1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [MIDSTREAM]
detected: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe]
new: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [MIDSTREAM]
new: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [MIDSTREAM]
new: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [MIDSTREAM]
new: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80] [MIDSTREAM]
new: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [MIDSTREAM]
new: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80] [MIDSTREAM]
detected: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [TLS][Unknown][Web][Safe]
new: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443] [MIDSTREAM]
new: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443] [MIDSTREAM]
new: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443] [MIDSTREAM]
new: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53]
detected: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com]
detection-update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com]
new: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53]
detected: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net]
new: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443]
detection-update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net]
new: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222]
new: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443]
detected: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
new: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [MIDSTREAM]
detected: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable]
detected: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable]
analyse: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.712| 0.120| 0.179| 32210.293| 3.400]
[PKTLEN......: 40.000| 1480.000| 432.900| 595.100| 354099.200| 3.800]
[BINS(c->s)..: 9,1,0,2,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[BINS(s->c)..: 8,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,0,0,0,1,1]
[IATS(ms)....: 281.8,283.2,8.7,294.4,1.1,0.0,286.0,0.8,0.5,0.6,39.8,0.2,0.3,326.4,1.4,0.4,3.0,289.9,5.8,0.5,0.0,317.5,1.9,68.9,0.6,382.6,405.2,0.7,0.0,712.5,2.0]
[PKTLENS.....: 64,52,40,230,1480,1480,571,40,40,40,40,307,46,77,40,40,40,83,40,1480,1480,153,40,40,1480,1196,40,1480,1480,153,40,40]
[ENTROPIES...: 4.5,4.9,4.7,5.6,7.2,7.4,6.9,4.9,4.9,4.9,4.8,7.2,4.8,5.7,4.8,4.8,4.8,5.8,4.9,7.9,7.9,6.7,4.7,4.7,7.9,7.8,4.9,7.9,7.8,6.7,4.8,4.8]
new: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443]
analyse: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.709| 0.193| 0.172| 29610.717| 4.400]
[PKTLEN......: 52.000| 253.000| 102.800| 60.800| 3698.600| 4.800]
[BINS(c->s)..: 9,0,2,0,2,2,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,10,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,1,1,0,0,0,1,0,1,0,0,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,1,0]
[IATS(ms)....: 153.9,242.2,244.8,708.1,709.4,35.6,213.2,0.3,145.7,325.0,262.8,250.3,148.2,98.4,249.4,163.4,164.5,351.1,174.0,178.0,0.0,178.3,0.3,171.7,0.0,302.7,0.3,301.9,0.0,0.0,204.0]
[PKTLENS.....: 64,60,52,52,218,130,73,52,52,253,84,71,73,52,227,84,52,118,84,184,84,84,186,52,85,85,252,52,85,85,85,118]
[ENTROPIES...: 4.5,5.3,5.3,5.1,6.6,6.2,5.4,5.2,5.2,7.1,5.8,5.8,5.7,5.2,7.1,5.8,5.2,6.3,5.8,6.8,5.8,5.7,6.8,5.3,5.9,5.9,7.0,5.3,5.9,5.8,5.8,6.3]
detected: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
analyse: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.246| 0.057| 0.089| 7910.915| 3.400]
[PKTLEN......: 40.000| 1480.000| 289.300| 408.500| 166890.900| 3.900]
[BINS(c->s)..: 9,1,0,0,0,0,0,1,0,0,0,0,0,0,1,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,0]
[IATS(ms)....: 139.3,206.5,8.2,215.7,0.1,2.7,195.5,0.8,0.3,0.0,1.9,0.3,2.1,191.6,2.4,13.1,3.7,6.4,14.7,0.0,200.9,0.3,63.3,0.3,2.2,246.3,5.3,14.9,0.0,241.0,0.2]
[PKTLENS.....: 64,52,40,267,40,132,77,40,40,46,77,1480,517,596,40,40,40,40,40,988,386,40,40,1480,526,596,40,40,988,386,40,40]
[ENTROPIES...: 4.5,4.8,4.7,6.0,4.7,6.0,5.7,4.9,4.9,4.7,5.6,7.8,7.6,7.6,4.8,4.8,4.7,4.8,4.7,7.8,7.4,4.8,4.8,7.9,7.6,7.6,4.6,4.7,7.8,7.5,4.8,4.8]
new: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80] [MIDSTREAM]
new: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443] [MIDSTREAM]
new: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443] [MIDSTREAM]
new: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] [MIDSTREAM]
new: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [MIDSTREAM]
new: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478]
detected: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478]
detected: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478]
detected: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478]
detected: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478]
detected: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478]
detected: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478]
detected: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478]
detected: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [MIDSTREAM]
new: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [MIDSTREAM]
new: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500]
detected: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
new: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621]
detected: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
new: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] [MIDSTREAM]
new: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] [MIDSTREAM]
new: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] [MIDSTREAM]
new: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312]
detected: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port
new: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344]
detected: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port
detection-update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
analyse: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.352| 0.131| 0.070| 4931.355| 4.700]
[PKTLEN......: 50.000| 337.000| 199.000| 98.800| 9763.600| 4.800]
[BINS(c->s)..: 1,2,1,1,0,1,1,1,7,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,2,3,1,1,1,3,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,1,0,0,1,0,1,0,0,1,1,0,1,0,0,0,1,1,0,1,0,1,0,1,0,1,0,1,0,1]
[IATS(ms)....: 85.5,95.2,66.1,60.4,102.7,208.4,184.1,159.6,139.1,188.5,352.4,23.4,152.9,55.1,31.1,91.6,0.1,141.2,0.0,163.2,159.2,188.6,161.9,163.6,162.1,156.8,164.9,143.2,181.6,163.3,123.9]
[PKTLENS.....: 72,72,328,72,72,301,211,297,234,301,206,134,50,235,185,134,123,54,246,54,260,120,337,103,301,103,305,229,306,317,315,291]
[ENTROPIES...: 5.6,5.7,7.3,5.6,5.6,7.3,6.9,7.2,7.0,7.3,6.9,6.5,5.1,7.0,6.8,6.4,6.4,5.2,7.1,5.1,7.1,6.4,7.3,6.1,7.4,6.1,7.3,7.0,7.3,7.3,7.3,7.2]
detection-update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
new: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65]
detected: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable]
new: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac]
update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com]
update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net]
new: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353]
detected: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
new: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353]
detected: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
new: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353]
detected: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
new: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353]
detected: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
detection-update: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
detection-update: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
detection-update: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
detection-update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable]
new: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478]
detected: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478]
detected: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478]
detected: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478]
detected: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478]
detected: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478]
detected: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478]
detected: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
new: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478]
detected: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable][]
update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
new: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727]
detected: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port
new: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665]
detected: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port
detection-update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
analyse: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.307| 0.114| 0.086| 7398.241| 4.500]
[PKTLEN......: 54.000| 306.000| 141.000| 58.800| 3453.300| 4.900]
[BINS(c->s)..: 1,3,0,6,3,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,2,2,3,4,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,1,0,0,1,0,1,0,0,0,1,0,1,1,0,1,1,0,1,0,1,1,0,0]
[IATS(ms)....: 304.3,307.4,8.4,89.9,31.9,6.5,226.2,154.2,0.0,188.0,0.3,163.9,163.4,160.1,21.8,153.7,0.1,168.1,122.6,138.9,158.5,186.7,16.2,65.9,114.2,83.7,193.2,164.5,1.3,77.1,55.4]
[PKTLENS.....: 72,72,72,72,72,134,124,306,167,54,232,134,228,212,103,134,151,54,172,156,161,172,156,134,114,140,205,140,209,54,134,171]
[ENTROPIES...: 5.6,5.6,5.6,5.5,5.6,6.3,6.4,7.3,6.7,5.2,7.0,6.6,7.1,7.0,6.2,6.5,6.6,5.2,6.7,6.6,6.7,6.7,6.7,6.4,6.3,6.5,6.9,6.5,6.9,5.2,6.6,6.7]
detection-update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable][]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable]
new: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [MIDSTREAM]
update: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac]
update: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com]
update: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net]
update: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
update: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
update: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
update: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
new: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443]
detected: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
analyse: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.272| 0.058| 0.092| 8444.798| 3.300]
[PKTLEN......: 40.000| 1480.000| 289.300| 408.500| 166876.700| 3.900]
[BINS(c->s)..: 9,1,0,0,0,0,0,1,0,0,0,0,0,0,1,1,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0]
[BINS(s->c)..: 9,1,1,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,0,0,0,0,0,0,1,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,0]
[IATS(ms)....: 139.9,225.1,4.2,228.9,0.1,2.7,200.7,0.3,1.4,0.2,2.3,0.3,0.4,198.2,1.0,14.2,4.7,5.0,13.2,0.0,199.9,0.3,34.7,0.4,0.1,217.0,5.8,16.0,0.0,271.8,0.3]
[PKTLENS.....: 64,52,40,267,40,132,77,40,40,46,77,1480,516,596,40,40,40,40,40,988,386,40,40,1480,526,596,40,40,988,386,40,40]
[ENTROPIES...: 4.5,4.8,4.7,5.9,4.8,6.0,5.8,4.9,4.9,4.8,5.7,7.9,7.6,7.7,4.8,4.9,4.9,4.8,4.8,7.8,7.5,4.9,4.9,7.9,7.6,7.7,4.8,4.9,7.8,7.4,4.9,4.9]
guessed: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443] [TLS][Apple][Web][Safe]
end: [.....3] [ip4][..tcp] [....192.168.2.4][49163] -> [..17.154.66.111][..443]
guessed: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443] [TLS][Apple][Web][Safe]
end: [.....2] [ip4][..tcp] [....192.168.2.4][49166] -> [..17.154.66.121][..443]
guessed: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443] [TLS][Apple][Web][Safe]
end: [.....9] [ip4][..tcp] [....192.168.2.4][49165] -> [..17.172.100.55][..443]
guessed: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443] [TLS][Apple][Web][Safe]
end: [.....8] [ip4][..tcp] [....192.168.2.4][49175] -> [..17.172.100.53][..443]
guessed: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443] [TLS][Apple][Web][Safe]
end: [....20] [ip4][..tcp] [....192.168.2.4][49182] -> [..17.172.100.52][..443]
guessed: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443] [TLS][Apple][Web][Safe]
end: [....19] [ip4][..tcp] [....192.168.2.4][49191] -> [..17.172.100.49][..443]
guessed: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443] [TLS][Apple][Web][Safe]
end: [.....4] [ip4][..tcp] [....192.168.2.4][49169] -> [..17.173.66.102][..443]
guessed: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....7] [ip4][..tcp] [....192.168.2.4][49174] -> [....5.178.42.26][...80]
end: [.....6] [ip4][..tcp] [....192.168.2.4][49172] -> [..23.50.148.228][..443] [TLS][Unknown][Web][Safe]
guessed: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443] [TLS][Apple][Web][Safe]
RISK: TCP Connection Issues, Probing Attempt
end: [....15] [ip4][..tcp] [....192.168.2.4][49203] -> [..17.178.104.14][..443]
guessed: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80] [HTTP][Unknown][Web][Acceptable][]
end: [.....5] [ip4][..tcp] [....192.168.2.4][49173] -> [..93.186.135.82][...80]
guessed: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80] [HTTP][Unknown][Web][Acceptable][]
end: [....18] [ip4][..tcp] [....192.168.2.4][49192] -> [...93.186.135.8][...80]
guessed: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443] [TLS][Apple][Web][Safe]
end: [....10] [ip4][..tcp] [....192.168.2.4][49176] -> [..17.130.137.77][..443]
update: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
update: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
update: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
update: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
update: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
update: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable]
update: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
update: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
idle: [....41] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac]
idle: [....50] [ip4][..udp] [....192.168.2.4][52794] -> [..173.252.114.1][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....54] [ip4][..udp] [....192.168.2.4][52794] -> [...1.194.90.191][51727] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
idle: [....29] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.93.48][.3478] [SRTP.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....28] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....27] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.91.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....30] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....26] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.85.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....25] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.64.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....24] [ip4][..udp] [....192.168.2.4][51518] -> [....31.13.70.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....23] [ip4][..udp] [....192.168.2.4][51518] -> [...31.13.100.14][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
guessed: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443] [TLS][Apple][Web][Safe]
end: [....31] [ip4][..tcp] [....192.168.2.4][49164] -> [..17.167.142.31][..443]
guessed: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443] [TLS][Apple][Web][Safe]
end: [....56] [ip4][..tcp] [....192.168.2.4][49197] -> [..17.167.142.39][..443]
idle: [....48] [ip4][..udp] [....192.168.2.4][52794] -> [...31.13.79.192][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....53] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.84.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....52] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.74.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....51] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.90.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....47] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.93.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....46] [ip4][..udp] [....192.168.2.4][52794] -> [....31.13.73.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
guessed: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe]
end: [....36] [ip4][..tcp] [....192.168.2.4][49198] -> [..17.167.142.13][..443]
guessed: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443] [TLS][Apple][Web][Safe]
end: [....37] [ip4][..tcp] [....192.168.2.4][49200] -> [..17.167.142.13][..443]
idle: [....34] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
idle: [....39] [ip4][..udp] [....192.168.2.4][51518] -> [..91.253.176.65][.9344] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
guessed: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443] [TLS][Apple][Web][Safe]
end: [....32] [ip4][..tcp] [....192.168.2.4][49167] -> [...17.172.100.8][..443]
guessed: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443] [TLS][Apple][Web][Safe]
end: [....22] [ip4][..tcp] [....192.168.2.4][49180] -> [..17.172.100.59][..443]
guessed: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443] [TLS][Apple][Web][Safe]
end: [....21] [ip4][..tcp] [....192.168.2.4][49181] -> [..17.172.100.37][..443]
end: [....17] [ip4][..tcp] [....192.168.2.4][49204] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
idle: [....57] [ip4][..tcp] [....192.168.2.4][49205] -> [..17.173.66.102][..443] [TLS.AppleStore][Apple][SoftwareUpdate][Safe][p53-buy.itunes.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
idle: [.....1] [ip4][..tcp] [....192.168.2.4][49199] -> [..17.172.100.70][..993] [IMAPS][Apple][Email][Safe]
idle: [....55] [ip4][..udp] [....192.168.2.4][52794] -> [..91.253.176.65][.9665] [SRTP.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [....11] [ip4][..udp] [....192.168.2.4][51897] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][query.ess.apple.com]
end: [....13] [ip4][..tcp] [....192.168.2.4][49201] -> [..17.178.104.12][..443] [TLS.Apple][Apple][Web][Safe][query.ess.apple.com]
RISK: Weak TLS Cipher, TLS (probably) Not Carrying HTTPS
idle: [....12] [ip4][..udp] [....192.168.2.4][52190] -> [....192.168.2.1][...53] [DNS][Unknown][Network][Acceptable][e13.whatsapp.net]
idle: [....38] [ip4][..udp] [....192.168.2.4][51518] -> [...1.194.90.191][60312] [STUN.WhatsAppCall][Unknown][VoIP][Acceptable]
RISK: Known Proto on Non Std Port, Unidirectional Traffic
idle: [....40] [ip4][.icmp] [....192.168.2.4] -> [..91.253.176.65] [ICMP][Unknown][Network][Acceptable]
guessed: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443] [TLS][Unknown][Web][Safe]
end: [....35] [ip4][..tcp] [....192.168.2.4][49194] -> [..93.62.150.157][..443]
idle: [....42] [ip4][..udp] [169.254.166.207][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
end: [....14] [ip4][..tcp] [....192.168.2.4][49202] -> [.184.173.179.37][.5222] [WhatsApp][Unknown][Chat][Acceptable]
idle: [....49] [ip4][..udp] [....192.168.2.4][52794] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][Facebook][VoIP][Acceptable]
idle: [....44] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
idle: [....33] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
idle: [....45] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
idle: [....43] [ip6][..udp] [................fe80::da30:62ff:fe56:1c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas-imac.local]
idle: [....16] [ip4][..tcp] [....192.168.2.4][49193] -> [..17.110.229.14][.5223] [ApplePush][Apple][Cloud][Acceptable]
DAEMON-EVENT: shutdown
|