1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500]
detected: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
new: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500]
detected: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
analyse: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.002| 0.118| 0.106| 0.019]
[IAT(c->s)...: 0.104| 0.118| 0.110| 0.003][IAT(s->c)...: 0.002| 0.116| 0.103| 0.026]
[PKTLEN(c->s): 136.000| 143.000| 138.100| 2.100][PKTLEN(s->c): 59.000| 66.000| 61.100| 2.100]
[BINS(c->s)..: 0,0,8,8,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
new: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500]
detected: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
analyse: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.002| 0.128| 0.112| 0.021]
[IAT(c->s)...: 0.106| 0.128| 0.115| 0.006][IAT(s->c)...: 0.002| 0.126| 0.108| 0.028]
[PKTLEN(c->s): 137.000| 142.000| 139.000| 1.800][PKTLEN(s->c): 60.000| 65.000| 62.000| 1.800]
[BINS(c->s)..: 0,0,6,10,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
new: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500]
detected: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
analyse: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.001| 0.131| 0.117| 0.022]
[IAT(c->s)...: 0.105| 0.131| 0.121| 0.008][IAT(s->c)...: 0.001| 0.131| 0.113| 0.030]
[PKTLEN(c->s): 137.000| 143.000| 139.800| 1.800][PKTLEN(s->c): 60.000| 66.000| 62.800| 1.800]
[BINS(c->s)..: 0,0,3,13,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
analyse: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
[min|max|avg|stddev]
[IAT(flow)...: 0.005| 0.172| 0.127| 0.026]
[IAT(c->s)...: 0.107| 0.172| 0.131| 0.015][IAT(s->c)...: 0.005| 0.165| 0.123| 0.033]
[PKTLEN(c->s): 136.000| 143.000| 139.600| 2.200][PKTLEN(s->c): 59.000| 66.000| 62.600| 2.200]
[BINS(c->s)..: 0,0,4,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
DAEMON-EVENT: [Processed: 800 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 4 / 4|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53]
detected: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
new: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53]
detected: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
new: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53]
detected: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
idle: [.....1] [ip4][..udp] [...192.168.56.1][50311] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
idle: [.....3] [ip4][..udp] [...192.168.56.1][50312] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
idle: [.....2] [ip4][..udp] [...192.168.56.1][50318] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
idle: [.....4] [ip4][..udp] [...192.168.56.1][50319] -> [.192.168.56.101][17500] [Dropbox][Cloud][Acceptable]
new: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53]
detected: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
new: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500]
detected: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
new: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500]
detected: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
new: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53]
detected: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
detection-update: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
DAEMON-EVENT: [Processed: 836 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 7 / 11|skipped: 0|!detected: 0|guessed: 0|detection-updates: 6|updates: 0]
new: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500]
detected: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
new: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500]
detected: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
idle: [.....7] [ip4][..udp] [..192.168.1.105][50789] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
idle: [.....9] [ip4][..udp] [..192.168.1.105][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
idle: [.....6] [ip4][..udp] [..192.168.1.105][49112] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
idle: [.....5] [ip4][..udp] [..192.168.1.105][55407] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
idle: [....10] [ip4][..udp] [..192.168.1.105][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....11] [ip4][..udp] [..192.168.1.105][33189] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
idle: [.....8] [ip4][..udp] [..192.168.1.105][36173] -> [..192.168.1.254][...53] [DNS.Dropbox][Cloud][Acceptable]
update: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
update: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
new: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500]
detected: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
new: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500]
detected: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
update: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
update: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....14] [ip4][..udp] [...192.168.1.64][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....15] [ip4][..udp] [...192.168.1.64][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....13] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
DAEMON-EVENT: shutdown
|