1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305]
detected: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [STUN.GoogleCall][Google][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port
detection-update: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [DTLS.GoogleCall][Google][VoIP][Acceptable]
detection-update: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [DTLS.GoogleCall][Google][VoIP][Acceptable]
analyse: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [DTLS.GoogleCall][Google][VoIP][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.258| 0.044| 0.058| 3387.402| 4.000]
[PKTLEN......: 68.000| 1231.000| 221.200| 244.400| 59721.800| 4.400]
[BINS(c->s)..: 0,0,10,5,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,5,4,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,0,1,1,1,0,1,0,1,0,1,0,0,0,0,1,1,1,0,1,1,0,0,0,0,0,1,0]
[IATS(ms)....: 23.5,57.2,58.6,110.3,0.4,107.9,0.1,0.0,31.9,33.2,42.6,42.8,84.1,83.2,24.8,0.6,0.4,2.5,24.8,0.1,0.1,34.2,28.1,7.9,22.9,203.2,6.7,19.6,19.9,258.1,19.4]
[PKTLENS.....: 144,128,185,1231,148,573,128,109,598,573,598,109,149,117,141,93,125,121,97,93,97,113,93,68,93,93,127,112,112,128,469,112]
[ENTROPIES...: 6.0,5.8,5.0,7.4,5.9,6.8,5.9,5.7,7.4,6.7,7.4,5.7,6.3,5.9,6.3,5.5,6.0,5.9,5.7,5.4,5.4,5.8,5.5,5.5,5.5,5.5,6.1,6.2,6.3,6.0,7.5,6.2]
DAEMON-EVENT: [Processed: 39 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 2|updates: 0]
new: [.....2] [ip4][..tcp] [.192.168.12.182][50221] -> [.142.250.82.249][.3478]
detected: [.....2] [ip4][..tcp] [.192.168.12.182][50221] -> [.142.250.82.249][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][]
detection-update: [.....2] [ip4][..tcp] [.192.168.12.182][50221] -> [.142.250.82.249][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com]
analyse: [.....2] [ip4][..tcp] [.192.168.12.182][50221] -> [.142.250.82.249][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.509| 0.047| 0.118| 13863.927| 2.800]
[PKTLEN......: 40.000| 696.000| 142.100| 150.700| 22704.000| 4.400]
[BINS(c->s)..: 8,0,0,2,5,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,1,2,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,0,1,1,0,1,0,1,0,0,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1]
[IATS(ms)....: 3.0,4.7,0.3,0.2,5.0,0.0,4.1,4.1,3.9,466.7,509.5,1.2,0.2,46.6,1.1,55.4,53.6,7.4,0.0,8.6,49.7,55.5,0.2,49.0,10.1,51.4,4.5,8.0,5.7,16.6,19.1]
[PKTLENS.....: 52,52,40,40,68,40,120,192,116,40,180,196,148,172,84,40,40,140,204,236,40,172,40,696,40,172,140,648,40,160,40,160]
[ENTROPIES...: 4.8,5.0,4.8,4.8,5.3,4.8,5.8,6.2,5.8,4.8,6.0,6.2,6.0,6.1,5.9,5.0,4.9,6.1,6.2,5.4,5.0,6.1,5.0,6.6,4.9,6.1,6.0,7.4,4.8,6.0,5.0,5.9]
idle: [.....1] [ip4][..udp] [.192.168.12.156][37967] -> [..142.250.82.76][19305] [DTLS.GoogleCall][Google][VoIP][Acceptable]
idle: [.....2] [ip4][..tcp] [.192.168.12.182][50221] -> [.142.250.82.249][.3478] [STUN.GoogleCall][Google][VoIP][Acceptable][turn.l.google.com]
DAEMON-EVENT: shutdown
|