""ET P2P BitTorrent DHT get_peers request""
SID: 2008584
Revision: 5
Class Type: policy-violation
Metadata: created_at 2010_07_30, updated_at 2010_12_22
Reference:
Protocol: udp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: any
Flow:
Contents:
- Value: "d1|3a|ad2|3a|id20|3a|"
Offset: 12
-
Value: "9|3a|info_hash20|3a|"
-
Value: "e1|3a|q9|3a|get_peers1|3a|"
Within: 14
PCRE:
Special Options:
-
nocase
-
nocase
-
nocase