Can Gnutella be blocked by an ISP?

[JEGL]

I read an article in CNET mentioning that the RIAA is talking to ISPs to shut down Napster like services specifically OpenNap in the US and abroad. They suggest that Gnutella is next in their list. I'm fairly technical but I do not know if Gnutella can be shut down/blocked trough an ISP. Although I don't really get MP3s this highly concerns me since I use Gnutella a lot to obtain information on different topics.

The link is http://news.cnet.com/news/0-1005-200-4925360.html

Is this true? What are your thoughts?.

well, they could of course block the standard Gnutella port.
But as most, if not all, servents are configurable in that point, it would only be a matter of time (days, at most weeks) until the community has agreed to use a different standard port.
And the ISPs can't just continue closing the new ports, as this would hinder the normal web-surfers, too.

[ryan15575]

Right now most people use Port 6346. If this port if blocked for you, you won't be able to download from people using that port. However, you can use any port if you like...

Port 5190 or 8080 should be the standard as they are rarely used, but are used enough that they wouldn't be blocked. 5190 is the port AOL's Instant messenger, and ICQ uses.

Also, an ISP that blocks all incomming connections would extremely limit the functionality of any type of server, but that's very unlikely to happen.

Browsers use ports in the 2000 and 4000 number range for connections BACK from the server sometimes, so you could use them as they would probably not be blocked.

A ISP guy told me that is too lame a way and its easier for them to throttle you, then you don't get all upset, just get crappy bandwidth, you can't complain because what you are doing is against the ISP's rules, so everyone is happy.

So when you see your speed drop down, you probably know what is going on. If it's 56k dial up, don't worry about it, no one cares.

The problem is with the ISP's, if your ISP caves into this crap without a court ordered warrant, drop their aasssses and get a new one that day. Then post everywhere and give that ISP bad PR, they will get the message real fast.

Go get a free ISP and really stick it to them, get several so you have as many hours as you want. Get a extra line and run Gnutella 24/7 and really show off!

The RIAA depends on whimps that don't know law to get their way. Know your rights, raise hell about anyone that tries to violate your rights and you will be OK.

[ryan15575]

I've got to say, I'm a Cisco certified network technician and I've got no idea what you're talking about... A browser uses the ports each protocol uses. So for web browsing, *only* port 80 is used. For FTP, port 23, etc.

This port 2000 & 4000 stuff is nonsense and I've no clue where you got that idea from.

Quote:

Originally posted by ryan15575
I've got to say, I'm a Cisco certified network technician and I've got no idea what you're talking about
This port 2000 & 4000 stuff is nonsense and I've no clue where you got that idea from.

maybe its time to stop reading books from barnes and noble and try some real world stuff like monitor some TCP packets certification only means you kissed some corporate *** so you could try to get more $$ anyone can pass a written test if they can memorize stuff.
sorry, but this certification stuff upsets me because i know some bone heads that mess things up real bad and have "certification", then I have to go fix it they do pay me the bigger bucks though, but it still upsets me that i go and fix this simple stuff.
port 80 is on the server side, not the client thats not in your book now is it?

[ryan15575]

It doesn't matter what you think you know... Most firewalls do block everything but the common ports. 80, 23, etc. Not leaving either of the ports you mention open, with no problems at all.

I agree with you that certification doesn't mean much, but I do know what I'm talking about as I set up firewalls, routers, and so forth. Always only leaving open the public ports, and a few private ones for AIM and the like.

My current firewall settings... Notice no open 2000 or 4000.

Starting nmap V. 2.53 by fyodor@insecure.org ( www.insecure.org/nmap/ )
Interesting ports on (10.150.10.64):
(The 1499 ports scanned but not shown below are in state: filtered)
Port State Service
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
25/tcp open smtp
43/tcp open whois
53/tcp open domain
70/tcp open gopher
80/tcp open http
109/tcp open pop-2
110/tcp open pop-3
119/tcp open nntp
441/tcp open decvms-sysmgt
442/tcp open cvc_hostd
443/tcp open https
554/tcp open rtsp
648/tcp open unknown
820/tcp open unknown
821/tcp open unknown
822/tcp open unknown
823/tcp open unknown
1080/tcp open socks
1433/tcp open ms-sql-s
5190/tcp open aol
8080/tcp open http-proxy

There it is, 8080 and your browser looks for that one or any open one like in the 3000's or 2000's it can get when it needs it unless you tell it to use a proxy then you restrict it as what to use.
Nice you leave ftp open for me to hack in, and that mail server, nice! Thanks.
You are not serving http docs so why leave 80 open?
pop3 too how nice for me.
Your firewall is set up for a server, you better quit that crap. Who said to do that? Do these people you work for know you are doing it that way?
I was hoping you would find out for yourself, but I will spell it out, go get on a linux box, dial in (no firewall please), start netscape, browse for a while, open a shell, type "netstat -n" and post the first few lines here for us and tell us all about it. Think before you type, please!
Linux is a firewall, so you don't need one. Windows is the only reason for a firewall because it stinks as a real OS, or you may want one just if you are paranoid.
Glad you are learning, but remember you will never know it all. Read the man page on netstat and show us what you can do with it.

[ryan15575]

Quote:

Nice you leave ftp open for me to hack in, and that mail server, nice! Thanks. You are not serving http docs so why leave 80 open? pop3 too how nice for me. Your firewall is set up for a server, you better quit that crap. Who said to do that? Do these people you work for know you are doing it that way?

You really need to calm down... The firewall is set up to accomodate several hundred servers and thousands of workstations. Is that good enough of an answer for you? ftp, http, ssl, and pop3 are open because they need to be open. You take me for an idiot and that's only your first mistake. Besides, from what I've heard from you so far, you sound like you couldn't break into even a Windows box, with or without any firewall.



I am not a windows user, on 90% or my own machines I'm running OpenBSD 2.8, while I only have one Windows NT 4 box I access over VNC and a couple Slackware Linux 7.1 (and one 3.3) boxes.



If you'd like the output of netstat, fine, but I think this discussion wouldn't go anywhere. My own system, with netstat, tcpdump, snort, and so forth, doesn't report a single port 2000-5000 being used at all, so I renew my original statement.


And perhaps you will take your own advice.

[SRL]

Every connection has TWO endpoints - a source and a destination. While it's true your browser usually connects to web servers on port 80 (though a server can run on any port), that's just the outbound endpoint. The local side of the TCP/IP connection will be on a random port above 1024.

A firewall can block all outbound packets except those to port 80 and web surfing will still work. However try blocking all inbound packets except to port 80 and you'll be in trouble. "Stateful" firewalls keep track of the outbound connections and allow these inbound packets automatically. "Stateless" firewall don't so you have to leave these ranges open for inbound packets.

Also FTP, in particular requires uses inbound connections to higher ports when not in "passive" mode (making it unlikely for an ISP to block these ranges).

Actually, as long as you're not running a web server on your PC you could actually use 80 or some other common port for Gnutella - it'll work just as well and be very hard for an ISP to block.