Comment Ah yes (Score 1) 353
Sorry my mistake. I didn't realise that gnutella clients send back your IP address in response to ping requests (I haven't got that far yet).
But after thinking about it for a while I am still confused why gnutella doesn't use the unique message ID for identification instead of IP addresses. Of course the IP address has to be used for the final act of data transfer but where is the sense of giving out your IP to everyone else?
The message ID consists of a random 16 byte value - a not so quick calculation puts that at 3.2e+38 possible values. The chances of two people having the same message ID are virtually zero and as for spoofing, well you don't have to spoof on gnutella you can just make a client to listen to everything. I guess this could have some possible security problems from a spamming point of view though.
If my idea is flame bait then flame ahead, i'd be interested in your view.
But after thinking about it for a while I am still confused why gnutella doesn't use the unique message ID for identification instead of IP addresses. Of course the IP address has to be used for the final act of data transfer but where is the sense of giving out your IP to everyone else?
The message ID consists of a random 16 byte value - a not so quick calculation puts that at 3.2e+38 possible values. The chances of two people having the same message ID are virtually zero and as for spoofing, well you don't have to spoof on gnutella you can just make a client to listen to everything. I guess this could have some possible security problems from a spamming point of view though.
If my idea is flame bait then flame ahead, i'd be interested in your view.
