aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/tls_heur__vmess-websocket.pcapng.out
blob: a512ee6f220c6c30784f74b656a7e80263285c05 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [......127.0.0.1][44532] -> [......127.0.0.1][.1080]
         detected: [.....1] [ip4][..tcp] [......127.0.0.1][44532] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable]
              new: [.....2] [ip4][..udp] [......127.0.0.1][39646] -> [.....127.0.0.53][...53]
         detected: [.....2] [ip4][..udp] [......127.0.0.1][39646] -> [.....127.0.0.53][...53] [DNS.YouTube][Unknown][Network][Fun][www.youtube.com]
 detection-update: [.....2] [ip4][..udp] [......127.0.0.1][39646] -> [.....127.0.0.53][...53] [DNS.YouTube][Unknown][Network][Fun][www.youtube.com]
              new: [.....3] [ip4][..tcp] [......127.0.0.1][33702] -> [......127.0.0.1][.1234]
         detected: [.....3] [ip4][..tcp] [......127.0.0.1][33702] -> [......127.0.0.1][.1234] [HTTP.WebSocket][Unknown][Web][Acceptable][127.0.0.1]
                   RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI
              new: [.....4] [ip4][..tcp] [..192.168.1.183][51390] -> [142.250.180.142][..443]
         detected: [.....4] [ip4][..tcp] [..192.168.1.183][51390] -> [142.250.180.142][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com]
 detection-update: [.....4] [ip4][..tcp] [..192.168.1.183][51390] -> [142.250.180.142][..443] [TLS.YouTube][Google][Media][Fun][www.youtube.com]
          analyse: [.....3] [ip4][..tcp] [......127.0.0.1][33702] -> [......127.0.0.1][.1234] [HTTP.WebSocket][Unknown][Web][Acceptable][127.0.0.1]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     0.082|     0.011|     0.023|          506.460|    2.800]
                   [PKTLEN......:     52.000|  2104.000|   665.100|   842.700|       710078.000|    3.900]
                   [BINS(c->s)..: 13,0,1,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 2,0,1,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,8]
                   [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,0,1,0,1,0,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1]
                   [IATS(ms)....: 0.0,0.0,0.3,0.3,0.1,0.2,52.9,76.2,23.3,0.1,0.1,0.0,0.0,0.1,0.1,5.4,8.4,3.5,0.7,41.2,81.9,40.9,0.1,0.0,0.1,0.1,0.0,0.0,0.0,0.0,0.0]
                   [PKTLENS.....: 60,60,52,237,52,181,52,751,2104,52,2104,52,2104,52,723,52,406,753,144,123,52,2084,52,2046,52,2079,52,2043,52,2075,52,531]
                   [ENTROPIES...: 4.3,4.7,4.6,5.9,4.6,5.8,4.6,7.7,7.9,4.6,7.9,4.6,7.9,4.6,7.7,4.6,7.4,7.7,6.3,6.2,4.6,7.9,4.6,7.9,4.6,7.9,4.6,7.9,4.6,7.9,4.6,7.6]
          analyse: [.....1] [ip4][..tcp] [......127.0.0.1][44532] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     0.082|     0.011|     0.022|          482.912|    3.100]
                   [PKTLEN......:     52.000|  3984.000|   653.000|  1237.600|      1531706.800|    3.300]
                   [BINS(c->s)..: 13,4,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 6,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5]
                   [DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,1,0,0,0,0,0,0,1,1,0,1,0,1,0,1,0,1,0,1]
                   [IATS(ms)....: 0.1,0.1,0.1,0.1,0.4,0.4,4.5,4.7,44.0,9.4,77.6,24.3,0.3,0.3,4.2,0.3,0.0,0.0,0.0,4.6,3.4,3.7,0.6,41.3,82.0,41.2,0.1,0.2,0.2,0.2,0.1]
                   [PKTLENS.....: 60,60,52,56,52,54,52,62,62,52,569,3984,52,2720,52,132,98,101,87,115,52,700,83,83,52,3984,52,3984,52,2428,52,901]
                   [ENTROPIES...: 4.3,4.7,4.6,4.5,4.6,4.6,4.6,4.7,4.5,4.6,4.7,7.9,4.7,7.9,4.6,6.2,5.9,5.8,5.7,6.1,4.7,7.7,5.5,5.5,4.7,8.0,4.6,8.0,4.6,7.9,4.6,7.8]
             idle: [.....3] [ip4][..tcp] [......127.0.0.1][33702] -> [......127.0.0.1][.1234] [HTTP.WebSocket][Unknown][Web][Acceptable][127.0.0.1]
                   RISK: Known Proto on Non Std Port, HTTP/TLS/QUIC Numeric Hostname/SNI
             idle: [.....2] [ip4][..udp] [......127.0.0.1][39646] -> [.....127.0.0.53][...53] [DNS.YouTube][Unknown][Network][Fun][www.youtube.com]
             idle: [.....1] [ip4][..tcp] [......127.0.0.1][44532] -> [......127.0.0.1][.1080] [SOCKS][Unknown][Web][Acceptable]
             idle: [.....4] [ip4][..tcp] [..192.168.1.183][51390] -> [142.250.180.142][..443] [TLS.YouTube][Google][Media][Fun]
     DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.