Re: kazaa, dante, and iptables
From: Alex 'CAVE' Cernat (cave@punctro.net)
Date: 11/28/02
- Previous message: Michael: "Re: iptables REJECT types for UDP (if any)"
- In reply to: John Allman: "kazaa, dante, and iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Nov 2002 10:34:12 +0200 From: Alex 'CAVE' Cernat <cave@punctro.net> To: focus-linux@securityfocus.com
> Now, at first i thought just allowing access to destination ports
> 1214, both tcp and udp would be enough but that wasn't getting me
> diddly. i stopped the client from attempting to use the proxy and did
> a tcpdump to see what it was up to. As it started up it began sending
> a lot of udp packets with source port 1214 out. The destination ports
> were always different but usually somewhere above 3000.
kazaa version 1 always use port tcp/1214 for downloading files ( its a
http connection with some specific headers, but you can just browse the
'victim' shared files and download, even you are not connected to k.
network - personally tested on k. 1.2.5 i guess )
kazza version 2 seems to auto-negotiate an arbitrary port ( maybe, like
you said, somewhere near or above 3000 )
Alex
- Next message: Russ Dill: "Re: iptables REJECT types for UDP (if any)"
- Previous message: Michael: "Re: iptables REJECT types for UDP (if any)"
- In reply to: John Allman: "kazaa, dante, and iptables"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
