Archive for May, 2006

Port forwarding on OpenBSD

Monday, May 29th, 2006

I’ve never used OpenBSD, but I’ve heard that the BSD-flavours are great for routing (using a physical box).

Since the support subforum is purged after two weeks, I thought a nice “guide” to do port forwarding on a OpenBSD box was in place.

Disclaimer: I have no tried this but considering ‘Slycer’ did it (and assuming he/she didn’t leave anything out), I have no reason to doubt.

(The code is a copy-paste from Slycer’s configure file.)

# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.31 2006/01/30 12:20:31 camield Exp $
#
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.

# — MACRO section
# — Change ext_ip to your external IP (www.whatismyip.com eg)
ext_if = rl0
int_if = rl1
ext_ip = “111.111.111.111″

# — Write here the internal IP the box you want to forward the port to
Dc = “192.168.0.1″

# — Write here which ports you wish to forward
DcUDP = “1111″
DcTCP = “2222″

# — OPTIONS section
set skip on lo0
set skip on $int_if

# — TRANSLATION (NAT/RDR) section
nat pass on $ext_if inet from any -> $ext_if

rdr pass on $ext_if proto { tcp, udp } from any to any port { $DcTCP, $DcUDP } -> { $Dc }

# — FILTER section

# — default policy
block log all

# — EXTERNAL INTERFACE RULES
pass out quick on $ext_if inet all keep state

You should then input your external IP in DC++ and then input the DcUDP/DcTCP ports in DC++.

Money and DC++

Wednesday, May 24th, 2006

While going through the forum, looking for interesting things to blog about, I noticed a thread by Ali;

If you had to pay for DC++, how much would you be willing to pay? A slightly
different angle: How much do you think it is *worth*?

The thread was started 2003-06-23, and I probably wouldn’t have paid for it back then. But now… If I were forced, I probably would.

A question that arose from the thread was; Who should get the money? A lot of people have been a part of the DC++ project; patching, supporting and general assistance. Is it “fair” that Sieka recieves money for things that a lot of other people have helped put together? Is it “fair” because he did the initial framework and everyone else “just got on the wagon”? I’m not sure if I would feel comfortable if I were to recieve money all of a sudden. Don’t get me wrong, I like money, but getting money for something that I enjoy doing… Wouldn’t that make me a whore? I know Pederzani has said he wouldn’t accept money “to do features” and I don’t think I would either.

What do you think? Is DC++ worth any money by today’s standards? If so - Who do you think should get them?

Ports in ADC and NMDC C-C

Tuesday, May 23rd, 2006

If you’ve checked your netstat lately, you will notice a port that is opened that you haven’t explicitly specified. But if you look closely, it is the port you’ve specified under Connection settings+1. (That is, you’ve entered 9999 in Settings, port 9999 and 10000 will be opened and ready for listening.)

I don’t want you to get alarmed here now, because this has nothing to do with “sending information about you and your computer” (aka spyware).

The port you have specified in Settings is the port that will be used in NMDC client-to-client connections. The “port+1″ port, will be used in ADC client-to-client connections.

Why can’t they use the same port? Well, the answer came from the master; The idea of using the same port in both protocols is of course great, the problem is the implementation of said idea. The implementation is basically just so difficult that there is little to gain.

I was poking around in the source code and I think I found the lines where “port+1″ is executed; Line 69 in ConnectionManager.cpp: lastPort++; firstPort = lastPort; Set here firstPort to something else than lastPort.

0.69 is out!

Monday, May 22nd, 2006

0.69 is out! I urge people to upgrade. The version contain three security fixes, two of which I know have been exploited in the wild.

Installer, .zip and source.

Notice; * Removed support for generating NMDC-style file lists (old clients won’t be able to download from you)
This means that people that are using 0.306 and earlier versions will not be able to download from you and you will not be able to download from them. Convince them to upgrade their version if you come across someone using those versions.

The ‘Added option for masked password prompt’ that I added, will not actually mask the password when you send over the network. Atleast not in NMDC hubs. That is, it’s perfectly visible if someone else is using eg Ethereal. On ADC is this not possible because of the nature of ADC. In ADC, data is sent from the hub to the user, the user then uses the Tiger algorithm to encode the CID (of the user), followed by the password and then the data. And until the Tiger algorithm is broken, it is not possible to reverse engineer the password.

File lists getting keyboarded!

Sunday, May 21st, 2006

Version 0.688 of DC++ included a nifty feature; back/forward mouse/keyboard navigation to directory listing frame.

I assume everyone got it with the mouse (it’s quite obvious which buttons are for what if you have a mouse with more than two buttons). But did a lot of people actually get it with the keyboard? I sure didn’t. I’m suprised as to not having seen this question on the forum… But oh, well…

The first thing I tried was backspace. Well, that does something but it sure ain’t back or forward. The backspace will make you go up one directory. Until you hit the root directory of course. Then, it’ll do nothing.

After having tried every possibly other way with backspace, I decided to look in the code. Well, before I go on, I feel I need to say the other two keyboard commands that aren’t linked to back/forward navigation. Tab, will make DC++ go from one of the views to the other. And return will download the selected directory(-ies) or file(s).

Now, how to back and forward navigate? Hold down Alt and press the ‘Left’ key to go back. Hold down Alt and press the ‘Right’ key to go forward.

Moving toward ADC

Sunday, May 14th, 2006

The public development hub has now changed address. It is now adc://dcdev.no-ip.org:16591. This means that you need to run a client that support ADC.

The following clients support (atleast partly) ADC;
DC++ - http://sourceforge.net/projects/dcplusplus
Elise - http://sourceforge.net/projects/elise
JDC - http://sourceforge.net/projects/jdc
FMDC - http://flow84.no-ip.org/fmdc/

It will not be a NMDC hub ever again. It is time we move forward.

Widespread usage of DC++

Friday, May 12th, 2006

I have previously talked about version.xml, the file that allow people to get notified on ’stable’ DC++ releases. (There’s of course a way to recieve notifications about every DC++ release.)

Just an early disclaimer: No information of individuals are stored.

When DC++ checks whether the current version you’re using is the latest or not, the version number is sent to dcplusplus.sf.net. And as I said: No individual information is being sent. When GargoyleMT took over hosting of version.xml (for a few days, he recieved a complaint concerning the huge amount of traffic it generated; Making him remove it), he was also able to see how many were using a specific version.

Here follows the top-10 list of most used versions. Unfortunately, the list counts each connection to version.xml as ‘one new user’ (so to speak), so the list isn’t exact.

DC++ 0.674 - 617418
DC++ 0.401 - 113297
DC++ 0.668 - 89242
DC++ 0.670 - 58008
DC++ 0.4034 - 28030
DC++ 0.673 - 27486
DC++ 0.306 - 24318
DC++ 0.305 - 9966
DC++ 0.4033 - 4073
DC++ 0.4032 - 3572

Mind you, the list is from November, 2005, which was before the release of 0.68. I’m unsure if the list would be very different, if you would create one now.

And oh, I forgot to mention that these numbers (if I recall the conversation correctly) was during a 24-hours period. You can understand why the host didn’t want the file to be hosted there.

The question that I’m sure you are thinking; Why is the so old versions so popular?
The answer is very different depending on who you ask. But it would probably be one of the following;

  • “The people on the development team told me to!” This is a fairly valid reason. Since the release of 0.4033, unicode support is required to fully experience all of the advantages that is DC++. Unfortunately, the unicode support is quite poor for Windows 95, Windows 98 and Windows ME (Microsoft’s fault that is). This is probably the reason so many (well, not in compared to eg 0.674) are using DC++ 0.4032.
  • People don’t know how to update their version. In this category, are the non-technical people. These people don’t know how to get the new version or if they were given it, how to install it.
  • People don’t want to update. This category can be divided in a few sub-categories;
    • They don’t want to update because they feel the current version they’re using is adequate for their needs.
    • They don’t want to update because they feel that the newer versions changed the behaviour of one (or many) of their favorite features.
    • They can’t be arsed. (I sometimes fall into this category.)
  • I’m unsure if this point is correct or not, but I’d like to tell it anyway. When people modificate their own copy of DC++, and distribute it, but doesn’t change the version. (I believe fulDC exibit this behaviour.)

TTH of versions

Friday, May 12th, 2006

Since 0.402, the TTH of the executable was added to crash reports and the About dialog. This TTH is the hash that was created when arnetheduck compiled that version and released it. Unless the Tiger algorithm is broken, you won’t be able to reproduce that exact TTH. You’re thinking now, “of course I can… I just download the source for that version and compile”, but that won’t work because the TTH is also created based on time and Visual Studio settings.

Anyway… Here is a list of all the TTHs for released versions of DC++;

0.689 - FCRQAS2BFNS55KMNP4OFD7IHMEA3P5KDTZHR64I
0.688 - 35LXARABD7HYEHEIO4GN5FOZJTONB7ICOH3WFLQ
0.687 - L6KA6A24NYMK2G5KFAOLLK4RDJOIHE34T2H32QA
0.686 - AQXMWT6M2ZCG3IGYYK6L7G55YQTF553XEFA6M6A
0.685 - E6QY77BZMRIALFIEDDJWNDNPUMTQATISPX6QOZI
0.6811 - C6C7FYXQZNWPT6K7MJYERURZYF72MB7FRFOK7QI
0.681 - ER2SWNUQQMVTA4TI6XMRJZJCB6TWRHFUXBP47SQ
0.68 - K7TTU6MNVUWI77CUWXSFQ33VMBDSCZUTF6HUX2Y
0.674 - 7WROGS4SQORHFXIOJESYI7LXBCDGEHTG5RNFUBI
0.673 - BBH6LZ5UTEVZBDCT6YG55CBJH7OUZBC3BWAST3I
0.672 - 52U35DCD35WXUJG3QTAU6E7MYI7XRT3RYZLQPUA
0.671 - CB7P3SU3CXXJQSTMX7IBSIVHDAUHMNKZJYBKIGQ
0.670 - NDSUGHAWT42JPKQ7PA6MMI2RUQ63M2BZYIQJGZI
0.668 - JAROBU3NALINDK2WKYBYDVSXLTSBSTEQNMQNMAQ
0.667 - 2KNUB5HEL6NGVMOPJIU2FADW5KRWT5DT5EYS56A
0.666 - 5FWLFP7JIWE5OR35HPR67VEGIIPIYVAKZ3KNJHI
0.4034 - EJEUEI5NYOW2OQOXRJC7OHZ2ZUSLA5JF6IPD6TI
0.4033 - PK37J6IETUDJWLNNJHTIHMF2B5L2JTRED5I7WOA
0.4032 - IW3BY6H2EOHPWPKTV2T7ZK3C3J4BXNKFVJAG6SQ
0.403 - D443ASUAE2ZLCMTIJW2BQRZWQ62KFUEV3HGQGZA
0.402 - LRX4GGQYE5NBOV6KNU55K5WLMUL7ZHG5IJGTM7Y 

Security through obscurity is not security

Wednesday, May 10th, 2006

If you were around the release of 0.307, and browsed the forum / were in the, at that time, public DC dev hub, you probably saw a lot of noice concerning a feature cologic added to DC++; * Ip column in transfer list and later in 0.400; * Ip in search frame

The noice, being that people were complaining that people now were able to see other’s IP. The IP, the only knowledge required for ‘crackers’ (malicious hackers) to breach a computer.

While a lot of people jumped on the “oh my god, crackers now know my IP, so now can they hack me”-wagon, little understood why the IP columns were completely useless (from a safety point of view).

Basically, IP has a “simple” job; To let DC++ know where to send messages and where a message has come from. This means, without DC++ knowing the IP of someone else, it cannot make a connection. Thus, transfers are impossible if not both sides know each other’s IP. (For a full description of what IP really does, I suggest you use a search engine.)

You see, the IP is know by DC++ with or without that extra IP column. And crackers (well, perhaps not the script-kiddies, which I don’t consider a ‘cracker’) know this too. A tool I use semi-frequently is TCPview. In it, you can see exactly how many connections DC++ has made. And you can see everyone’s IP. (TCPview is only “cmd /k netstat” [write it in ‘Run’] with a GUI.)

Downloads and uploads

Sunday, May 7th, 2006

Ever wondered how much you have downloaded and uploaded? Well, here’s how to find out.

If you look at the status bar, you see (the first pair of) “D: “and “U: “. That is how much you have Downloaded and Uploaded in this session from when you started DC++. When you restart DC++, these two will be reset to 0.

The information in the status bar is added to the total amount of downloaded/uploaded, which you can find under Help -> About DC++ and at the bottom. This information will not go away when you close DC++. It will only go away if you delete dcplusplus.xml (or specifically if you delete the entries in it; <totalupload type=”int64″> and <totaldownload type=”int64″>).

Note that none of the above information is transmitted to other people.