blob: 607ae7edf1fed6bdeac2ef2ba264a17160a020c9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
DAEMON-EVENT: init
ERROR-EVENT: Unknown packet type [1/16]
ERROR-EVENT: Unknown packet type [2/16]
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [...172.20.51.54][..514] -> [..172.31.110.40][..514]
detected: [.....1] [ip4][..udp] [...172.20.51.54][..514] -> [..172.31.110.40][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 15 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....2] [ip4][..udp] [..10.251.23.139][59194] -> [....62.39.3.142][..514]
detected: [.....2] [ip4][..udp] [..10.251.23.139][59194] -> [....62.39.3.142][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....1] [ip4][..udp] [...172.20.51.54][..514] -> [..172.31.110.40][..514] [Syslog][Unknown][System][Acceptable]
update: [.....2] [ip4][..udp] [..10.251.23.139][59194] -> [....62.39.3.142][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 17 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 2|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 1]
new: [.....3][.121] [ip4][..udp] [.192.168.121.10][50080] -> [.192.168.120.10][..514]
detected: [.....3][.121] [ip4][..udp] [.192.168.121.10][50080] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....2] [ip4][..udp] [..10.251.23.139][59194] -> [....62.39.3.142][..514] [Syslog][Unknown][System][Acceptable]
update: [.....3][.121] [ip4][..udp] [.192.168.121.10][50080] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
new: [.....4][.121] [ip4][..udp] [..192.168.121.2][50352] -> [.192.168.120.10][..514]
detected: [.....4][.121] [ip4][..udp] [..192.168.121.2][50352] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
update: [.....3][.121] [ip4][..udp] [.192.168.121.10][50080] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 23 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3]
new: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114]
new: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12]
idle: [.....3][.121] [ip4][..udp] [.192.168.121.10][50080] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....4][.121] [ip4][..udp] [..192.168.121.2][50352] -> [.192.168.120.10][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 29 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 6|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 3]
new: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514]
detected: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514] [Syslog][Unknown][System][Acceptable]
not-detected: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [.....6] [ip4][...41] [...216.66.80.30] -> [..193.24.227.12]
not-detected: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [.....5] [ip4][...41] [..193.24.227.10] -> [..216.66.86.114]
new: [.....8] [ip4][..udp] [.192.168.72.140][62679] -> [192.168.178.148][..514]
detected: [.....8] [ip4][..udp] [.192.168.72.140][62679] -> [192.168.178.148][..514] [Syslog][Unknown][System][Acceptable]
update: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514] [Syslog][Unknown][System][Acceptable]
new: [.....9] [ip4][..udp] [.192.168.67.241][62679] -> [....10.193.53.6][..514]
detected: [.....9] [ip4][..udp] [.192.168.67.241][62679] -> [....10.193.53.6][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....7] [ip4][..udp] [..172.21.251.36][62679] -> [..172.19.196.11][..514] [Syslog][Unknown][System][Acceptable]
update: [.....8] [ip4][..udp] [.192.168.72.140][62679] -> [192.168.178.148][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 35 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 2 / 9|skipped: 0|!detected: 2|guessed: 0|detection-updates: 0|updates: 5]
new: [....10] [ip4][..udp] [192.168.126.102][57166] -> [.172.19.177.230][..514]
detected: [....10] [ip4][..udp] [192.168.126.102][57166] -> [.172.19.177.230][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....8] [ip4][..udp] [.192.168.72.140][62679] -> [192.168.178.148][..514] [Syslog][Unknown][System][Acceptable]
idle: [.....9] [ip4][..udp] [.192.168.67.241][62679] -> [....10.193.53.6][..514] [Syslog][Unknown][System][Acceptable]
new: [....11] [ip4][..udp] [..10.22.179.215][57166] -> [...172.26.54.76][..514]
detected: [....11] [ip4][..udp] [..10.22.179.215][57166] -> [...172.26.54.76][..514] [Syslog][Unknown][System][Acceptable]
update: [....10] [ip4][..udp] [192.168.126.102][57166] -> [.172.19.177.230][..514] [Syslog][Unknown][System][Acceptable]
new: [....12] [ip4][..udp] [.192.168.45.162][57166] -> [..10.208.120.95][..514]
detected: [....12] [ip4][..udp] [.192.168.45.162][57166] -> [..10.208.120.95][..514] [Syslog][Unknown][System][Acceptable]
update: [....11] [ip4][..udp] [..10.22.179.215][57166] -> [...172.26.54.76][..514] [Syslog][Unknown][System][Acceptable]
new: [....13] [ip4][..udp] [..10.224.43.149][57166] -> [..172.23.243.89][..514]
detected: [....13] [ip4][..udp] [..10.224.43.149][57166] -> [..172.23.243.89][..514] [Syslog][Unknown][System][Acceptable]
idle: [....10] [ip4][..udp] [192.168.126.102][57166] -> [.172.19.177.230][..514] [Syslog][Unknown][System][Acceptable]
update: [....11] [ip4][..udp] [..10.22.179.215][57166] -> [...172.26.54.76][..514] [Syslog][Unknown][System][Acceptable]
update: [....12] [ip4][..udp] [.192.168.45.162][57166] -> [..10.208.120.95][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 49 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 3 / 13|skipped: 0|!detected: 2|guessed: 0|detection-updates: 0|updates: 9]
new: [....14] [ip4][..udp] [.172.26.229.190][..514] -> [..172.23.80.196][..514]
detected: [....14] [ip4][..udp] [.172.26.229.190][..514] -> [..172.23.80.196][..514] [Syslog][Unknown][System][Acceptable]
idle: [....11] [ip4][..udp] [..10.22.179.215][57166] -> [...172.26.54.76][..514] [Syslog][Unknown][System][Acceptable]
idle: [....13] [ip4][..udp] [..10.224.43.149][57166] -> [..172.23.243.89][..514] [Syslog][Unknown][System][Acceptable]
idle: [....12] [ip4][..udp] [.192.168.45.162][57166] -> [..10.208.120.95][..514] [Syslog][Unknown][System][Acceptable]
new: [....15][1506] [ip4][..tcp] [.10.186.117.194][49948] -> [..169.46.82.162][52173]
update: [....14] [ip4][..udp] [.172.26.229.190][..514] -> [..172.23.80.196][..514] [Syslog][Unknown][System][Acceptable]
new: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948]
detected: [....15][1506] [ip4][..tcp] [.10.186.117.194][49948] -> [..169.46.82.162][52173] [Syslog][Unknown][System][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
idle: [....14] [ip4][..udp] [.172.26.229.190][..514] -> [..172.23.80.196][..514] [Syslog][Unknown][System][Acceptable]
new: [....17] [ip4][..udp] [192.168.254.157][49611] -> [.196.240.66.148][..514]
detected: [....17] [ip4][..udp] [192.168.254.157][49611] -> [.196.240.66.148][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: [Processed: 81 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 3 / 17|skipped: 0|!detected: 2|guessed: 0|detection-updates: 0|updates: 10]
new: [....18][.408] [ip4][..udp] [..10.11.105.154][20627] -> [.....10.6.15.11][..514]
detected: [....18][.408] [ip4][..udp] [..10.11.105.154][20627] -> [.....10.6.15.11][..514] [Syslog][Unknown][System][Acceptable]
idle: [....17] [ip4][..udp] [192.168.254.157][49611] -> [.196.240.66.148][..514] [Syslog][Unknown][System][Acceptable]
not-detected: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [....16][1906] [ip4][..tcp] [..169.46.82.162][52173] -> [.10.186.117.194][49948]
end: [....15][1506] [ip4][..tcp] [.10.186.117.194][49948] -> [..169.46.82.162][52173] [Syslog][Unknown][System][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
DAEMON-EVENT: [Processed: 82 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 18|skipped: 0|!detected: 3|guessed: 0|detection-updates: 0|updates: 10]
ERROR-EVENT: Unknown packet type [1/16]
ERROR-EVENT: Unknown packet type [2/16]
ERROR-EVENT: Unknown packet type [3/16]
ERROR-EVENT: Unknown packet type [4/16]
DAEMON-EVENT: [Processed: 82 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 1 / 18|skipped: 0|!detected: 3|guessed: 0|detection-updates: 0|updates: 10]
new: [....19][2005] [ip4][..udp] [...10.94.232.21][57374] -> [...10.94.150.21][..514]
detected: [....19][2005] [ip4][..udp] [...10.94.232.21][57374] -> [...10.94.150.21][..514] [Syslog][Unknown][System][Acceptable]
new: [....20][2005] [ip4][..udp] [....10.94.80.60][39438] -> [...10.94.150.22][..514]
detected: [....20][2005] [ip4][..udp] [....10.94.80.60][39438] -> [...10.94.150.22][..514] [Syslog][Unknown][System][Acceptable]
idle: [....19][2005] [ip4][..udp] [...10.94.232.21][57374] -> [...10.94.150.21][..514] [Syslog][Unknown][System][Acceptable]
idle: [....20][2005] [ip4][..udp] [....10.94.80.60][39438] -> [...10.94.150.22][..514] [Syslog][Unknown][System][Acceptable]
idle: [....18][.408] [ip4][..udp] [..10.11.105.154][20627] -> [.....10.6.15.11][..514] [Syslog][Unknown][System][Acceptable]
DAEMON-EVENT: shutdown
|