Figuring out Bittorrent behavior with Wireshark.
Any protocol analyst worth their salt will always try to find a pattern, signature or specific behavior that makes this application unique.
If you can do this on a regular basis, you will quickly learn the applications regular, or normal behavior which makes troubleshooting easy since you have a baseline in the back of your head.
In this specific example a customer asked me how to start to find Utorrent clients using a protocol analyzer.
In this video I show you some of the simple things to look for and I’m sure you find many more things to look for as well.
So what are you waiting for, go grab your network by the packets.