aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/default/tls_with_huge_ch.pcapng.out
blob: 17b76dd79772bc72c54de8a1f93703492003c2fa (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [..172.30.84.193][40640] -> [208.253.217.142][..443]
         detected: [.....1] [ip4][..tcp] [..172.30.84.193][40640] -> [208.253.217.142][..443] [TLS][Unknown][Web][Safe][]
                   RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch, Obfuscated Traffic
          analyse: [.....1] [ip4][..tcp] [..172.30.84.193][40640] -> [208.253.217.142][..443] [TLS][Unknown][Web][Safe]
                                         min|       max|       avg|    stddev|         variance|  entropy
                   [IAT.........: <    0.001|     2.012|     0.239|     0.473|       223961.678|    3.000]
                   [PKTLEN......:     52.000|  1076.000|   410.500|   482.400|       232750.200|    4.000]
                   [BINS(c->s)..: 5,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 15,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [DIRECTIONS..: 0,0,1,1,0,0,0,0,1,1,0,0,1,1,0,0,0,0,1,1,1,1,0,0,0,0,0,1,1,1,1,1]
                   [IATS(ms)....: 1026.7,1168.3,1014.0,2012.4,2.2,0.4,20.3,996.7,23.0,142.1,0.4,141.9,0.2,227.3,1.5,0.2,0.3,228.2,1.5,0.3,0.3,202.4,0.2,1.4,0.2,0.1,201.2,0.6,1.0,0.2,0.0]
                   [PKTLENS.....: 60,60,60,60,60,52,52,1076,60,52,1076,1076,52,52,1076,1076,1076,1076,52,52,52,52,1076,1076,1076,1076,211,52,52,52,52,52]
                   [ENTROPIES...: 4.8,4.8,5.3,5.4,4.8,5.1,5.1,2.4,5.4,5.2,0.5,0.5,5.1,5.2,0.5,0.5,0.5,0.5,5.2,5.2,5.2,5.1,0.5,0.5,0.5,0.5,1.9,5.1,5.1,5.1,5.1,5.2]
             idle: [.....1] [ip4][..tcp] [..172.30.84.193][40640] -> [208.253.217.142][..443] [TLS][Unknown][Web][Safe]
                   RISK: Missing SNI TLS Extn, ALPN/SNI Mismatch, Obfuscated Traffic
     DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.