BitTorrent Detection

Description

This bundle detects the usage of BitTorrent, which is a common peer-to-peer protocol that clients often share large files over. While BitTorrent is not inherently malicious, people often obtain content illegally over BitTorrent, and files available for download through BitTorrent can contain malware.

The included dashboard displays information about internal clients that are sending and receiving BitTorrent traffic, including the number of messages and bytes transferred.

Bundle Contents

• (1) Trigger
  • BitTorrent Detection
• (1) Dashboard
  • BitTorrent Detection
• (1) Dynamic Group
  • All Devices

Requirements

ExtraHop version 6.2.4 or later

Installation Instructions

1. Download the bundle on this page
2. Log into the ExtraHop Web UI and complete the following procedures:
   • Upload and apply a bundle - When applying the bundle, check the Apply included assignments checkbox.
   • Enable the BitTorrent Detection trigger.