标题（title）：Detecting Torrents Using Snort
大小（size）：1 MB (1162033 bytes)
It is estimated that one-third of the traffic on the Internet is peer-to-peer. The fact is that peer-
to-peer protocols such as BitTorrent provide a very efficient way to distribute large files such as
operating system ISOs. Unfortunately that also makes peer-to-peer protocols a very efficient way to download copyright content such as music and movies. Regardless of whether corporate policy prohibits downloading of copyrighted content, or prohibits all peer-to-peer usage, it is essential to be able to detect the various aspects of peer-to-peer usage. This paper decomposes BitTorrent and the associated protocols used in conjunction with BitTorrent downloads to devise a number of different ways to detect the aspects of this traffic. This research is then used to create Snort signatures which can be implemented to detect the BitTorrent traffic in your environment.