Gnutella Forums

Gnutella Forums (https://www.gnutellaforums.com/)
-   General Gnutella / Gnutella Network Discussion (https://www.gnutellaforums.com/general-gnutella-gnutella-network-discussion/)
-   -   Strange Host finding whilst using Gnucleus - proxy originator detection? (https://www.gnutellaforums.com/general-gnutella-gnutella-network-discussion/99979-strange-host-finding-whilst-using-gnucleus-proxy-originator-detection.html)

Lord of the Rings February 21st, 2012 07:39 PM
Strange Host finding whilst using Gnucleus - proxy originator detection?
 
1 Attachment(s)
I was using Gnucleus 1.8 and checked the network connection details via Browse Network tool.

Something I had never seen before was a second address listed below another with a + sign. And over time, the one with the + beside it kept following the other above it. My first thought was the host was connected via UDP or some other form of special connection. That was until I checked the origin of the ip addresses which suggests one was a spammer.

The first address checks out as being from Kazakhstan. This is rather typical of spammers to grab addresses from world-wide. The second address checks out as being from New Jersey, USA.

Does this suggest Gnucleus 1.8 is able to see-through the proxy approach of this particular spammer? Perhaps I am totally wrong about this. But if someone could shed some light on this I would be interested to know.

The sample image below I have blocked the other host addresses with 1's for privacy reasons: (you will also notice the port 27016 of a couple of other spam hosts)

Attachment 5829

If this is a spammer and this (+) was their host address of origin, then perhaps this process of discovery could be used somehow to blocking spammers from their origins?

GWebCache could be used two ways. One for relaying up-to-date spam information. Just a thought. But it's a thought that's been in my mind for the past couple of years loosely based on what I would do if I designed my own client (yes I have lots of silly notes lol.) Though my thought was direct passing of such information by specialist peers or a combination since it needs a collation and control point somewhere, or does it. Such a site(s) would help with the rapid network-wide transfer of such information. I guess in a similar way bootstrap servers work, getting data to the clients as soon as they arrive on the network.
(And LimeWire 5 Pro had their anti-virus definitions updates as soon as they connected to the network, so possibly another comparable passing of information for spam data.)


All times are GMT -7. The time now is 08:58 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.