Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2023-03-12 14:14:55 +0000

Jaap gravatar image

The Wireshark bittorrent dissector uses two methods to identify bittorrent traffic:

  1. It uses a range of TCP ports
  2. It uses a heuristic analysis of the packet consisting of:
    1. minimum payload length
    2. a length indication
    3. an identification string

If there are others, these are not (yet) implemented in the dissector.

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2