2
When using Wireshark you can display the packets with just the plain number of the port, or with a "transport layer name resolution" (via the View/Name Resolution menu, for example).
Unfortunately, the resolved name are often obscure: "sentinel", "snac", "cimtrak", "exapt-lmgr", "jamserverport", etc. There are literally hundreds of different such labels. I assume wireshark is looking inside the packet and somehow identifying the type of communication it is. There is no documentation of these lables (cimtrack, etc) that I can find in the Wireshark documentation.
How can I find out what these port labels mean?
Tyler Durden
Posted 2014-08-03T17:55:14.060
Reputation: 4 710
So, if the labels are just hard coded port announcements, then I guess many of them are just worthless, because anybody can put a server on such ports. – Tyler Durden – 2014-08-04T19:19:07.873
Yes. Hence the discussion of not using it for mapping port numbers to service names. (The services file was introduced in BSD for that mapping and for mapping service names to port numbers; it's potentially more convenient for the latter purpose, e.g.
telnet {mailserver} smtprather thantelnet {mailserver} 25at the command line.) – None – 2014-08-05T21:58:58.920