Re: Gnutella scanning instead of service providers.
On Sat, 25 Aug 2001, Gary Jeffers wrote: >My fellow Cypherpunks, > > Ray Dillinger believes that scanning would assist oppressors as >much as regular users. Joseph Ashwood agrees with this and further >thinks that the Internet overhead of a scanner would be a serious >problem. Not really. To that extent, a gnutella scanner is probably already in the hands of any law enforcement types that are interested, and there's no reason gnutella itself ought not benefit from the same technology. Better points, since I need to spell them out, are: (a) If scanning is done in a clumsy way it generates a lot of network traffic and twangs a lot of alarms at various firewalls. (b) scanning is a "hot button" issue with a fair number of people and could generate complaints. (c) complaints about gnutella scanning would be "legal ammo" for people who wanted to shut it down. I think that all network applications ought to be able to find other nodes running other copies of the application - but be very careful how you design it, so as not to piss people off. > As far as Joseph Ashwood's claim that the Internet overhead would be >too much. Is his point exaggerated? Would it be possible to write low >overhead scanners? I do not have the "skill set" to say. Maybe he is >right, maybe not. Anybody got something definitive to say on this? A nice low-overhead scanner that doesn't generate complaints, would be a request and response on some other protocol. If you write a little cgi program, say IsGnutellaThere.cgi, and have gnutella users drop it into their apache (or iis, or whatever) directory, then you can make an HTTP request on port 80. IsGnutellaThere.cgi would run and check to see if the gnutella server is up and what port it's on, maybe check a table to find other gnutellas that it knows about, and return that information in an http response. Then gnutella users who wanted to be scannable (and not all of them will) could drop the program into their CGI directory, and scan-enabled gnutellas could just learn how to make a simple HTTP request and keep that table up-to-date for IsGnutellaThere.cgi to access. HTTP is low-overhead and innocuous, and there's already a hole for it in most firewalls. It won't generate alarms. A straight-up "scanning" approach most definitely will. Bear
Re: Gnutella scanning instead of service providers.
On 25 Aug 2001, at 16:06, Gary Jeffers wrote: > My fellow Cypherpunks, > >Ray Dillinger believes that scanning would assist oppressors as > much as regular users. Joseph Ashwood agrees with this and further > thinks that the Internet overhead of a scanner would be a serious > problem. > The problem is this: there's no way that you can set this up so that random users can find gnutella servers and LEOs can't. No way, impossible, give up. >I still think that scanners would be effective. Here's why: > >Gnutella still exists, Napster doesn't! Security does not have to be > bulletproof in all cases. Gnutella is a harder target than was Napster. > There may be other reasons why Gnutella is alive and Napster is dead. > I would think the ability to pin blame on the target might be another > reason. > Right. Napster is an entity, Gnutella is a protocol. >A scan enabled Gnutella would be a much harder target than a central > service provided Gnutella. The scan enabled version would be much harder to > shut down due to various kinds of expenses - legal, administ- > rative, politics, etc.. Not impossible to shut down - just harder, > slower, and with various expenses we would like the oppressors to pick > up :-) > No. The scan version would make it a little harder for everyone to find the first gnutella server to connect to, and that's all it would do. The only way a scan version would make any sense would be if it somehow became illegal to post a list of gnutella servers while it remained legal to actually run a gnutella server, a situation so bizzare I don't think it merits discussion. >As far as Joseph Ashwood's claim that the Internet overhead would be > too much. Is his point exaggerated? Would it be possible to write low > overhead scanners? I do not have the "skill set" to say. Maybe he is > right, maybe not. Anybody got something definitive to say on this? > > Yours Truly, > Gary Jeffers > Atwood's numbers are based on estimates as to how many people want to use scanners, and the fact that they're pretty likely to hit the same set of addresses. If you're the only one using a scanner, it won't be much of a burden on anyone. It really wouldn't be difficult to write one. Here's the URL of the protocol spec http://www.gnutelladev.com/protocol/gdnp.html basically, all you have to do is send it a UDP packet saying 'GDNP CONNECT/0.10\n\n' and see if you get back 'GDNP OK\n\n' it may be worth your while just to see if you can get it to work as an excercise. If you're running your own server and just look at your own IP address (use 127.0.0.1 if you don't know it) you can play with it without affecting the outside world. George > BEAT STATE!!! > > > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp > >
Gnutella scanning instead of service providers.
My fellow Cypherpunks, Ray Dillinger believes that scanning would assist oppressors as much as regular users. Joseph Ashwood agrees with this and further thinks that the Internet overhead of a scanner would be a serious problem. I still think that scanners would be effective. Here's why: Gnutella still exists, Napster doesn't! Security does not have to be bulletproof in all cases. Gnutella is a harder target than was Napster. There may be other reasons why Gnutella is alive and Napster is dead. I would think the ability to pin blame on the target might be another reason. A scan enabled Gnutella would be a much harder target than a central service provided Gnutella. The scan enabled version would be much harder to shut down due to various kinds of expenses - legal, administ- rative, politics, etc.. Not impossible to shut down - just harder, slower, and with various expenses we would like the oppressors to pick up :-) Also, with lack of centralization, it would be much harder to pin legal blame on the servers(users). - Much harder, slower, and politically expensive. This is generally a sort of economics problem for oppressors. As far as Joseph Ashwood's claim that the Internet overhead would be too much. Is his point exaggerated? Would it be possible to write low overhead scanners? I do not have the "skill set" to say. Maybe he is right, maybe not. Anybody got something definitive to say on this? Yours Truly, Gary Jeffers BEAT STATE!!! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
Re: Gnutella scanning instead of service providers.
"Gary Jeffers" <[EMAIL PROTECTED]> writes:
>Would it be possible to write some kind of scanner that would look
> at an ISP, say for example, htc.net and display all the Gnutella users
> there? We seem to be over the "fax effect" (a Snelling point?)
It's a one liner with the fairly standard UNIX tools that ship with
OpenBSD and at least SuSE Linux.
$ for i in `host -a -l -vv htc.net | grep ppp | awk '{print $5}'`; do nc -w 2 -z $i
6346; done
(you can of course run gnutella on ports other than 6346)
--
1024/D9C69DF9 steve mynott [EMAIL PROTECTED]
too many pieces of music finish too long after the end. igor stravinsky
The secret knock, the red carnation (Re: Gnutella scanning instead of service providers.)
On Wed, 22 Aug 2001, Gary Jeffers wrote: > If a scanner were written and widely deployed, then I think that >the problem of crushing Gnutella would be at least a magnitude harder. >Maybe the Gnutella support sites would promote and distribute such >a scanner? You can always use the following method: Participating Nodes listen on random (UDP, say) ports for "I'm here" and "Gimme a pointer" queries. When booting your Node, it randomly sends "Gimme a pointer" messages to random IP addresses/ports until a helpful Participating Node is found, who shares the indexing info he has. Or if you are worried about exposure when a Fed/RIAA/MPAA box receives such a query from your machine: Nodes could instead listen for contacts on an 'uninteresting' port like TCP/80, and disguise queries as innocent looking requests. (You'll note resemblances to Code Red IIS-exploits...) Note also similarities to how spooks arrange to meet in public places... with a deniable nonsuspicious introduction
Gnutella scanning instead of service providers.
My fellow Cypherpunks, It has been stated that Gnutella is completely decentralized. This is not so. In order to get started with a Gnutella search, you need to use a Gnutella search provider to find Gnutella groups. Would it be possible to write some kind of scanner that would look at an ISP, say for example, htc.net and display all the Gnutella users there? We seem to be over the "fax effect" (a Snelling point?) magnitude where automated hunting for Gnutella users would be practical. Also, maybe the scanner could search thru various ISP's as well as particular ones. If it did close ISPs 1st, then it could help with the efficency of file searches. Also, note that Gnutella deals in files - ANY kind of files. I suppose that most? Cypherpunks know that - but just to be sure. If a scanner were written and widely deployed, then I think that the problem of crushing Gnutella would be at least a magnitude harder. Maybe the Gnutella support sites would promote and distribute such a scanner? Yours Truly, Gary Jeffers _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
