1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [..192.168.1.253][35996] -> [........1.1.1.1][..443]
detected: [.....1] [ip4][..tcp] [..192.168.1.253][35996] -> [........1.1.1.1][..443] [TLS][Unknown][Web][Safe][]
RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch
detection-update: [.....1] [ip4][..tcp] [..192.168.1.253][35996] -> [........1.1.1.1][..443] [TLS][Unknown][Web][Safe][]
RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch
analyse: [.....1] [ip4][..tcp] [..192.168.1.253][35996] -> [........1.1.1.1][..443] [TLS][Unknown][Web][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 15.360| 2.496| 5.583| 31170844.688| 2.400]
[PKTLEN......: 46.000| 1500.000| 174.800| 350.900| 123099.200| 3.600]
[BINS(c->s)..: 12,0,3,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 10,0,1,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,0,0,0,0,1,1,1,0,0,1,1,1,1,0,0,1,0,1,0,1,0]
[IATS(ms)....: 12.4,12.7,9.4,22.9,3.1,16.3,0.0,0.0,0.5,0.5,548.5,0.0,0.5,0.0,559.4,0.0,0.4,10.9,0.0,0.4,0.0,2.9,0.0,3.3,0.0,50.3,15056.9,15017.8,15339.6,15339.5,15359.8]
[PKTLENS.....: 60,52,46,301,46,1500,46,1500,46,256,46,104,126,136,108,46,46,111,46,71,46,46,371,71,46,46,46,46,46,46,46,46]
[ENTROPIES...: 4.4,4.4,4.2,5.9,4.1,7.8,4.1,7.9,4.1,7.1,4.1,5.9,6.2,6.4,6.0,4.1,4.1,6.2,4.1,5.5,4.1,4.1,7.4,5.5,4.1,4.1,4.2,4.1,4.1,4.1,4.2,4.1]
idle: [.....1] [ip4][..tcp] [..192.168.1.253][35996] -> [........1.1.1.1][..443] [TLS][Unknown][Web][Safe]
RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch
DAEMON-EVENT: shutdown
|