1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655]
new: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656]
detected: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
detected: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
new: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655]
detected: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
new: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656]
detected: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
analyse: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][VPN][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 1.070| 0.172| 0.377|142420.984| 0.000]
[PKTLEN......: 190.000| 1510.000| 1149.200| 450.400|202833.500| 4.900]
[BINS(c->s)..: 0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,2,6,0,0]
[BINS(s->c)..: 0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,0,6,0,0]
[DIRECTIONS..: 0,0,1,1,1,0,0,0,0,0,0,1,1,1,1,1,0,0,0,1,1,0,0,1,1,1,1,1,0,0,0,0]
[IATS(ms)....: 0.2,27.5,0.0,0.0,27.5,0.2,0.1,0.2,0.2,0.1,15.4,0.0,41.8,0.0,0.0,1058.0,0.3,0.3,1003.7,0.1,1.8,0.2,45.3,0.1,0.0,1024.1,0.1,1069.5,0.1,1001.4,0.3]
[PKTLENS.....: 686,734,238,1486,782,230,1270,190,1310,1478,774,686,734,1278,190,1310,1358,1478,1374,1486,1502,1486,1494,1358,1486,1374,1502,1502,1502,1494,1510,1494]
analyse: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][VPN][Acceptable]
min| max| avg| stddev| variance| entropy
[IAT.........: 0.000| 2.412| 0.291| 0.559|312123.949| 0.000]
[PKTLEN......: 118.000| 1494.000| 1025.000| 450.300|202783.000| 4.800]
[BINS(c->s)..: 0,0,0,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,0,1,0,0,0,1,0,0,0,0,0,0,1,0,2,1,0,0,1,0,0]
[BINS(s->c)..: 0,0,1,0,1,0,0,0,0,1,0,0,0,0,0,1,0,0,0,1,0,1,0,0,0,0,0,0,1,0,0,1,0,0,0,0,0,0,1,2,2,2,0,0,2,3,0,0]
[DIRECTIONS..: 0,0,0,1,1,1,1,0,0,0,1,1,1,1,1,1,0,0,0,1,1,0,1,1,1,1,1,1,1,1,0,0]
[IATS(ms)....: 0.1,0.0,0.6,0.5,0.2,0.1,1049.1,0.0,0.0,1048.0,0.1,0.2,0.1,0.1,0.1,44.1,0.0,0.0,1044.7,0.3,1022.0,20.6,1001.5,0.3,0.2,363.6,1001.2,0.1,0.1,2412.5,0.0]
[PKTLENS.....: 766,1486,958,734,1270,1486,958,1070,670,334,1062,190,1310,526,670,334,190,1310,526,1478,1374,1374,1374,1486,1350,1318,118,1494,1478,1342,1390,1374]
end: [.....2] [ip4][..tcp] [.131.114.168.27][49290] -> [.185.83.218.112][55656] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
idle: [.....3] [ip4][..udp] [.131.114.168.27][55655] -> [.185.83.218.112][55655] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
idle: [.....4] [ip4][..udp] [.185.83.218.112][55656] -> [.131.114.168.27][55656] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
end: [.....1] [ip4][..tcp] [.131.114.168.27][59244] -> [.185.83.218.112][55655] [TINC][VPN][Acceptable]
RISK: Known Proto on Non Std Port
DAEMON-EVENT: shutdown
|