1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67]
detected: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
ERROR-EVENT: Unknown packet type
new: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [MIDSTREAM]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [.....3] [ip4][..udp] [....192.168.1.6][60813] -> [....192.168.1.1][...53]
detected: [.....3] [ip4][..udp] [....192.168.1.6][60813] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
detection-update: [.....3] [ip4][..udp] [....192.168.1.6][60813] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
new: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443]
new: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443]
detected: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
detected: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.030| 0.006| 0.009| 77.930| 0.000]
[PKTLEN......: 54.000| 1506.000| 407.900| 548.100|300365.600| 3.900]
[BINS(c->s)..: 10,1,1,0,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,1,0,0,0,1,0,0,0,1,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,6,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,1,0,1,1,1,0]
[IATS(ms)....: 12.5,12.6,1.4,13.9,1.6,0.2,14.3,0.3,0.2,0.1,0.0,0.1,4.9,16.5,1.1,12.8,0.3,0.3,11.4,0.4,0.2,23.0,0.0,11.1,0.4,29.3,29.8,0.5,0.1,0.0,0.5,0.0]
[PKTLENS.....: 78,66,54,264,60,1506,1506,54,1506,54,1506,271,54,212,60,380,54,123,54,147,92,312,92,60,54,60,570,54,1506,1506,685,54]
detection-update: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443]
detected: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Collaborative][Acceptable]
detection-update: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Collaborative][Acceptable]
analyse: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.221| 0.032| 0.054| 2931.592| 0.000]
[PKTLEN......: 66.000| 1506.000| 921.900| 687.500|472618.500| 4.500]
[BINS(c->s)..: 5,0,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0]
[BINS(s->c)..: 5,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0,0,0]
[IATS(ms)....: 43.2,43.3,94.0,139.8,0.2,45.9,0.1,0.1,1.4,46.8,45.4,177.2,0.0,0.0,221.2,44.0,0.0,0.0,0.0,21.3,21.2,0.0,23.0,23.0,0.0,0.0,0.0,1.2,1.2,0.0,0.0,0.0]
[PKTLENS.....: 78,74,66,240,1506,1506,66,1389,66,159,117,66,1494,1494,1494,66,1494,1494,1494,1494,66,1494,1494,66,1494,1494,1494,1494,66,1494,1494,1494]
detection-update: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [.....7] [ip4][..tcp] [....192.168.1.6][60535] -> [...52.114.77.33][..443]
detected: [.....7] [ip4][..tcp] [....192.168.1.6][60535] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443]
detected: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
analyse: [.....7] [ip4][..tcp] [....192.168.1.6][60535] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.050| 0.018| 0.021| 449.200| 0.000]
[PKTLEN......: 66.000| 1506.000| 694.600| 673.100|453031.800| 4.200]
[BINS(c->s)..: 7,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,10,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,1,1,1,1,0,0]
[IATS(ms)....: 45.3,45.4,0.3,49.2,0.0,48.8,0.2,0.2,1.3,46.5,45.3,1.9,0.0,0.0,47.7,45.8,0.0,0.0,0.0,37.7,37.7,0.0,8.0,8.1,0.0,0.7,37.0,7.8,4.3,49.8,1.3,0.0]
[PKTLENS.....: 78,74,66,272,1506,1389,78,1506,66,159,117,66,1494,1494,1494,66,1494,1494,1494,1494,66,1494,1494,66,1494,839,66,66,66,511,66,97]
analyse: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.050| 0.005| 0.010| 94.878| 0.000]
[PKTLEN......: 54.000| 1506.000| 430.000| 569.700|324516.500| 3.900]
[BINS(c->s)..: 8,1,2,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 7,1,1,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,5,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,0,1,1,0,0,0,0,0,0,1,1,0,1,1,1,1,1]
[IATS(ms)....: 11.4,11.5,0.2,11.3,2.8,0.1,13.8,0.1,0.1,0.1,0.0,0.1,4.8,15.5,11.8,1.3,0.0,0.2,0.0,0.3,0.2,0.0,0.1,10.9,0.0,10.4,1.7,0.2,0.0,50.4,0.0,0.0]
[PKTLENS.....: 78,66,54,268,60,1506,1506,54,1506,54,1506,271,54,212,60,147,380,123,54,54,92,1494,1061,138,60,92,54,60,60,60,1506,1069]
detection-update: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443]
detected: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53]
detected: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe]
new: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500]
detected: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
new: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500]
detected: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
detection-update: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe]
new: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
new: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [MIDSTREAM]
detected: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512] [TLS][Web][Safe]
ERROR-EVENT: Unknown packet type
new: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53]
detected: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53] [DNS][ConnCheck][Acceptable]
detection-update: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53] [DNS][ConnCheck][Acceptable]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [....16] [ip4][..udp] [....192.168.1.6][51033] -> [....192.168.1.1][...53]
detected: [....16] [ip4][..udp] [....192.168.1.6][51033] -> [....192.168.1.1][...53] [DNS.Teams][VoIP][Safe]
new: [....17] [ip4][..udp] [....192.168.1.6][63106] -> [....192.168.1.1][...53]
detected: [....17] [ip4][..udp] [....192.168.1.6][63106] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....17] [ip4][..udp] [....192.168.1.6][63106] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....18] [ip4][..tcp] [....192.168.1.6][60538] -> [...52.114.75.70][..443]
detection-update: [....16] [ip4][..udp] [....192.168.1.6][51033] -> [....192.168.1.1][...53] [DNS.Skype_Teams][VoIP][Acceptable]
new: [....19] [ip4][..tcp] [....192.168.1.6][60539] -> [...52.114.75.69][..443]
detected: [....18] [ip4][..tcp] [....192.168.1.6][60538] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
detected: [....19] [ip4][..tcp] [....192.168.1.6][60539] -> [...52.114.75.69][..443] [TLS.Skype_Teams][VoIP][Acceptable]
detection-update: [....18] [ip4][..tcp] [....192.168.1.6][60538] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....19] [ip4][..tcp] [....192.168.1.6][60539] -> [...52.114.75.69][..443] [TLS.Skype_Teams][VoIP][Acceptable]
new: [....20] [ip4][..tcp] [....192.168.1.6][60540] -> [...52.114.75.70][..443]
new: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443]
detected: [....20] [ip4][..tcp] [....192.168.1.6][60540] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
detected: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443] [TLS.Skype_Teams][VoIP][Acceptable]
new: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53]
detected: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....20] [ip4][..tcp] [....192.168.1.6][60540] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443] [TLS.Skype_Teams][VoIP][Acceptable]
detection-update: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443]
detected: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
new: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53]
detected: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
new: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443]
detection-update: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
new: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443]
detected: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detected: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [....27] [ip4][..udp] [....192.168.1.6][57530] -> [....192.168.1.1][...53]
detected: [....27] [ip4][..udp] [....192.168.1.6][57530] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
detection-update: [....27] [ip4][..udp] [....192.168.1.6][57530] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
new: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443]
new: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [MIDSTREAM]
detected: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344] [TLS.Dropbox][Cloud][Acceptable]
detected: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Collaborative][Safe]
analyse: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.153| 0.028| 0.040| 1626.047| 0.000]
[PKTLEN......: 66.000| 1506.000| 833.700| 699.200|488828.900| 4.400]
[BINS(c->s)..: 5,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0]
[BINS(s->c)..: 7,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,0,1,1,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,0,1,0]
[IATS(ms)....: 50.5,50.6,0.3,64.6,72.0,0.2,136.5,0.1,0.1,1.4,68.0,86.2,152.9,2.3,0.0,0.0,46.4,44.1,0.0,0.0,0.0,23.6,23.6,0.0,20.9,20.9,0.0,0.0,0.0,0.8,0.8,0.0]
[PKTLENS.....: 78,74,66,272,66,1506,1506,66,1389,66,159,66,117,66,1494,1494,1494,66,1494,1494,1494,1494,66,1494,1494,66,1494,1494,1494,1494,66,1494]
detection-update: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....30] [ip4][..tcp] [....192.168.1.6][60546] -> [.167.99.215.164][.4434]
detected: [....30] [ip4][..tcp] [....192.168.1.6][60546] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
detection-update: [....30] [ip4][..tcp] [....192.168.1.6][60546] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
analyse: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Collaborative][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.201| 0.025| 0.047| 2215.159| 0.000]
[PKTLEN......: 54.000| 1506.000| 354.200| 510.300|260451.700| 3.900]
[BINS(c->s)..: 11,1,1,1,1,1,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 3,3,1,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,0,1,0,0,0,0,1,0,1,0,0,1,0,1,0,1,0,0,0,1,1]
[IATS(ms)....: 45.7,45.8,0.2,47.9,0.0,47.7,0.0,0.1,0.2,0.1,0.2,9.9,9.9,3.5,10.4,0.4,51.4,37.1,0.2,0.2,0.2,7.1,7.0,1.3,1.2,79.2,201.4,0.0,0.0,167.5,0.2,0.0]
[PKTLENS.....: 78,66,54,273,1506,1506,66,54,54,1506,1506,54,467,54,212,147,517,105,54,123,54,92,92,54,493,54,60,1494,164,220,60,96]
new: [....31] [ip4][..udp] [....192.168.1.6][57504] -> [....192.168.1.1][...53]
detected: [....31] [ip4][..udp] [....192.168.1.6][57504] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....31] [ip4][..udp] [....192.168.1.6][57504] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....32] [ip4][..tcp] [....192.168.1.6][60547] -> [...52.114.88.59][..443]
detected: [....32] [ip4][..tcp] [....192.168.1.6][60547] -> [...52.114.88.59][..443] [TLS.Teams][Collaborative][Safe]
new: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443]
detected: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
detection-update: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....32] [ip4][..tcp] [....192.168.1.6][60547] -> [...52.114.88.59][..443] [TLS.Teams][Collaborative][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.115| 0.021| 0.031| 968.681| 0.000]
[PKTLEN......: 66.000| 1506.000| 391.200| 521.700|272149.200| 4.000]
[BINS(c->s)..: 11,1,1,1,0,0,2,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0]
[BINS(s->c)..: 3,2,1,0,0,1,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,0,1,0,0,1,0,1,0,1,0,0,1,1,0,1]
[IATS(ms)....: 34.2,34.3,0.3,36.9,0.0,36.6,0.0,0.2,0.2,0.1,0.0,0.1,1.0,12.0,0.3,36.0,22.7,0.2,0.2,0.1,10.4,10.3,0.6,0.6,77.1,91.7,0.0,49.1,80.4,115.1,0.2,0.0]
[PKTLENS.....: 78,74,66,287,1506,1506,78,66,1506,66,1506,316,66,192,159,547,117,66,135,66,104,104,66,428,66,66,1494,261,66,241,66,1153]
ERROR-EVENT: Unknown packet type
new: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53]
detected: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
detection-update: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
new: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443]
detected: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Collaborative][Acceptable]
detection-update: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Collaborative][Acceptable]
analyse: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.010| 0.146| 0.490|239614.050| 0.000]
[PKTLEN......: 54.000| 1506.000| 319.200| 468.100|219152.800| 3.900]
[BINS(c->s)..: 9,1,1,0,1,0,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 7,1,1,0,1,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,1,1,0,0,0,0,0,1,1,0,1,1,1,0,0,1,1]
[IATS(ms)....: 12.7,12.8,0.2,12.4,2.5,0.3,14.9,0.5,0.5,0.2,0.0,0.8,4.9,17.1,1.4,0.0,13.1,0.0,0.2,0.3,0.1,11.8,0.0,11.2,0.1,0.6,112.9,113.7,1998.1,2009.8,174.6,0.0]
[PKTLENS.....: 78,66,54,271,60,1506,1506,54,1506,54,1506,195,54,212,60,380,123,54,54,147,92,575,60,92,54,60,60,454,54,356,60,359]
detection-update: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
ERROR-EVENT: Unknown packet type
analyse: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.540| 0.024| 0.095| 8949.939| 0.000]
[PKTLEN......: 54.000| 1506.000| 345.500| 473.500|224192.200| 4.000]
[BINS(c->s)..: 9,1,1,0,2,0,2,0,0,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0]
[BINS(s->c)..: 5,2,1,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,1,0,0,0,0,0,1,1,1,0,0,0,1,1,0,1,1,0,1,0,0,0,0]
[IATS(ms)....: 11.5,11.6,0.3,11.9,32.5,0.1,44.2,0.2,0.0,0.2,3.8,7.7,0.3,0.1,14.6,1.5,0.0,4.2,0.0,0.3,6.5,0.5,6.7,4.3,9.9,14.2,10.7,10.7,539.6,0.0,0.3,0.0]
[PKTLENS.....: 78,66,54,265,60,1506,1506,54,1506,94,54,212,147,592,186,60,380,123,54,54,92,60,92,54,60,703,54,373,54,1494,708,262]
detection-update: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Collaborative][Acceptable]
new: [....36] [ip4][..udp] [....192.168.1.6][61245] -> [....192.168.1.1][...53]
detected: [....36] [ip4][..udp] [....192.168.1.6][61245] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....37] [ip4][..udp] [....192.168.1.6][53678] -> [....192.168.1.1][...53]
detected: [....37] [ip4][..udp] [....192.168.1.6][53678] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....38] [ip4][..udp] [....192.168.1.6][65230] -> [....192.168.1.1][...53]
detected: [....38] [ip4][..udp] [....192.168.1.6][65230] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....39] [ip4][..udp] [....192.168.1.6][50653] -> [....192.168.1.1][...53]
detected: [....39] [ip4][..udp] [....192.168.1.6][50653] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....37] [ip4][..udp] [....192.168.1.6][53678] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....38] [ip4][..udp] [....192.168.1.6][65230] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443]
detection-update: [....39] [ip4][..udp] [....192.168.1.6][50653] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....36] [ip4][..udp] [....192.168.1.6][61245] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
RISK: Suspicious DNS Traffic
new: [....41] [ip4][..udp] [....192.168.1.6][58457] -> [....192.168.1.1][...53]
detected: [....41] [ip4][..udp] [....192.168.1.6][58457] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
detection-update: [....41] [ip4][..udp] [....192.168.1.6][58457] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
new: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443]
new: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443]
new: [....44] [ip4][..udp] [....192.168.1.6][51309] -> [....192.168.1.1][...53]
detected: [....44] [ip4][..udp] [....192.168.1.6][51309] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
new: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443]
new: [....46] [ip4][..tcp] [....192.168.1.6][60556] -> [.....40.126.9.7][..443]
detected: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....44] [ip4][..udp] [....192.168.1.6][51309] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
detected: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detected: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detected: [....46] [ip4][..tcp] [....192.168.1.6][60556] -> [.....40.126.9.7][..443] [TLS.Microsoft365][Collaborative][Acceptable]
detected: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....46] [ip4][..tcp] [....192.168.1.6][60556] -> [.....40.126.9.7][..443] [TLS.Microsoft365][Collaborative][Acceptable]
detection-update: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
detection-update: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.154| 0.015| 0.036| 1274.324| 0.000]
[PKTLEN......: 54.000| 1506.000| 599.700| 671.400|450756.000| 4.100]
[BINS(c->s)..: 10,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 5,1,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,10,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,1,0,1,0,1,1,0,0,1,0,1,1,0,0,1,1,1,0,1,0,1,1,0,0,1,1]
[IATS(ms)....: 12.9,13.0,0.5,12.4,2.0,1.5,15.4,0.1,0.1,0.1,0.0,0.1,21.6,33.0,11.5,11.7,0.1,11.8,0.6,13.4,140.4,0.7,154.0,0.2,0.2,0.2,0.2,0.5,0.0,0.1,0.2,0.0]
[PKTLENS.....: 78,66,54,240,60,1506,1506,54,1506,54,1506,182,54,161,60,105,60,105,54,1136,60,1506,1506,54,1331,54,1506,1506,54,54,1506,1506]
detection-update: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443]
detected: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443]
detected: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
analyse: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.053| 0.020| 0.022| 492.470| 0.000]
[PKTLEN......: 66.000| 1506.000| 654.900| 667.900|446080.700| 4.200]
[BINS(c->s)..: 9,0,1,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,9,0,0,0]
[BINS(s->c)..: 6,1,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0,1,0,1,1,1,0,0,0]
[IATS(ms)....: 48.6,48.7,0.3,51.0,0.1,50.7,0.0,0.3,0.3,1.7,49.8,48.1,1.4,0.0,0.0,50.5,49.1,0.0,0.0,0.0,37.2,37.2,0.0,11.5,11.5,1.0,36.0,16.0,53.0,0.7,0.1,0.0]
[PKTLENS.....: 78,74,66,272,1506,1506,78,66,1389,66,159,117,66,1494,1494,1494,66,1494,1494,1494,1494,66,1494,1494,66,999,66,66,511,66,97,66]
ERROR-EVENT: Unknown packet type
new: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621]
detected: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable]
new: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443]
detected: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443] [TLS.Microsoft365][Collaborative][Acceptable]
detection-update: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443] [TLS.Microsoft365][Collaborative][Acceptable]
new: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443]
detected: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....52] [ip4][..udp] [....192.168.1.6][54069] -> [....192.168.1.1][...53]
detected: [....52] [ip4][..udp] [....192.168.1.6][54069] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
ERROR-EVENT: Unknown packet type
detection-update: [....52] [ip4][..udp] [....192.168.1.6][54069] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
new: [....53] [ip4][..tcp] [....192.168.1.6][60562] -> [.104.40.187.151][..443]
detected: [....53] [ip4][..tcp] [....192.168.1.6][60562] -> [.104.40.187.151][..443] [TLS.Azure][Cloud][Acceptable]
detection-update: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
analyse: [....53] [ip4][..tcp] [....192.168.1.6][60562] -> [.104.40.187.151][..443] [TLS.Azure][Cloud][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.126| 0.019| 0.032| 1006.354| 0.000]
[PKTLEN......: 66.000| 1506.000| 359.200| 499.900|249913.200| 4.000]
[BINS(c->s)..: 12,1,3,0,0,0,1,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0]
[BINS(s->c)..: 2,3,1,0,0,0,0,1,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,1,0,0,1,1,0,0,0,0,1,1,0,0,0,1,0,1,0,0,0,1,1,0,1,0]
[IATS(ms)....: 29.5,29.6,0.2,45.7,0.2,45.7,0.1,0.1,0.1,0.1,0.0,0.1,0.6,23.2,0.2,30.2,0.0,6.1,0.0,0.2,22.9,22.6,1.5,1.4,2.9,0.0,32.7,0.2,30.1,125.5,125.6,0.0]
[PKTLENS.....: 78,74,66,280,1506,1506,78,1506,66,66,1506,295,66,159,159,438,117,135,66,66,104,104,66,562,66,1379,149,66,108,66,524,66]
new: [....54] [ip4][..udp] [....192.168.1.6][62735] -> [....192.168.1.1][...53]
detected: [....54] [ip4][..udp] [....192.168.1.6][62735] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
detection-update: [....54] [ip4][..udp] [....192.168.1.6][62735] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
new: [....55] [ip4][..tcp] [....192.168.1.6][60563] -> [.52.169.186.119][..443]
analyse: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.162| 0.032| 0.044| 1964.919| 0.000]
[PKTLEN......: 66.000| 1506.000| 750.700| 694.000|481656.100| 4.300]
[BINS(c->s)..: 5,0,1,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0]
[BINS(s->c)..: 8,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,2,0,0]
[DIRECTIONS..: 0,1,0,0,0,1,1,1,0,1,0,0,1,0,0,0,0,1,0,0,0,0,1,0,0,0,0,1,0,1,1,1]
[IATS(ms)....: 48.4,48.5,0.5,88.2,136.5,113.7,0.2,161.8,0.1,0.1,1.1,74.6,73.5,1.1,0.0,0.0,50.1,49.0,0.0,0.0,0.0,48.4,48.4,0.0,0.0,0.0,1.6,1.5,46.9,1.1,1.7,0.0]
[PKTLENS.....: 78,74,66,272,272,78,1506,1506,66,1389,66,159,117,66,1494,1494,1494,66,1494,1494,1494,1494,66,1494,1494,1494,1494,66,1476,66,66,66]
detection-update: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detected: [....55] [ip4][..tcp] [....192.168.1.6][60563] -> [.52.169.186.119][..443] [TLS.Azure][Cloud][Acceptable]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [....56] [ip4][..udp] [....192.168.1.6][63930] -> [....192.168.1.1][...53]
detected: [....56] [ip4][..udp] [....192.168.1.6][63930] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe]
detection-update: [....56] [ip4][..udp] [....192.168.1.6][63930] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe]
new: [....57] [ip4][..tcp] [....192.168.1.6][60564] -> [...40.79.138.41][..443]
detected: [....57] [ip4][..tcp] [....192.168.1.6][60564] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
detection-update: [....57] [ip4][..tcp] [....192.168.1.6][60564] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
new: [....58] [ip4][..udp] [....192.168.1.6][62863] -> [....192.168.1.1][...53]
detected: [....58] [ip4][..udp] [....192.168.1.6][62863] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....58] [ip4][..udp] [....192.168.1.6][62863] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
new: [....59] [ip4][..tcp] [....192.168.1.6][60565] -> [...52.114.108.8][..443]
detected: [....59] [ip4][..tcp] [....192.168.1.6][60565] -> [...52.114.108.8][..443] [TLS.Teams][Collaborative][Safe]
detection-update: [....59] [ip4][..tcp] [....192.168.1.6][60565] -> [...52.114.108.8][..443] [TLS.Teams][Collaborative][Safe]
ERROR-EVENT: Unknown packet type
analyse: [....59] [ip4][..tcp] [....192.168.1.6][60565] -> [...52.114.108.8][..443] [TLS.Teams][Collaborative][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 0.277| 0.019| 0.049| 2449.644| 0.000]
[PKTLEN......: 66.000| 1506.000| 384.200| 512.100|262257.700| 4.000]
[BINS(c->s)..: 11,1,2,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 3,3,1,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,1,0,1,0,1,0,0,1,1,0,1]
[IATS(ms)....: 19.2,19.3,0.2,22.0,0.0,21.8,0.0,0.2,0.2,0.2,0.0,0.2,1.1,12.3,0.3,19.9,0.0,6.3,0.0,0.6,12.0,11.4,1.5,1.4,55.0,62.1,0.0,25.5,0.0,18.4,276.9,0.0]
[PKTLENS.....: 78,74,66,288,1506,1506,78,66,1506,66,1506,485,66,192,159,539,117,135,66,66,104,104,66,525,66,66,1060,148,66,108,66,1349]
ERROR-EVENT: Unknown packet type
analyse: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443] [TLS.Teams][Collaborative][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 8.978| 0.329| 1.582|2503841.415| 0.000]
[PKTLEN......: 54.000| 1506.000| 353.200| 486.100|236250.500| 4.000]
[BINS(c->s)..: 10,1,1,0,1,0,0,1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,3,1,0,0,0,0,0,1,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0]
[DIRECTIONS..: 0,1,0,0,1,1,0,0,0,1,1,1,0,0,0,0,0,1,0,1,0,0,1,1,0,1,0,1,1,1,1,1]
[IATS(ms)....: 47.1,47.2,0.5,44.4,0.0,43.9,0.0,0.0,0.2,0.1,0.0,0.2,0.0,4.4,9.7,0.3,46.5,32.1,0.5,0.4,0.1,18.9,1.4,20.2,62.9,403.2,425.0,8978.2,0.0,0.0,0.0,0.0]
[PKTLENS.....: 78,66,54,290,1506,1506,66,54,54,1506,1506,323,54,54,212,147,582,105,54,123,54,92,60,423,54,60,1114,60,425,429,100,92]
new: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [MIDSTREAM]
ERROR-EVENT: Unknown packet type
new: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434]
detected: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
detection-update: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
ERROR-EVENT: Unknown packet type
new: [....62] [ip4][..udp] [....192.168.1.6][51681] -> [..52.114.77.136][.3478]
new: [....63] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.123][.3478]
detected: [....63] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.123][.3478] [STUN.Teams][VoIP][Safe]
new: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443]
new: [....65] [ip4][..udp] [....192.168.1.6][55765] -> [....192.168.1.1][...53]
detected: [....65] [ip4][..udp] [....192.168.1.6][55765] -> [....192.168.1.1][...53] [DNS.Azure][Cloud][Acceptable]
detection-update: [....65] [ip4][..udp] [....192.168.1.6][55765] -> [....192.168.1.1][...53] [DNS.Azure][Cloud][Acceptable]
detected: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....66] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.123][.3478]
detected: [....66] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.123][.3478] [STUN.Teams][VoIP][Safe]
new: [....67] [ip4][..tcp] [....192.168.1.6][50021] -> [.52.114.250.123][..443]
new: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478]
detected: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.Teams][VoIP][Safe]
detection-update: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [....69] [ip4][..udp] [....192.168.1.6][50017] -> [.52.114.250.141][.3478]
detected: [....69] [ip4][..udp] [....192.168.1.6][50017] -> [.52.114.250.141][.3478] [STUN.Teams][VoIP][Safe]
detected: [....67] [ip4][..tcp] [....192.168.1.6][50021] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478]
detected: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.Teams][VoIP][Safe]
new: [....71] [ip4][..udp] [....192.168.1.6][50037] -> [.52.114.250.137][.3478]
detected: [....71] [ip4][..udp] [....192.168.1.6][50037] -> [.52.114.250.137][.3478] [STUN.Teams][VoIP][Safe]
detection-update: [....67] [ip4][..tcp] [....192.168.1.6][50021] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
new: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443]
new: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443]
detected: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Azure][Cloud][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detected: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443] [TLS.Azure][Cloud][Acceptable]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS
detection-update: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS Cert Mismatch, TLS (probably) Not Carrying HTTPS
new: [....74] [ip4][..tcp] [....192.168.1.6][60567] -> [..52.114.77.136][..443]
new: [....75] [ip4][..udp] [....192.168.1.6][60837] -> [....192.168.1.1][...53]
detected: [....75] [ip4][..udp] [....192.168.1.6][60837] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detection-update: [....75] [ip4][..udp] [....192.168.1.6][60837] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
detected: [....74] [ip4][..tcp] [....192.168.1.6][60567] -> [..52.114.77.136][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
detection-update: [....74] [ip4][..tcp] [....192.168.1.6][60567] -> [..52.114.77.136][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
ERROR-EVENT: Unknown packet type
new: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005]
detected: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.Teams][VoIP][Safe]
RISK: Known Proto on Non Std Port
new: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020]
detected: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.Teams][VoIP][Safe]
RISK: Known Proto on Non Std Port
new: [....78] [ip4][..udp] [..93.71.110.205][16332] -> [....192.168.1.6][50016]
detected: [....78] [ip4][..udp] [..93.71.110.205][16332] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
new: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036]
detected: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
ERROR-EVENT: Unknown packet type
new: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036]
detected: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
new: [....81] [ip4][..udp] [...52.114.252.8][.3479] -> [....192.168.1.6][50016]
detected: [....81] [ip4][..udp] [...52.114.252.8][.3479] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
analyse: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.567| 0.072| 0.275|75449.426| 0.000]
[PKTLEN......: 54.000| 1506.000| 270.900| 427.000|182315.300| 3.800]
[BINS(c->s)..: 15,1,0,2,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 4,1,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0]
[DIRECTIONS..: 0,1,0,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,1,1]
[IATS(ms)....: 45.0,45.1,0.2,47.4,47.2,0.2,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.1,0.0,0.0,8.0,0.0,0.0,52.4,1.2,45.6,48.6,92.2,43.7,69.1,0.3,113.5,1566.9,0.0]
[PKTLENS.....: 78,66,54,241,1506,66,1506,602,66,66,1506,602,66,54,602,180,54,54,54,161,60,99,60,105,54,155,238,54,85,54,60,60]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443]
detected: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
detection-update: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
ERROR-EVENT: Unknown packet type
ERROR-EVENT: Unknown packet type
new: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6]
detected: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] [ICMP][Network][Acceptable]
analyse: [....78] [ip4][..udp] [..93.71.110.205][16332] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][VoIP][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.168| 0.160| 0.366|133702.353| 0.000]
[PKTLEN......: 80.000| 1256.000| 267.400| 374.400|140199.200| 4.100]
[BINS(c->s)..: 0,2,16,4,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,1,1,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,1,1,0,1,0,0,0,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[IATS(ms)....: 24.8,0.2,101.3,1168.2,1167.0,967.1,50.8,1119.2,0.0,0.0,51.0,80.3,2.0,2.7,3.7,0.0,0.0,0.0,10.7,24.2,9.3,21.5,4.5,19.9,25.3,9.2,24.4,24.6,9.5,26.0,24.3,0.0]
[PKTLENS.....: 154,130,154,130,158,130,152,150,80,1256,1256,150,115,80,1256,1256,84,208,140,108,110,117,122,124,116,112,126,120,117,115,116,116]
idle: [....72] [ip4][..tcp] [....192.168.1.6][50014] -> [.52.114.250.152][..443]
end: [....64] [ip4][..tcp] [....192.168.1.6][50018] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
end: [....67] [ip4][..tcp] [....192.168.1.6][50021] -> [.52.114.250.123][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
idle: [....83] [ip4][.icmp] [..93.71.110.205] -> [....192.168.1.6] [ICMP][Network][Acceptable]
end: [....73] [ip4][..tcp] [....192.168.1.6][50036] -> [.52.114.250.153][..443]
idle: [.....5] [ip4][..tcp] [....192.168.1.6][60533] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
idle: [.....8] [ip4][..tcp] [....192.168.1.6][60536] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
idle: [....23] [ip4][..tcp] [....192.168.1.6][60542] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
idle: [....43] [ip4][..tcp] [....192.168.1.6][60554] -> [.52.113.194.132][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
idle: [....47] [ip4][..tcp] [....192.168.1.6][60557] -> [.52.113.194.132][..443]
idle: [....76] [ip4][..udp] [....192.168.1.6][50016] -> [....192.168.0.4][50005] [STUN.Teams][VoIP][Safe]
RISK: Known Proto on Non Std Port
idle: [....55] [ip4][..tcp] [....192.168.1.6][60563] -> [.52.169.186.119][..443] [TLS.Azure][Cloud][Acceptable]
idle: [....17] [ip4][..udp] [....192.168.1.6][63106] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....77] [ip4][..udp] [....192.168.1.6][50036] -> [....192.168.0.4][50020] [STUN.Teams][VoIP][Safe]
RISK: Known Proto on Non Std Port
idle: [....38] [ip4][..udp] [....192.168.1.6][65230] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....13] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
idle: [....36] [ip4][..udp] [....192.168.1.6][61245] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
RISK: Suspicious DNS Traffic
idle: [....16] [ip4][..udp] [....192.168.1.6][51033] -> [....192.168.1.1][...53] [DNS.Skype_Teams][VoIP][Acceptable]
end: [.....4] [ip4][..tcp] [....192.168.1.6][60532] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
end: [.....7] [ip4][..tcp] [....192.168.1.6][60535] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
end: [.....9] [ip4][..tcp] [....192.168.1.6][60537] -> [...52.114.77.33][..443]
idle: [....18] [ip4][..tcp] [....192.168.1.6][60538] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
idle: [....19] [ip4][..tcp] [....192.168.1.6][60539] -> [...52.114.75.69][..443] [TLS.Skype_Teams][VoIP][Acceptable]
idle: [....24] [ip4][..udp] [....192.168.1.6][65387] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
idle: [....20] [ip4][..tcp] [....192.168.1.6][60540] -> [...52.114.75.70][..443] [TLS.Teams][Collaborative][Safe]
idle: [....21] [ip4][..tcp] [....192.168.1.6][60541] -> [...52.114.75.69][..443]
end: [....25] [ip4][..tcp] [....192.168.1.6][60543] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
idle: [....26] [ip4][..tcp] [....192.168.1.6][60544] -> [...52.114.76.48][..443] [TLS.Teams][Collaborative][Safe]
idle: [....28] [ip4][..tcp] [....192.168.1.6][60545] -> [...52.114.77.58][..443] [TLS.Teams][Collaborative][Safe]
idle: [....32] [ip4][..tcp] [....192.168.1.6][60547] -> [...52.114.88.59][..443] [TLS.Teams][Collaborative][Safe]
end: [....33] [ip4][..tcp] [....192.168.1.6][60548] -> [...52.114.77.33][..443]
idle: [....40] [ip4][..tcp] [....192.168.1.6][60551] -> [...52.114.15.45][..443]
end: [....42] [ip4][..tcp] [....192.168.1.6][60552] -> [...52.114.77.33][..443]
idle: [....45] [ip4][..tcp] [....192.168.1.6][60555] -> [...52.114.77.33][..443]
end: [....48] [ip4][..tcp] [....192.168.1.6][60559] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
end: [....51] [ip4][..tcp] [....192.168.1.6][60561] -> [...52.114.77.33][..443] [TLS.Microsoft][Cloud][Safe]
RISK: TLS (probably) Not Carrying HTTPS
idle: [....59] [ip4][..tcp] [....192.168.1.6][60565] -> [...52.114.108.8][..443] [TLS.Teams][Collaborative][Safe]
idle: [....74] [ip4][..tcp] [....192.168.1.6][60567] -> [..52.114.77.136][..443] [TLS.Teams][Collaborative][Safe]
RISK: TLS (probably) Not Carrying HTTPS
idle: [.....1] [ip4][..udp] [....192.168.0.1][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
idle: [....11] [ip4][..udp] [....192.168.1.6][17500] -> [255.255.255.255][17500] [Dropbox][Cloud][Acceptable]
guessed: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443] [TLS.Telegram][Chat][Acceptable]
end: [.....2] [ip4][..tcp] [....192.168.1.6][58533] -> [.149.154.167.91][..443]
idle: [....34] [ip4][..udp] [....192.168.1.6][59403] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
idle: [....35] [ip4][..tcp] [....192.168.1.6][60549] -> [...13.107.18.11][..443] [TLS.Microsoft365][Collaborative][Acceptable]
idle: [....44] [ip4][..udp] [....192.168.1.6][51309] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
end: [....30] [ip4][..tcp] [....192.168.1.6][60546] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
idle: [....12] [ip4][..udp] [....192.168.1.6][17500] -> [..192.168.1.255][17500] [Dropbox][Cloud][Acceptable]
idle: [....61] [ip4][..tcp] [....192.168.1.6][60566] -> [.167.99.215.164][.4434] [TLS.ntop][Network][Safe]
RISK: Known Proto on Non Std Port
idle: [....31] [ip4][..udp] [....192.168.1.6][57504] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
guessed: [....62] [ip4][..udp] [....192.168.1.6][51681] -> [..52.114.77.136][.3478] [STUN.Azure][Cloud][Acceptable]
idle: [....62] [ip4][..udp] [....192.168.1.6][51681] -> [..52.114.77.136][.3478]
idle: [....27] [ip4][..udp] [....192.168.1.6][57530] -> [....192.168.1.1][...53] [DNS.Microsoft][Web][Safe]
not-detected: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750] [Unknown][Unrated]
idle: [....60] [ip4][..tcp] [..151.11.50.139][.2222] -> [....192.168.1.6][54750]
idle: [....22] [ip4][..udp] [....192.168.1.6][49514] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....78] [ip4][..udp] [..93.71.110.205][16332] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [....79] [ip4][..udp] [..93.71.110.205][16333] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [....37] [ip4][..udp] [....192.168.1.6][53678] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....56] [ip4][..udp] [....192.168.1.6][63930] -> [....192.168.1.1][...53] [DNS.Microsoft][Cloud][Safe]
idle: [....65] [ip4][..udp] [....192.168.1.6][55765] -> [....192.168.1.1][...53] [DNS.Azure][Cloud][Acceptable]
idle: [....49] [ip4][..udp] [..192.168.1.112][57621] -> [..192.168.1.255][57621] [Spotify][Music][Acceptable]
idle: [....29] [ip4][..tcp] [.162.125.19.131][..443] -> [....192.168.1.6][60344]
idle: [....10] [ip4][..udp] [....192.168.1.6][64046] -> [....192.168.1.1][...53] [DNS.ntop][Network][Safe]
idle: [....68] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.141][.3478] [STUN.Teams][VoIP][Safe]
idle: [....63] [ip4][..udp] [....192.168.1.6][50016] -> [.52.114.250.123][.3478] [STUN.Teams][VoIP][Safe]
idle: [....81] [ip4][..udp] [...52.114.252.8][.3479] -> [....192.168.1.6][50016] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [....69] [ip4][..udp] [....192.168.1.6][50017] -> [.52.114.250.141][.3478] [STUN.Teams][VoIP][Safe]
idle: [....70] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.137][.3478] [STUN.Teams][VoIP][Safe]
idle: [....66] [ip4][..udp] [....192.168.1.6][50036] -> [.52.114.250.123][.3478] [STUN.Teams][VoIP][Safe]
idle: [....71] [ip4][..udp] [....192.168.1.6][50037] -> [.52.114.250.137][.3478] [STUN.Teams][VoIP][Safe]
idle: [....80] [ip4][..udp] [..52.114.252.21][.3480] -> [....192.168.1.6][50036] [STUN.Skype_TeamsCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [....52] [ip4][..udp] [....192.168.1.6][54069] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
end: [.....6] [ip4][..tcp] [....192.168.1.6][60534] -> [.....40.126.9.5][..443] [TLS.Microsoft365][Collaborative][Acceptable]
end: [....46] [ip4][..tcp] [....192.168.1.6][60556] -> [.....40.126.9.7][..443] [TLS.Microsoft365][Collaborative][Acceptable]
end: [....50] [ip4][..tcp] [....192.168.1.6][60560] -> [....40.126.9.67][..443]
end: [....14] [ip4][..tcp] [..93.62.150.157][..443] -> [....192.168.1.6][60512]
idle: [....41] [ip4][..udp] [....192.168.1.6][58457] -> [....192.168.1.1][...53] [DNS.Microsoft365][Collaborative][Acceptable]
idle: [....57] [ip4][..tcp] [....192.168.1.6][60564] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
idle: [....82] [ip4][..tcp] [....192.168.1.6][60568] -> [...40.79.138.41][..443] [TLS.Azure][Cloud][Acceptable]
idle: [....54] [ip4][..udp] [....192.168.1.6][62735] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
idle: [....15] [ip4][..udp] [....192.168.1.6][56634] -> [....192.168.1.1][...53] [DNS][ConnCheck][Acceptable]
idle: [.....3] [ip4][..udp] [....192.168.1.6][60813] -> [....192.168.1.1][...53] [DNS][Network][Acceptable]
idle: [....58] [ip4][..udp] [....192.168.1.6][62863] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....75] [ip4][..udp] [....192.168.1.6][60837] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
idle: [....53] [ip4][..tcp] [....192.168.1.6][60562] -> [.104.40.187.151][..443] [TLS.Azure][Cloud][Acceptable]
idle: [....39] [ip4][..udp] [....192.168.1.6][50653] -> [....192.168.1.1][...53] [DNS.Teams][Collaborative][Safe]
DAEMON-EVENT: shutdown
|