SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  eMule -- TCP Activity 1

Category: P2P      

The eDonkey network is a decentralized, mostly server-based, peer-to-peer file sharing network best suited to share big files among users. There are many programs that act as the client part of the network. Most notably, eDonkey2000, the original client by MetaMachine; and eMule, a free program for Windows licensed under the GNU GPL. The eMule Project also developed a Kademlia network of their own (called Kad) to overcome the reliance on central servers.

eMule connects to multiple p2p networks, including eDonkey and Kad. eMule allows for direct exchange of sources between client nodes, quick recovery of corrupted downloads, and the use of a credits to reward uploaders. eMule transmits data in zlib-compressed form to save bandwidth.

SonicWALL signature SID 5, Encrypted Key Exchange -- Random Encryption (Skype,UltraSurf,Emule) is required in order to block eMule, and other eDonkey clients when they are run in obfuscated mode.

This SonicWALL signature identifies legitimate eDonkey network traffic.



Relevant Information