BitTorrent Mainline DHT Detection

This script is Copyright (C) 2010-2011 Tenable Network Security, Inc.


Synopsis :

A file-sharing service is running on the remote port.

Description :

The remote host is participating in a Distributed Hash Table (DHT)
network, an indication of a peer-to-peer file-sharing application is
running on the host. Specifically, this host is using Mainline DHT,
an implementation developed by the original BitTorrent client and
adopted by some others.

Note that, due to the peer-to-peer nature of the application, any user
connecting to the P2P network may consume a large amount of
bandwidth.

See also :

http://www.bittorrent.org/beps/bep_0005.html

Solution :

Make sure that the use of this program agrees with your
organization's acceptable use and security policies.

Note that filtering traffic to or from this port is not a sufficient
solution since the software can use a random port.

Risk factor :

None

Family: Peer-To-Peer File Sharing

Nessus Plugin ID: 50677 ()

Bugtraq ID:

CVE ID: