Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Y
Y
Yeo2017-01-09 23:27:02
Traffic analysis
Yeo, 2017-01-09 23:27:02

How to get application layer protocol?

Hello, I am writing a sniffer. Interested in how to get the application layer protocol (name) of the intercepted packet. Which way to climb?
You need to make a correspondence table "package metrics" - the name of the application layer.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrew, 2017-01-10
@Yeo

As a first approximation - by TCP / UDP port of the server side ( IANA Assigned Numbers ).
If you need higher accuracy, look towards signatures and heuristics.
Nobody prevents the client and the server from "agreeing" on the use of a non-standard port for any application protocol.

Similar questions
S
sasvak2017-08-03 01:32:52
How to write (where to download) a traffic sniffer? 2Reply
C
Chvalov2015-09-06 22:38:47
How to analyze all Android traffic + ssl connections? 4Reply
I
ispoo2017-08-30 23:47:59
How to make http_connection receive information? 0Reply
J
Jeka2020-03-13 01:31:46
How to restrict access to the site by type of traffic? 2Reply
P
peterBOG2017-12-26 21:38:07
Why does RawCap only intercept GET? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question