DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] new: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] detected: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port detected: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port new: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] detected: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic new: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] detected: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port, Unidirectional Traffic analyse: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.070| 0.172| 0.377| 142420.984| 2.500] [PKTLEN......: 176.000| 1496.000| 1135.200| 450.400| 202833.500| 4.900] [BINS(c->s)..: 0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,2,6,0,0] [BINS(s->c)..: 0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,0,6,0,0] [DIRECTIONS..: 0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,0,0] [IATS(ms)....: 0.2,27.5,0.0,0.0,27.5,0.2,0.1,0.2,0.2,0.1,15.4,0.0,41.8,0.0,0.0,1058.0,0.3,0.3,1003.7,0.1,1.8,0.2,45.3,0.1,0.0,1024.1,0.1,1069.5,0.1,1001.4,0.3] [PKTLENS.....: 672,720,224,1472,768,216,1256,176,1296,1464,760,672,720,1264,176,1296,1344,1464,1360,1472,1488,1472,1480,1344,1472,1360,1488,1488,1488,1480,1496,1480] [ENTROPIES...: 7.7,7.7,7.1,7.8,7.8,6.9,7.9,6.8,7.9,7.8,7.7,7.7,7.7,7.9,6.8,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.8,7.9,7.9,7.9,7.9,7.9,7.9,7.9,7.9] analyse: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][Unknown][VPN][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.412| 0.291| 0.559| 312123.949| 2.900] [PKTLEN......: 104.000| 1480.000| 1011.000| 450.300| 202783.000| 4.800] [BINS(c->s)..: 0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,2,1,0,0,1,0,0] [BINS(s->c)..: 0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,1,2,2,2,0,0,2,3,0,0] [DIRECTIONS..: 0,0,0,1,1,1,1,0,0,0,1,1,1,1,1,1,0,0,0,1,1,0,1,1,1,1,1,1,1,1,0,0] [IATS(ms)....: 0.1,0.0,0.6,0.5,0.2,0.1,1049.1,0.0,0.0,1048.0,0.1,0.2,0.1,0.1,0.1,44.1,0.0,0.0,1044.7,0.3,1022.0,20.6,1001.5,0.3,0.2,363.6,1001.2,0.1,0.1,2412.5,0.0] [PKTLENS.....: 752,1472,944,720,1256,1472,944,1056,656,320,1048,176,1296,512,656,320,176,1296,512,1464,1360,1360,1360,1472,1336,1304,104,1480,1464,1328,1376,1360] [ENTROPIES...: 7.7,7.9,7.8,7.7,7.9,7.9,7.8,7.8,7.7,7.3,7.8,6.7,7.8,7.6,7.7,7.2,7.0,7.9,7.6,7.9,7.9,7.9,7.8,7.8,7.9,7.8,6.2,7.9,7.9,7.9,7.9,7.9] end: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port idle: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port idle: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port end: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] [TINC][Unknown][VPN][Acceptable] RISK: Known Proto on Non Std Port DAEMON-EVENT: shutdown