AUTOMATED PROTOCOL analysis
[I)ruid] from BreakingPoint Labs has been doing rather a bit of protocol reverse engineering as part of his work. He put together a publish covering a few of the tools that have been beneficial for this task. Text-based protocols have a great deal of human readable characters that can assist you determine fields. Binary protocols don’t have this high-end though. He suggests the Protocol Informatics job for dealing with these situations. It applies bioinformatics algorithms to network traffic. You provide it a packet dump of the protocol as well as it compares them to discover similarities the exact same method genetic sequences are compared. It can be confused by protocols that squander a great deal of space, however it’s still a extremely creative technique to reversing.
[photo: slashcrisis]