国内部分软件网络通讯协议分析(含特征码)
2012-06-21 15:14
1256 查看
协议列表如下:
#patname type port packet.dat
QQ_TCP 2 0 2.dat
QQ_UDP 5 0 1.dat
MSN 2 1863
YAHOO 2 0 7.dat
OSCAR 2 0 8.dat
Skype_UDP 5 0 15.dat
UC_TCP 2 0 19.dat
UC_UDP 5 3001-3002
POPO_TCP 0 0 23.dat
ET_UDP 5 10000-10001
WangWang_TCP 2 0 36.dat
MaoYiTong 2 0 38.dat
IRC_TCP 2 6667
Ventrilo_TCP 0 0 48.dat
TeamSpeak_UDP 3 0 49.dat
RogerWilco_TCP 2 3782
RogerWilco_UDP 5 3782
PeerMe_TCP 2 5112
OpenH323 2 1720
GameComm_TCP 2 12535
GoogleTalk_TCP 2 5222
HTTP 0 0 9.dat
BT_TCP 2 0 4.dat
XUNLEI_TCP 2 3076
XUNLEI_UDP 5 3076
AppleJuice_TCP 0 0 6.dat
Ares 2 15983
ARES_TCP 0 0 21.dat
Edonkey_TCP 2 0 25.dat
DirectConnect 2 0 26.dat
Gnutella 2 6346,6348
Gnutella2_TCP 2 0 77.dat
Gnutella2_UDP 5 6346
IMesh_TCP 0 0 33.dat
Mute 2 4900
Poco_TCP 2 5354
Poco_UDP 5 9091,9099
KCeasy 2 0 41.dat
Soulseek_TCP 2 2240
Piolet_UDP 5 41170
PeerCast_TCP 2 7144
earthStation5_UDP 5 37
EarthStation_5 2 1002
Filetopia_TCP 1 0 56.dat
GNUnet_TCP 0 0 57.dat
Groove_TCP 0 0 60.dat
JXTA_TCP 2 0 61.dat
Mnet_TCP 2 22088
KAMUN_UDP 5 9000,9500
kubao 2 9292
TuoTu_TCP 2 3000,3306
RealLink_UDP 5 30001
BaiZhao_UDP 5 6600
BaiDuX_TCP 2 11111-11113
BaiDuX_UDP 5 11111-11113
QQ_Game 2 0 16.dat
LianZhong_TCP 2 2000-2002
ChinaGames 2 8000
KeLe8 2 10006,10020
MXD_TCP 2 8086,8484,8585
HaoFang 2 1203
FTP 2 21
QQFTP_UDP2 3 0 82.dat
QQFTP_TCP 0 0 30.dat
QQSHARE 1 0 31.dat
OSCARFTP 2 0 62.dat
MSNFTPUDP 5 0 75.dat
MSNFTPTCP 2 0 76.dat
OFT2_3 2 0 84.dat
OSCARFTP2 2 0 83.dat
SOCK4 0 0 13.dat
SOCK5 0 0 14.dat
HTTPS 0 0 64.dat
WinSCP2 2 0 65.dat
SMTP 2 25
POP3 2 110
RealPlayer 0 0 43.dat
FreeCast_TCP 2 1666
FreeCast_UDP 5 3478
PPLive_TCP 0 0 66.dat
QQLive_UDP 3 0 71.dat
我都是写在xml中的,数据包都通过测试的. 先具体列几个大家看看.
1.迅雷
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>P2P</Name> // 软件所属类别名称为p2p类
<Protocol>
<Name>XUNLEI</Name> //软件名称迅雷
<Block>1</Block> //可以实现监控并封堵
<Desc>迅雷</Desc> //软件中文描述
<Pattern>
<Name>XUNLEI_TCP</Name> //迅雷的TCP通讯方式
<Desc>迅雷下载</Desc> //中文描述
<Type>0</Type> //TCP所属类别归为0
<Offset>0</Offset> //可以封堵标志为0
<Start>29</Start> //特征码开始标志
<Pattype>0</Pattype> //通过特征码匹配
<Pat>^/x29/x00/x00/x00</Pat> //可以实现匹配的特征码节选
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
2.电驴eDonkey(电骡)
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>P2P</Name>
<Protocol>
<Name>Edonkey</Name>
<Block>1</Block>
<Desc>电驴</Desc>
<Pattern>
<Name>Edonkey_TCP</Name>
<Desc>电驴TCP方式</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start>e3</Start>
<Pattype>0</Pattype>
<Pat>^/xe3.{1}/x00/x00/x00</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
3.新浪UC
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>IM</Name>
<Protocol>
<Name>UC</Name>
<Block>1</Block>
<Desc>新浪UC</Desc>
<Pattern>
<Name>UC_TCP</Name>
<Desc>UC TCP方式</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start>01</Start>
<Pattype>0</Pattype>
<Pat>^/x01/x02/x03</Pat>
</Pattern>
<Pattern>
<Name>UC_UDP</Name>
<Desc>UC UDP方式</Desc>
<Type>5</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>3001</Pat>
</Pattern>
<Pattern>
<Name>UC_UDP</Name>
<Desc>UC UDP方式</Desc>
<Type>5</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>3002</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
4.浩方对战平台
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>GAME</Name>
<Protocol>
<Name>HAOFANG</Name>
<Block>1</Block>
<Desc>浩方对战平台</Desc>
<Pattern>
<Name>HaoFang</Name>
<Desc>HaoFang</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>1203</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
5.QQ游戏
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>GAME</Name>
<Protocol>
<Name>QQ_GAME</Name>
<Block>1</Block>
<Desc>QQ游戏</Desc>
<Pattern>
<Name>QQ_Game</Name>
<Desc>qq游戏</Desc>
<Type>2</Type>
<Offset>2</Offset>
<Start>2d</Start>
<Pattype>0</Pattype>
<Pat>^/x2d/x00(/x00/x00|/xff/xff)</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
#patname type port packet.dat
QQ_TCP 2 0 2.dat
QQ_UDP 5 0 1.dat
MSN 2 1863
YAHOO 2 0 7.dat
OSCAR 2 0 8.dat
Skype_UDP 5 0 15.dat
UC_TCP 2 0 19.dat
UC_UDP 5 3001-3002
POPO_TCP 0 0 23.dat
ET_UDP 5 10000-10001
WangWang_TCP 2 0 36.dat
MaoYiTong 2 0 38.dat
IRC_TCP 2 6667
Ventrilo_TCP 0 0 48.dat
TeamSpeak_UDP 3 0 49.dat
RogerWilco_TCP 2 3782
RogerWilco_UDP 5 3782
PeerMe_TCP 2 5112
OpenH323 2 1720
GameComm_TCP 2 12535
GoogleTalk_TCP 2 5222
HTTP 0 0 9.dat
BT_TCP 2 0 4.dat
XUNLEI_TCP 2 3076
XUNLEI_UDP 5 3076
AppleJuice_TCP 0 0 6.dat
Ares 2 15983
ARES_TCP 0 0 21.dat
Edonkey_TCP 2 0 25.dat
DirectConnect 2 0 26.dat
Gnutella 2 6346,6348
Gnutella2_TCP 2 0 77.dat
Gnutella2_UDP 5 6346
IMesh_TCP 0 0 33.dat
Mute 2 4900
Poco_TCP 2 5354
Poco_UDP 5 9091,9099
KCeasy 2 0 41.dat
Soulseek_TCP 2 2240
Piolet_UDP 5 41170
PeerCast_TCP 2 7144
earthStation5_UDP 5 37
EarthStation_5 2 1002
Filetopia_TCP 1 0 56.dat
GNUnet_TCP 0 0 57.dat
Groove_TCP 0 0 60.dat
JXTA_TCP 2 0 61.dat
Mnet_TCP 2 22088
KAMUN_UDP 5 9000,9500
kubao 2 9292
TuoTu_TCP 2 3000,3306
RealLink_UDP 5 30001
BaiZhao_UDP 5 6600
BaiDuX_TCP 2 11111-11113
BaiDuX_UDP 5 11111-11113
QQ_Game 2 0 16.dat
LianZhong_TCP 2 2000-2002
ChinaGames 2 8000
KeLe8 2 10006,10020
MXD_TCP 2 8086,8484,8585
HaoFang 2 1203
FTP 2 21
QQFTP_UDP2 3 0 82.dat
QQFTP_TCP 0 0 30.dat
QQSHARE 1 0 31.dat
OSCARFTP 2 0 62.dat
MSNFTPUDP 5 0 75.dat
MSNFTPTCP 2 0 76.dat
OFT2_3 2 0 84.dat
OSCARFTP2 2 0 83.dat
SOCK4 0 0 13.dat
SOCK5 0 0 14.dat
HTTPS 0 0 64.dat
WinSCP2 2 0 65.dat
SMTP 2 25
POP3 2 110
RealPlayer 0 0 43.dat
FreeCast_TCP 2 1666
FreeCast_UDP 5 3478
PPLive_TCP 0 0 66.dat
QQLive_UDP 3 0 71.dat
我都是写在xml中的,数据包都通过测试的. 先具体列几个大家看看.
1.迅雷
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>P2P</Name> // 软件所属类别名称为p2p类
<Protocol>
<Name>XUNLEI</Name> //软件名称迅雷
<Block>1</Block> //可以实现监控并封堵
<Desc>迅雷</Desc> //软件中文描述
<Pattern>
<Name>XUNLEI_TCP</Name> //迅雷的TCP通讯方式
<Desc>迅雷下载</Desc> //中文描述
<Type>0</Type> //TCP所属类别归为0
<Offset>0</Offset> //可以封堵标志为0
<Start>29</Start> //特征码开始标志
<Pattype>0</Pattype> //通过特征码匹配
<Pat>^/x29/x00/x00/x00</Pat> //可以实现匹配的特征码节选
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
2.电驴eDonkey(电骡)
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>P2P</Name>
<Protocol>
<Name>Edonkey</Name>
<Block>1</Block>
<Desc>电驴</Desc>
<Pattern>
<Name>Edonkey_TCP</Name>
<Desc>电驴TCP方式</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start>e3</Start>
<Pattype>0</Pattype>
<Pat>^/xe3.{1}/x00/x00/x00</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
3.新浪UC
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>IM</Name>
<Protocol>
<Name>UC</Name>
<Block>1</Block>
<Desc>新浪UC</Desc>
<Pattern>
<Name>UC_TCP</Name>
<Desc>UC TCP方式</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start>01</Start>
<Pattype>0</Pattype>
<Pat>^/x01/x02/x03</Pat>
</Pattern>
<Pattern>
<Name>UC_UDP</Name>
<Desc>UC UDP方式</Desc>
<Type>5</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>3001</Pat>
</Pattern>
<Pattern>
<Name>UC_UDP</Name>
<Desc>UC UDP方式</Desc>
<Type>5</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>3002</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
4.浩方对战平台
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>GAME</Name>
<Protocol>
<Name>HAOFANG</Name>
<Block>1</Block>
<Desc>浩方对战平台</Desc>
<Pattern>
<Name>HaoFang</Name>
<Desc>HaoFang</Desc>
<Type>2</Type>
<Offset>0</Offset>
<Start></Start>
<Pattype>1</Pattype>
<Pat>1203</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
5.QQ游戏
<?xml version="1.0" encoding="ISO-8859-1"?>
<Config>
<CatagoryList>
<Catagory>
<Name>GAME</Name>
<Protocol>
<Name>QQ_GAME</Name>
<Block>1</Block>
<Desc>QQ游戏</Desc>
<Pattern>
<Name>QQ_Game</Name>
<Desc>qq游戏</Desc>
<Type>2</Type>
<Offset>2</Offset>
<Start>2d</Start>
<Pattype>0</Pattype>
<Pat>^/x2d/x00(/x00/x00|/xff/xff)</Pat>
</Pattern>
</Protocol>
</Catagory>
</CatagoryList>
</Config>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 国内部分软件网络通讯协议分析(含特征码)
- 网络协议分析题库练习题(部分)
- [技术讨论]网络软件开发的bug分析与公司开发管理问题之腾讯篇三UML部分(有更新)
- 网络数据包协议分析软件
- 免费下载软件--网络通讯协议图屏保
- 网络协议分析软件Sniffer Pro 4.7.5 破解版
- 使用协议分析软件查找网络故障慢的原因
- 【工业串口和网络软件通讯平台(SuperIO)教程】二.架构和组成部分
- 网络协议分析软件 Wireshark
- 网络协议分析软件
- adb 通信协议分析以及实现 (三) (Adb 网络通信部分解析)
- 【工业串口和网络软件通讯平台(SuperIO)教程】二.架构和组成部分
- 网络协议分析软件安装部署简介!
- 网络协议分析软件
- 2.4 规划网络和通讯协议
- Linux网络协议分析工具TCPDump
- 网络封包分析软件-WildPackets OmniPeek Workgroup Pro
- Wireshark数据抓包分析(网络协议篇)第1章网络协议抓包概述
- HLS协议分析软件,EasyICE全新设计对HLS的支持
- 网络协议分析之路由器之间的链接