1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500]
detected: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
new: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac]
new: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353]
detected: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
new: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353]
detected: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
new: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353]
detected: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
new: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621]
detected: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
new: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350]
new: [.....8] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900]
detected: [.....8] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [.....9] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900]
detected: [.....9] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
new: [....10] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.17][...68]
detected: [....10] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.17][...68] [DHCP][Unknown][Network][Acceptable][]
new: [....11] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff98:a29c]
detected: [....11] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff98:a29c] [ICMPV6][Unknown][Network][Acceptable]
new: [....12] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [................................ff02::2]
detected: [....12] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
new: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353]
detected: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local]
new: [....14] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [...............................ff02::16]
detected: [....14] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable]
new: [....15] [ip4][..udp] [...192.168.2.17][63381] -> [....192.168.2.1][...53]
detected: [....15] [ip4][..udp] [...192.168.2.17][63381] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-keyvalueservice.icloud.com]
new: [....16] [ip4][..udp] [...192.168.2.17][63143] -> [....192.168.2.1][...53]
detected: [....16] [ip4][..udp] [...192.168.2.17][63143] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-fmfmobile.icloud.com]
new: [....17] [ip4][..udp] [...192.168.2.17][61862] -> [....192.168.2.1][...53]
detected: [....17] [ip4][..udp] [...192.168.2.17][61862] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gspe35-ssl.ls.apple.com]
new: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53]
detected: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsp85-ssl.ls.apple.com]
new: [....19] [ip4][..udp] [...192.168.2.17][51007] -> [....192.168.2.1][...53]
detected: [....19] [ip4][..udp] [...192.168.2.17][51007] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][captive.apple.com]
detection-update: [....16] [ip4][..udp] [...192.168.2.17][63143] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-fmfmobile.icloud.com]
detection-update: [....15] [ip4][..udp] [...192.168.2.17][63381] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-keyvalueservice.icloud.com]
detection-update: [....17] [ip4][..udp] [...192.168.2.17][61862] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gspe35-ssl.ls.apple.com]
detection-update: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsp85-ssl.ls.apple.com]
new: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443]
detection-update: [....19] [ip4][..udp] [...192.168.2.17][51007] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][captive.apple.com]
new: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53]
detected: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][mesu.apple.com]
new: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353]
detected: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][_homekit._tcp.local]
new: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443]
new: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443]
new: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80]
detected: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-fmfmobile.icloud.com]
detection-update: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][mesu.apple.com]
detected: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe][gspe35-ssl.ls.apple.com]
new: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443]
new: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443]
detection-update: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe][gspe35-ssl.ls.apple.com]
new: [....28] [ip4][..udp] [...192.168.2.17][52852] -> [....192.168.2.1][...53]
detected: [....28] [ip4][..udp] [...192.168.2.17][52852] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][gateway.icloud.com]
detected: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80] [HTTP.Apple][Apple][ConnCheck][Safe][captive.apple.com]
detected: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] [TLS.Apple][Apple][Web][Safe][gsp85-ssl.ls.apple.com]
detected: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe][mesu.apple.com]
detected: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe][mesu.apple.com]
detection-update: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-fmfmobile.icloud.com]
detection-update: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-fmfmobile.icloud.com]
detection-update: [....28] [ip4][..udp] [...192.168.2.17][52852] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][gateway.icloud.com]
detection-update: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe][mesu.apple.com]
new: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443]
detection-update: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe][mesu.apple.com]
detection-update: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] [TLS.Apple][Apple][Web][Safe][gsp85-ssl.ls.apple.com]
detection-update: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] [TLS.Apple][Apple][Web][Safe][gsp85-ssl.ls.apple.com]
new: [....30] [ip4][..udp] [...192.168.2.17][52682] -> [....192.168.2.1][...53]
detected: [....30] [ip4][..udp] [...192.168.2.17][52682] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][www.icloud.com]
new: [....31] [ip4][..udp] [...192.168.2.17][64203] -> [....192.168.2.1][...53]
detected: [....31] [ip4][..udp] [...192.168.2.17][64203] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][basejumper.apple.com]
new: [....32] [ip4][..udp] [...192.168.2.17][53317] -> [....192.168.2.1][...53]
detected: [....32] [ip4][..udp] [...192.168.2.17][53317] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][iphone-ld.apple.com]
new: [....33] [ip4][..udp] [...192.168.2.17][62526] -> [....192.168.2.1][...53]
detected: [....33] [ip4][..udp] [...192.168.2.17][62526] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][cl4.apple.com]
new: [....34] [ip4][..udp] [...192.168.2.17][63377] -> [....192.168.2.1][...53]
detected: [....34] [ip4][..udp] [...192.168.2.17][63377] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
new: [....35] [ip4][..udp] [...192.168.2.17][53272] -> [....192.168.2.1][...53]
detected: [....35] [ip4][..udp] [...192.168.2.17][53272] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
new: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53]
detected: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
new: [....37] [ip4][..udp] [...192.168.2.17][49880] -> [....192.168.2.1][...53]
detected: [....37] [ip4][..udp] [...192.168.2.17][49880] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][init.itunes.apple.com]
new: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443]
detected: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....30] [ip4][..udp] [...192.168.2.17][52682] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][www.icloud.com]
detection-update: [....32] [ip4][..udp] [...192.168.2.17][53317] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][iphone-ld.apple.com]
detection-update: [....31] [ip4][..udp] [...192.168.2.17][64203] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][basejumper.apple.com]
detection-update: [....34] [ip4][..udp] [...192.168.2.17][63377] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
detection-update: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
detection-update: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....37] [ip4][..udp] [...192.168.2.17][49880] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][init.itunes.apple.com]
detection-update: [....35] [ip4][..udp] [...192.168.2.17][53272] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
detection-update: [....33] [ip4][..udp] [...192.168.2.17][62526] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][cl4.apple.com]
new: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443]
detection-update: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
new: [....40] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1]
detected: [....40] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1] [ICMP][Unknown][Network][Acceptable]
new: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443]
detected: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443] [TLS.Apple][Unknown][Web][Safe][iphone-ld.apple.com]
detected: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-keyvalueservice.icloud.com]
detection-update: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443] [TLS.Apple][Unknown][Web][Safe][iphone-ld.apple.com]
detected: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443] [TLS.Apple][Unknown][Web][Safe][cl4.apple.com]
detection-update: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443] [TLS.Apple][Unknown][Web][Safe][cl4.apple.com]
detection-update: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-keyvalueservice.icloud.com]
detection-update: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-keyvalueservice.icloud.com]
new: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22]
detected: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable]
new: [....43] [ip4][..udp] [...192.168.2.17][62160] -> [....192.168.2.1][...53]
detected: [....43] [ip4][..udp] [...192.168.2.17][62160] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
new: [....44] [ip4][..udp] [...192.168.2.17][52031] -> [....192.168.2.1][...53]
detected: [....44] [ip4][..udp] [...192.168.2.17][52031] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
detection-update: [....43] [ip4][..udp] [...192.168.2.17][62160] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
detection-update: [....44] [ip4][..udp] [...192.168.2.17][52031] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
new: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443]
detected: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
new: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443]
detected: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] [TLS.Apple][Apple][Web][Safe][gsa.apple.com]
new: [....47] [ip4][..tcp] [...192.168.2.17][50586] -> [..17.248.176.75][..443]
detected: [....47] [ip4][..tcp] [...192.168.2.17][50586] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] [TLS.Apple][Apple][Web][Safe][gsa.apple.com]
detection-update: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] [TLS.Apple][Apple][Web][Safe][gsa.apple.com]
detection-update: [....47] [ip4][..tcp] [...192.168.2.17][50586] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
detection-update: [....47] [ip4][..tcp] [...192.168.2.17][50586] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
new: [....48] [ip4][..udp] [...192.168.2.17][65079] -> [....192.168.2.1][...53]
detected: [....48] [ip4][..udp] [...192.168.2.17][65079] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
detection-update: [....48] [ip4][..udp] [...192.168.2.17][65079] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
analyse: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.686| 0.087| 0.170| 29013.449| 3.100]
[PKTLEN......: 52.000| 1492.000| 310.700| 443.900| 197074.700| 3.900]
[BINS(c->s)..: 8,4,1,0,1,0,0,0,0,0,0,2,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,1,1,1,1,0,1,1,0]
[IATS(ms)....: 34.0,135.8,0.2,135.5,2.1,0.2,8.7,0.0,162.5,0.9,167.4,319.4,0.0,34.7,0.1,651.1,0.6,0.0,0.1,0.1,0.0,0.1,0.2,686.2,0.0,1.2,0.0,33.7,32.5,122.6,156.5]
[PKTLENS.....: 64,60,52,569,52,1492,1492,1492,566,52,52,145,103,121,52,52,105,102,94,1076,424,90,186,424,52,90,52,52,52,52,623,52]
[ENTROPIES...: 4.4,5.0,5.0,4.5,4.9,6.7,7.5,7.5,7.3,4.9,4.9,6.0,5.5,6.0,5.0,4.9,5.7,5.6,5.5,7.8,7.4,5.3,6.6,7.4,4.9,5.4,5.0,5.0,4.9,5.1,7.7,5.0]
new: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443]
detected: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][play.itunes.apple.com]
detection-update: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][play.itunes.apple.com]
analyse: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.655| 0.067| 0.146| 21410.738| 2.900]
[PKTLEN......: 40.000| 1492.000| 299.400| 449.800| 202280.400| 3.800]
[BINS(c->s)..: 9,5,1,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 6,2,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,1,1,1,0,1,0,0,1]
[IATS(ms)....: 34.1,36.1,0.1,34.7,1.6,0.1,2.3,0.1,140.2,0.4,7.3,143.3,0.0,33.9,0.1,1.5,0.0,0.0,0.3,0.4,0.0,0.1,34.9,0.0,1.2,0.0,128.2,155.2,168.0,510.7,654.8]
[PKTLENS.....: 64,60,52,569,52,1492,1492,1492,566,52,52,145,103,121,52,52,105,102,94,1070,90,436,90,52,90,52,52,52,736,52,40,52]
[ENTROPIES...: 4.4,5.2,5.1,4.5,5.1,6.7,7.5,7.5,7.3,4.9,5.0,6.0,5.7,6.0,5.0,5.0,5.7,5.8,5.5,7.8,5.5,7.4,5.5,4.9,5.5,5.0,5.0,4.9,7.7,5.0,4.5,5.1]
analyse: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.147| 0.026| 0.045| 1989.449| 3.200]
[PKTLEN......: 52.000| 1492.000| 322.100| 461.100| 212650.100| 3.900]
[BINS(c->s)..: 10,3,1,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 6,1,1,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,0,0,0,0,1,1,0,0,0,0,0,0,0,0,1,1,1,0,0,1,1,0,1]
[IATS(ms)....: 33.3,146.1,0.1,147.3,1.4,0.2,0.1,0.0,38.6,0.0,0.1,10.9,46.9,12.5,120.2,0.0,0.0,0.2,1.1,0.1,1.5,0.5,107.4,0.0,1.2,31.0,0.5,3.7,0.0,4.5,82.6]
[PKTLENS.....: 64,60,52,569,52,1492,1492,1268,442,52,52,52,132,339,339,98,95,87,1492,552,818,52,52,52,122,52,52,83,52,87,52,52]
[ENTROPIES...: 4.5,5.3,5.1,4.5,5.2,7.8,7.9,7.8,7.5,5.1,5.2,5.1,6.2,7.4,7.3,6.1,6.0,5.9,7.9,7.6,7.7,5.2,5.2,5.1,6.2,5.1,5.1,5.8,5.1,5.9,5.1,5.1]
analyse: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: < 0.001| 0.804| 0.109| 0.185| 34306.707| 3.400]
[PKTLEN......: 52.000| 1492.000| 721.000| 667.300| 445284.800| 4.300]
[BINS(c->s)..: 8,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,7,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,1,1,1,0,0,0,0,0,1,0,0,0,1,1,0,0,0,0,0,1,1,0,0,0,0]
[IATS(ms)....: 146.0,171.0,0.4,171.3,2.7,0.1,11.1,1.3,11.2,179.7,0.0,0.1,0.1,15.6,168.2,146.4,161.4,0.7,308.7,51.5,198.2,655.7,0.2,0.2,0.3,803.5,1.3,180.3,0.3,0.3,0.2]
[PKTLENS.....: 64,60,52,569,52,1492,1492,1492,1492,1474,52,52,52,52,145,103,52,1169,344,52,996,52,1164,1492,1492,1492,52,52,1492,1492,1492,1492]
[ENTROPIES...: 4.4,5.0,4.9,4.7,5.0,6.2,4.6,7.1,7.5,7.5,4.9,4.9,4.9,4.8,6.0,5.6,5.0,7.8,7.2,5.1,7.8,4.9,7.8,7.9,7.9,7.9,5.0,5.0,7.9,7.9,7.9,7.8]
new: [....50] [ip4][..udp] [...192.168.2.17][63677] -> [....192.168.2.1][...53]
detected: [....50] [ip4][..udp] [...192.168.2.17][63677] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][sync.itunes.apple.com]
detection-update: [....50] [ip4][..udp] [...192.168.2.17][63677] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][sync.itunes.apple.com]
new: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443]
detected: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][sync.itunes.apple.com]
detection-update: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][sync.itunes.apple.com]
idle: [....20] [ip4][..tcp] [...192.168.2.17][50575] -> [.17.248.185.140][..443] [TLS.AppleiCloud][Apple][Web][Acceptable]
idle: [....29] [ip4][..tcp] [...192.168.2.17][50580] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
idle: [....38] [ip4][..tcp] [...192.168.2.17][50581] -> [..17.248.185.87][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][p26-keyvalueservice.icloud.com]
idle: [....45] [ip4][..tcp] [...192.168.2.17][50584] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable][gateway.icloud.com]
idle: [....47] [ip4][..tcp] [...192.168.2.17][50586] -> [..17.248.176.75][..443] [TLS.AppleiCloud][Apple][Web][Acceptable]
idle: [....28] [ip4][..udp] [...192.168.2.17][52852] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][gateway.icloud.com]
idle: [....16] [ip4][..udp] [...192.168.2.17][63143] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-fmfmobile.icloud.com]
idle: [.....2] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Unknown][Network][Acceptable][lucas-imac]
idle: [....13] [ip6][..udp] [...............fe80::823:3f17:8298:a29c][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable]
idle: [.....9] [ip4][..udp] [....192.168.2.1][51411] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
idle: [....19] [ip4][..udp] [...192.168.2.17][51007] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][captive.apple.com]
idle: [....46] [ip4][..tcp] [...192.168.2.17][50585] -> [..17.137.166.35][..443] [TLS.Apple][Apple][Web][Safe]
idle: [....34] [ip4][..udp] [...192.168.2.17][63377] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
idle: [....15] [ip4][..udp] [...192.168.2.17][63381] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][p26-keyvalueservice.icloud.com]
idle: [.....5] [ip4][..udp] [169.254.225.216][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
idle: [....41] [ip4][..tcp] [...192.168.2.17][50583] -> [...104.73.61.30][..443] [TLS.Apple][Unknown][Web][Safe]
idle: [....40] [ip4][.icmp] [...192.168.2.17] -> [....192.168.2.1] [ICMP][Unknown][Network][Acceptable]
idle: [....42] [ip4][....2] [...192.168.2.17] -> [.....224.0.0.22] [IGMP][Unknown][Network][Acceptable]
idle: [....35] [ip4][..udp] [...192.168.2.17][53272] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
idle: [....32] [ip4][..udp] [...192.168.2.17][53317] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][iphone-ld.apple.com]
idle: [....10] [ip4][..udp] [....192.168.2.1][...67] -> [...192.168.2.17][...68] [DHCP][Unknown][Network][Acceptable]
idle: [....24] [ip4][..tcp] [...192.168.2.17][50577] -> [....17.130.2.46][..443] [TLS.Apple][Apple][Web][Safe]
idle: [.....1] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Unknown][Cloud][Acceptable]
idle: [....21] [ip4][..udp] [...192.168.2.17][55457] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][mesu.apple.com]
idle: [....39] [ip4][..tcp] [...192.168.2.17][50582] -> [..92.122.252.82][..443] [TLS.Apple][Unknown][Web][Safe]
idle: [....50] [ip4][..udp] [...192.168.2.17][63677] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][sync.itunes.apple.com]
idle: [.....8] [ip4][..udp] [169.254.225.216][60538] -> [239.255.255.250][.1900] [SSDP][Unknown][System][Acceptable][239.255.255.250:1900]
idle: [.....4] [ip6][..udp] [...............fe80::c42c:3ff:fe60:6a64][.5353] -> [...............................ff02::fb][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
idle: [....11] [ip6][icmp6] [.....................................::] -> [......................ff02::1:ff98:a29c] [ICMPV6][Unknown][Network][Acceptable]
idle: [....17] [ip4][..udp] [...192.168.2.17][61862] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gspe35-ssl.ls.apple.com]
idle: [....49] [ip4][..tcp] [...192.168.2.17][50587] -> [...92.123.77.26][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun][play.itunes.apple.com]
not-detected: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350] [Unknown][Unknown][Unrated]
idle: [.....7] [ip4][..udp] [....192.168.2.1][.5351] -> [......224.0.0.1][.5350]
idle: [....22] [ip4][..udp] [...192.168.2.17][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable]
idle: [.....3] [ip4][..udp] [....192.168.2.1][.5353] -> [....224.0.0.251][.5353] [MDNS][Unknown][Network][Acceptable][lucas imac._odisk._tcp.local]
idle: [.....6] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Unknown][Music][Fun]
idle: [....18] [ip4][..udp] [...192.168.2.17][55914] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsp85-ssl.ls.apple.com]
idle: [....31] [ip4][..udp] [...192.168.2.17][64203] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][basejumper.apple.com]
idle: [....43] [ip4][..udp] [...192.168.2.17][62160] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
idle: [....37] [ip4][..udp] [...192.168.2.17][49880] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][init.itunes.apple.com]
idle: [....36] [ip4][..udp] [...192.168.2.17][53983] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][bag.itunes.apple.com]
idle: [....44] [ip4][..udp] [...192.168.2.17][52031] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][gsa.apple.com]
end: [....26] [ip4][..tcp] [...192.168.2.17][50578] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe]
end: [....27] [ip4][..tcp] [...192.168.2.17][50579] -> [.17.253.105.202][..443] [TLS.Apple][Apple][Web][Safe]
idle: [....23] [ip4][..tcp] [...192.168.2.17][50576] -> [...95.101.25.53][..443] [TLS.Apple][Unknown][Web][Safe]
idle: [....51] [ip4][..tcp] [...192.168.2.17][50588] -> [...95.101.24.53][..443] [TLS.AppleiTunes][Unknown][Streaming][Fun]
idle: [....33] [ip4][..udp] [...192.168.2.17][62526] -> [....192.168.2.1][...53] [DNS.Apple][Unknown][Network][Safe][cl4.apple.com]
end: [....25] [ip4][..tcp] [...192.168.2.17][49152] -> [.17.253.105.202][...80] [HTTP.Apple][Apple][ConnCheck][Safe][captive.apple.com]
idle: [....14] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [...............................ff02::16] [ICMPV6][Unknown][Network][Acceptable]
idle: [....12] [ip6][icmp6] [...............fe80::823:3f17:8298:a29c] -> [................................ff02::2] [ICMPV6][Unknown][Network][Acceptable]
idle: [....30] [ip4][..udp] [...192.168.2.17][52682] -> [....192.168.2.1][...53] [DNS.AppleiCloud][Unknown][Network][Acceptable][www.icloud.com]
idle: [....48] [ip4][..udp] [...192.168.2.17][65079] -> [....192.168.2.1][...53] [DNS.AppleiTunes][Unknown][Network][Fun][play.itunes.apple.com]
DAEMON-EVENT: shutdown
|