1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [MIDSTREAM]
new: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123]
detected: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] [NTP][Unknown][System][Acceptable]
new: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80]
detected: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Web][Acceptable][xtra1.gpsonextra.net]
new: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80]
new: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443]
new: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443]
detected: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com]
new: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443]
detected: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
new: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80]
detected: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
detection-update: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
detection-update: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
detection-update: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
detection-update: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable][xtra1.gpsonextra.net]
RISK: Binary File/Data Transfer (Attempt)
new: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80]
new: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80]
detected: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
detected: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com]
new: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443]
new: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443]
new: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443]
new: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443]
new: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80]
detected: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
new: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80]
detected: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
new: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80]
detected: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
analyse: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable][xtra1.gpsonextra.net]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.002| 3.681| 0.340| 0.885| 782653.260| 2.800]
[PKTLEN......: 40.000| 11819.000| 1952.700| 3090.500| 9551440.000| 3.500]
[BINS(c->s)..: 15,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,10]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 3.7,3.9,21.8,22.4,3678.0,3680.6,286.1,284.3,338.9,393.5,330.3,329.4,54.6,2.0,179.3,179.5,2.6,51.2,50.7,3.1,28.5,76.3,51.1,51.3,122.7,73.5,10.2,59.1,52.6,58.3,56.5]
[PKTLENS.....: 60,40,40,303,40,1408,40,2776,40,5512,40,8248,40,2673,40,1408,40,1408,40,9616,40,2776,40,5512,40,5512,40,2776,40,11819,40,40]
[ENTROPIES...: 4.4,4.7,4.7,5.5,4.6,7.0,4.6,6.9,4.6,5.6,4.7,6.8,4.7,7.0,4.6,3.0,4.6,7.0,4.7,6.2,4.7,6.6,4.7,1.7,4.7,1.7,4.7,1.4,4.6,1.7,4.7,4.7]
analyse: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 1.659| 0.289| 0.505| 255075.107| 3.300]
[PKTLEN......: 40.000| 5501.000| 553.800| 1270.800| 1615041.000| 3.000]
[BINS(c->s)..: 5,2,0,0,3,1,0,0,0,0,1,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 12,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,0,1,0,1,0,1,0,1,0,1,1,0,0,1]
[IATS(ms)....: 1.2,10.9,357.2,367.1,474.4,475.3,8.1,9.0,265.9,317.7,52.0,0.9,0.6,0.3,0.3,1430.1,1483.3,119.5,172.8,51.4,51.9,1.4,0.9,0.5,0.4,0.3,0.4,1601.9,1658.8,0.2,57.1]
[PKTLENS.....: 60,40,40,222,40,3187,40,366,40,274,189,40,576,40,101,40,5501,40,189,40,576,40,576,40,576,40,101,40,4397,40,189,40]
[ENTROPIES...: 4.3,4.7,4.7,5.2,4.7,7.4,4.6,7.3,4.7,7.0,6.9,4.6,7.6,4.7,6.1,4.6,8.0,4.7,6.8,4.6,7.6,4.6,7.7,4.6,7.6,4.7,6.2,4.7,8.0,4.6,6.8,4.6]
detection-update: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
new: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443]
detected: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
new: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443]
detection-update: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
new: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443]
detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
new: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443]
detection-update: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
detected: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older)
new: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] [MIDSTREAM]
new: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] [MIDSTREAM]
new: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] [MIDSTREAM]
new: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80] [MIDSTREAM]
new: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80] [MIDSTREAM]
new: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] [MIDSTREAM]
new: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80] [MIDSTREAM]
new: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] [MIDSTREAM]
new: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] [MIDSTREAM]
analyse: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.416| 0.170| 0.135| 18249.146| 4.400]
[PKTLEN......: 40.000| 21928.000| 1824.800| 4660.800| 21723256.000| 2.600]
[BINS(c->s)..: 12,0,0,0,2,1,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,5]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,0,1,1]
[IATS(ms)....: 1.3,1.6,226.9,227.5,336.5,387.2,51.3,1.2,297.2,297.8,252.5,309.4,358.7,415.9,0.8,0.5,0.5,0.6,254.3,305.5,51.8,52.5,211.3,161.3,248.0,249.1,81.3,79.5,208.7,209.7,0.6]
[PKTLENS.....: 60,40,40,222,40,1408,40,2163,40,174,40,274,40,189,40,576,40,63,40,1408,40,12352,40,5512,40,21928,40,11345,40,40,40,40]
[ENTROPIES...: 4.4,4.8,4.7,5.3,4.7,7.2,4.7,7.6,4.7,6.5,4.8,7.1,4.7,6.9,4.8,7.6,4.7,5.6,4.7,7.9,4.7,8.0,4.7,8.0,4.6,8.0,4.7,8.0,4.7,4.7,4.7,4.7]
analyse: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 1.449| 0.192| 0.280| 78147.936| 3.800]
[PKTLEN......: 40.000| 11172.000| 1380.300| 2994.000| 8963944.000| 2.900]
[BINS(c->s)..: 12,1,0,0,1,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,5]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,0,0]
[IATS(ms)....: 2.4,2.8,291.8,292.5,279.8,332.4,52.7,50.7,425.1,475.7,259.9,310.7,0.7,51.4,0.6,0.7,0.5,0.3,293.9,546.0,252.8,1.5,20.2,21.2,56.9,56.8,156.2,205.9,52.7,4.2,1449.2]
[PKTLENS.....: 60,40,40,222,40,1052,40,2519,40,174,40,274,40,576,40,389,40,77,40,10160,40,8136,40,1052,40,11172,40,1052,40,6576,40,40]
[ENTROPIES...: 4.4,4.8,4.8,5.2,4.7,7.0,4.8,7.6,4.6,6.6,4.7,7.0,4.7,7.6,4.8,7.4,4.7,5.7,4.7,8.0,4.8,8.0,4.7,7.8,4.7,8.0,4.8,7.8,4.8,8.0,4.7,4.8]
analyse: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 5.891| 1.026| 1.779| 3164212.036| 3.400]
[PKTLEN......: 40.000| 3646.000| 352.100| 731.900| 535720.000| 3.400]
[BINS(c->s)..: 10,0,0,0,1,2,0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 8,2,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1]
[IATS(ms)....: 9.1,9.5,461.2,462.1,319.2,370.8,51.5,0.6,58.7,59.3,267.3,318.5,5838.7,5890.9,1.9,3.1,232.7,285.9,1892.6,1892.4,50.9,52.2,293.0,345.1,0.6,0.4,1258.6,1310.0,5014.8,5014.5,51.5]
[PKTLENS.....: 60,40,40,222,40,1052,40,2175,40,366,40,274,40,221,40,541,40,93,40,1052,40,3646,40,189,40,301,40,317,40,77,40,40]
[ENTROPIES...: 4.3,4.7,4.7,5.2,4.6,7.0,4.7,7.5,4.6,7.3,4.7,7.0,4.7,7.0,4.7,7.5,4.7,6.1,4.7,7.8,4.7,7.9,4.7,6.8,4.7,7.2,4.7,7.3,4.7,5.7,4.6,4.7]
new: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443]
detected: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
new: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443]
detected: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443] [WhatsApp][Unknown][Chat][Acceptable]
new: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443]
detected: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older)
detection-update: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS][AmazonAWS][Web][Safe][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
detection-update: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable][]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
guessed: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....26] [ip4][..tcp] [...10.16.37.157][52953] -> [...200.160.4.49][...80]
end: [.....3] [ip4][..tcp] [.......10.8.0.1][54915] -> [..65.39.128.135][...80] [HTTP][Unknown][Download][Acceptable][xtra1.gpsonextra.net]
RISK: Binary File/Data Transfer (Attempt)
guessed: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....28] [ip4][..tcp] [.......10.8.0.1][60574] -> [...200.160.4.49][...80]
guessed: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443] [TLS][Unknown][Web][Safe]
end: [....30] [ip4][..tcp] [.......10.8.0.1][60479] -> [...200.160.4.49][..443]
idle: [.....2] [ip4][..udp] [.......10.8.0.1][46214] -> [..200.89.75.198][..123] [NTP][Unknown][System][Acceptable]
end: [.....4] [ip4][..tcp] [.......10.8.0.1][45529] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com]
end: [.....8] [ip4][..tcp] [.......10.8.0.1][45536] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
end: [.....9] [ip4][..tcp] [.......10.8.0.1][45538] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
end: [....10] [ip4][..tcp] [.......10.8.0.1][45540] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][roadshields.waze.com]
end: [....15] [ip4][..tcp] [.......10.8.0.1][45546] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
end: [....16] [ip4][..tcp] [.......10.8.0.1][45552] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
end: [....17] [ip4][..tcp] [.......10.8.0.1][45554] -> [.54.230.227.172][...80] [HTTP.Waze][AmazonAWS][Web][Acceptable][cres.waze.com]
end: [....14] [ip4][..tcp] [.......10.8.0.1][39010] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....18] [ip4][..tcp] [.......10.8.0.1][39021] -> [..52.17.114.219][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....19] [ip4][..tcp] [.......10.8.0.1][36312] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....20] [ip4][..tcp] [.......10.8.0.1][36314] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....21] [ip4][..tcp] [.......10.8.0.1][36316] -> [.176.34.186.180][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [.....5] [ip4][..tcp] [.......10.8.0.1][36100] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
end: [.....6] [ip4][..tcp] [.......10.8.0.1][36102] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
end: [....31] [ip4][..tcp] [.......10.8.0.1][36134] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
end: [....33] [ip4][..tcp] [.......10.8.0.1][36137] -> [..46.51.173.182][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
guessed: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443] [TLS][Unknown][Web][Safe]
end: [....29] [ip4][..tcp] [.......10.8.0.1][43089] -> [..200.160.4.198][..443]
guessed: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....24] [ip4][..tcp] [...10.16.37.157][41823] -> [...200.160.4.49][...80]
guessed: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....25] [ip4][..tcp] [.......10.8.0.1][45169] -> [..200.160.4.198][...80]
idle: [.....7] [ip4][..tcp] [.......10.8.0.1][36585] -> [.173.194.118.48][..443] [TLS][Google][Web][Safe]
RISK: Obsolete TLS (v1.1 or older), Weak TLS Cipher
guessed: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....22] [ip4][..tcp] [...10.16.37.157][43991] -> [...200.160.4.31][...80]
guessed: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....23] [ip4][..tcp] [...10.16.37.157][46473] -> [...200.160.4.49][...80]
not-detected: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222] [Unknown][Unknown][Unrated]
end: [.....1] [ip4][..tcp] [...10.16.37.157][42256] -> [..174.37.231.81][.5222]
end: [....11] [ip4][..tcp] [.......10.8.0.1][51049] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....12] [ip4][..tcp] [.......10.8.0.1][51050] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
end: [....13] [ip4][..tcp] [.......10.8.0.1][51051] -> [.176.34.103.105][..443] [TLS.Waze][AmazonAWS][Web][Acceptable]
RISK: Obsolete TLS (v1.1 or older)
idle: [....32] [ip4][..tcp] [.......10.8.0.1][50828] -> [108.168.176.228][..443] [WhatsApp][Unknown][Chat][Acceptable]
guessed: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....27] [ip4][..tcp] [...10.16.37.157][52746] -> [...200.160.4.49][...80]
DAEMON-EVENT: shutdown
|