1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67]
detected: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][tl-sg116e]
new: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900]
detected: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353]
detected: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_spotify-connect._tcp.local]
new: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353]
detected: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_spotify-connect._tcp.local]
new: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353]
detected: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_dacp._tcp.local]
new: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353]
detected: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_dacp._tcp.local]
new: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353]
detected: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable][_companion-link._tcp.local]
RISK: Unidirectional Traffic
new: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53]
detected: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e7047.e12.akamaiedge.net]
RISK: Unidirectional Traffic
detection-update: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e7047.e12.akamaiedge.net]
new: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500]
detected: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
new: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500]
detected: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local]
new: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353]
detected: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local]
new: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353]
detected: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Unknown][Network][Acceptable][_companion-link._tcp.local]
RISK: Unidirectional Traffic
analyse: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.089| 0.260| 0.238| 56779.682| 4.400]
[PKTLEN......: 128.000| 294.000| 184.700| 56.400| 3176.800| 4.900]
[BINS(c->s)..: 0,0,0,18,2,6,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[IATS(ms)....: 549.4,0.8,252.8,249.2,102.8,152.8,104.9,141.4,2.6,102.2,252.5,506.2,1089.0,524.5,0.5,254.5,249.1,108.9,146.8,101.0,145.2,2.4,102.1,256.0,497.9,504.7,600.2,564.9,0.4,248.3,249.2]
[PKTLENS.....: 128,219,294,155,139,155,139,197,170,294,139,153,261,128,219,294,155,139,155,139,197,170,294,139,153,197,153,128,219,294,155,139]
[ENTROPIES...: 5.1,5.4,5.2,5.2,4.7,5.2,4.7,5.2,5.2,5.2,4.7,4.8,5.1,5.1,5.4,5.2,5.2,4.7,5.2,4.7,5.2,5.2,5.2,4.7,4.8,5.2,4.7,5.1,5.4,5.2,5.2,4.7]
analyse: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.089| 0.260| 0.238| 56762.626| 4.400]
[PKTLEN......: 148.000| 314.000| 204.700| 56.400| 3176.800| 4.900]
[BINS(c->s)..: 0,0,0,18,2,6,0,1,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[IATS(ms)....: 549.6,0.4,252.7,249.3,102.6,153.3,104.8,140.9,2.6,102.6,252.5,506.2,1088.5,524.6,0.5,254.5,249.4,109.0,147.1,100.8,145.2,1.9,102.6,256.1,498.0,504.7,600.4,564.2,0.4,249.0,248.4]
[PKTLENS.....: 148,239,314,175,159,175,159,217,190,314,159,173,281,148,239,314,175,159,175,159,217,190,314,159,173,217,173,148,239,314,175,159]
[ENTROPIES...: 4.9,5.3,5.1,5.1,4.5,5.1,4.5,5.1,5.0,5.1,4.5,4.5,5.0,4.9,5.3,5.1,5.1,4.5,5.1,4.5,5.0,5.0,5.1,4.5,4.5,5.0,4.5,4.9,5.3,5.1,5.1,4.5]
detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_sleep-proxy._udp.local]
detection-update: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_sleep-proxy._udp.local]
new: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53]
detected: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][in.appcenter.ms]
RISK: Unidirectional Traffic
detection-update: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe][in.appcenter.ms]
new: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621]
detected: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun]
new: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900]
detected: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53]
detected: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e4518.dscx.akamaiedge.net]
RISK: Unidirectional Traffic
detection-update: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e4518.dscx.akamaiedge.net]
new: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353]
detected: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_raop._tcp.local]
new: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353]
detected: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_raop._tcp.local]
new: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521]
detected: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523]
detected: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527]
detected: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536]
detected: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538]
detected: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538]
detected: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480]
new: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723]
detected: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [OpenVPN][Unknown][VPN][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
analyse: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Telegram][Chat][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.001| 0.501| 0.118| 0.112| 12556.351| 4.400]
[PKTLEN......: 60.000| 220.000| 144.000| 57.300| 3288.000| 4.900]
[BINS(c->s)..: 0,5,0,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,4,4,0,8,5,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,1,1,1,0,1,1,1,1,0,1,1,1,1,1,1,0,1]
[IATS(ms)....: 33.7,303.8,500.9,195.8,135.7,308.4,212.1,0.7,38.9,154.1,154.5,74.5,133.7,63.7,29.9,38.6,63.9,177.4,37.8,26.0,43.6,64.2,189.8,58.8,4.5,63.5,64.5,43.0,64.5,315.9,64.4]
[PKTLENS.....: 68,92,124,68,92,124,124,60,124,76,68,92,220,124,220,124,220,204,124,124,204,220,204,68,92,204,204,188,204,204,124,220]
[ENTROPIES...: 4.9,5.1,6.5,4.9,5.1,6.6,6.5,4.6,6.6,5.1,4.9,5.1,7.1,6.4,7.0,6.5,7.0,7.0,6.5,6.4,7.0,7.1,7.0,4.9,5.1,6.9,6.8,6.9,7.0,7.0,6.4,7.0]
new: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53]
detected: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable][www.googletagservices.com]
RISK: Unidirectional Traffic
detection-update: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable][www.googletagservices.com]
RISK: Minor Issues
analyse: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.042| 1.999| 0.261| 0.473| 223426.380| 3.600]
[PKTLEN......: 76.000| 268.000| 191.500| 54.500| 2971.800| 4.900]
[BINS(c->s)..: 0,1,2,0,0,6,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,3,0,0,5,6,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,1,0,0,1,1,1,1,1,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0]
[IATS(ms)....: 176.6,505.7,492.8,1175.3,327.6,331.9,1681.3,64.2,63.5,64.3,42.3,63.9,1998.8,63.8,58.3,64.1,69.6,64.4,57.8,43.1,58.1,62.2,58.1,63.8,58.2,64.2,58.2,62.0,69.6,66.6,57.7]
[PKTLENS.....: 108,108,108,76,92,76,92,220,252,268,252,252,236,204,220,220,220,204,188,220,204,204,204,220,204,204,204,204,220,204,220,220]
[ENTROPIES...: 6.4,6.1,6.3,5.8,6.0,5.8,6.0,6.9,7.1,7.2,7.1,7.1,7.1,7.0,7.0,7.1,7.0,6.9,6.8,7.0,7.0,7.0,6.9,6.9,6.9,6.9,6.9,6.9,7.0,6.9,7.0,7.1]
new: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][]
new: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138]
detected: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous][desktop-rb5t12g]
RISK: Unsafe Protocol
new: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137]
detected: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable][workgroup]
new: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53]
detected: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe][dati.ntop.org]
RISK: Unidirectional Traffic
detection-update: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe][dati.ntop.org]
new: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53]
detected: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][pixel.wp.com]
RISK: Unidirectional Traffic
detection-update: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][pixel.wp.com]
RISK: Minor Issues
new: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53]
detected: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe][b._dns-sd._udp.ntop.org]
RISK: Unidirectional Traffic
detection-update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_googlecast._tcp.local]
new: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443]
detected: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable][www.google.com]
RISK: Unidirectional Traffic
new: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443]
detected: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable][www.google.com]
RISK: Unidirectional Traffic
new: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621]
detected: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun]
new: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529]
detected: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529]
detected: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530]
detected: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533]
detected: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537]
detected: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
new: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537]
detected: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
detection-update: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe][b._dns-sd._udp.ntop.org]
RISK: Error Code
new: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900]
detected: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
analyse: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Telegram][Chat][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.008| 0.505| 0.099| 0.138| 18965.475| 4.000]
[PKTLEN......: 60.000| 220.000| 144.000| 55.400| 3064.000| 4.900]
[BINS(c->s)..: 0,5,0,4,0,13,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,4,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,1,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,1]
[IATS(ms)....: 38.7,504.7,472.2,31.4,48.8,83.1,90.1,75.5,57.5,58.0,58.1,58.1,52.0,386.6,9.5,8.5,27.3,36.0,21.7,40.2,58.1,58.0,58.2,57.9,70.0,57.9,58.0,8.2,436.3,11.3,25.6]
[PKTLENS.....: 68,92,68,124,92,124,124,60,204,204,204,220,204,68,124,124,204,92,124,204,76,204,204,188,204,188,204,204,68,124,124,92]
[ENTROPIES...: 4.8,5.0,4.8,6.4,4.9,6.5,6.5,4.5,7.0,6.9,6.9,7.0,6.9,4.9,6.5,6.5,7.0,5.0,6.4,6.9,5.1,6.9,6.9,6.8,7.0,6.8,6.8,7.0,4.9,6.4,6.5,5.0]
new: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772]
analyse: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Telegram][Chat][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.007| 0.505| 0.113| 0.151| 22855.887| 4.100]
[PKTLEN......: 60.000| 204.000| 143.000| 54.200| 2943.000| 4.900]
[BINS(c->s)..: 0,5,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,4,5,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,1,0,0,0,1,1,0,1,1,1,1,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,1]
[IATS(ms)....: 34.1,504.9,476.9,26.3,48.6,90.1,359.3,474.9,22.9,54.0,44.1,48.8,32.7,70.5,63.7,63.7,64.6,42.0,447.9,51.4,12.5,7.1,54.2,56.0,36.2,28.9,63.9,41.9,63.9,64.6,64.6]
[PKTLENS.....: 68,92,68,124,92,124,60,68,124,92,124,76,124,204,204,188,204,204,204,68,124,204,92,124,204,124,204,204,188,204,188,204]
[ENTROPIES...: 5.0,5.1,4.9,6.5,5.0,6.5,4.6,4.9,6.5,5.1,6.3,5.1,6.5,6.9,7.0,6.9,7.0,6.9,7.0,4.9,6.5,7.0,5.0,6.3,6.9,6.4,6.9,6.9,6.9,7.0,6.9,7.0]
new: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900]
detected: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
update: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable]
update: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
update: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
update: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable]
update: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable]
RISK: Unidirectional Traffic
update: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
update: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
update: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
update: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
update: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
new: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900]
detected: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53]
detected: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Unknown][Network][Acceptable][telemetry.dropbox.com]
RISK: Unidirectional Traffic
new: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53]
detected: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e4518.dscx.akamaiedge.net]
RISK: Unidirectional Traffic
detection-update: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable][e4518.dscx.akamaiedge.net]
detection-update: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Unknown][Network][Acceptable][telemetry.dropbox.com]
idle: [....32] [ip4][..udp] [...192.168.1.77][.5812] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable]
RISK: Minor Issues
idle: [....16] [ip4][..udp] [...192.168.1.77][61120] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable]
idle: [....28] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable]
idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable]
idle: [.....9] [ip4][..udp] [...192.168.1.77][17500] -> [255.255.255.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
idle: [....19] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.7][..521] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....20] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.5][..523] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....21] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.1][..527] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....22] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.12.1][..536] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....24] [ip4][..udp] [...192.168.1.77][23174] -> [....91.108.16.4][..538] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....23] [ip4][..udp] [...192.168.1.77][23174] -> [.....91.108.8.8][..538] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....27] [ip4][..udp] [...192.168.1.77][47127] -> [....192.168.1.1][...53] [DNS.GoogleServices][Unknown][Network][Acceptable]
RISK: Minor Issues
idle: [....18] [ip6][..udp] [...............fe80::4dc:edec:5b0c:a661][.5353] -> [...............................ff02::fb][.5353]
idle: [....10] [ip4][..udp] [...192.168.1.77][17500] -> [..192.168.1.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
idle: [....15] [ip4][..udp] [...192.168.1.75][57916] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [.....8] [ip4][..udp] [...192.168.1.77][61631] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable]
idle: [....30] [ip4][..udp] [...192.168.1.77][..137] -> [..192.168.1.255][..137] [NetBIOS][Unknown][System][Acceptable]
idle: [....29] [ip4][..udp] [...192.168.1.43][..138] -> [..192.168.1.255][..138] [NetBIOS.SMBv1][Unknown][System][Dangerous]
RISK: Unsafe Protocol
idle: [....48] [ip4][..udp] [...192.168.1.77][49533] -> [....192.168.1.1][...53] [DNS][Unknown][Network][Acceptable]
idle: [....12] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.53][.5353] [MDNS][Unknown][Network][Acceptable]
RISK: Unidirectional Traffic
idle: [.....7] [ip4][..udp] [...192.168.1.77][.5353] -> [...192.168.1.75][.5353] [MDNS][Unknown][Network][Acceptable]
RISK: Unidirectional Traffic
idle: [.....5] [ip4][..udp] [...192.168.1.75][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
idle: [.....4] [ip4][..udp] [...192.168.1.69][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
idle: [....17] [ip4][..udp] [...192.168.1.52][.5353] -> [....224.0.0.251][.5353]
idle: [.....3] [ip4][..udp] [...192.168.1.53][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
not-detected: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772] [Unknown][Unknown][Unrated]
RISK: Unidirectional Traffic
idle: [....44] [ip4][..udp] [...192.168.1.77][28150] -> [..87.11.205.195][59772]
idle: [....36] [ip4][..udp] [...192.168.1.77][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun]
idle: [....14] [ip4][..udp] [...192.168.1.53][57621] -> [..192.168.1.255][57621] [Spotify][Unknown][Music][Fun]
idle: [....43] [ip4][..udp] [...192.168.1.77][52127] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [....26] [ip4][..udp] [...192.168.1.77][23174] -> [..87.11.205.195][60723] [OpenVPN][Unknown][VPN][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
idle: [....35] [ip4][..udp] [...192.168.1.77][50822] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable]
RISK: Unidirectional Traffic
idle: [....31] [ip4][..udp] [...192.168.1.77][49764] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe]
idle: [.....2] [ip4][..udp] [...192.168.1.53][54306] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [....46] [ip4][..udp] [...192.168.1.53][56384] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [....38] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.1][..529] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....37] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.8][..529] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....39] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.3][..530] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....40] [ip4][..udp] [...192.168.1.77][28150] -> [.....91.108.8.1][..533] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....42] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.16.3][..537] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....41] [ip4][..udp] [...192.168.1.77][28150] -> [....91.108.12.5][..537] [Telegram][Telegram][Chat][Acceptable]
RISK: Unidirectional Traffic
idle: [....13] [ip4][..udp] [...192.168.1.77][52118] -> [....192.168.1.1][...53] [DNS.Microsoft][Unknown][Network][Safe]
idle: [....11] [ip6][..udp] [..............fe80::18a0:a412:8935:c01b][.5353] -> [...............................ff02::fb][.5353]
idle: [....45] [ip4][..udp] [...192.168.1.53][50698] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable]
idle: [....47] [ip4][..udp] [...192.168.1.77][58615] -> [....192.168.1.1][...53] [DNS.Dropbox][Unknown][Network][Acceptable]
idle: [....33] [ip4][..udp] [...192.168.1.77][54595] -> [....192.168.1.1][...53] [DNS.ntop][Unknown][Network][Safe]
RISK: Error Code
not-detected: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480] [Unknown][Unknown][Unrated]
idle: [....25] [ip4][..udp] [...192.168.1.77][23174] -> [...192.168.1.52][31480]
idle: [....34] [ip4][..udp] [...192.168.1.77][61974] -> [..216.58.205.68][..443] [QUIC.Google][Google][Web][Acceptable]
RISK: Unidirectional Traffic
idle: [.....6] [ip6][..udp] [................fe80::4ba:91a:7817:e318][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
DAEMON-EVENT: shutdown
|