I am a bit of a newbie to gnutella. I am posting this for the benefit of other newbies, who may have missed the opriginal dialogue. (hope the formatting comes out ok from this cut-and-paste)
I was curious to receive some text files in my gnutella transfers detailing contentious issues surrounding the BearShare client and it's rude but now famous developer, Vinnie.
So I looked up the mentioned sites on the web and tried to make some sense out of it.
Here is the result:
Summary of http://www.gnutellaforums.com/showthread.php?threadid=358
----- Summary of first article -----------
This article is in fact a reposting of an entire thread
because Vinnie deleted the thread previously
------------------------------------------
"Spy Packets not Onflow message being passed around"
Posted by Stacker (Guest) on May-08-01 at 06:16 AM
[snip intro]
Bearshare sends out secret packets and passes them around the Gnutella Network disguised as search replies. Bearshare filters them so you don't see them! You need a special program to see them! They can't be easly tracked back to their source!
[snip conjecture]
I found these messages on a public forum called the "gdf" where developers hang out:
From: Nate Date: Sat Apr 21, 2001 6:00am
Subject: Strange Query Hit packets
While working on some routines, I found a strange scrambled packet, it's
always 175
bytes and very well formatted for Gnutella. Any idea what this is? The
IP address is never correct in the packet. Here's a sample I captured:
----------------- Query Hit Data
01 B4 16 16 B4 F2 48 38 00 00 00 01 00 00 00 AF .4..4rH8......./
00 00 00 A1 B3 D0 A9 E0 99 A0 B1 FF FE D9 EF 93 ...!3P)`. 1.~Yo.
EE C5 91 D5 80 85 AA B0 F2 97 E3 F6 CD BD D2 A1 nE.U..*0r.cvM=R!
A0 F9 C2 A9 94 8F D0 EE D6 C0 BA EE BE CA B9 DF yB)..PnV@:n>J9_
A2 A9 8B B9 88 AE E9 95 C4 D9 AB 99 F1 E4 B6 B7 ").9..i.DY+.qd67
F8 D0 97 9C 86 C9 D9 F8 8B 87 AA B9 DF C9 A1 B5 xP...IYx..*9_I!5
D3 E4 C8 95 CD BF 98 CB E7 E5 8E 91 E0 C7 B3 C4 SdH.M?.Kge..`G3D
AF 87 CE 82 94 C6 BF FF EF 92 A6 D9 A3 E4 B8 90 /.N..F?.o.&Y#d8.
AF EF B7 A8 E3 E6 E4 D7 96 DC 85 F9 8E FE 88 93 /o7(cfdW.\.y.~..
CA 83 A5 BC C9 BD 9E DF FC C2 A6 CE C0 00 00 53 J.%U-.r.sq6gTm.
----------------- Bytes = 175
[snip more example packets]
normal packet for reference:
----------------- Query Hit Data
04 CA 18 41 A2 C8 68 00 03 00 00 9A 00 00 00 60 .J.A"Hh........`
E9 18 00 4B 6F 72 6E 20 2D 20 49 73 73 75 65 73 i..Korn - Issues
20 2D 20 31 37 20 2D 20 48 69 64 64 65 6E 20 54 - 17 - Hidden T
72 61 63 6B 2E 6D 70 33 00 00 44 01 00 00 C7 C2 rack.mp3..D...GB
95 00 72 61 67 65 20 61 67 61 69 6E 73 74 20 74 ..rage against t
68 65 20 6D 61 63 68 69 6E 65 20 2D 20 30 31 20 he machine - 01
2D 20 62 6F 6D 62 74 72 61 63 6B 2E 6D 70 33 00 - bombtrack.mp3.
00 9D 02 00 00 00 D0 58 00 44 61 76 65 20 4D 61 ......PX.Dave Ma
74 74 68 65 77 73 20 42 61 6E 64 20 2D 20 42 65 tthews Band - Be
66 6F 72 65 20 54 68 65 73 65 20 43 72 6F 77 64 fore These Crowd
65 64 20 53 74 72 65 65 74 73 20 2D 20 31 30 20 ed Streets - 10
2D 20 54 72 61 63 6B 20 31 30 2E 6D 70 33 00 00 - Track 10.mp3..
89 00 00 00 AB C5 47 00 4B 6F 72 6E 20 2D 20 46 ....+EG.Korn - F
6F 6C 6C 6F 77 20 54 68 65 20 4C 65 61 64 65 72 ollow The Leader
20 2D 20 32 36 20 2D 20 20 28 48 69 64 64 65 6E - 26 - (Hidden
20 54 72 61 63 6B 29 20 43 68 65 65 63 68 20 26 Track) Cheech &
20 43 68 6F 6E 2E 6D 70 33 00 00 42 45 41 52 01 Chon.mp3..BEAR.
00 18 00 01 02 00 00 00 00 00 AF 8C 30 D4 1E 46 ........../.0T.F
CE 59 FF 83 94 41 60 5F 8A 00 XX XX XX XX XX XX NY...A`_..
----------------- Bytes = 298
I was curious to receive some text files in my gnutella transfers detailing contentious issues surrounding the BearShare client and it's rude but now famous developer, Vinnie.
So I looked up the mentioned sites on the web and tried to make some sense out of it.
Here is the result:
Summary of http://www.gnutellaforums.com/showthread.php?threadid=358
----- Summary of first article -----------
This article is in fact a reposting of an entire thread
because Vinnie deleted the thread previously
------------------------------------------
"Spy Packets not Onflow message being passed around"
Posted by Stacker (Guest) on May-08-01 at 06:16 AM
[snip intro]
Bearshare sends out secret packets and passes them around the Gnutella Network disguised as search replies. Bearshare filters them so you don't see them! You need a special program to see them! They can't be easly tracked back to their source!
[snip conjecture]
I found these messages on a public forum called the "gdf" where developers hang out:
From: Nate Date: Sat Apr 21, 2001 6:00am
Subject: Strange Query Hit packets
While working on some routines, I found a strange scrambled packet, it's
always 175
bytes and very well formatted for Gnutella. Any idea what this is? The
IP address is never correct in the packet. Here's a sample I captured:
----------------- Query Hit Data
01 B4 16 16 B4 F2 48 38 00 00 00 01 00 00 00 AF .4..4rH8......./
00 00 00 A1 B3 D0 A9 E0 99 A0 B1 FF FE D9 EF 93 ...!3P)`. 1.~Yo.
EE C5 91 D5 80 85 AA B0 F2 97 E3 F6 CD BD D2 A1 nE.U..*0r.cvM=R!
A0 F9 C2 A9 94 8F D0 EE D6 C0 BA EE BE CA B9 DF yB)..PnV@:n>J9_
A2 A9 8B B9 88 AE E9 95 C4 D9 AB 99 F1 E4 B6 B7 ").9..i.DY+.qd67
F8 D0 97 9C 86 C9 D9 F8 8B 87 AA B9 DF C9 A1 B5 xP...IYx..*9_I!5
D3 E4 C8 95 CD BF 98 CB E7 E5 8E 91 E0 C7 B3 C4 SdH.M?.Kge..`G3D
AF 87 CE 82 94 C6 BF FF EF 92 A6 D9 A3 E4 B8 90 /.N..F?.o.&Y#d8.
AF EF B7 A8 E3 E6 E4 D7 96 DC 85 F9 8E FE 88 93 /o7(cfdW.\.y.~..
CA 83 A5 BC C9 BD 9E DF FC C2 A6 CE C0 00 00 53 J.%U-.r.sq6gTm.
----------------- Bytes = 175
[snip more example packets]
normal packet for reference:
----------------- Query Hit Data
04 CA 18 41 A2 C8 68 00 03 00 00 9A 00 00 00 60 .J.A"Hh........`
E9 18 00 4B 6F 72 6E 20 2D 20 49 73 73 75 65 73 i..Korn - Issues
20 2D 20 31 37 20 2D 20 48 69 64 64 65 6E 20 54 - 17 - Hidden T
72 61 63 6B 2E 6D 70 33 00 00 44 01 00 00 C7 C2 rack.mp3..D...GB
95 00 72 61 67 65 20 61 67 61 69 6E 73 74 20 74 ..rage against t
68 65 20 6D 61 63 68 69 6E 65 20 2D 20 30 31 20 he machine - 01
2D 20 62 6F 6D 62 74 72 61 63 6B 2E 6D 70 33 00 - bombtrack.mp3.
00 9D 02 00 00 00 D0 58 00 44 61 76 65 20 4D 61 ......PX.Dave Ma
74 74 68 65 77 73 20 42 61 6E 64 20 2D 20 42 65 tthews Band - Be
66 6F 72 65 20 54 68 65 73 65 20 43 72 6F 77 64 fore These Crowd
65 64 20 53 74 72 65 65 74 73 20 2D 20 31 30 20 ed Streets - 10
2D 20 54 72 61 63 6B 20 31 30 2E 6D 70 33 00 00 - Track 10.mp3..
89 00 00 00 AB C5 47 00 4B 6F 72 6E 20 2D 20 46 ....+EG.Korn - F
6F 6C 6C 6F 77 20 54 68 65 20 4C 65 61 64 65 72 ollow The Leader
20 2D 20 32 36 20 2D 20 20 28 48 69 64 64 65 6E - 26 - (Hidden
20 54 72 61 63 6B 29 20 43 68 65 65 63 68 20 26 Track) Cheech &
20 43 68 6F 6E 2E 6D 70 33 00 00 42 45 41 52 01 Chon.mp3..BEAR.
00 18 00 01 02 00 00 00 00 00 AF 8C 30 D4 1E 46 ........../.0T.F
CE 59 FF 83 94 41 60 5F 8A 00 XX XX XX XX XX XX NY...A`_..
----------------- Bytes = 298