国内部分软件网络通讯协议分析(含特征码)

我以前做了近百个国内外网络常用软件的协议分析,如QQ,BT,MSN等,现在晒出部分供网友参考,如有人和我分析的不同,请顶贴告知,谢谢广大网友参与.

我暂时研究的协议列表如下:

#patname type port packet.dat
QQ_TCP 2 0 2.dat
QQ_UDP 5 0 1.dat
MSN 2 1863 
YAHOO 2 0 7.dat
OSCAR 2 0 8.dat
Skype_UDP 5 0 15.dat
UC_TCP 2 0 19.dat
UC_UDP 5 3001-3002 
POPO_TCP 0 0 23.dat
ET_UDP 5 10000-10001 
WangWang_TCP 2 0 36.dat
MaoYiTong 2 0 38.dat
IRC_TCP 2 6667 
Ventrilo_TCP 0 0 48.dat
TeamSpeak_UDP 3 0 49.dat
RogerWilco_TCP 2 3782 
RogerWilco_UDP 5 3782 
PeerMe_TCP 2 5112 
OpenH323 2 1720 
GameComm_TCP 2 12535 
GoogleTalk_TCP 2 5222 
HTTP 0 0 9.dat
BT_TCP 2 0 4.dat
XUNLEI_TCP 2 3076 
XUNLEI_UDP 5 3076 
AppleJuice_TCP 0 0 6.dat
Ares 2 15983 
ARES_TCP 0 0 21.dat
Edonkey_TCP 2 0 25.dat
DirectConnect 2 0 26.dat
Gnutella 2 6346,6348 
Gnutella2_TCP 2 0 77.dat
Gnutella2_UDP 5 6346 
IMesh_TCP 0 0 33.dat
Mute 2 4900 
Poco_TCP 2 5354 
Poco_UDP 5 9091,9099 
KCeasy 2 0 41.dat
Soulseek_TCP 2 2240 
Piolet_UDP 5 41170 
PeerCast_TCP 2 7144 
earthStation5_UDP 5 37 
EarthStation_5 2 1002 
Filetopia_TCP 1 0 56.dat
GNUnet_TCP 0 0 57.dat
Groove_TCP 0 0 60.dat
JXTA_TCP 2 0 61.dat
Mnet_TCP 2 22088 
KAMUN_UDP 5 9000,9500 
kubao 2 9292 
TuoTu_TCP 2 3000,3306 
RealLink_UDP 5 30001 
BaiZhao_UDP 5 6600 
BaiDuX_TCP 2 11111-11113 
BaiDuX_UDP 5 11111-11113 
QQ_Game 2 0 16.dat
LianZhong_TCP 2 2000-2002 
ChinaGames 2 8000 
KeLe8 2 10006,10020 
MXD_TCP 2 8086,8484,8585 
HaoFang 2 1203 
FTP 2 21 
QQFTP_UDP2 3 0 82.dat
QQFTP_TCP 0 0 30.dat
QQSHARE 1 0 31.dat
OSCARFTP 2 0 62.dat
MSNFTPUDP 5 0 75.dat
MSNFTPTCP 2 0 76.dat
OFT2_3 2 0 84.dat
OSCARFTP2 2 0 83.dat
SOCK4 0 0 13.dat
SOCK5 0 0 14.dat
HTTPS 0 0 64.dat
WinSCP2 2 0 65.dat
SMTP 2 25 
POP3 2 110 
RealPlayer 0 0 43.dat
FreeCast_TCP 2 1666 
FreeCast_UDP 5 3478 
PPLive_TCP 0 0 66.dat
QQLive_UDP 3 0 71.dat

我都是写在xml中的,数据包都通过测试的. 先具体列几个大家看看.

 1.迅雷 

       
               
                        P2P                                                 // 软件所属类别名称为p2p类
                       
                                XUNLEI                                 //软件名称迅雷
                                1                                               //可以实现监控并封堵
                                迅雷                                         //软件中文描述
                               
                                        XUNLEI_TCP            //迅雷的TCP通讯方式
                                        迅雷下载                        //中文描述
                                        0                                       //TCP所属类别归为0
                                        0                                  //可以封堵标志为0
                                        29                                    //特征码开始标志
                                        0                            //通过特征码匹配
                                        ^/x29/x00/x00/x00             //可以实现匹配的特征码节选
                               
                       
               
       
 

 2.电驴eDonkey(电骡)

 
 
       
               
                        P2P
                       
                                Edonkey
                                1
                                电驴
                               
                                        Edonkey_TCP
                                        电驴TCP方式
                                        2
                                        0
                                        e3
                                        0
                                        ^/xe3.{1}/x00/x00/x00
                               
                       
               
       
 

3.新浪UC

 
 
       
               
                        IM
                       
                                UC
                                1
                                新浪UC
                               
                                        UC_TCP
                                        UC TCP方式
                                        2
                                        0
                                        01
                                        0
                                        ^/x01/x02/x03
                               
    
                                        UC_UDP
                                        UC UDP方式
                                        5
                                        0
                                       
                                        1
                                        3001
                               
    
                                        UC_UDP
                                        UC UDP方式
                                        5
                                        0
                                       
                                        1
                                        3002
                               
                       
               
       
 

4.浩方对战平台
 
 
       
               
                        GAME
                       
                                HAOFANG
                                1
                                浩方对战平台
                               
                                        HaoFang
                                        HaoFang
                                        2
                                        0
                                       
                                        1
                                        1203
                               
                       
               
       
 
5.QQ游戏
 
 
       
               
                        GAME
                       
                                QQ_GAME
                                1
                                QQ游戏
                               
                                        QQ_Game
                                        qq游戏
                                        2
                                        2
                                        2d
                                        0
                                        ^/x2d/x00(/x00/x00|/xff/xff)
                               
                       
               
       
 

先发这5个供网友参考,如果需要其他的,网友可以提出来,大家一起研究.