][Safe]
idle: [....57] [ip4][..tcp] [..192.168.115.8][49596] -> [..203.66.182.87][..443]
idle: [....53] [ip4][..udp] [...192.168.5.49][61548] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad]
idle: [....11] [ip4][..udp] [...192.168.5.47][61603] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
- not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated]
+ not-detected: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated]
idle: [....77] [ip4][..udp] [..192.168.2.186][32768] -> [255.255.255.255][.1947]
idle: [....91] [ip4][..udp] [..192.168.3.236][62069] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][wangs-ltw]
idle: [....82] [ip4][..udp] [...192.168.5.50][62756] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
idle: [...112] [ip4][..udp] [....192.168.5.9][62822] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
idle: [...111] [ip4][..udp] [.192.168.101.33][62822] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][joanna-pc]
idle: [....25] [ip4][..tcp] [..192.168.115.8][49598] -> [.222.73.254.167][...80] [HTTP.1kxun][Unknown][Streaming][Fun][kankan.1kxun.com]
- idle: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....83] [ip4][..udp] [...192.168.5.49][.1900] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....40] [ip4][..tcp] [..192.168.115.8][49608] -> [203.205.151.234][...80] [HTTP.QQ][Unknown][Chat][Fun][vv.video.qq.com]
idle: [...122] [ip4][..udp] [...192.168.5.57][64428] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable][usher-pc]
idle: [....68] [ip4][..udp] [...192.168.5.45][59461] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][gfile]
@@ -547,11 +534,11 @@
idle: [...109] [ip4][..tcp] [...192.168.5.16][53627] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp]
idle: [...110] [ip4][..tcp] [...192.168.5.16][53628] -> [...203.69.81.73][...80] [HTTP.Line][Unknown][Chat][Acceptable][dl-obs.official.line.naver.jp]
idle: [....81] [ip6][..udp] [...............fe80::e034:7be:d8f9:6197][62756] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][charming-pc]
- not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated]
+ not-detected: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated]
idle: [....56] [ip4][..udp] [.59.120.208.218][50151] -> [255.255.255.255][.1947]
idle: [....72] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][50194] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc]
idle: [....52] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][61548] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad]
- idle: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable][[ff02::c]:1900]
+ idle: [....84] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][.1900] -> [................................ff02::c][.1900] [SSDP][Unknown][System][Acceptable][[ff02]
idle: [....55] [ip4][..udp] [...192.168.5.16][...68] -> [..192.168.119.1][...67] [DHCP][Unknown][Network][Acceptable][macbook-air]
idle: [...103] [ip6][..udp] [...............fe80::9bd:81dd:2fdc:5750][64568] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][caesar-thinkpad]
idle: [...118] [ip4][..udp] [..192.168.0.104][..137] -> [192.168.255.255][..137] [NetBIOS][Unknown][System][Acceptable][sc.arrancar.org]
@@ -563,7 +550,7 @@
idle: [....76] [ip4][..udp] [...192.168.5.64][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
guessed: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80] [HTTP][Google][Web][Acceptable][]
idle: [....61] [ip4][..tcp] [..192.168.115.8][49581] -> [.64.233.189.128][...80]
- idle: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS.1kxun][Unknown][Network][Fun][kankan.1kxun.com]
+ idle: [....24] [ip4][..udp] [..192.168.115.8][52723] -> [.....168.95.1.1][...53] [DNS][Unknown][Network][Acceptable][kankan.1kxun.com]
idle: [...120] [ip6][..udp] [..............fe80::4568:efbc:40b1:1346][57148] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][kevin-pc]
idle: [....95] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][53962] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
guessed: [.....5] [ip4][..tcp] [...192.168.5.16][53605] -> [.68.233.253.133][...80] [HTTP][Unknown][Web][Acceptable][]
@@ -585,17 +572,17 @@
RISK: HTTP Susp User-Agent, HTTP/TLS/QUIC Numeric Hostname/SNI
idle: [....97] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][51451] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
- idle: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....75] [ip4][..udp] [...192.168.5.48][49701] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....93] [ip6][..udp] [..............fe80::beee:7bff:fe0c:b3de][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Unknown][Network][Acceptable]
- idle: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][jp.kankan.1kxun.mobi]
- idle: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
- idle: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
+ idle: [....14] [ip4][..udp] [..192.168.115.8][51024] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][jp.kankan.1kxun.mobi]
+ idle: [.....3] [ip4][..udp] [...192.168.5.44][51389] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
+ idle: [....54] [ip4][..udp] [...192.168.5.49][51704] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250]
idle: [....99] [ip6][..udp] [..............fe80::5d92:62a8:ebde:1319][53938] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][isatap]
- idle: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS.1kxun][Google][Network][Fun][kankan.1kxun.com]
+ idle: [....16] [ip4][..udp] [..192.168.115.8][52723] -> [........8.8.8.8][...53] [DNS][Google][Network][Acceptable][kankan.1kxun.com]
idle: [....33] [ip6][..udp] [..............fe80::e98f:bae2:19f7:6b0f][54888] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][????????????]
RISK: Non-Printable/Invalid Chars Detected
idle: [....10] [ip6][..udp] [..............fe80::edf5:240a:c8c0:8312][61603] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable][ro_x1c]
- not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unrated]
+ not-detected: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947] [Unknown][Unknown][Unspecified][Unrated]
idle: [....86] [ip4][..udp] [.59.120.208.212][32768] -> [255.255.255.255][.1947]
new: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [MIDSTREAM]
detected: [...137] [ip4][..tcp] [..192.168.2.126][47272] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Streaming][Fun][messages.1kxun.mobi]
@@ -603,8 +590,6 @@
detected: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com]
RISK: HTTP Susp User-Agent
detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com]
- RISK: HTTP Susp User-Agent, Unidirectional Traffic
- detection-update: [...138] [ip4][..tcp] [..192.168.2.126][38834] -> [..119.45.78.184][...80] [HTTP.QQ][Tencent][Chat][Fun][pingma.qq.com]
RISK: HTTP Susp User-Agent, Error Code
new: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [MIDSTREAM]
detected: [...139] [ip4][..tcp] [..192.168.2.126][60148] -> [.172.105.121.82][...80] [HTTP.1kxun][Unknown][Streaming][Fun][pic.1kxun.com]
@@ -738,9 +723,6 @@
detected: [...177] [ip4][..tcp] [..192.168.2.126][43266] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com]
new: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [MIDSTREAM]
detected: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
- detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
- RISK: Unidirectional Traffic
- detection-update: [...178] [ip4][..tcp] [..192.168.2.126][56826] -> [...8.209.97.107][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
new: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [MIDSTREAM]
detected: [...179] [ip4][..tcp] [..192.168.2.126][43272] -> [....18.64.79.58][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com]
new: [...180] [ip4][..tcp] [..192.168.2.126][58758] -> [.202.153.196.53][...80] [MIDSTREAM]
@@ -762,35 +744,24 @@
new: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [MIDSTREAM]
detected: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][]
RISK: HTTP Susp User-Agent
- detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][]
- RISK: HTTP Susp User-Agent, Unidirectional Traffic
new: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [MIDSTREAM]
detected: [...189] [ip4][..tcp] [..192.168.2.126][42554] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com]
detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com]
- RISK: Unidirectional Traffic
new: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [MIDSTREAM]
detected: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][]
- detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][]
- RISK: Unidirectional Traffic
new: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [MIDSTREAM]
detected: [...191] [ip4][..tcp] [..192.168.2.126][41940] -> [....18.64.79.50][...80] [HTTP][AmazonAWS][Web][Acceptable][tknet-cdn.rayjump.com]
detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com]
- RISK: Unidirectional Traffic
- detection-update: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com]
- detection-update: [...190] [ip4][..tcp] [..192.168.2.126][42566] -> [...35.156.44.13][...80] [HTTP][AmazonAWS][Web][Acceptable][de01.rayjump.com]
new: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [MIDSTREAM]
detected: [...192] [ip4][..tcp] [..192.168.2.126][54810] -> [..18.233.123.55][...80] [HTTP][AmazonAWS][Web][Acceptable][impression-east.liftoff.io]
new: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [MIDSTREAM]
detected: [...193] [ip4][..tcp] [..192.168.2.126][40204] -> [...18.235.204.9][...80] [HTTP][AmazonAWS][Web][Acceptable][adexp.liftoff.io]
new: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [MIDSTREAM]
- detected: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Google][Web][Acceptable][play.google.com]
+ detected: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.PlayStore][Google][SoftwareUpdate][Safe][play.google.com]
new: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [MIDSTREAM]
detected: [...195] [ip4][..tcp] [..192.168.2.126][33042] -> [...3.122.190.70][...80] [HTTP][AmazonAWS][Web][Acceptable][click.liftoff.io]
new: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [MIDSTREAM]
detected: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
- detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
- RISK: Unidirectional Traffic
- detection-update: [...196] [ip4][..tcp] [..192.168.2.126][35426] -> [..8.209.112.118][...80] [HTTP][Alibaba][Web][Acceptable][analytics.rayjump.com]
new: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [MIDSTREAM]
detected: [...197] [ip4][..tcp] [..192.168.2.126][51686] -> [....18.64.79.64][...80] [HTTP][AmazonAWS][Web][Acceptable][net.rayjump.com]
idle: [...130] [ip4][..tcp] [..192.168.2.126][60962] -> [..172.104.93.92][.1234] [HTTP.1kxun][Unknown][Streaming][Fun][ws.1kxun.mobi]
@@ -836,7 +807,7 @@
idle: [...152] [ip4][..tcp] [..192.168.2.126][45424] -> [..161.117.13.29][...80] [HTTP][Alibaba][Streaming][Acceptable][tcad.wedolook.com]
idle: [...140] [ip4][..tcp] [..192.168.2.126][49242] -> [.172.104.119.80][...80] [HTTP.1kxun][Unknown][Streaming][Fun][android.yingshi.tcclick.1kxun.com]
RISK: Error Code
- idle: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.Google][Google][Web][Acceptable][play.google.com]
+ idle: [...194] [ip4][..tcp] [..192.168.2.126][53416] -> [.172.217.16.142][...80] [HTTP.PlayStore][Google][SoftwareUpdate][Safe][play.google.com]
idle: [...133] [ip4][..tcp] [..192.168.2.126][47230] -> [..161.117.13.29][...80] [HTTP.1kxun][Alibaba][Download][Fun][kankan.1kxun.mobi]
RISK: Binary File/Data Transfer (Attempt)
idle: [...188] [ip4][..tcp] [..192.168.2.126][37100] -> [..52.29.177.177][...80] [HTTP][AmazonAWS][Web][Acceptable][adx-tk.rayjump.com]
diff --git a/test/results/flow-info/fpc/signal_videocall.pcapng.out b/test/results/flow-info/fpc/signal_videocall.pcapng.out
index 626c8440d..964b3c0e5 100644
--- a/test/results/flow-info/fpc/signal_videocall.pcapng.out
+++ b/test/results/flow-info/fpc/signal_videocall.pcapng.out
@@ -5,13 +5,8 @@
detected: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN][GoogleCloud][Network][Acceptable][]
new: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478]
detected: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][]
- detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][]
- RISK: Unidirectional Traffic
- detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN][GoogleCloud][Network][Acceptable][]
detection-update: [.....2] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org]
detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][]
- RISK: Unidirectional Traffic
- detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][]
detection-update: [.....1] [ip4][..udp] [..192.168.12.67][47926] -> [.35.216.234.234][.3478] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][signal.org]
new: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377]
detected: [.....3] [ip4][..udp] [..192.168.12.67][47926] -> [.35.219.252.146][56377] [STUN.SignalVoip][GoogleCloud][VoIP][Acceptable][]
Powered by cgit, Themed by Ted Yin.