Project

General

Profile

Actions

Feature #3086

closed

app_proto for Torrent traffic

Added by Kenneth Kolano over 5 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
medium
Difficulty:
medium
Label:
Protocol

Description

Currently the app_proto registered for Torrent traffic is "failed". Can the detection be revised to detect Torrent traffic?

It should be identifiable by the payload pre-fix: "d1:ad2:id20:".


Related issues 1 (1 open0 closed)

Related to Suricata - Task #4151: Research: New protocol supportNewCommunity TicketActions
Actions

Also available in: Atom PDF