""ET P2P Gnutella TCP Traffic""
SID: 2007801
Revision: 4
Class Type: policy-violation
Metadata: created_at 2010_07_30, updated_at 2010_12_22
Reference:
Protocol: tcp
Source Network: any
Source Port: 1024:
Destination Network: any
Destination Port: 1024:
Flow: established,to_server
Contents:
-
Value: "GNUTELLA" Depth: 8
-
Value: "200 OK|0d 0a|"
Within: 15
PCRE:
Special Options: