aboutsummaryrefslogtreecommitdiff
path: root/test/results/flow-info/smtp-starttls.pcap.out
blob: 66756fd890c0b2209e94a4316efd5b662c63965e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

     DAEMON-EVENT: init
     DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
              new: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] 
         detected: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTP.Google][Email][Acceptable]
 detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
 detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
                   RISK: Obsolete TLS (v1.1 or older)
 detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
                   RISK: Obsolete TLS (v1.1 or older)
 detection-update: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
                   RISK: Obsolete TLS (v1.1 or older)
          analyse: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
                   [min|max|avg|stddev|variance|entropy]
                   [IAT.........:     0.000|    0.157|    0.030|    0.035| 1204.841|    0.000]
                   [PKTLEN......:    66.000| 1484.000|  254.300|  368.100|135468.500|    4.100]
                   [BINS(c->s)..: 9,3,0,1,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 6,1,3,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0]
                   [DIRECTIONS..: 0,1,0,1,0,0,1,1,0,1,0,1,1,0,1,0,1,0,1,0,1,0,1,1,0,1,0,1,1,0,0,1]
                   [IATS........: 11168,11193,11857,11849,79,11152,39169,67072,28169,11489,12210,262,12322,26,24821,37890,13457,11887,11608,11639,11817,51431,103694,156957,13622,11529,11126,16410,67319,42853,94080,0]
                   [PKTLENS.....: 74,74,66,117,66,94,66,220,76,96,178,1484,1484,66,919,380,276,119,231,127,131,127,66,172,752,66,94,66,142,66,97,147]
     DAEMON-EVENT: [Processed: 36 pkts][ZLib][compressions: 0|diff: 0 / 0]
     DAEMON-EVENT: [Flows][active: 1 / 1|skipped: 0|!detected: 0|guessed: 0|detection-updates: 4|updates: 0]
              new: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] 
         detected: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] [SMTP][Email][Acceptable]
 detection-update: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] [SMTPS][Email][Safe]
                   RISK: TLS (probably) Not Carrying HTTPS
 detection-update: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] [SMTPS][Email][Safe]
                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS
          analyse: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] [SMTPS][Email][Safe]
                   [min|max|avg|stddev|variance|entropy]
                   [IAT.........:     0.000|    0.203|    0.019|    0.049| 2372.381|    0.000]
                   [PKTLEN......:    78.000| 1218.000|  198.500|  257.100|66086.800|    4.300]
                   [BINS(c->s)..: 7,4,2,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
                   [BINS(s->c)..: 6,4,2,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0]
                   [DIRECTIONS..: 0,1,0,1,0,1,1,0,1,0,1,0,0,1,1,0,0,1,0,1,0,1,1,0,1,1,0,1,0,0,1,0]
                   [IATS........: 744,995,19017,29506,11113,127,1248,999,1000,6126,12754,624,8625,202034,202908,998,7251,6751,7252,7260,1247,2128,2995,378,21009,21750,990,6762,2,6750,736,0]
                   [PKTLENS.....: 90,90,78,136,128,78,230,88,108,260,1218,204,157,336,245,78,167,121,141,121,113,144,78,1112,78,143,113,122,109,78,109,78]
              end: [.....2] [ip6][..tcp] [...2003:de:2016:125:fc36:8317:4e86:cb72][.7562] -> [...............2003:de:2016:120::a08:53][...25] [SMTPS][Email][Safe]
                   RISK: Self-signed Cert, TLS (probably) Not Carrying HTTPS
              end: [.....1] [ip4][..tcp] [.......10.0.0.1][57406] -> [..173.194.68.26][...25] [SMTPS.Google][Email][Acceptable]
                   RISK: Obsolete TLS (v1.1 or older)
     DAEMON-EVENT: shutdown
Powered by cgit, Themed by Ted Yin.