1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
DAEMON-EVENT: init
DAEMON-EVENT: [Processed: 0 pkts][ZLib][compressions: 0|diff: 0 / 0]
DAEMON-EVENT: [Flows][active: 0 / 0|skipped: 0|!detected: 0|guessed: 0|detection-updates: 0|updates: 0]
new: [.....1] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621]
detected: [.....1] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable]
new: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [MIDSTREAM]
new: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478]
detected: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
new: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478]
detected: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
new: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478]
detected: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
new: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478]
detected: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
new: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478]
detected: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
new: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900]
detected: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
analyse: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222]
[min|max|avg|stddev|variance|entropy]
[IAT.........: 0.000| 2.404| 0.182| 0.481|231053.525| 0.000]
[PKTLEN......: 66.000| 1454.000| 282.400| 335.200|112371.900| 4.300]
[BINS(c->s)..: 11,0,0,0,5,2,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 1,0,0,1,1,4,0,0,1,0,0,1,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0]
[DIRECTIONS..: 0,1,1,1,1,1,1,1,1,1,0,0,0,0,0,0,0,1,1,0,0,1,0,1,0,0,0,0,0,0,0,0]
[IATS........: 51726,176830,2,439642,1227815,753,306057,108901,2404473,241,10,252,9,41,323,133116,635,40681,277,7651,7949,1743,1602,528764,1087,660,696,654,2651,2561,0,0]
[PKTLENS.....: 614,66,1454,169,522,522,346,203,239,1454,66,66,78,66,66,66,78,242,242,66,66,242,66,418,66,228,226,220,220,220,220,220]
guessed: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable]
detected: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable]
analyse: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
[min|max|avg|stddev|variance|entropy]
[IAT.........: 0.000| 0.550| 0.064| 0.136|18373.693| 0.000]
[PKTLEN......: 44.000| 514.000| 345.600| 205.800|42355.100| 4.700]
[BINS(c->s)..: 3,0,0,4,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 2,4,0,0,0,0,0,0,0,0,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,1,1,0,0,1,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,1,1,1,0,1,1,0]
[IATS........: 95,13142,1109,548212,794,550126,16210,117,20333,106,23568,573,14505,979,116,79305,29641,99,23164,167,19951,342,24390,3500,104447,150456,15882,197610,75380,2499,68245,0]
[PKTLENS.....: 168,168,86,86,168,514,86,514,514,514,514,514,514,48,514,514,44,514,514,514,514,514,514,514,168,86,62,514,62,514,514,62]
new: [.....9] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67]
detected: [.....9] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
new: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491]
detected: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491] [STUN.WhatsAppCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
new: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641]
detected: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
analyse: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][VoIP][Acceptable]
[min|max|avg|stddev|variance|entropy]
[IAT.........: 0.000| 1.979| 0.150| 0.383|146861.081| 0.000]
[PKTLEN......: 86.000| 1160.000| 537.500| 432.000|186635.800| 4.500]
[BINS(c->s)..: 0,6,0,2,1,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,7,0,0,0,7,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0]
[BINS(s->c)..: 0,2,0,2,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
[DIRECTIONS..: 0,0,0,0,1,0,0,1,1,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1]
[IATS........: 707140,619781,619147,1979427,36290,69699,132037,26361,100137,1489,36501,24632,139,224,338,341,10692,26140,102372,15137,296,563,516,886,169,757,7597,915,148,631,131189,0]
[PKTLENS.....: 86,86,86,86,86,86,86,170,86,179,164,144,913,913,913,912,1160,208,157,212,1036,1036,1036,1036,1036,1034,164,934,934,934,1062,224]
new: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500]
detected: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable]
new: [....13] [ip4][..udp] [...192.168.2.12][65025] -> [239.255.255.250][.1900]
detected: [....13] [ip4][..udp] [...192.168.2.12][65025] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
new: [....14] [ip4][..udp] [...192.168.2.12][51458] -> [239.255.255.250][.1900]
detected: [....14] [ip4][..udp] [...192.168.2.12][51458] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [.....8] [ip4][..udp] [...192.168.2.12][51277] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [.....9] [ip4][..udp] [........0.0.0.0][...68] -> [255.255.255.255][...67] [DHCP][Network][Acceptable]
idle: [.....7] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.196.62][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
idle: [.....5] [ip4][..udp] [...192.168.2.12][53688] -> [.157.240.193.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
idle: [....14] [ip4][..udp] [...192.168.2.12][51458] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [....12] [ip4][..udp] [....192.168.2.1][17500] -> [..192.168.2.255][17500] [Dropbox][Cloud][Acceptable]
idle: [.....1] [ip4][..udp] [....192.168.2.1][57621] -> [..192.168.2.255][57621] [Spotify][Music][Acceptable]
idle: [.....6] [ip4][..udp] [...192.168.2.12][53688] -> [..179.60.192.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
idle: [.....4] [ip4][..udp] [...192.168.2.12][53688] -> [..185.60.216.51][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
idle: [.....3] [ip4][..udp] [...192.168.2.12][53688] -> [....31.13.86.48][.3478] [STUN.WhatsAppCall][VoIP][Acceptable]
idle: [....13] [ip4][..udp] [...192.168.2.12][65025] -> [239.255.255.250][.1900] [SSDP][System][Acceptable]
idle: [....11] [ip4][..udp] [...192.168.2.12][53688] -> [...91.252.56.51][32641] [STUN.WhatsAppCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
idle: [.....2] [ip4][..tcp] [...192.168.2.12][49355] -> [..157.240.20.53][.5222] [WhatsApp][Chat][Acceptable]
idle: [....10] [ip4][..udp] [...192.168.2.12][53688] -> [.....1.60.78.64][59491] [STUN.WhatsAppCall][VoIP][Acceptable]
RISK: Known Proto on Non Std Port
DAEMON-EVENT: shutdown
|