test/results/flow-info/default/http_starting_with_reply.pcapng.out


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [MIDSTREAM]
         detected: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][]
                   RISK: HTTP Susp User-Agent, Susp Entropy
 detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][]
                   RISK: HTTP Susp User-Agent, Susp Entropy, Unidirectional Traffic
 detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][]
                   RISK: HTTP Susp User-Agent, Susp Entropy
 detection-update: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local]
                   RISK: Susp Entropy
              end: [.....1] [ip4][..tcp] [..192.168.1.146][...80] -> [..192.168.1.103][.1044] [HTTP][Unknown][Web][Acceptable][proxy.wiresharkfest.acropolis.local]
                   RISK: Susp Entropy
     DAEMON-EVENT: shutdown