DAEMON-EVENT: init DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0] DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0] new: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] detected: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS analyse: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.557| 0.113| 0.156|24421.341| 0.000] [PKTLEN......: 54.000| 2774.000| 401.900| 588.900|346810.600| 3.900] [BINS(c->s)..: 9,0,1,0,0,0,1,0,1,1,0,0,0,0,1,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 8,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,0] [IATS(ms)....: 6.5,6.7,0.2,0.6,505.7,557.3,57.9,60.1,0.9,55.6,257.5,309.3,10.1,61.4,0.8,0.7,299.2,351.3,56.0,56.2,0.8,52.9,0.4,2.8,268.6,322.3,52.3,51.9,18.4,69.5,0.5,0.0] [PKTLENS.....: 74,54,54,249,54,2774,54,1273,54,364,54,97,54,590,54,138,54,1414,54,823,54,590,54,328,54,1414,54,762,54,590,54,518] detection-update: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS new: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] detected: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS new: [.....3] [ip4][..tcp] [.......10.8.0.1][41350] -> [..64.68.105.103][..443] new: [.....4] [ip4][..tcp] [.......10.8.0.1][41351] -> [..64.68.105.103][..443] detected: [.....3] [ip4][..tcp] [.......10.8.0.1][41350] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detected: [.....4] [ip4][..tcp] [.......10.8.0.1][41351] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....3] [ip4][..tcp] [.......10.8.0.1][41350] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detection-update: [.....4] [ip4][..tcp] [.......10.8.0.1][41351] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS analyse: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 0.455| 0.115| 0.126|15828.845| 0.000] [PKTLEN......: 54.000|18020.000| 1588.700| 3700.100|13691056.000| 2.900] [BINS(c->s)..: 10,1,0,0,0,0,0,1,0,0,0,0,0,0,2,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 7,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,5] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0] [IATS(ms)....: 5.6,6.8,0.2,1.5,404.7,455.3,0.6,51.3,245.8,245.9,0.4,0.3,223.3,274.8,51.6,0.4,0.3,283.1,286.1,84.1,131.8,50.9,51.2,56.8,56.7,181.0,181.0,56.1,58.6,54.5,58.4,0.0] [PKTLENS.....: 74,54,54,281,54,183,54,97,54,590,54,533,54,1658,590,54,503,54,6854,54,1414,54,9477,54,1414,54,1414,54,18020,54,6871,54] new: [.....5] [ip4][..tcp] [..10.133.206.47][54651] -> [..185.63.147.10][..443] [MIDSTREAM] new: [.....6] [ip4][..tcp] [..10.133.206.47][59447] -> [..107.20.242.44][..443] [MIDSTREAM] new: [.....7] [ip4][..tcp] [.......10.8.0.1][41354] -> [..64.68.105.103][..443] detected: [.....7] [ip4][..tcp] [.......10.8.0.1][41354] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....7] [ip4][..tcp] [.......10.8.0.1][41354] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] detected: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] detected: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher analyse: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.031| 0.154| 0.247|61096.366| 0.000] [PKTLEN......: 54.000| 8901.000| 1122.500| 2294.900|5266404.000| 3.200] [BINS(c->s)..: 12,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 5,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0,0,0,4] [DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0] [IATS(ms)....: 3.1,3.2,1.9,2.2,397.0,448.1,52.0,52.1,0.4,52.4,209.8,261.8,51.8,1.3,1.0,979.9,1031.5,52.6,53.5,94.1,93.8,53.1,53.9,119.1,117.5,148.4,147.8,51.4,51.4,96.7,96.6,0.0] [PKTLENS.....: 74,54,54,117,54,1414,54,2633,54,380,54,113,590,54,88,54,1414,54,8171,54,1414,54,8901,54,187,54,1414,54,6731,54,1414,54] new: [....10] [ip4][..tcp] [.......10.8.0.1][41726] -> [.114.29.213.212][..443] new: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] detected: [....10] [ip4][..tcp] [.......10.8.0.1][41726] -> [.114.29.213.212][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] detected: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] detected: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] detected: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] new: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] new: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] new: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] new: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] detected: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] detected: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] new: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] detected: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] detected: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] detected: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][VoIP][Acceptable] detection-update: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] detected: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] [TLS.Google][Advertisement][Acceptable] RISK: TLS (probably) Not Carrying HTTPS new: [....26] [ip4][..tcp] [.......10.8.0.1][47135] -> [.114.29.202.139][..443] new: [....27] [ip4][..tcp] [.......10.8.0.1][41757] -> [.114.29.213.212][..443] new: [....28] [ip4][..tcp] [.......10.8.0.1][51676] -> [..114.29.204.49][..443] new: [....29] [ip4][..tcp] [.......10.8.0.1][37139] -> [...64.68.105.98][..443] new: [....30] [ip4][..tcp] [.......10.8.0.1][41394] -> [..64.68.105.103][..443] new: [....31] [ip4][..tcp] [.......10.8.0.1][51134] -> [.62.109.224.120][..443] new: [....32] [ip4][..tcp] [.......10.8.0.1][51135] -> [.62.109.224.120][..443] new: [....33] [ip4][..tcp] [..10.133.206.47][33459] -> [...80.74.110.68][..443] [MIDSTREAM] detected: [....33] [ip4][..tcp] [..10.133.206.47][33459] -> [...80.74.110.68][..443] [TLS][Web][Safe] new: [....34] [ip4][..tcp] [.......10.8.0.1][33511] -> [...80.74.110.68][..443] new: [....35] [ip4][..tcp] [.......10.8.0.1][33512] -> [...80.74.110.68][..443] detected: [....26] [ip4][..tcp] [.......10.8.0.1][47135] -> [.114.29.202.139][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....27] [ip4][..tcp] [.......10.8.0.1][41757] -> [.114.29.213.212][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....28] [ip4][..tcp] [.......10.8.0.1][51676] -> [..114.29.204.49][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....29] [ip4][..tcp] [.......10.8.0.1][37139] -> [...64.68.105.98][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....30] [ip4][..tcp] [.......10.8.0.1][41394] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....31] [ip4][..tcp] [.......10.8.0.1][51134] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....32] [ip4][..tcp] [.......10.8.0.1][51135] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....34] [ip4][..tcp] [.......10.8.0.1][33511] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detected: [....35] [ip4][..tcp] [.......10.8.0.1][33512] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] [TLS.Google][Advertisement][Acceptable] RISK: TLS (probably) Not Carrying HTTPS detection-update: [....35] [ip4][..tcp] [.......10.8.0.1][33512] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) new: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] new: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] detected: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher detection-update: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] detected: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] detected: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) analyse: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.215| 0.340| 0.548|300050.219| 0.000] [PKTLEN......: 54.000|10581.000| 633.600| 1915.700|3669828.500| 2.600] [BINS(c->s)..: 13,1,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 4,1,1,1,0,1,1,1,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0] [IATS(ms)....: 14.2,16.6,0.1,3.2,966.8,968.2,50.6,52.1,160.0,217.3,56.9,151.8,203.4,506.4,456.2,506.1,506.2,258.0,307.3,51.0,1.8,210.7,261.7,55.5,54.3,51.9,51.3,2214.6,2165.1,3.2,2.9,0.0] [PKTLENS.....: 74,54,54,117,54,3961,54,380,54,113,528,54,272,54,1024,54,10581,54,171,54,288,54,123,54,219,54,399,54,560,54,602,54] detection-update: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher analyse: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 2.270| 0.347| 0.598|357673.959| 0.000] [PKTLEN......: 54.000| 3961.000| 324.600| 685.400|469733.500| 3.600] [BINS(c->s)..: 3,1,1,1,0,0,1,0,0,0,3,0,0,0,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 14,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1] [IATS(ms)....: 9.1,24.1,0.4,16.5,915.3,917.4,50.7,52.7,154.6,206.6,52.4,7.9,9.4,3.3,2.1,963.3,962.0,0.5,0.4,0.4,0.3,562.0,562.1,368.6,368.5,0.7,0.6,2270.1,2270.1,1.0,1.0,0.0] [PKTLENS.....: 74,54,54,117,54,3961,54,380,54,113,560,54,590,54,136,54,590,54,590,54,400,54,400,54,590,54,168,54,590,54,264,54] new: [....40] [ip4][..tcp] [.......10.8.0.1][51833] -> [.62.109.229.158][..443] detected: [....40] [ip4][..tcp] [.......10.8.0.1][51833] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] detected: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher update: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][VoIP][Acceptable] new: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] detected: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....43] [ip4][..tcp] [.......10.8.0.1][51839] -> [.62.109.229.158][..443] detected: [....43] [ip4][..tcp] [.......10.8.0.1][51839] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] detected: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS.AmazonAWS][Cloud][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] new: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] detected: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Web][Acceptable] detection-update: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Web][Acceptable] detected: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] [HTTP][Web][Acceptable] detection-update: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS.AmazonAWS][Cloud][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] [TLS.AmazonAWS][Cloud][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....47] [ip4][..tcp] [.......10.8.0.1][33551] -> [...80.74.110.68][..443] detected: [....47] [ip4][..tcp] [.......10.8.0.1][33551] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....47] [ip4][..tcp] [.......10.8.0.1][33551] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) new: [....48] [ip4][..tcp] [.......10.8.0.1][33553] -> [...80.74.110.68][..443] new: [....49] [ip4][..tcp] [.......10.8.0.1][33554] -> [...80.74.110.68][..443] detected: [....48] [ip4][..tcp] [.......10.8.0.1][33553] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detected: [....49] [ip4][..tcp] [.......10.8.0.1][33554] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....48] [ip4][..tcp] [.......10.8.0.1][33553] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....49] [ip4][..tcp] [.......10.8.0.1][33554] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) new: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] detected: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....51] [ip4][..tcp] [.......10.8.0.1][33559] -> [...80.74.110.68][..443] detected: [....51] [ip4][..tcp] [.......10.8.0.1][33559] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) detection-update: [....51] [ip4][..tcp] [.......10.8.0.1][33559] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) new: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] detected: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detection-update: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher new: [....53] [ip4][..udp] [.......10.8.0.1][51772] -> [.62.109.229.158][.9000] new: [....54] [ip4][..tcp] [.......10.8.0.1][51859] -> [.62.109.229.158][..443] analyse: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] min| max| avg| stddev| variance| entropy [IAT.........: 0.000| 1.367| 0.190| 0.352|124124.103| 0.000] [PKTLEN......: 54.000| 3961.000| 248.000| 677.200|458632.100| 3.200] [BINS(c->s)..: 7,0,2,3,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] [BINS(s->c)..: 10,2,2,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1] [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,1,0,0,1,0,1,0,1,0,1,0,1,1] [IATS(ms)....: 4.2,5.0,6.4,7.6,1312.6,1366.7,17.5,71.4,145.7,199.0,0.3,53.7,129.5,180.9,0.2,51.5,121.2,172.3,51.5,51.2,125.5,176.2,50.8,50.8,0.5,1.0,264.3,263.8,0.8,0.9,1006.9,0.0] [PKTLENS.....: 74,54,54,241,54,3961,54,380,54,113,54,128,54,91,54,432,54,123,54,543,54,144,54,208,54,176,54,176,54,160,54,123] new: [....55] [ip4][..tcp] [.......10.8.0.1][51190] -> [.62.109.224.120][..443] detected: [....55] [ip4][..tcp] [.......10.8.0.1][51190] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) new: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] new: [....57] [ip4][..tcp] [.......10.8.0.1][51195] -> [.62.109.224.120][..443] detected: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) detected: [....57] [ip4][..tcp] [.......10.8.0.1][51195] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older) update: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][VoIP][Acceptable] detection-update: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....45] [ip4][..tcp] [.......10.8.0.1][59756] -> [...78.46.237.91][...80] [HTTP][Web][Acceptable] end: [....46] [ip4][..tcp] [.......10.8.0.1][59757] -> [...78.46.237.91][...80] [HTTP][Web][Acceptable] idle: [....24] [ip4][..udp] [.......10.8.0.1][64538] -> [....172.16.1.75][.5060] [SIP][VoIP][Acceptable] end: [....19] [ip4][..tcp] [.......10.8.0.1][55969] -> [...64.68.121.99][..443] end: [....11] [ip4][..tcp] [.......10.8.0.1][51646] -> [..114.29.204.49][..443] end: [....28] [ip4][..tcp] [.......10.8.0.1][51676] -> [..114.29.204.49][..443] end: [....12] [ip4][..tcp] [.......10.8.0.1][47498] -> [209.197.222.159][..443] end: [....40] [ip4][..tcp] [.......10.8.0.1][51833] -> [.62.109.229.158][..443] end: [....43] [ip4][..tcp] [.......10.8.0.1][51839] -> [.62.109.229.158][..443] end: [....52] [ip4][..tcp] [.......10.8.0.1][51857] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher guessed: [....54] [ip4][..tcp] [.......10.8.0.1][51859] -> [.62.109.229.158][..443] [TLS.Webex][VoIP][Acceptable] end: [....54] [ip4][..tcp] [.......10.8.0.1][51859] -> [.62.109.229.158][..443] end: [....14] [ip4][..tcp] [.......10.8.0.1][45814] -> [...62.109.231.3][..443] end: [....18] [ip4][..tcp] [.......10.8.0.1][52219] -> [..64.68.121.100][..443] end: [....20] [ip4][..tcp] [.......10.8.0.1][47841] -> [..114.29.200.11][..443] end: [....10] [ip4][..tcp] [.......10.8.0.1][41726] -> [.114.29.213.212][..443] end: [....27] [ip4][..tcp] [.......10.8.0.1][41757] -> [.114.29.213.212][..443] guessed: [....53] [ip4][..udp] [.......10.8.0.1][51772] -> [.62.109.229.158][.9000] [Webex][VoIP][Acceptable] idle: [....53] [ip4][..udp] [.......10.8.0.1][51772] -> [.62.109.229.158][.9000] guessed: [.....6] [ip4][..tcp] [..10.133.206.47][59447] -> [..107.20.242.44][..443] [TLS.AmazonAWS][Cloud][Acceptable] end: [.....6] [ip4][..tcp] [..10.133.206.47][59447] -> [..107.20.242.44][..443] end: [....17] [ip4][..tcp] [.......10.8.0.1][52730] -> [...173.243.4.76][..443] end: [....33] [ip4][..tcp] [..10.133.206.47][33459] -> [...80.74.110.68][..443] [TLS][Web][Safe] end: [....15] [ip4][..tcp] [.......10.8.0.1][44492] -> [..64.68.104.140][..443] guessed: [.....5] [ip4][..tcp] [..10.133.206.47][54651] -> [..185.63.147.10][..443] [TLS][Web][Safe] end: [.....5] [ip4][..tcp] [..10.133.206.47][54651] -> [..185.63.147.10][..443] end: [.....8] [ip4][..tcp] [.......10.8.0.1][49048] -> [..23.44.253.243][..443] idle: [....25] [ip4][..tcp] [.......10.8.0.1][43433] -> [..216.58.208.40][..443] end: [....21] [ip4][..tcp] [.......10.8.0.1][51370] -> [...64.68.105.97][..443] end: [....31] [ip4][..tcp] [.......10.8.0.1][51134] -> [.62.109.224.120][..443] end: [....32] [ip4][..tcp] [.......10.8.0.1][51135] -> [.62.109.224.120][..443] end: [....36] [ip4][..tcp] [.......10.8.0.1][51154] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....37] [ip4][..tcp] [.......10.8.0.1][51155] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....39] [ip4][..tcp] [.......10.8.0.1][55665] -> [..173.243.0.110][..443] end: [....41] [ip4][..tcp] [.......10.8.0.1][55669] -> [..173.243.0.110][..443] end: [....42] [ip4][..tcp] [.......10.8.0.1][55671] -> [..173.243.0.110][..443] idle: [....55] [ip4][..tcp] [.......10.8.0.1][51190] -> [.62.109.224.120][..443] end: [....50] [ip4][..tcp] [.......10.8.0.1][55687] -> [..173.243.0.110][..443] end: [....34] [ip4][..tcp] [.......10.8.0.1][33511] -> [...80.74.110.68][..443] idle: [....56] [ip4][..tcp] [.......10.8.0.1][51194] -> [.62.109.224.120][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....35] [ip4][..tcp] [.......10.8.0.1][33512] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) idle: [....57] [ip4][..tcp] [.......10.8.0.1][51195] -> [.62.109.224.120][..443] end: [....22] [ip4][..tcp] [.......10.8.0.1][37129] -> [...64.68.105.98][..443] end: [....29] [ip4][..tcp] [.......10.8.0.1][37139] -> [...64.68.105.98][..443] end: [....47] [ip4][..tcp] [.......10.8.0.1][33551] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [....48] [ip4][..tcp] [.......10.8.0.1][33553] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [....49] [ip4][..tcp] [.......10.8.0.1][33554] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) idle: [....51] [ip4][..tcp] [.......10.8.0.1][33559] -> [...80.74.110.68][..443] [TLS][Web][Safe] RISK: Obsolete TLS (v1.1 or older) end: [....13] [ip4][..tcp] [.......10.8.0.1][57647] -> [..64.68.121.153][..443] end: [....16] [ip4][..tcp] [.......10.8.0.1][47116] -> [.114.29.202.139][..443] end: [....26] [ip4][..tcp] [.......10.8.0.1][47135] -> [.114.29.202.139][..443] end: [....44] [ip4][..tcp] [.......10.8.0.1][46211] -> [...54.241.32.14][..443] idle: [.....1] [ip4][..tcp] [.......10.8.0.1][41346] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....2] [ip4][..tcp] [.......10.8.0.1][41348] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....3] [ip4][..tcp] [.......10.8.0.1][41350] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS idle: [.....4] [ip4][..tcp] [.......10.8.0.1][41351] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: TLS (probably) Not Carrying HTTPS end: [.....7] [ip4][..tcp] [.......10.8.0.1][41354] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [.....9] [ip4][..tcp] [.......10.8.0.1][41358] -> [..64.68.105.103][..443] [TLS.Webex][VoIP][Acceptable] RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher end: [....23] [ip4][..tcp] [.......10.8.0.1][41386] -> [..64.68.105.103][..443] end: [....30] [ip4][..tcp] [.......10.8.0.1][41394] -> [..64.68.105.103][..443] end: [....38] [ip4][..tcp] [.......10.8.0.1][41419] -> [..64.68.105.103][..443] DAEMON-EVENT: shutdown