how kazaa works the inner workings of kazaa and other peer-2-peer technologies by troy jessup
Post on 30-Dec-2015
212 Views
Preview:
TRANSCRIPT
How Kazaa Works
The inner workings of Kazaa and other Peer-2-Peer technologies
By Troy Jessup
Terms of Use
• Use of this presentation is granted to education and non-profit entities for education in security topics as described herein. The following limitations and restrictions apply:– The content of this presentation remain unchanged from its
original published format, except for updates to the content for accuracy or current tactics/trends
– Any changes made to the presentation are understood to not be the original work of the author, and noted in the presentation as such.
– Credit to the author is retained as-is in the original presentation format.
– Use by “for profit” or “commercial” entities must be granted permission by the author, and are subject to further restrictions.
About the Author
• Troy Jessup (CISSP)
– Sr. Security Analyst for the Utah Education Network
– Security Professional for 6 years– Author of Security related articles and
information available free to the public at the URL listed below.
– Updates to this and other presentations are available via the website: http://www.ndnn.org/blog
The History
• Kazaa Version 1– Basic Design in Peer to Peer (P2P)– Followed in the footsteps of Napster– Static use of Port 1214/TCP for access
The Present
• Kazaa Version 2– Basic Design in Peer to Peer (P2P)– Follows in the footsteps of Gnutella and
Napster– Dynamic use of Port nearly ANY port for
access– Block and Firewall Evasion Built in.
How Kazaa v2 Works
Kazaa Client on your Network
The Kazaa Network
Kazaa Client on a Remote Network
Normal File Sharing Concept for Kazaa Version 2
File List
This Client Registers itself on Port 1214/TCP
with the Kazaa Network
This Client Sends a List of Shared Files
to the Network
This Client Searches for a File
which the other client has availableThe Network
Responds with a Client ID to connect
to for the file
The Client Initiates a Connection to the
Hosting Client
This client Responds to the
request and sends back the file
File List
How Kazaa v2 Works – Blocked From the Outside
Kazaa Client on your Network
The Kazaa Network
Kazaa Client on a Remote Network
What Happens if we Try to Block Port 1214/TCP
This Client Registers itself on Port 1214/TCP with the Kazaa Network
This Client Sends a List of Shared Files to
the Network
This Client Searches for a File
which the other client has available
The Network Responds with a
Client ID to connect to for the file
The Client Initiates a Connection to the
Hosting Client and is Blocked
This client PUSHES the File to the other
Client
Firew
all
X
This Client Tells the Network that
the Host is Blocked
As part of the KeepAlive, The
Network Sends a Msg to the Client
File List
How Kazaa v2 Works – Blocked From the Inside and Outside
Kazaa Client on your Network
The Kazaa Network
Kazaa Client on a Remote Network
What Happens if we Try to Block Port 1214/TCP Outbound
This Client Registers itself on Port 80/TCP with
the Kazaa Network
This Client Sends a List of Shared Files to
the Network
This Client Searches for a File
which the other client has available
The Network Responds with a
Client ID to connect to for the file
The Client Initiates a Connection to the
Hosting Client and is Blocked
This client PUSHES the File to the other
Client
Firew
all
X
This Client Tells the Network that
the Host is Blocked
As part of the KeepAlive, The
Network Sends a Msg to the Client
X
Tries to get out on Ports:1214/TCP - BLOCKED
1215/TCP - BLOCKED3536/TCP - BLOCKED
MANY OTHERS/TCP – BLOCKED
It will Try Hundreds of Ports Including: 80,53,1024,etc etc etc
The Future
• Kazaa Version 2– Has Basic Block and Firewall Evasion– There are only a few options available for
blocking Kazaa v2• None of which are easy to implement• Most Cost Money
– Kazaa v3 is expected to make it even harder to block P2P traffic
– Kazaa is Expected to take up more bandwidth than Web Traffic in the coming years
top related