aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/googledns_android10.pcap.out
blob: 30fa42554ffb141e72ba5549cc73c87e756c37b1 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [........8.8.8.8][..853] -> [..192.168.1.159][55856] [MIDSTREAM]
              new: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853]
              new: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853]
         detected: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
         detected: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
              new: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853]
         detected: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
          analyse: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     0.447|     0.072|     0.122|        14825.912|    3.500]
                   [PKTLEN......:     52.000|  1470.000|   268.200|   356.700|       127227.700|    4.100]
                   [BINS(c->s)..: 9,0,1,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 7,0,0,0,0,0,0,1,0,1,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
                   [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,1,0,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0]
                   [IATS(ms)....: 12.8,14.6,0.3,14.8,16.2,1.1,0.1,31.1,1.0,0.5,12.5,28.6,36.9,41.2,19.2,12.5,6.2,5.0,24.3,307.1,326.2,13.8,74.3,386.7,447.4,5.0,23.8,155.7,173.7,5.0,23.2]
                   [PKTLENS.....: 60,60,52,206,52,1470,1470,291,52,52,52,145,344,211,52,211,551,52,551,52,211,52,551,52,211,52,551,52,211,52,551,52]
                   [ENTROPIES...: 4.3,5.0,5.0,5.4,5.0,7.1,7.5,7.1,5.1,5.0,5.1,6.1,7.1,6.7,5.0,6.8,7.6,4.9,7.6,5.1,6.8,5.1,7.5,5.1,6.8,5.0,7.6,5.1,6.8,5.0,7.6,5.1]
              new: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8]
         detected: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable]
                   RISK: Susp Entropy
              new: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968] [MIDSTREAM]
           update: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable]
                   RISK: Susp Entropy
              new: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853]
         detected: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
          analyse: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     1.254|     0.185|     0.342|       116761.002|    3.200]
                   [PKTLEN......:     52.000|   569.000|   198.200|   197.900|        39161.300|    4.400]
                   [BINS(c->s)..: 8,1,0,0,6,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 9,0,0,0,1,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,0,1,0,1,1]
                   [IATS(ms)....: 12.7,14.1,0.9,14.9,0.1,14.2,1.1,19.6,19.1,13.8,1.3,58.4,651.3,715.0,3.8,23.3,1234.1,1253.7,12.5,32.7,484.0,503.7,3.8,30.8,265.4,292.4,20.3,12.6,11.8,7.4,12.6]
                   [PKTLENS.....: 60,60,52,569,52,199,52,103,52,211,52,551,52,211,52,551,52,211,52,551,52,211,52,551,52,211,52,211,551,52,52,551]
                   [ENTROPIES...: 4.2,4.9,4.8,6.2,4.7,6.1,4.8,5.5,4.8,6.8,4.7,7.5,4.8,6.8,4.8,7.5,4.8,6.7,4.9,7.6,4.9,6.7,4.8,7.6,4.9,6.8,4.9,6.8,7.6,4.9,4.9,7.6]
           update: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable]
                   RISK: Susp Entropy
             idle: [.....5] [ip4][.icmp] [..192.168.1.159] -> [........8.8.8.8] [ICMP][Google][Network][Acceptable]
                   RISK: Susp Entropy
          guessed: [.....1] [ip4][..tcp] [........8.8.8.8][..853] -> [..192.168.1.159][55856] [DoH_DoT][Google][Network][Acceptable]
              end: [.....1] [ip4][..tcp] [........8.8.8.8][..853] -> [..192.168.1.159][55856]
              end: [.....3] [ip4][..tcp] [..192.168.1.159][56024] -> [........8.8.8.8][..853] [TLS.DoH_DoT][Google][Network][Acceptable]
                   RISK: TLS (probably) Not Carrying HTTPS
              end: [.....2] [ip4][..tcp] [..192.168.1.159][48044] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable]
                   RISK: TLS (probably) Not Carrying HTTPS
          guessed: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968] [DoH_DoT][Google][Network][Acceptable]
              end: [.....6] [ip4][..tcp] [........8.8.4.4][..853] -> [..192.168.1.159][47968]
              end: [.....4] [ip4][..tcp] [..192.168.1.159][48048] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
              new: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853]
         detected: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
          analyse: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     5.704|     0.390|     1.388|      1925240.193|    1.500]
                   [PKTLEN......:     52.000|  1470.000|   268.200|   356.700|       127227.700|    4.100]
                   [BINS(c->s)..: 9,0,1,0,6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 7,0,0,0,0,0,0,1,0,1,0,0,0,0,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
                   [DIRECTIONS..: 0,1,0,0,1,1,1,1,0,0,0,0,1,0,1,1,0,0,1,0,1,0,1,1,0,0,1,0,1,0,1,1]
                   [IATS(ms)....: 14.4,41.9,9.2,49.9,17.6,0.1,0.1,32.5,0.5,0.1,15.4,30.8,15.7,19.9,22.6,85.5,5640.7,5703.8,20.5,7.6,6.2,13.7,17.6,31.1,85.4,103.7,33.2,18.8,6.3,16.2,17.6]
                   [PKTLENS.....: 60,60,52,206,52,1470,1470,291,52,52,52,145,344,211,52,551,52,211,52,211,551,52,52,551,52,211,52,211,551,52,52,551]
                   [ENTROPIES...: 4.3,5.0,4.9,5.4,4.8,7.0,7.5,7.1,4.9,5.0,4.9,5.9,7.0,6.8,4.9,7.5,5.0,6.8,4.9,6.7,7.6,5.0,4.8,7.6,4.8,6.8,4.6,6.8,7.5,5.0,4.9,7.5]
              end: [.....7] [ip4][..tcp] [..192.168.1.159][48098] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
             idle: [.....8] [ip4][..tcp] [..192.168.1.159][48210] -> [........8.8.4.4][..853] [TLS.DoH_DoT][Google][Network][Acceptable][dns.google]
                   RISK: TLS (probably) Not Carrying HTTPS
     DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.