The protocol list is embedded in the ntop code. The best solution is
to create your own list and start ntop with the -p option. (i.e. ntop
-p /etc/ntop/protocol.list). I started with ntop's list and added a
bunch more based on the services I run.
To find what ports a particular service runs on, you can check /etc/
services, the services configuration file, or netstat -a to see what
ports are listening. Sorry, I'm no windows guy, so linux is all I
can help with. Google is your best friend otherwise.
Daniel
Here's my list:
HTTP=http|www|https|3128
DNS=name|domain
Mail=pop-2|pop-3|pop3|kpop|smtp|imap|imap2
NFS=mount|pcnfs|bwnfs|nfsd|nfs|nfsd-status|7000-7009
AFP=afpovertcp
Windows=netbios-ns|netbios-dgm|netbios-ssn
FTP=ftp|ftp-data
TFTP=69
LDAP=ldap|ldapssl
SSH=ssh
Telnet=telnet|login
iTunes=3689
Radmind=6662
Amanda=10080-10083
Xgrid=4111
Keysvr=19283
Filemkr=5003|50003|50006
FlexLM=7111
ARD=3238
QTSS=554|8000-8001
mDNS=5353
sFlow=6343
DHCP=67-68
RPC=111
SNMP=snmp|snmp-trap
SLP=427
LPR=515|631
NNTP=nntp
VoIP=5060|2000|54045
X11=6000-6010
Gnutella=6346|6347|6348
Kazaa=1214
WinMX=6699|7730
DirectConnect=-1
eDonkey=4661-4665
BitTorrent=6881-6999|6969
Messenger=1863|5000|5001|5190-5193
On Aug 2, 2006, at 10:02 AM, Hugo Rebello wrote:
Guys,
I´d like to know how to ntop identify the kazaa, eDonkey,Messenger
and others traffics ?
Where can I find the port information about this traffic ?
Thank you.
Cheers,
Hugo
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
