Capture network packets, begin at the bottom, from the link layer analysis to the network layer, and then resolves to the transport layer,
And then want to go to parse the application layer, but it is to find information is said that according to the transport layer port to determine what is the application layer protocol,
There is no other way, we can confirm the application layer protocol, rather than according to the port, because the port may be artificially modified,
CodePudding user response:
Is the communication agreement, we can only say that can be judged through the protocols of the port the application layer protocol, of course you can change it, such as no port 80 for your web service port, to switch to port 10079, but you have to notify all the people need access to your web page, if you are not judged by port, that unless you know a lot of all agreements, then get the answer in the data format,