OK. Let's go on the premise that we are talking about internal users that want to get files off of Napster.
How does the client that wishes to download files tell the client with the files to change ports to a port they can reach the client on(assuming that inbound connections are not an option)?
-----Original Message-----
From: mouss [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 14, 2001 8:15 AM
To: Gibson, Brian; 'Young, Beth A.'; [EMAIL PROTECTED]
Subject: RE: napster
At 22:19 13/03/01 -0500, Gibson, Brian wrote:
>I have heard this from several people but I fail to understand the mechanics.
>
>As I understand it the Napster system works by the client connecting to a
>server to retrieve a list of mp3s. The client then connects to the
>specific client that actually has the file.
>
>So first the client has to connect to the server. It attempts to connect
>to the server. Let's assume that the Napster service is running on all
>sorts of available ports(ie 80, 110, 443, 25, etc) You somehow connect.
>
>How exactly does your client connect to the client with the actual mp3 on
>it? Presumably the remote client isn't running on all available
>ports. So if the client is running on port 7777 how do you tell it to
>listen on port 80 or whatever port it needs to listen on?
"normally", the client binds a new socket on a random port and informs the
server on which port it is listening.
other clients then just connect to that port.
if the client is behind a firewall that blocks incoming requests, then the
napster makes the connection go
the other way. In other words, the guy who needs to download your files
listens on a random port and
the other client connects to (instead of listening and receiving a request,
thus acting as a server, it acts
as a client).
So napster will work if at least one of the clients is not behind a firewall.
Now I can see 2 things:
- you're concerned about inbound connections. If so, this is not a pure
problem of Napster. This is a more
general one. you need to block incoming connections, napster or not.
- you're concerned about files going from inside to outside. but then this
is hard to block. unless you can
check every protocol (email for example) that can post data to the
internet, and possibly check users
machines periodically (and stating that mp3 is illegal inside the network)...
cheers,
mouss
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
