Gnutella Forums

Gnutella Forums (https://www.gnutellaforums.com/)
-   Open Discussion topics (https://www.gnutellaforums.com/open-discussion-topics/)
-   -   Lime Wire Problem (https://www.gnutellaforums.com/open-discussion-topics/2552-lime-wire-problem.html)

rrauck July 19th, 2001 05:00 PM
Lime Wire Problem
 
It appears that my computer contact info found it's way onto the Lime Wire Gateway Server. I was told this by a Lime Wire user that I traced after a probe of my system (one of many) reported by my Firewall software. I understand, from reading documentation on the site, that users log into the server and use information posted there to locate other users. I have reason to believe that hackers are experimenting with using the Gnutella network to focus a number of computers on probing a specific machine, perhaps to try to tie up communication bandwidth. They may be looking for a denial of service tool.

I have never had this Limewire (or similar) software on my machine. If my computer contact information is on the Gateway server (and I don't understand how that works) it is getting there via some site spoofing the system (if that is the right terminology). I wonder if there is any way the server can filter out my information to keep it off the system so I am not bombarded with computer probes?

I'm not sure that any of what I've said makes sense. I really only know that I feel like I am in Times Square at rush hour with all the attempted probes of my computer.

rrauck July 20th, 2001 04:36 AM
Lime Wire Problem
 
I now understand a bit more about my problem. One of the features of the Ping and Pong messages that are a key component of Gnutella software functionality is returning IP addresses of other on-line servents to peer computers. This conceptually fits into the scheme for maximum visibility of available servents but it is an open invitation to malicious sites to broadcast IP addresses of sites they want to harass. I see, from reading the technical papers on the Lime Wire site, that this problem is recognized and attempts are being made to deal with it. I see no evidence of a short term solution.

I believe, and I am not clear on this point, that information on IP addresses of available on-line servents is passed from user to user rather than fed only to the router and only viewable there. If this is true, there is no way for the router to directly filter IP address lists to remove nonmember's info and prevent harrasment. There would be no way to trace individual IP addresses to locate the site responsible for the abuse. Hackers must be licking their chops over this ready source of denial of service resources. We have a saying where I grew up that covers this situation: "The fox is in charge of the hen house".

The distributed character of the Gnutella model is its greatest strength and worst weakness. The servent software needs to track other servents with a tag in addition to the IP address (computer network name?) that is fixed so that a distributed filtering scheme could be applied to remove abused sites found on a list received from the Gateway router at log-on. I don't know if this is practical but it is the only solution I can see. If this Gnutella network ever grows to millions of machines, it will threaten the entire internet if changes are not made.


All times are GMT -7. The time now is 11:21 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.