DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [MIDSTREAM] DAEMON-EVENT: [Processed: 30 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] analyse: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] min| max| avg| stddev| variance| entropy [IAT.........: 0.061| 60.122| 38.821| 28.558| 815563555.209| 4.300] [PKTLEN......: 40.000| 46.000| 43.000| 3.000| 9.000| 5.000] [BINS(c->s)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1,0,1,1,0,0,1] [IATS(ms)....: 60.8,60066.5,60071.0,444.6,512.2,60052.4,60122.1,60064.1,60058.5,139.4,204.1,59876.0,59944.8,60065.8,60071.7,305.5,379.3,59710.1,59782.3,60066.2,60065.0,470.7,541.9,60021.2,60097.0,60072.0,60059.9,163.5,227.3,59834.0,59896.7] [PKTLENS.....: 46,40,46,40,40,46,46,40,46,40,40,46,46,40,46,40,40,46,46,40,46,40,40,46,46,40,46,40,40,46,46,40] [ENTROPIES...: 4.5,4.9,4.5,4.9,4.9,4.5,4.5,4.9,4.5,4.9,4.9,4.5,4.5,4.9,4.5,4.9,4.9,4.5,4.5,4.9,4.4,4.9,4.9,4.4,4.5,4.9,4.5,4.9,4.9,4.5,4.5,4.9] guessed: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] detected: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] DAEMON-EVENT: [Processed: 60 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 1|detection-updates: 0|updates: 0] new: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] detected: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] RISK: Unidirectional Traffic detection-update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] new: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] detected: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] analyse: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.491| 0.199| 0.354| 125081.829| 3.700] [PKTLEN......: 40.000| 719.000| 241.900| 219.800| 48330.300| 4.400] [BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0] [IATS(ms)....: 69.7,72.2,635.6,708.3,5.3,110.8,1347.4,1490.6,118.0,84.3,0.1,88.9,80.3,82.8,83.4,80.0,80.0,80.2,79.6,79.6,80.9,81.4,80.7,80.0,79.3,79.3,79.9,72.2,8.5,80.0,81.8] [PKTLENS.....: 46,44,46,571,40,719,46,92,40,110,40,97,495,95,495,95,495,95,495,95,495,95,495,95,495,95,495,95,46,495,95,495] [ENTROPIES...: 4.3,4.9,4.4,6.9,4.8,7.1,4.5,5.4,5.0,5.9,5.0,5.7,7.5,5.7,7.5,5.7,7.5,5.7,7.5,5.8,7.5,5.6,7.5,5.7,7.6,5.6,7.6,5.8,4.4,7.5,5.7,7.5] new: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] detected: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] new: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095] detected: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] analyse: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.007| 60.078| 8.258| 19.898| 395938807.939| 2.400] [PKTLEN......: 40.000| 717.000| 167.000| 184.800| 34140.600| 4.300] [BINS(c->s)..: 9,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,0,0,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,1,0,0,1,0,0,1,0,1,1] [IATS(ms)....: 64.1,66.7,638.8,711.0,16.5,201.4,1246.7,1463.2,104.9,69.4,22.0,94.7,71.2,78.1,7.1,87.2,75.8,84.5,84.3,76.4,307.3,280.7,43.3,5019.6,5092.3,178.8,59560.5,59727.7,60063.8,60077.6,375.9] [PKTLENS.....: 46,44,46,571,40,717,46,92,40,444,40,100,162,669,46,220,206,220,190,220,201,46,201,46,332,102,46,46,40,46,40,40] [ENTROPIES...: 4.4,5.0,4.4,7.0,5.0,7.1,4.5,5.5,5.0,7.4,5.0,5.7,6.4,7.7,4.4,6.7,6.7,6.8,6.5,6.8,6.7,4.3,6.7,4.3,7.2,5.8,4.3,4.4,4.9,4.3,4.9,4.9] end: [.....1] [ip4][..tcp] [.192.168.242.15][63340] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [.....3] [ip4][..tcp] [.192.168.242.15][63342] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] end: [.....5] [ip4][..tcp] [.192.168.242.15][63344] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 215 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 2 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2] idle: [.....2] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 245 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2] DAEMON-EVENT: [Processed: 275 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 5|skipped: 0|!detected: 0|guessed: 1|detection-updates: 1|updates: 2] new: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] detected: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] RISK: Unidirectional Traffic detection-update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] new: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] detected: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] analyse: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.478| 0.186| 0.338| 114146.574| 3.600] [PKTLEN......: 40.000| 718.000| 241.900| 219.700| 48280.000| 4.400] [BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0] [IATS(ms)....: 61.0,66.3,638.6,696.7,5.2,274.7,1166.9,1477.5,96.3,57.0,0.0,69.6,64.9,63.5,66.2,66.3,63.9,64.1,63.9,63.8,65.2,65.0,63.2,63.3,64.2,64.1,63.8,54.1,11.8,65.2,63.5] [PKTLENS.....: 46,44,46,570,40,718,46,92,40,110,40,97,495,95,495,95,495,95,495,95,495,95,495,95,495,95,495,95,46,495,95,495] [ENTROPIES...: 4.4,5.0,4.4,6.9,4.8,7.1,4.3,5.4,4.7,5.8,4.7,5.6,7.5,5.7,7.5,5.7,7.5,5.7,7.6,5.7,7.5,5.6,7.5,5.6,7.5,5.7,7.5,5.7,4.4,7.5,5.7,7.6] new: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] detected: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] new: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095] detected: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] end: [.....4] [ip4][..tcp] [.192.168.242.15][63343] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [.....7] [ip4][..tcp] [.192.168.242.15][63345] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] end: [.....9] [ip4][..tcp] [.192.168.242.15][63347] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] analyse: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.007| 60.066| 10.038| 21.842| 477077551.710| 2.600] [PKTLEN......: 40.000| 717.000| 162.200| 185.800| 34538.800| 4.300] [BINS(c->s)..: 10,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,0,1,1,0,0] [IATS(ms)....: 66.2,68.9,635.0,702.4,15.4,246.0,1210.6,1481.6,108.8,76.2,16.8,97.4,71.0,72.8,6.7,85.9,79.2,75.8,75.0,77.2,97.4,2619.5,2881.1,371.8,59569.0,59778.5,60066.0,60063.7,377.5,447.3,59622.6] [PKTLENS.....: 46,44,46,571,40,717,46,92,40,444,40,100,162,669,46,220,206,220,190,220,201,46,332,102,46,46,40,46,40,40,46,46] [ENTROPIES...: 4.4,5.0,4.4,7.0,4.9,7.1,4.5,5.4,4.9,7.5,4.8,5.7,6.5,7.7,4.4,6.7,6.8,6.8,6.7,6.8,6.7,4.5,7.3,5.9,4.4,4.5,5.0,4.5,5.0,5.0,4.5,4.5] idle: [.....6] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 424 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 1|detection-updates: 2|updates: 4] DAEMON-EVENT: [Processed: 452 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 9|skipped: 0|!detected: 0|guessed: 1|detection-updates: 2|updates: 4] new: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] detected: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] RISK: Unidirectional Traffic detection-update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] new: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] detected: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] analyse: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.475| 0.185| 0.337| 113653.596| 3.600] [PKTLEN......: 40.000| 718.000| 241.900| 219.700| 48280.000| 4.400] [BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0] [IATS(ms)....: 56.8,63.4,631.1,692.5,5.0,275.3,1167.1,1475.0,94.9,57.0,0.0,68.3,63.6,63.6,63.3,63.5,64.3,71.1,70.3,64.3,64.5,64.0,64.3,64.3,63.7,63.2,62.9,53.1,10.8,65.0,64.0] [PKTLENS.....: 46,44,46,570,40,718,46,92,40,110,40,97,495,95,495,95,495,95,495,95,495,95,495,95,495,95,495,95,46,495,95,495] [ENTROPIES...: 4.4,5.0,4.4,6.9,4.9,7.1,4.5,5.4,5.0,5.9,4.9,5.7,7.5,5.7,7.6,5.7,7.5,5.7,7.5,5.7,7.5,5.6,7.5,5.7,7.5,5.9,7.5,5.7,4.4,7.5,5.7,7.5] new: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] detected: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] end: [.....8] [ip4][..tcp] [.192.168.242.15][63346] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [....11] [ip4][..tcp] [.192.168.242.15][63348] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] analyse: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.004| 60.116| 15.667| 26.142| 683403720.524| 3.100] [PKTLEN......: 40.000| 718.000| 145.100| 181.000| 32752.900| 4.200] [BINS(c->s)..: 10,1,0,1,0,2,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,2,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,0,1,0,1,0,0,1,0,1,0,1,0,1,1] [IATS(ms)....: 65.1,68.1,678.4,747.3,17.5,94.7,1396.4,1507.7,104.4,70.6,14.5,87.7,68.9,73.0,7.0,83.6,72.6,4.3,74.3,110.5,112.2,137.1,59606.1,59757.9,60076.8,60061.1,60093.4,60092.4,60108.1,60116.2,184.2] [PKTLENS.....: 46,44,46,570,40,718,46,92,40,244,40,100,162,669,46,220,190,46,220,201,332,102,46,46,40,46,40,46,40,46,40,40] [ENTROPIES...: 4.3,5.0,4.4,7.0,4.9,7.1,4.5,5.4,5.0,6.9,4.9,5.6,6.4,7.6,4.3,6.8,6.7,4.5,6.8,6.8,7.3,5.8,4.5,4.4,4.9,4.5,4.9,4.5,4.9,4.5,4.9,5.0] DAEMON-EVENT: [Processed: 562 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 12|skipped: 0|!detected: 0|guessed: 1|detection-updates: 3|updates: 6] new: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] detected: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [....12] [ip4][..tcp] [.192.168.242.15][63349] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] new: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] detected: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] RISK: Unidirectional Traffic detection-update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable][weave-logsink.nest.com] new: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] detected: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] analyse: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.484| 0.189| 0.353| 124509.217| 3.600] [PKTLEN......: 40.000| 719.000| 241.900| 219.800| 48309.800| 4.400] [BINS(c->s)..: 4,1,1,0,0,0,0,0,0,0,0,0,0,0,10,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,0,1,0] [IATS(ms)....: 55.5,58.1,637.6,698.6,8.3,132.5,1319.8,1484.0,100.9,62.4,0.0,73.7,66.3,66.1,64.4,70.8,72.5,66.2,63.7,65.4,67.1,65.6,63.5,64.0,64.9,67.0,66.2,76.4,5.2,82.4,64.4] [PKTLENS.....: 46,44,46,570,40,719,46,92,40,110,40,97,495,95,495,95,495,95,495,95,495,95,495,95,495,95,495,95,46,495,95,495] [ENTROPIES...: 4.3,5.0,4.4,7.0,5.0,7.1,4.5,5.5,5.0,5.8,4.9,5.6,7.6,5.8,7.5,5.7,7.5,5.7,7.5,5.7,7.5,5.7,7.5,5.7,7.6,5.7,7.5,5.7,4.3,7.5,5.7,7.5] new: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] analyse: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 60.156| 9.910| 20.689| 428051338.887| 2.700] [PKTLEN......: 40.000| 717.000| 147.100| 180.100| 32452.700| 4.200] [BINS(c->s)..: 10,2,0,1,0,2,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,2,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,1,0,0,1] [IATS(ms)....: 68.6,72.2,634.4,701.9,15.9,150.9,1314.3,1491.3,109.2,71.0,18.0,93.5,70.2,72.1,7.2,80.0,74.1,77.1,76.5,41.6,115.5,208.5,59946.9,60155.8,60057.7,60124.3,30586.0,30652.9,66.9,1.3,68.3] [PKTLENS.....: 46,44,46,571,40,717,46,92,40,244,40,100,162,669,46,220,190,220,201,46,332,102,46,46,40,40,46,102,40,46,46,40] [ENTROPIES...: 4.3,4.9,4.4,6.9,4.9,7.1,4.5,5.3,5.0,6.9,5.0,5.8,6.5,7.7,4.4,6.8,6.5,6.9,6.8,4.5,7.2,5.9,4.5,4.5,5.0,5.0,4.5,5.6,5.0,4.5,4.6,5.0] detected: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] new: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095] detected: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] end: [....13] [ip4][..tcp] [.192.168.242.15][63350] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] end: [....15] [ip4][..tcp] [.192.168.242.15][63351] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] end: [....17] [ip4][..tcp] [.192.168.242.15][63353] -> [.35.188.154.186][11095] [NestLogSink][GoogleCloud][Cloud][Acceptable] update: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] analyse: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.005| 60.173| 10.045| 21.954| 481957439.865| 2.600] [PKTLEN......: 40.000| 716.000| 162.200| 185.800| 34529.800| 4.300] [BINS(c->s)..: 10,1,0,1,0,3,0,0,0,1,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,2,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0] [IATS(ms)....: 65.3,67.8,637.5,709.8,18.7,293.4,1174.5,1482.0,109.1,72.2,18.0,90.8,70.3,73.2,8.7,96.5,87.7,75.9,79.0,77.4,126.7,2595.7,2731.0,150.4,59910.8,60056.8,60173.1,60107.0,4.7,60.6,60165.3] [PKTLENS.....: 46,44,46,572,40,716,46,92,40,444,40,100,162,669,46,220,206,220,190,220,201,46,332,102,46,46,40,46,40,46,40,46] [ENTROPIES...: 4.3,5.0,4.4,6.9,5.0,7.1,4.5,5.4,4.9,7.4,4.8,5.6,6.4,7.6,4.4,6.9,6.7,6.9,6.6,7.0,6.9,4.5,7.3,5.8,4.4,4.5,4.8,4.5,4.9,4.5,4.9,4.5] idle: [....14] [ip4][..udp] [.192.168.242.15][52849] -> [..192.168.242.1][...53] [DNS][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 713 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] DAEMON-EVENT: [Processed: 743 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] DAEMON-EVENT: [Processed: 773 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 1 / 17|skipped: 0|!detected: 0|guessed: 1|detection-updates: 4|updates: 8] idle: [....16] [ip4][..tcp] [.192.168.242.15][63352] -> [..35.174.82.237][11095] [NestLogSink][AmazonAWS][Cloud][Acceptable] DAEMON-EVENT: shutdown