""ET P2P BitTorrent DHT find_node request""
SID: 2008582
Revision: 6
Class Type: policy-violation
Metadata: created_at 2010_07_30, updated_at 2010_12_22
Reference:
Protocol: udp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: any
Flow:
Contents:
-
Value: "d1|3a|ad2|3a|id20|3a|" Depth: 24
-
Value: "6|3a|target20|3a|"
-
Value: "e1|3a|q9|3a|find_node1|3a|"
-
Value: "e1|3a|q9|3a|find_node1|3a|"
Within:
PCRE:
Special Options:
-
nocase
-
nocase
-
nocase
-
nocase