On Wednesday 12 May 2004 00:04, Noam L. wrote:I can't find overnet's protocol spec right now, but I've seen that other popular protocols use
Overnet's connection is based on P2P, which requires one of the clients to
accept an incoming connection,
<-- snip -->
Thats, ofcourse, not based on any facts relevant to overnet - thats how any P2P network works (ed2k, kazaa, etc.)
But that doesn't answer either of my questions:
1 - why does it work at all if I didn't open a port in my firewall?
2 - does running Overnet pose a danger (with or without opening a firewall port)?
"public directory servers" which can be accessed to search files and sometimes download them
(if the host on the other side is on a "real" IP). i.e. it could be that many of the files you found
aren't really accesible to you because of your situation. It's a bit like the dead-tree telephone
directories which used to be in public telephone booths before the 80's - the directory itself is
public, but you still need a token to be allowed to make a call.
As for safety - it's like any other network-based program - if the program can accept packets from
outside and there is a bug in it about processing the data then the risk is larger than the absolute zero.
The main difference weather you open a port or not is that without opening a port it should be more
difficult to "inject" packets to your program from just any computer on the net, but instead only
computers with which you established connection pose a real risk (but we are not talking in absolute terms,
at least theoretically any computer can send "the right packet" if it knows what to send. See the recently
found TCP security risk widely publicised in the press).
Hope this answers your question. If you'll find the protocol spec then maybe I'll be able to give
you more specifics about it (if I'll have time).
--Amos
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
