Firewall Wizards mailing list archives
False uploads through NAPSTER
From: James Rowley <James.ROWLEY () edin uk sykes com>
Date: Mon, 21 Feb 2000 09:20:55 -0000
Hi folks, Something that always puzzles me is that there must be a way to upload other files than MP3's through Napster by changing the file extension to .mp3 I tried this & it didn't work, however there simply must be a way to fool Napster into thinking that it is uploading an MP3 by embedding the correct information within the file. Any thoughts?? Regards, James Rowley Webevent - http://www.altern.org/webevent/webevent Web Freelancer WML, FLASH4, SQL, Perl, HDML, DIRECTOR 7, PHP4 -----Original Message----- From: Robert Graham [mailto:robert_david_graham () yahoo com] Sent: 17 February 2000 01:22 To: Andrew Scoggins; firewall-wizards () nfr net Subject: Re: Killing Napster I looked at this a while ago. It appears that clients create an outgoing connection to the directory server. If the client is behind a firewall (no inbound connections) but somebody wants to download a file from your machine, then the Napster directory server tells you (across the control connection) to contact that user and send him the file. The upshot is that if only one of you is behind a firewall, you can exchange files. If BOTH of you are behind firewalls, you can't. In any case, Napster is a social protocol. It's key feature is not that it can download MP3s (FTP and HTTP can do that), but forces the user (with near Nazi tactics) to provide files for upload. Consequently, it improves the signal/noise ratio for users wanting to download files. Now that people have published the protocol, it will only be a matter of time before someone creates a version of Napster without the draconian publishing requirements. This will ultimately destroy the Napster community, as people stop sharing files. But, either Napster or some other program will rise in its place with a more private protocol. After September, it may even use RSA/SSL, which will begin to make our lives much harder. Anyway, blocking outgoing TCP connections to port 6699 (napster directory server) should fix the problem. --- Andrew Scoggins <scoggins () progress com> wrote:
Hello all, I am currently looking into killing the MP3 Program Napster. A user told me that he had been using it inside the firewall to download files on an external Napster server. He assumed he was safe because he was behind the firewall, but soon discovered that other users were downloading from his machine. My guess is that Napster establishes a connection from client to server that is used for uploads AND downloads. So, the burning question is, has anyone blocked Napster by specifying the destination port (which I haven't figured out yet) going out? I am not running an application level firewall, so I can only do it by port. Thanks for any help. I also post other info as I find it. Andy -- =-=-=-=-=-=-=-=-=-=-=-=-=-= Andy Scoggins Network Analyst Progress Software scoggins () progress com =-=-=-=-=-=-=-=-=-=-=-=-=-= Information security is Y2K without the deadline.
===== Robert Graham http://www.robertgraham.com/pubs __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Current thread:
- False uploads through NAPSTER James Rowley (Feb 21)
- Re: False uploads through NAPSTER Nicolas FISCHBACH (Feb 23)
- <Possible follow-ups>
- Re: False uploads through NAPSTER Robert Graham (Feb 23)