DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54084] [MIDSTREAM] new: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] detected: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] new: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] detected: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] new: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] detected: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][safebrowsing.googleusercontent.com] RISK: Unidirectional Traffic detection-update: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][safebrowsing.googleusercontent.com] new: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] detected: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable][safebrowsing.googleusercontent.com] detection-update: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable][safebrowsing.googleusercontent.com] detection-update: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable][safebrowsing.googleusercontent.com] new: [.....6] [ip4][..tcp] [..192.168.1.103][47627] -> [..216.58.205.78][..443] [MIDSTREAM] new: [.....7] [ip4][..tcp] [..192.168.1.103][53220] -> [..172.217.23.78][..443] [MIDSTREAM] new: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] detected: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][ssl.gstatic.com] RISK: Unidirectional Traffic detection-update: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][ssl.gstatic.com] new: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] detected: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable][ssl.gstatic.com] RISK: Unidirectional Traffic new: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] detected: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable][docs.google.com] RISK: Unidirectional Traffic detection-update: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable][docs.google.com] new: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] detected: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable][docs.google.com] RISK: Unidirectional Traffic new: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [MIDSTREAM] new: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [MIDSTREAM] detected: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic new: [....14] [ip4][..tcp] [..192.168.1.103][40741] -> [203.205.151.211][..443] [MIDSTREAM] new: [....15] [ip4][..tcp] [..192.168.1.103][54085] -> [203.205.151.162][..443] [MIDSTREAM] new: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] new: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] detected: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] detection-update: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] analyse: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.411| 0.155| 0.181| 32640.860| 3.800] [PKTLEN......: 52.000| 5878.000| 715.500| 1101.200| 1212669.600| 3.900] [BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,1,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,1,1,0,1,1,0,1,0] [IATS(ms)....: 361.6,361.6,0.4,378.1,3.6,381.3,56.9,56.9,0.3,0.3,2.7,376.6,375.0,3.3,373.8,38.3,2.8,410.6,21.2,3.3,393.4,30.9,401.1,383.7,0.8,383.1,2.9,2.9,5.8,1.1,1.1] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1292,527,52,1480,219,52,1225,429,52,250,1140,1480,1480,52,1480,1480,52,5878,52] [ENTROPIES...: 4.7,5.2,5.0,5.8,5.2,6.8,5.0,7.5,5.0,7.3,5.0,6.3,5.8,7.8,7.6,5.1,7.9,7.0,5.0,7.8,7.4,5.2,7.1,7.8,7.9,7.9,4.9,7.9,7.9,5.0,8.0,5.1] detection-update: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [.....6] [ip4][..tcp] [..192.168.1.103][47627] -> [..216.58.205.78][..443] [TLS][Google][Web][Safe] detected: [.....7] [ip4][..tcp] [..192.168.1.103][53220] -> [..172.217.23.78][..443] [TLS][Google][Web][Safe] new: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] new: [....20] [ip4][..tcp] [..192.168.1.103][54093] -> [203.205.151.162][..443] detected: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] [MIDSTREAM] new: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] new: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] detected: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] detection-update: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [MIDSTREAM] analyse: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 4.544| 0.482| 1.044| 1090167.570| 3.200] [PKTLEN......: 52.000| 1740.000| 523.200| 556.000| 309130.700| 4.200] [BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0] [IATS(ms)....: 359.2,359.3,0.4,360.6,1.9,362.1,0.5,0.5,3.6,359.7,357.1,3.3,369.2,32.8,2.8,400.5,15.0,3.3,382.0,38.0,403.1,2.4,369.1,37.0,438.8,4139.7,3.3,4544.3,34.1,398.8,1152.6] [PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1292,527,52,1480,221,52,1225,429,52,250,1292,527,52,988,52,1292,527,52,989,52,1220] [ENTROPIES...: 4.6,5.1,5.0,5.9,5.1,6.8,5.1,7.6,5.0,6.3,6.0,7.8,7.5,5.2,7.9,7.1,5.1,7.8,7.4,5.2,7.1,7.8,7.5,5.2,7.8,5.0,7.9,7.6,5.2,7.8,5.0,7.9] analyse: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 3.384| 0.466| 0.827| 684250.497| 3.400] [PKTLEN......: 52.000| 8277.000| 746.100| 1463.300| 2141136.500| 3.600] [BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,4,0,0,1] [DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,0,0,1,1,0,0,1,1,0,0,0] [IATS(ms)....: 353.8,353.8,953.1,1178.1,225.0,127.7,4.4,132.2,0.5,0.4,0.6,0.6,1.5,362.2,361.1,371.0,4.6,375.1,3.3,3.3,3017.9,3.3,3383.9,31.2,409.0,7.4,382.2,34.6,434.3,1926.0,3.4] [PKTLENS.....: 60,60,52,290,60,52,52,1480,52,1480,52,312,52,178,103,1139,1480,1480,52,8277,52,1292,527,52,1363,1225,429,52,250,52,1292,527] [ENTROPIES...: 4.7,5.2,5.0,5.9,5.2,5.0,5.2,6.8,5.0,7.5,5.0,7.2,5.0,6.4,6.0,7.8,7.9,7.9,5.0,8.0,5.0,7.8,7.6,5.1,7.9,7.8,7.5,5.1,7.0,5.0,7.8,7.5] analyse: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 11.774| 2.195| 3.338| 11139408.724| 3.800] [PKTLEN......: 52.000| 1240.000| 398.500| 492.500| 242574.800| 4.000] [BINS(c->s)..: 8,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0] [IATS(ms)....: 0.1,1713.3,2033.8,5.9,326.4,805.5,1165.4,11414.5,11774.4,393.6,716.6,9325.0,9648.0,1906.3,2225.8,6.4,325.8,425.7,784.5,2983.4,3342.3,487.8,806.7,9.2,328.1,421.5,782.1,1181.7,1542.3,420.6,740.0] [PKTLENS.....: 250,52,1240,52,250,52,1240,52,250,52,1240,52,250,52,1240,52,250,52,1240,52,250,52,1240,52,250,52,1240,52,250,52,1240,52] [ENTROPIES...: 7.2,5.1,7.8,5.2,7.1,5.0,7.8,5.1,7.1,5.1,7.8,5.1,7.2,5.2,7.8,5.1,7.1,5.0,7.8,5.1,7.0,5.1,7.8,5.1,7.1,5.1,7.8,5.1,7.0,5.1,7.9,5.1] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] RISK: Unidirectional Traffic new: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] new: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] detected: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [TLS][Unknown][Web][Safe] detected: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] analyse: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 6.862| 1.014| 1.948| 3793749.017| 3.100] [PKTLEN......: 52.000| 1740.000| 496.000| 523.800| 274414.800| 4.200] [BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0] [IATS(ms)....: 362.7,362.7,0.7,359.8,0.7,359.7,1.8,1.8,3.2,360.0,358.1,7.2,373.9,64.6,431.4,4.5,369.6,40.0,442.3,4042.2,3.3,4448.9,74.4,439.2,6493.5,3.3,6862.2,32.1,397.5,4719.1,3.2] [PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1220,521,52,283,1292,527,52,988,52,1220,511,52,283,52,1292,527,52,989,52,1220,516] [ENTROPIES...: 4.7,5.2,5.1,5.9,5.1,6.8,5.0,7.6,4.9,6.4,6.0,7.8,7.6,5.1,7.2,7.8,7.6,5.0,7.8,5.1,7.8,7.5,4.9,7.2,5.0,7.8,7.6,5.2,7.8,5.0,7.8,7.5] analyse: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.001| 6.095| 1.335| 2.042| 4168801.845| 3.500] [PKTLEN......: 52.000| 1740.000| 437.700| 521.000| 271486.500| 4.100] [BINS(c->s)..: 9,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1] [DIRECTIONS..: 0,1,0,0,1,0,1,1,0,1,0,0,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0,1] [IATS(ms)....: 346.8,346.9,899.5,1092.8,193.2,160.5,1.8,162.3,0.6,0.5,2.9,351.9,387.2,4178.9,3.3,4577.7,29.2,386.6,5733.7,3.7,6095.0,83.0,440.7,5485.5,3.3,5845.9,30.2,387.3,1889.1,2.7,2250.0] [PKTLENS.....: 60,60,52,290,60,52,52,1480,52,1740,52,178,103,52,1292,527,52,989,52,1220,508,52,283,52,1292,527,52,989,52,1220,513,52] [ENTROPIES...: 4.8,5.2,5.0,5.9,5.3,5.1,5.1,6.8,5.0,7.6,4.9,6.4,5.9,5.0,7.8,7.6,5.0,7.8,5.0,7.8,7.6,5.1,7.2,5.1,7.8,7.5,5.1,7.8,5.1,7.8,7.6,5.1] analyse: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 45.056| 5.827| 15.097| 227916113.773| 2.000] [PKTLEN......: 52.000| 1470.000| 253.200| 422.200| 178253.900| 3.700] [BINS(c->s)..: 10,3,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,3,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,2,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,0,0,1,1,1,0,0,1,1,1,0,1,0,0,1,1,0,1,0,1] [IATS(ms)....: 48.2,48.2,0.2,52.5,0.7,53.0,2.4,2.4,0.5,0.5,4.5,7.9,13.6,51.2,2.8,0.1,28.0,0.3,26.1,2.8,10.1,38.9,0.4,0.8,0.2,45.4,2.8,45043.9,45047.5,45056.0,45052.9] [PKTLENS.....: 60,60,52,274,52,1470,52,1470,52,1428,52,137,97,881,322,100,86,52,82,52,82,558,52,90,90,86,52,52,52,52,52,52] [ENTROPIES...: 4.6,5.3,4.9,5.7,5.0,6.4,4.9,7.1,4.9,7.4,4.9,6.1,5.9,7.7,7.1,6.0,5.8,4.9,5.7,5.0,5.6,7.6,4.9,5.9,5.7,5.6,5.0,5.0,4.9,5.0,4.9,5.0] new: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] detected: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [....29] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] detected: [....29] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [....30] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] detected: [....30] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] update: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic update: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] RISK: Unidirectional Traffic new: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] new: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] detected: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] new: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] detection-update: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] detected: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] analyse: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.469| 0.183| 0.190| 36094.243| 4.000] [PKTLEN......: 52.000| 1740.000| 591.500| 612.000| 374517.100| 4.200] [BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,0,0,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,1,1,0,1,1,0] [IATS(ms)....: 366.1,366.2,0.5,368.6,0.8,368.9,8.2,8.2,3.1,367.9,365.6,3.2,378.7,92.7,2.0,469.4,27.8,1.7,407.1,30.0,408.6,3.8,397.8,10.9,404.7,396.0,0.8,396.2,0.5,1.2,1.8] [PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1292,527,52,1480,330,52,1225,429,52,250,1225,429,52,250,1140,1480,1480,52,1480,1480,52] [ENTROPIES...: 4.7,5.1,4.8,5.8,5.2,6.8,5.1,7.6,5.0,6.2,6.0,7.8,7.5,5.1,7.9,7.3,5.0,7.8,7.4,5.0,7.0,7.8,7.4,5.1,7.1,7.8,7.9,7.8,4.9,7.9,7.9,5.0] detected: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] analyse: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.647| 0.130| 0.182| 33080.510| 3.500] [PKTLEN......: 52.000| 3120.000| 817.600| 861.600| 742326.200| 4.200] [BINS(c->s)..: 11,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 2,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,2] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,1] [IATS(ms)....: 360.8,360.9,1.1,320.2,2.0,321.1,0.8,0.8,0.5,0.5,2.5,331.8,329.8,339.6,0.8,339.8,0.5,4.5,5.1,2.5,2.5,1.1,1.1,271.4,646.7,0.8,376.1,0.5,0.9,1.5,0.5] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1140,1480,1480,52,1480,1480,52,2908,52,3120,52,1140,1480,1480,52,1480,1480,52,1480] [ENTROPIES...: 4.7,5.2,5.0,5.9,5.1,6.8,5.1,7.5,5.0,7.3,5.0,6.4,5.8,7.9,7.9,7.9,5.1,7.9,7.9,5.0,7.9,5.0,7.9,5.0,7.8,7.9,7.9,5.0,7.9,7.9,5.1,7.9] detection-update: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] analyse: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.952| 0.213| 0.233| 54375.543| 4.000] [PKTLEN......: 52.000| 1740.000| 543.300| 599.100| 358890.200| 4.100] [BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,2,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,2,0,1,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,0,0,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,1,0,0,0,1,1,0,0,1,0,1,0,1] [IATS(ms)....: 378.9,379.0,0.4,354.0,2.4,356.0,2.8,2.8,1.0,367.4,367.3,4.4,365.8,31.1,394.9,3.2,367.9,55.9,2.8,420.1,17.9,0.8,381.3,34.8,434.3,543.1,951.7,371.6,0.5,0.5,1.3] [PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1225,429,52,250,1292,527,52,1480,216,52,1225,429,52,250,52,1140,1480,52,1480,52,1480] [ENTROPIES...: 4.7,5.2,5.1,5.9,5.1,6.8,5.0,7.6,5.0,6.4,6.1,7.8,7.4,5.1,7.1,7.8,7.6,5.1,7.9,7.0,5.0,7.8,7.4,5.1,7.1,5.0,7.8,7.9,5.1,7.9,5.1,7.9] guessed: [.....1] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54084] [TLS][Unknown][Web][Safe] end: [.....1] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54084] guessed: [....15] [ip4][..tcp] [..192.168.1.103][54085] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....15] [ip4][..tcp] [..192.168.1.103][54085] -> [203.205.151.162][..443] guessed: [....14] [ip4][..tcp] [..192.168.1.103][40741] -> [203.205.151.211][..443] [TLS][Unknown][Web][Safe] end: [....14] [ip4][..tcp] [..192.168.1.103][40741] -> [203.205.151.211][..443] new: [....37] [ip4][..tcp] [..192.168.1.103][54109] -> [203.205.151.162][..443] [MIDSTREAM] new: [....38] [ip4][..tcp] [..192.168.1.103][54110] -> [203.205.151.162][..443] [MIDSTREAM] new: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] new: [....40] [ip4][..tcp] [..192.168.1.103][54112] -> [203.205.151.162][..443] detected: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443] [MIDSTREAM] end: [....16] [ip4][..tcp] [..192.168.1.103][54089] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....17] [ip4][..tcp] [..192.168.1.103][54090] -> [203.205.151.162][..443] end: [....18] [ip4][..tcp] [..192.168.1.103][54091] -> [203.205.151.162][..443] end: [....19] [ip4][..tcp] [..192.168.1.103][54092] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] guessed: [....20] [ip4][..tcp] [..192.168.1.103][54093] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....20] [ip4][..tcp] [..192.168.1.103][54093] -> [203.205.151.162][..443] end: [....22] [ip4][..tcp] [..192.168.1.103][54094] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....23] [ip4][..tcp] [..192.168.1.103][54095] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....24] [ip4][..tcp] [..192.168.1.103][54096] -> [203.205.151.162][..443] end: [....26] [ip4][..tcp] [..192.168.1.103][54097] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....27] [ip4][..tcp] [..192.168.1.103][54098] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....31] [ip4][..tcp] [..192.168.1.103][54099] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....32] [ip4][..tcp] [..192.168.1.103][54100] -> [203.205.151.162][..443] end: [....33] [ip4][..tcp] [..192.168.1.103][54101] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....34] [ip4][..tcp] [..192.168.1.103][54102] -> [203.205.151.162][..443] end: [....35] [ip4][..tcp] [..192.168.1.103][54103] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....36] [ip4][..tcp] [..192.168.1.103][54104] -> [203.205.151.162][..443] idle: [.....4] [ip4][..udp] [..192.168.1.103][53734] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....10] [ip4][..udp] [..192.168.1.103][55862] -> [..192.168.1.254][...53] [DNS.GoogleDocs][Unknown][Network][Acceptable] end: [.....7] [ip4][..tcp] [..192.168.1.103][53220] -> [..172.217.23.78][..443] idle: [.....9] [ip4][..udp] [..192.168.1.103][51507] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic idle: [.....8] [ip4][..udp] [..192.168.1.103][46078] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....11] [ip4][..udp] [..192.168.1.103][57591] -> [..216.58.198.46][..443] [QUIC.GoogleDocs][Google][Collaborative][Acceptable] RISK: Unidirectional Traffic end: [.....6] [ip4][..tcp] [..192.168.1.103][47627] -> [..216.58.205.78][..443] end: [....25] [ip4][..tcp] [..192.168.1.103][40740] -> [203.205.151.211][..443] [TLS][Unknown][Web][Safe] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] update: [....29] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [....30] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] new: [....43] [ip4][..tcp] [..192.168.1.103][54114] -> [203.205.151.162][..443] detected: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] new: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] detected: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun][res.wx.qq.com] RISK: Unidirectional Traffic detection-update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun][res.wx.qq.com] new: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] new: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443] detected: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Tencent][Chat][Fun][res.wx.qq.com] analyse: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 6.615| 0.560| 1.552| 2408711.979| 2.600] [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299293.400| 4.100] [BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,0,1,1,0,0,1,1] [IATS(ms)....: 315.2,315.3,0.4,318.4,1.9,319.8,0.5,0.5,1.1,1.1,2.6,316.6,315.1,4.6,327.3,29.7,2.7,353.9,21.7,4.6,350.0,32.2,392.6,18.0,3.3,380.6,36.9,359.5,6259.0,6615.4,265.6] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1292,527,52,1480,112,52,1225,429,52,250,52,1292,527,52,989,52,1113,52,1480] [ENTROPIES...: 4.7,5.2,5.0,5.9,5.2,6.8,5.1,7.5,5.1,7.3,5.1,6.3,6.0,7.8,7.6,5.1,7.9,6.3,5.0,7.8,7.4,5.1,7.0,5.0,7.8,7.6,5.2,7.8,5.1,7.8,5.1,7.9] detection-update: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Tencent][Chat][Fun][res.wx.qq.com] RISK: Weak TLS Cipher detection-update: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] [TLS.QQ][Tencent][Chat][Fun][res.wx.qq.com] RISK: Weak TLS Cipher new: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] detected: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][ssl.gstatic.com] RISK: Unidirectional Traffic detection-update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][ssl.gstatic.com] new: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] detected: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable][ssl.gstatic.com] RISK: Unidirectional Traffic new: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] detected: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][giovanni-pc] RISK: Unsafe Protocol update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] new: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] detected: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic analyse: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.807| 0.648| 1.839| 3381034.746| 2.500] [PKTLEN......: 52.000| 1480.000| 445.300| 494.600| 244586.200| 4.200] [BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,0,0,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0] [IATS(ms)....: 325.2,325.3,0.5,328.0,0.7,328.2,0.4,0.4,3.9,3.9,2.7,325.9,324.6,3.2,337.6,77.1,411.9,3.8,340.3,28.0,402.7,7430.7,3.8,7807.0,79.9,412.5,2.9,0.4,340.1,30.3,405.8] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1220,524,52,283,1292,527,52,988,52,1220,519,52,283,52,1292,527,52,989,52] [ENTROPIES...: 4.7,5.2,4.9,5.8,5.1,6.8,5.0,7.5,5.1,7.2,5.0,6.4,5.9,7.8,7.5,5.1,7.2,7.8,7.6,5.1,7.8,5.0,7.8,7.5,5.1,7.1,5.1,7.8,7.5,5.1,7.8,5.0] analyse: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 183.801| 12.094| 33.303| 1109122757.951| 2.600] [PKTLEN......: 68.000| 68.000| 68.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 0.3,1000.4,2000.4,14687.4,0.3,1000.2,2000.4,21831.6,0.4,1000.5,2000.8,26318.9,0.4,1000.3,2000.5,41917.2,0.4,1000.2,2000.7,183800.6,0.4,1000.9,2001.0,33299.7,0.4,1000.7,2000.5,29037.0,0.3,1000.2,2000.7] [PKTLENS.....: 68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68,68] [ENTROPIES...: 4.3,4.3,4.3,4.2,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.2,4.2,4.2,4.3,4.3,4.3,4.2,4.3,4.3,4.2,4.2,4.3,4.3,4.3,4.3,4.3,4.3,4.3,4.2,4.2] analyse: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 183.800| 12.094| 33.303| 1109120811.794| 2.600] [PKTLEN......: 88.000| 88.000| 88.000| 0.000| 0.000| 5.000] [BINS(c->s)..: 0,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [IATS(ms)....: 0.3,1000.4,2000.4,14687.4,0.3,1000.3,2000.4,21831.5,0.4,1000.6,2000.8,26318.9,0.4,1000.4,2000.5,41917.1,0.3,1000.2,2000.8,183800.4,0.3,1001.0,2001.0,33299.7,0.4,1000.7,2000.5,29036.9,0.3,1000.3,2000.7] [PKTLENS.....: 88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88,88] [ENTROPIES...: 3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8,3.8] new: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] new: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] detected: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detected: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] detection-update: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun][web.wechat.com] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] analyse: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 7.133| 0.619| 1.664| 2769657.004| 2.700] [PKTLEN......: 52.000| 1480.000| 478.200| 547.100| 299307.700| 4.100] [BINS(c->s)..: 8,0,0,1,0,0,0,1,0,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,1,0,2,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,2,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,1,1,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0] [IATS(ms)....: 356.2,356.2,0.4,353.3,0.7,353.6,0.7,0.7,0.3,0.3,2.4,365.6,364.5,5.6,381.3,26.7,2.8,403.9,13.5,5.0,378.8,57.2,418.9,4.2,370.5,28.2,433.2,6695.6,7132.7,143.5,540.7] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1292,527,52,1480,112,52,1225,429,52,249,1292,527,52,989,52,1113,52,1480,52] [ENTROPIES...: 4.6,5.1,4.8,5.8,5.0,6.8,5.0,7.5,4.9,7.2,4.9,6.3,5.9,7.8,7.5,5.1,7.9,6.2,4.8,7.8,7.5,5.1,7.1,7.8,7.6,5.1,7.8,4.9,7.8,5.0,7.9,4.9] guessed: [....37] [ip4][..tcp] [..192.168.1.103][54109] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....37] [ip4][..tcp] [..192.168.1.103][54109] -> [203.205.151.162][..443] guessed: [....38] [ip4][..tcp] [..192.168.1.103][54110] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....38] [ip4][..tcp] [..192.168.1.103][54110] -> [203.205.151.162][..443] update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic new: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] detected: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][web.wechat.com] RISK: Unidirectional Traffic detection-update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][web.wechat.com] new: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] new: [....56] [ip4][..tcp] [..192.168.1.103][58037] -> [203.205.147.171][..443] detected: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] end: [....39] [ip4][..tcp] [..192.168.1.103][54111] -> [203.205.151.162][..443] guessed: [....40] [ip4][..tcp] [..192.168.1.103][54112] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....40] [ip4][..tcp] [..192.168.1.103][54112] -> [203.205.151.162][..443] new: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] new: [....58] [ip4][..tcp] [..192.168.1.103][58039] -> [203.205.147.171][..443] detected: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] analyse: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.509| 0.286| 0.565| 319614.583| 3.400] [PKTLEN......: 52.000| 1740.000| 537.900| 561.400| 315202.600| 4.200] [BINS(c->s)..: 7,0,0,1,0,0,0,1,0,0,0,2,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,3,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,1,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,1,1,0,0,1,1,0,0,0,1,1,0,0,0,1,1,0,0,0] [IATS(ms)....: 266.6,266.7,0.4,272.2,1.3,273.1,0.6,0.6,2.9,271.8,269.6,3.2,281.4,29.7,327.6,3.2,299.6,37.4,350.9,50.9,3.2,368.6,30.2,307.1,2227.6,3.2,2508.5,50.9,328.7,16.1,3.1] [PKTLENS.....: 60,60,52,290,52,1480,52,1740,52,178,103,1292,527,52,1357,1225,429,52,250,52,1292,527,52,990,52,1292,527,52,1367,52,1225,429] [ENTROPIES...: 4.7,5.3,5.1,5.9,5.1,6.8,5.0,7.6,5.0,6.3,5.9,7.8,7.5,5.1,7.8,7.8,7.4,5.1,7.1,5.0,7.8,7.6,5.1,7.8,4.9,7.8,7.6,5.1,7.9,4.9,7.8,7.4] guessed: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic end: [....41] [ip4][..tcp] [..192.168.1.103][54106] -> [203.205.151.162][..443] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] update: [....29] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [....30] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] update: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] new: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] detected: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] new: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] detected: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] new: [....61] [ip4][..udp] [..192.168.1.100][54124] -> [....224.0.0.252][.5355] detected: [....61] [ip4][..udp] [..192.168.1.100][54124] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] detected: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] detected: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] detected: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....65] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][49195] -> [..............................ff02::1:3][.5355] detected: [....65] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][49195] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] detected: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....67] [ip4][..udp] [..192.168.1.100][..137] -> [..192.168.1.255][..137] detected: [....67] [ip4][..udp] [..192.168.1.100][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][lbjamwptxz] end: [....42] [ip4][..tcp] [..192.168.1.103][54113] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] update: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] update: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] update: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic guessed: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443] [TLS][Tencent][Web][Safe] end: [....46] [ip4][..tcp] [..192.168.1.103][43851] -> [.203.205.158.34][..443] guessed: [....43] [ip4][..tcp] [..192.168.1.103][54114] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] end: [....43] [ip4][..tcp] [..192.168.1.103][54114] -> [203.205.151.162][..443] update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] end: [....45] [ip4][..tcp] [..192.168.1.103][43850] -> [.203.205.158.34][..443] end: [....50] [ip4][..tcp] [..192.168.1.103][54117] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....51] [ip4][..tcp] [..192.168.1.103][54118] -> [203.205.151.162][..443] idle: [....44] [ip4][..udp] [..192.168.1.103][19041] -> [..192.168.1.254][...53] [DNS.QQ][Unknown][Network][Fun] idle: [....47] [ip4][..udp] [..192.168.1.103][60562] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable] idle: [....48] [ip4][..udp] [..192.168.1.103][35601] -> [..172.217.23.67][..443] [QUIC.Google][Google][Web][Acceptable] RISK: Unidirectional Traffic update: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....61] [ip4][..udp] [..192.168.1.100][54124] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....67] [ip4][..udp] [..192.168.1.100][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....65] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][49195] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] detected: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] new: [....69] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] detected: [....69] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][iphonedimonica] new: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] detected: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] new: [....71] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [...............................ff02::16] detected: [....71] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] new: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] new: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] detected: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] analyse: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.577| 0.182| 0.352| 123851.137| 3.200] [PKTLEN......: 52.000| 1480.000| 545.600| 599.000| 358844.300| 4.100] [BINS(c->s)..: 7,0,0,1,0,0,0,1,1,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,1,0,0,0,0,0,5,0,0,0] [BINS(s->c)..: 6,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,1,0,0,0,0,0,0,0,1,1,1,1,0,0,0,1,1,0,0,0] [IATS(ms)....: 268.3,268.4,0.5,270.4,0.8,270.7,0.4,0.4,1.0,1.0,2.8,273.1,271.4,0.2,0.0,0.0,0.0,0.0,1.2,289.4,22.8,22.4,9.7,380.7,1255.6,5.0,1577.0,73.3,351.0,6.0,3.3] [PKTLENS.....: 60,60,52,290,52,1480,52,1480,52,312,52,178,103,1232,1480,1480,1480,1480,1480,315,52,52,52,143,52,1220,513,52,283,52,1292,527] [ENTROPIES...: 4.7,5.2,4.9,5.8,5.0,6.8,4.8,7.5,4.8,7.2,4.9,6.3,5.9,7.8,7.9,7.9,7.9,7.9,7.9,7.2,5.0,4.8,4.9,6.4,5.0,7.8,7.5,5.1,7.2,4.9,7.8,7.5] detection-update: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detected: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] end: [....52] [ip4][..tcp] [..192.168.1.103][54119] -> [203.205.151.162][..443] [TLS.WeChat][Unknown][Chat][Fun] end: [....53] [ip4][..tcp] [..192.168.1.103][54120] -> [203.205.151.162][..443] update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] update: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] update: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] end: [....55] [ip4][..tcp] [..192.168.1.103][58036] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] update: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....69] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] update: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....61] [ip4][..udp] [..192.168.1.100][54124] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....67] [ip4][..udp] [..192.168.1.100][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] update: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol update: [....65] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][49195] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] update: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] update: [....71] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] update: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] update: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] update: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] new: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] detected: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] detection-update: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun][web.wechat.com] guessed: [....56] [ip4][..tcp] [..192.168.1.103][58037] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] end: [....56] [ip4][..tcp] [..192.168.1.103][58037] -> [203.205.147.171][..443] update: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] update: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] update: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] DAEMON-EVENT: [Processed: 1552 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 30 / 75|skipped: 0|!detected: 0|guessed: 11|detection-updates: 63|updates: 72] new: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [MIDSTREAM] detected: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] [TLS][Unknown][Web][Safe] RISK: Unidirectional Traffic new: [....77] [ip4][..tcp] [..192.168.1.103][54205] -> [.64.233.167.188][..443] [MIDSTREAM] idle: [....66] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50577] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [.....3] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....69] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable] idle: [....62] [ip4][..udp] [..192.168.1.100][49832] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....30] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....29] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....28] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] idle: [....61] [ip4][..udp] [..192.168.1.100][54124] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....67] [ip4][..udp] [..192.168.1.100][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable] idle: [....49] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [....65] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][49195] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] end: [....57] [ip4][..tcp] [..192.168.1.103][58038] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] guessed: [....58] [ip4][..tcp] [..192.168.1.103][58039] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] end: [....58] [ip4][..tcp] [..192.168.1.103][58039] -> [203.205.147.171][..443] end: [....72] [ip4][..tcp] [..192.168.1.103][58040] -> [203.205.147.171][..443] [TLS.WeChat][Tencent][Chat][Fun] end: [....73] [ip4][..tcp] [..192.168.1.103][58041] -> [203.205.147.171][..443] end: [....74] [ip4][..tcp] [..192.168.1.103][58042] -> [203.205.147.171][..443] idle: [....70] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff86:6c5b] [ICMPV6][Unknown][Network][Acceptable] idle: [....59] [ip4][..udp] [..192.168.1.100][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [.....2] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....54] [ip4][..udp] [..192.168.1.103][60356] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun] idle: [....71] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable] idle: [....68] [ip6][icmp6] [...............fe80::842:a3f3:a286:6c5b] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable] idle: [....63] [ip4][..udp] [..192.168.1.100][57401] -> [....224.0.0.252][.5355] [LLMNR][Unknown][Network][Acceptable] idle: [....60] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable] idle: [....64] [ip6][..udp] [..............fe80::91f9:3df3:7436:6cd6][50440] -> [..............................ff02::1:3][.5355] [LLMNR][Unknown][Network][Acceptable] new: [....78] [ip4][..tcp] [..192.168.1.103][39207] -> [...95.101.34.34][...80] [MIDSTREAM] new: [....79] [ip4][..tcp] [..192.168.1.103][34996] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....80] [ip4][..tcp] [..192.168.1.103][34999] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....81] [ip4][..tcp] [..192.168.1.103][35000] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....82] [ip4][..tcp] [..192.168.1.103][39231] -> [...95.101.34.34][...80] [MIDSTREAM] new: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] [MIDSTREAM] new: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] detected: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic new: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [MIDSTREAM] new: [....86] [ip4][..tcp] [..192.168.1.103][39195] -> [...95.101.34.34][...80] [MIDSTREAM] new: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] [MIDSTREAM] new: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] [MIDSTREAM] new: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] detected: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][webpush.web.wechat.com] RISK: Unidirectional Traffic new: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] detected: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][webpush.web.wechat.com] RISK: Unidirectional Traffic new: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] detected: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][webpush.web.wechat.com] RISK: Unidirectional Traffic new: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] detected: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][webpush.web.wechat.com] RISK: Unidirectional Traffic new: [....93] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] detected: [....93] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] new: [....94] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] detected: [....94] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] new: [....95] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] detected: [....95] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] new: [....96] [ip4][....2] [..192.168.1.108] -> [.....224.0.0.22] detected: [....96] [ip4][....2] [..192.168.1.108] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] new: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] detected: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] new: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] detected: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local] update: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic update: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] update: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] update: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] update: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] detected: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic new: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] detected: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] [DNS.WeChat][Unknown][Network][Fun][webpush.web.wechat.com] RISK: Unidirectional Traffic new: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] detected: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][ssl.gstatic.com.lan] RISK: Unidirectional Traffic new: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] detected: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][ssl.gstatic.com.lan] RISK: Unidirectional Traffic new: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] detected: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] RISK: Unidirectional Traffic new: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] detected: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org] RISK: Unidirectional Traffic detection-update: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org] RISK: Unidirectional Traffic new: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] detected: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][giovanni-pc] RISK: Unsafe Protocol new: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] detected: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] [DNS.Google][Unknown][Network][Acceptable][ssl.gstatic.com] RISK: Unidirectional Traffic new: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] detected: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org.lan] RISK: Unidirectional Traffic detection-update: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][1.debian.pool.ntp.org.lan] RISK: Unidirectional Traffic new: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] detected: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] RISK: Unidirectional Traffic new: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] detected: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][2.debian.pool.ntp.org] RISK: Unidirectional Traffic detection-update: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][2.debian.pool.ntp.org] RISK: Unidirectional Traffic new: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] detected: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] [DNS][Unknown][Network][Acceptable][webpush.web.wechat.com.lan] RISK: Unidirectional Traffic idle: [...105] [ip4][..udp] [..192.168.1.103][42589] -> [..192.168.1.254][...53] idle: [....98] [ip6][..udp] [..............fe80::7a92:9cff:fe0f:a88e][.5353] -> [...............................ff02::fb][.5353] end: [....85] [ip4][..tcp] [..192.168.1.103][58143] -> [.216.58.205.131][..443] idle: [....84] [ip4][..udp] [..192.168.1.103][37578] -> [193.204.114.233][..123] [NTP][Unknown][System][Acceptable] RISK: Unidirectional Traffic idle: [...106] [ip4][..udp] [..192.168.1.103][42856] -> [..192.168.1.254][...53] idle: [....96] [ip4][....2] [..192.168.1.108] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....95] [ip4][....2] [..192.168.1.100] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....94] [ip4][....2] [..192.168.1.103] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable] idle: [....93] [ip4][....2] [..192.168.1.254] -> [......224.0.0.1] [IGMP][Unknown][Network][Acceptable] guessed: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....87] [ip4][..tcp] [..192.168.1.103][52020] -> [.95.101.180.179][...80] idle: [...100] [ip4][..udp] [..192.168.1.103][59567] -> [..192.168.1.254][...53] idle: [...104] [ip4][..udp] [..192.168.1.100][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous] RISK: Unsafe Protocol idle: [...109] [ip4][..udp] [..192.168.1.103][53515] -> [..192.168.1.254][...53] idle: [....90] [ip4][..udp] [..192.168.1.103][43317] -> [..192.168.1.254][...53] idle: [....99] [ip4][..udp] [..192.168.1.103][45366] -> [..192.168.1.254][...53] guessed: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] idle: [....75] [ip4][..tcp] [..192.168.1.103][58043] -> [203.205.147.171][..443] guessed: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] [Google][Google][Web][Acceptable] idle: [....12] [ip4][..tcp] [..192.168.1.103][36017] -> [.64.233.167.188][.5228] idle: [.....5] [ip4][..tcp] [..192.168.1.103][38657] -> [..172.217.22.14][..443] [TLS.Google][Google][Web][Acceptable] idle: [....13] [ip4][..tcp] [203.205.151.162][..443] -> [..192.168.1.103][54058] [TLS][Unknown][Web][Safe] idle: [....97] [ip4][..udp] [..192.168.1.103][.5353] -> [....224.0.0.251][.5353] guessed: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] [TLS][Tencent][Web][Safe] RISK: Unidirectional Traffic end: [....88] [ip4][..tcp] [..192.168.1.103][58226] -> [203.205.147.171][..443] idle: [....76] [ip4][..tcp] [..192.168.1.103][54183] -> [203.205.151.162][..443] idle: [...102] [ip4][..udp] [..192.168.1.103][43705] -> [..192.168.1.254][...53] idle: [...108] [ip4][..udp] [..192.168.1.103][41759] -> [..192.168.1.254][...53] idle: [....89] [ip4][..udp] [..192.168.1.103][58165] -> [..192.168.1.254][...53] idle: [...103] [ip4][..udp] [..192.168.1.103][44063] -> [..192.168.1.254][...53] idle: [....91] [ip4][..udp] [..192.168.1.103][56367] -> [..192.168.1.254][...53] idle: [...101] [ip4][..udp] [..192.168.1.103][42074] -> [..192.168.1.254][...53] idle: [....92] [ip4][..udp] [..192.168.1.103][33915] -> [..192.168.1.254][...53] idle: [...107] [ip4][..udp] [..192.168.1.103][44346] -> [..192.168.1.254][...53] guessed: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....83] [ip4][..tcp] [..192.168.1.103][34981] -> [...95.101.34.33][...80] guessed: [....79] [ip4][..tcp] [..192.168.1.103][34996] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....79] [ip4][..tcp] [..192.168.1.103][34996] -> [...95.101.34.33][...80] guessed: [....80] [ip4][..tcp] [..192.168.1.103][34999] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....80] [ip4][..tcp] [..192.168.1.103][34999] -> [...95.101.34.33][...80] guessed: [....81] [ip4][..tcp] [..192.168.1.103][35000] -> [...95.101.34.33][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....81] [ip4][..tcp] [..192.168.1.103][35000] -> [...95.101.34.33][...80] guessed: [....77] [ip4][..tcp] [..192.168.1.103][54205] -> [.64.233.167.188][..443] [TLS][Google][Web][Safe] RISK: Unidirectional Traffic idle: [....77] [ip4][..tcp] [..192.168.1.103][54205] -> [.64.233.167.188][..443] guessed: [....86] [ip4][..tcp] [..192.168.1.103][39195] -> [...95.101.34.34][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....86] [ip4][..tcp] [..192.168.1.103][39195] -> [...95.101.34.34][...80] guessed: [....78] [ip4][..tcp] [..192.168.1.103][39207] -> [...95.101.34.34][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....78] [ip4][..tcp] [..192.168.1.103][39207] -> [...95.101.34.34][...80] guessed: [....82] [ip4][..tcp] [..192.168.1.103][39231] -> [...95.101.34.34][...80] [HTTP][Unknown][Web][Acceptable][] RISK: Unidirectional Traffic end: [....82] [ip4][..tcp] [..192.168.1.103][39231] -> [...95.101.34.34][...80] guessed: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] [TLS][Google][Web][Safe] idle: [....21] [ip4][..tcp] [..192.168.1.103][49787] -> [.216.58.205.142][..443] DAEMON-EVENT: shutdown