diff options
Diffstat (limited to 'test/results/flow-info/telegram.pcap.out')
| -rw-r--r-- | test/results/flow-info/telegram.pcap.out | 221 |
1 files changed, 221 insertions, 0 deletions
diff --git a/test/results/flow-info/telegram.pcap.out b/test/results/flow-info/telegram.pcap.out new file mode 100644 index 000000000..2f5bfbcc3 --- /dev/null +++ b/test/results/flow-info/telegram.pcap.out @@ -0,0 +1,221 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] + detected: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + new: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] + detected: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] + detected: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] + detected: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] + detected: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] + detected: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] + detected: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Network][Acceptable] + new: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] + detected: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + detection-update: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + new: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] + detected: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable] + new: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] + detected: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] + detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] + detected: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] + detected: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Network][Acceptable] + analyse: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 1.089| 0.260| 0.238] + [IAT(c->s)...: 0.000| 1.089| 0.260| 0.238][IAT(s->c)...: 0.000| 0.000| 0.000| 0.000] + [PKTLEN(c->s): 142.000| 308.000| 198.700| 56.400][PKTLEN(s->c): 0.000| 0.000| 0.000| 0.000] + [BINS(c->s)..: 0,0,0,18,2,6,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + analyse: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 1.089| 0.260| 0.238] + [IAT(c->s)...: 0.000| 1.089| 0.260| 0.238][IAT(s->c)...: 0.000| 0.000| 0.000| 0.000] + [PKTLEN(c->s): 162.000| 328.000| 218.700| 56.400][PKTLEN(s->c): 0.000| 0.000| 0.000| 0.000] + [BINS(c->s)..: 0,0,0,18,2,6,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + detection-update: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] + detected: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe] + detection-update: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe] + new: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] + detected: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable] + new: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] + detected: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] + detected: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + detection-update: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + new: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] + detected: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] + detected: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] + detected: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Chat][Acceptable] + new: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] + detected: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] [Telegram][Chat][Acceptable] + new: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] + detected: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] [Telegram][Chat][Acceptable] + new: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] + detected: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] [Telegram][Chat][Acceptable] + new: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] + detected: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] [Telegram][Chat][Acceptable] + new: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] + detected: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] [Telegram][Chat][Acceptable] + new: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] + new: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] + detected: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [OpenVPN][VPN][Acceptable] + RISK: Known Proto on Non Std Port + analyse: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Chat][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.001| 0.501| 0.118| 0.112] + [IAT(c->s)...: 0.001| 0.501| 0.202| 0.131][IAT(s->c)...: 0.004| 0.308| 0.084| 0.081] + [PKTLEN(c->s): 74.000| 138.000| 109.200| 28.900][PKTLEN(s->c): 90.000| 234.000| 180.200| 53.200] + [BINS(c->s)..: 0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,1,4,4,0,8,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + new: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] + detected: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Web][Acceptable] + detection-update: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Web][Acceptable] + RISK: Suspicious DNS Traffic + analyse: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] + [min|max|avg|stddev] + [IAT(flow)...: 0.042| 1.999| 0.261| 0.473] + [IAT(c->s)...: 0.058| 1.999| 0.337| 0.588][IAT(s->c)...: 0.042| 1.681| 0.213| 0.374] + [PKTLEN(c->s): 90.000| 234.000| 197.100| 50.700][PKTLEN(s->c): 90.000| 282.000| 211.300| 56.200] + [BINS(c->s)..: 0,1,2,0,0,6,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,1,3,0,0,5,6,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + not-detected: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unrated] + new: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] + detected: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + new: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138] + detected: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][System][Dangerous] + RISK: Unsafe Protocol + new: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137] + detected: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137] [NetBIOS][System][Acceptable] + new: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] + detected: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + detection-update: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + new: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] + detected: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + detection-update: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + RISK: Suspicious DNS Traffic + new: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] + detected: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] + detected: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] [QUIC.Google][Web][Acceptable] + new: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] + detected: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Web][Acceptable] + new: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621] + detected: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable] + new: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] + detected: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Chat][Acceptable] + new: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] + detected: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] [Telegram][Chat][Acceptable] + new: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] + detected: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] [Telegram][Chat][Acceptable] + new: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] + detected: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Chat][Acceptable] + new: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] + detected: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] [Telegram][Chat][Acceptable] + new: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] + detected: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Chat][Acceptable] + detection-update: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + new: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] + detected: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + analyse: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Chat][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.008| 0.505| 0.099| 0.138] + [IAT(c->s)...: 0.008| 0.505| 0.069| 0.098][IAT(s->c)...: 0.026| 0.472| 0.171| 0.186] + [PKTLEN(c->s): 74.000| 234.000| 173.500| 57.300][PKTLEN(s->c): 90.000| 138.000| 118.400| 18.100] + [BINS(c->s)..: 0,5,0,4,0,13,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,1,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + new: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] + analyse: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Chat][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.007| 0.505| 0.113| 0.151] + [IAT(c->s)...: 0.049| 0.505| 0.223| 0.190][IAT(s->c)...: 0.007| 0.477| 0.082| 0.120] + [PKTLEN(c->s): 74.000| 138.000| 102.000| 28.000][PKTLEN(s->c): 90.000| 218.000| 175.300| 48.100] + [BINS(c->s)..: 0,5,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,1,4,5,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + new: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] + detected: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + update: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + update: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable] + update: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] + update: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + update: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Network][Acceptable] + update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + update: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + update: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + update: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + update: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] + detected: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] + detected: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Cloud][Acceptable] + new: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] + detected: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + detection-update: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + detection-update: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Cloud][Acceptable] + idle: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + RISK: Suspicious DNS Traffic + idle: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + idle: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + idle: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable] + idle: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Chat][Acceptable] + idle: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] [Telegram][Chat][Acceptable] + idle: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] [Telegram][Chat][Acceptable] + idle: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] [Telegram][Chat][Acceptable] + idle: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] [Telegram][Chat][Acceptable] + idle: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] [Telegram][Chat][Acceptable] + idle: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Web][Acceptable] + RISK: Suspicious DNS Traffic + idle: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] + idle: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] + idle: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + idle: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137] [NetBIOS][System][Acceptable] + idle: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][System][Dangerous] + RISK: Unsafe Protocol + idle: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Network][Acceptable] + idle: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Network][Acceptable] + idle: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Network][Acceptable] + idle: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + idle: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + idle: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] + idle: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + not-detected: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] [Unknown][Unrated] + idle: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] + idle: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable] + idle: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable] + idle: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [OpenVPN][VPN][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Web][Acceptable] + idle: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + idle: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] [Telegram][Chat][Acceptable] + idle: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Chat][Acceptable] + idle: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] [Telegram][Chat][Acceptable] + idle: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Chat][Acceptable] + idle: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Chat][Acceptable] + idle: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] [Telegram][Chat][Acceptable] + idle: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe] + idle: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] + idle: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Cloud][Acceptable] + idle: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe] + idle: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unrated] + idle: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] [QUIC.Google][Web][Acceptable] + idle: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + DAEMON-EVENT: shutdown |