diff options
Diffstat (limited to 'test/results/flow-info/wa_voice.pcap.out')
| -rw-r--r-- | test/results/flow-info/wa_voice.pcap.out | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/test/results/flow-info/wa_voice.pcap.out b/test/results/flow-info/wa_voice.pcap.out new file mode 100644 index 000000000..131c2735f --- /dev/null +++ b/test/results/flow-info/wa_voice.pcap.out @@ -0,0 +1,139 @@ + DAEMON-EVENT: init + DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] + DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] + new: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] + detected: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable] + detection-update: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable] + new: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] + detected: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + detection-update: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + new: [.....3] [ip4][..tcp] [...192.168.2.12][49354] -> [...17.242.60.84][.5223] [MIDSTREAM] + detected: [.....3] [ip4][..tcp] [...192.168.2.12][49354] -> [...17.242.60.84][.5223] [ApplePush][Cloud][Acceptable] + new: [.....4] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] + detected: [.....4] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable] + new: [.....5] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] + detected: [.....5] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable] + analyse: [.....5] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 0.304| 0.044| 0.076] + [IAT(c->s)...: 0.000| 0.210| 0.042| 0.071][IAT(s->c)...: 0.000| 0.304| 0.046| 0.082] + [PKTLEN(c->s): 66.000| 352.000| 112.400| 85.000][PKTLEN(s->c): 66.000|1454.000| 532.700| 603.500] + [BINS(c->s)..: 11,3,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 4,3,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0] + new: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] + detected: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS.WhatsAppFiles][Download][Acceptable] + detection-update: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS.WhatsAppFiles][Download][Acceptable] + new: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] + detected: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] [TLS.WhatsAppFiles][Download][Acceptable] + detection-update: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] [TLS.WhatsAppFiles][Download][Acceptable] + analyse: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] [TLS.WhatsAppFiles][Download][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 0.163| 0.021| 0.048] + [IAT(c->s)...: 0.000| 0.145| 0.020| 0.045][IAT(s->c)...: 0.000| 0.163| 0.023| 0.051] + [PKTLEN(c->s): 66.000| 583.000| 145.000| 143.800][PKTLEN(s->c): 66.000|1454.000| 598.500| 615.600] + [BINS(c->s)..: 10,3,1,0,0,0,0,0,1,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 5,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0] + new: [.....8] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] + detected: [.....8] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable] + new: [.....9] [ip4][..tcp] [...17.171.47.85][..443] -> [...192.168.2.12][50502] [MIDSTREAM] + detected: [.....9] [ip4][..tcp] [...17.171.47.85][..443] -> [...192.168.2.12][50502] [TLS.Apple][Web][Safe] + new: [....10] [ip4][..udp] [169.254.162.244][50384] -> [239.255.255.250][.1900] + detected: [....10] [ip4][..udp] [169.254.162.244][50384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....11] [ip4][..udp] [....192.168.2.1][50384] -> [239.255.255.250][.1900] + detected: [....11] [ip4][..udp] [....192.168.2.1][50384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] + detected: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + new: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] + detected: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] + detected: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + new: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] + detected: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + new: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] + detected: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + new: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] + detected: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + new: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] + detected: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + new: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] + detected: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] + detected: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + detection-update: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + new: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] + detected: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] [TLS.WhatsApp][Chat][Acceptable] + detection-update: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] [TLS.WhatsApp][Chat][Acceptable] + analyse: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] [TLS.WhatsApp][Chat][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 0.129| 0.020| 0.031] + [IAT(c->s)...: 0.000| 0.129| 0.020| 0.033][IAT(s->c)...: 0.000| 0.077| 0.019| 0.028] + [PKTLEN(c->s): 66.000| 583.000| 124.800| 127.300][PKTLEN(s->c): 66.000|1454.000| 652.100| 631.500] + [BINS(c->s)..: 10,3,1,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 5,1,1,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0] + new: [....22] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] + detected: [....22] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + new: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] + detected: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][VoIP][Acceptable] + RISK: Known Proto on Non Std Port + analyse: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 12.196| 1.588| 3.050] + [IAT(c->s)...: 0.000| 12.194| 2.237| 3.447][IAT(s->c)...: 0.000| 12.196| 1.231| 2.744] + [PKTLEN(c->s): 48.000| 168.000| 108.000| 60.000][PKTLEN(s->c): 44.000| 320.000| 133.600| 98.700] + [BINS(c->s)..: 6,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 7,6,0,1,0,0,3,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + new: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] + detected: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][VoIP][Acceptable] + RISK: Known Proto on Non Std Port + analyse: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][VoIP][Acceptable] + [min|max|avg|stddev] + [IAT(flow)...: 0.000| 1.204| 0.182| 0.229] + [IAT(c->s)...: 0.000| 0.624| 0.166| 0.171][IAT(s->c)...: 0.003| 1.204| 0.202| 0.283] + [PKTLEN(c->s): 68.000| 213.000| 146.100| 41.700][PKTLEN(s->c): 86.000| 315.000| 175.500| 58.100] + [BINS(c->s)..: 1,4,0,8,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + [BINS(s->c)..: 0,2,0,4,6,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + detection-update: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] [MDNS][Network][Acceptable] + detection-update: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] [MDNS][Network][Acceptable] + new: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [MIDSTREAM] + update: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS.WhatsAppFiles][Download][Acceptable] + update: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable] + update: [.....4] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable] + update: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + new: [....26] [ip4][..udp] [...192.168.2.12][50191] -> [239.255.255.250][.1900] + detected: [....26] [ip4][..udp] [...192.168.2.12][50191] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....27] [ip4][..udp] [...192.168.2.12][57546] -> [239.255.255.250][.1900] + detected: [....27] [ip4][..udp] [...192.168.2.12][57546] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + new: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] + detected: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] [ICMP][Network][Acceptable] + idle: [.....3] [ip4][..tcp] [...192.168.2.12][49354] -> [...17.242.60.84][.5223] [ApplePush][Cloud][Acceptable] + not-detected: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] [Unknown][Unrated] + idle: [....25] [ip4][..tcp] [...192.168.2.12][49352] -> [169.254.162.244][49159] + end: [....21] [ip4][..tcp] [...192.168.2.12][50504] -> [..157.240.20.52][..443] [TLS.WhatsApp][Chat][Acceptable] + idle: [....22] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable] + idle: [....23] [ip4][..udp] [...91.252.56.51][32704] -> [...192.168.2.12][56328] [STUN.WhatsAppCall][VoIP][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....27] [ip4][..udp] [...192.168.2.12][57546] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [.....6] [ip4][..udp] [...192.168.2.12][55296] -> [....192.168.2.1][...53] [DNS.WhatsAppFiles][Download][Acceptable] + idle: [....13] [ip6][..udp] [...............fe80::414:409d:8afd:9f05][.5353] -> [...............................ff02::fb][.5353] + idle: [.....8] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable] + idle: [.....1] [ip4][..udp] [...192.168.2.12][51431] -> [....192.168.2.1][...53] [DNS.Google][Web][Acceptable] + end: [.....9] [ip4][..tcp] [...17.171.47.85][..443] -> [...192.168.2.12][50502] [TLS.Apple][Web][Safe] + idle: [....10] [ip4][..udp] [169.254.162.244][50384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....18] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + idle: [....16] [ip4][..udp] [...192.168.2.12][56328] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + idle: [....12] [ip4][..udp] [...192.168.2.12][.5353] -> [....224.0.0.251][.5353] + idle: [.....4] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable] + idle: [....24] [ip4][..udp] [...192.168.2.12][56328] -> [.....1.60.78.64][64282] [STUN.WhatsAppCall][VoIP][Acceptable] + RISK: Known Proto on Non Std Port + idle: [....26] [ip4][..udp] [...192.168.2.12][50191] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [.....7] [ip4][..tcp] [...192.168.2.12][50503] -> [....31.13.86.51][..443] [TLS.WhatsAppFiles][Download][Acceptable] + idle: [....19] [ip4][..udp] [...192.168.2.12][64716] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....11] [ip4][..udp] [....192.168.2.1][50384] -> [239.255.255.250][.1900] [SSDP][System][Acceptable] + idle: [....28] [ip4][.icmp] [...192.168.2.12] -> [...91.252.56.51] [ICMP][Network][Acceptable] + idle: [....20] [ip4][..udp] [...192.168.2.12][60549] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + idle: [.....5] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable] + idle: [....17] [ip4][..udp] [...192.168.2.12][56328] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + idle: [.....2] [ip4][..udp] [...192.168.2.12][60765] -> [....192.168.2.1][...53] [DNS.WhatsApp][Chat][Acceptable] + idle: [....15] [ip4][..udp] [...192.168.2.12][56328] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + idle: [....14] [ip4][..udp] [...192.168.2.12][56328] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable] + DAEMON-EVENT: shutdown |