DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type new: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] detected: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) ERROR-EVENT: Unknown packet type new: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] detected: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol detection-update: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol ERROR-EVENT: Unknown packet type new: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] detected: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol detection-update: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type new: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] detected: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type new: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] detected: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][System][Dangerous] RISK: Unsafe Protocol ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type analyse: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] [TLS.Tor][VPN][Potentially Dangerous] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 31.166| 2.329| 7.550|56997495.964| 0.000] [PKTLEN......: 54.000| 1514.000| 369.800| 354.900|125974.500| 4.300] [BINS(c->s)..: 4,0,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,1,0,1,1,0,0,1,1,0,1,1,0,1] [IATS(ms)....: 143.8,144.2,0.4,152.7,0.2,159.6,171.7,164.7,190.9,0.1,190.7,0.6,185.1,185.5,145.1,5.7,151.7,184.2,104.7,290.0,146.6,2536.0,2930.5,30770.7,31166.0,0.9,147.0,185.7,696.5,885.2,147.1,0.0] [PKTLENS.....: 66,66,60,278,54,983,252,113,128,1514,140,60,640,54,640,54,640,640,54,640,640,54,640,60,640,54,640,640,54,640,640,54] analyse: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] [TLS][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 37.996| 2.549| 9.274|86002509.021| 0.000] [PKTLEN......: 54.000| 1514.000| 462.800| 476.200|226793.400| 4.300] [BINS(c->s)..: 5,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,1,0,0,1,0,1,1,1,0,1,1] [IATS(ms)....: 71.0,71.3,6.7,104.3,10.8,112.6,88.6,84.6,73.7,0.1,73.7,0.8,108.4,107.7,67.8,2.3,74.6,103.6,101.8,113.4,368.7,686.5,37720.4,37995.8,68.2,67.5,104.0,189.0,360.8,68.7,0.2,0.0] [PKTLENS.....: 66,66,60,269,54,802,188,113,128,1514,156,60,640,54,640,54,640,640,640,640,54,640,60,640,54,640,54,640,1514,60,1514,1514] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type update: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] ERROR-EVENT: Unknown packet type new: [.....6] [ip4][..tcp] [..192.168.1.252][51104] -> [...157.56.30.46][..443] [MIDSTREAM] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type update: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][System][Dangerous] RISK: Unsafe Protocol ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type analyse: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] [TLS.Tor][VPN][Potentially Dangerous] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 71.328| 4.658| 14.789|218716025.389| 0.000] [PKTLEN......: 54.000| 1514.000| 344.600| 347.100|120444.200| 4.300] [BINS(c->s)..: 6,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,1,0,0] [IATS(ms)....: 73.4,74.4,0.4,74.1,3.2,80.2,86.1,83.2,77.3,0.1,76.2,0.8,117.2,116.3,75.2,24.0,101.9,114.5,465.6,429.3,3.5,80.8,117.0,388.8,507.3,75.9,393.9,666.2,34353.1,34399.0,71328.4,0.0] [PKTLENS.....: 66,66,60,276,54,803,188,113,128,1514,156,60,640,54,640,54,640,640,54,640,54,640,640,54,640,640,54,640,60,640,60,60] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type new: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] new: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] detected: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detected: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol detection-update: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol ERROR-EVENT: Unknown packet type new: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] detected: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) analyse: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] [TLS.Tor][VPN][Potentially Dangerous] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.991| 0.147| 0.220|48576.569| 0.000] [PKTLEN......: 54.000| 1514.000| 362.200| 347.100|120448.800| 4.400] [BINS(c->s)..: 4,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,1,0,1,1,0,0,1,1,0,1,1,0,1] [IATS(ms)....: 64.4,65.8,9.5,82.1,4.2,79.8,91.0,88.4,79.6,0.1,78.2,0.9,110.0,109.4,69.1,1.5,80.2,113.6,35.7,145.8,70.8,343.7,637.5,693.9,990.9,1.6,72.0,109.0,69.0,180.1,69.9,0.0] [PKTLENS.....: 66,66,60,267,54,802,188,113,128,1514,156,60,640,54,640,54,640,640,54,640,640,54,640,60,640,54,640,640,54,640,640,54] ERROR-EVENT: Unknown packet type analyse: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] [TLS][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.755| 0.186| 0.164|26767.544| 0.000] [PKTLEN......: 54.000| 1514.000| 351.400| 355.400|126324.200| 4.300] [BINS(c->s)..: 5,0,1,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,1,0,0,1,0,1,1,0,1,1,0,1,0,1,1,0,1,1,0,1,0] [IATS(ms)....: 143.9,144.3,0.7,149.5,37.2,196.0,163.6,154.0,192.3,56.2,0.2,255.1,2.1,152.8,143.9,143.9,44.6,192.1,147.6,608.5,755.3,145.5,149.4,149.8,132.7,281.6,155.0,87.8,477.2,367.8,127.5,0.0] [PKTLENS.....: 66,66,60,264,54,983,252,113,128,54,1514,140,60,640,54,640,54,640,640,54,640,640,54,640,54,640,640,54,640,60,640,66] end: [.....1] [ip4][..tcp] [..192.168.1.252][51110] -> [..91.143.93.242][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) idle: [.....5] [ip4][..udp] [..192.168.1.252][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][System][Dangerous] RISK: Unsafe Protocol guessed: [.....6] [ip4][..tcp] [..192.168.1.252][51104] -> [...157.56.30.46][..443] [TLS.Azure][Cloud][Acceptable] end: [.....6] [ip4][..tcp] [..192.168.1.252][51104] -> [...157.56.30.46][..443] end: [.....2] [ip4][..tcp] [..192.168.1.252][51111] -> [....46.59.52.31][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol end: [.....3] [ip4][..tcp] [..192.168.1.252][51112] -> [...38.229.70.53][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol update: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type update: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] ERROR-EVENT: Unknown packet type new: [....10] [ip4][..tcp] [..192.168.1.252][51185] -> [.62.210.137.230][..443] detected: [....10] [ip4][..tcp] [..192.168.1.252][51185] -> [.62.210.137.230][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....10] [ip4][..tcp] [..192.168.1.252][51185] -> [.62.210.137.230][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type new: [....11] [ip6][..udp] [..............fe80::c583:1972:5728:7323][..546] -> [..............................ff02::1:2][..547] detected: [....11] [ip6][..udp] [..............fe80::c583:1972:5728:7323][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type update: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type DAEMON-EVENT: [Processed: 3664 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 6 / 11|skipped: 0|!detected: 0|guessed: 1|detection-updates: 7|updates: 5] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type analyse: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] [TLS][Web][Safe] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 72.890| 8.727| 22.569|509351076.823| 0.000] [PKTLEN......: 54.000| 1514.000| 326.000| 345.900|119666.800| 4.300] [BINS(c->s)..: 9,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 6,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,1,0,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,0,1,1,0] [IATS(ms)....: 59.4,61.6,13.8,72.1,2.1,62.9,63.5,60.0,79.4,0.3,78.8,1.7,98.3,96.6,56.5,4.5,61.8,64.9,64.0,73.7,275.7,252.8,50.8,9.7,261.4,61538.3,61491.4,72591.4,72890.0,4.0,98.0,0.0] [PKTLENS.....: 66,66,60,263,54,797,188,113,128,1514,140,60,640,54,640,54,640,640,640,640,640,60,640,66,640,60,640,60,60,54,54,60] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type update: [....11] [ip6][..udp] [..............fe80::c583:1972:5728:7323][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable] ERROR-EVENT: Unknown packet type ERROR-EVENT: Unknown packet type end: [.....8] [ip4][..tcp] [..192.168.1.252][51175] -> [..91.143.93.242][..443] [TLS.Tor][VPN][Potentially Dangerous] RISK: Obsolete TLS (v1.1 or older), Suspicious DGA Domain name, Unsafe Protocol idle: [.....4] [ip4][..udp] [....192.168.1.1][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable] idle: [....11] [ip6][..udp] [..............fe80::c583:1972:5728:7323][..546] -> [..............................ff02::1:2][..547] [DHCPV6][Network][Acceptable] end: [....10] [ip4][..tcp] [..192.168.1.252][51185] -> [.62.210.137.230][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [.....7] [ip4][..tcp] [..192.168.1.252][51174] -> [.212.83.155.250][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [.....9] [ip4][..tcp] [..192.168.1.252][51176] -> [...38.229.70.53][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) DAEMON-EVENT: shutdown