Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Y
Y
Yeo2017-01-09 23:27:02
Traffic analysis
Yeo, 2017-01-09 23:27:02

How to get application layer protocol?

Hello, I am writing a sniffer. Interested in how to get the application layer protocol (name) of the intercepted packet. Which way to climb?
You need to make a correspondence table "package metrics" - the name of the application layer.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrew, 2017-01-10
@Yeo

As a first approximation - by TCP / UDP port of the server side ( IANA Assigned Numbers ).
If you need higher accuracy, look towards signatures and heuristics.
Nobody prevents the client and the server from "agreeing" on the use of a non-standard port for any application protocol.

Similar questions
V
Valery Rusin2012-11-09 10:55:56
SoapClient in PHP: how to get HTTP headers? 2Reply
B
byreoil2018-05-03 23:12:13
Why are all letters of the alphabet except xyz transmitted in the ping packet? 1Reply
S
Space2016-02-11 06:52:08
How to catch requests with a sniffer? 2Reply
A
Andrey2020-07-01 16:11:33
How to sniffer https traffic from android app with private key? 2Reply
D
dilikjan2018-09-21 07:53:50
How pfsense manage traffic? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question