D.i.N.S. v1.0B

[inflater]

Your primary goal of your OS is to block P2P services? Good god. *reloads the random-ascii-characters-anti-executable gun* You won't stop me!! *switches the weapon to the anti-harddrive mode* *aims the gun at the PC running DiNS*

Lock and loaded. Me awaits your response. Resistance is futile.
[/sarcasm]

Good luck with your OS btw

[01000101]

lol the criticism/hatred for the concept and design was expected... in fact, I'm surprised by the amount of support from this forum. Thanks to all that have given support, and I'm sorry if my OS disrupts your sanity or something of the like.

I'm not designing this for ISP's or for home useage, but I do strongly believe that such technology should be in the hands of educational facilities and corporate environments (for seemingly obvious reasons). Also, I'm not forcing network admins across the world to start enforcing anti-p2p/torrent technologies, it is of pure free will that they purchase and utilize those technologies. So don't blame me if someday this technology stops your file-sharing over your corporations' network, blame your admin for implementing it.

[edit]btw: how's the tesla coil going? [/edit]

[piranha]

Are some of your features optional?
Can you say, "OK, I want to block Limewire, but not torrents"?

And only on select computers? Like, for a home network with a 12 year old that you didn't want using Limewire because of all the bad stuff on it? But you wanted to use Limewire?
Say, "I want the computer 10.0.0.4 not to use Limewire, but I want 10.0.0.7 to be able to use Limewire"?

That would be interesting. And useful.

-JL

[suthers]

It would be good to be able to have optional blocking...
But I don't have a problem with blocking torrents, if this is only done within the environment of a work place.
I think that if somebody is payed to do something, they shouldn't be downloading torrents instead... (Yah I know it doesn't take much time to do and they can use the content outside of the workplace and there are also legitimate reasons to use them (that's why it should be optional, as well as some companies may not have problems with their employees using torrents...), but it wastes the companies bandwidth too... )
I really don't have a problem with this as long as ISPs don't start using it to block my torrents and throttle my bandwidth...
Jules

[01000101]

Are some of your features optional?
Can you say, "OK, I want to block Limewire, but not torrents"?

Yes, absolutely, that is one of the core reasons for the UI being designed.

And only on select computers? Like, for a home network with a 12 year old that you didn't want using Limewire because of all the bad stuff on it? But you wanted to use Limewire?
Say, "I want the computer 10.0.0.4 not to use Limewire, but I want 10.0.0.7 to be able to use Limewire"?

That would be interesting. And useful.

Well, as stated before, I'm not desingning it for home use. But as the question still has weight, I think I may implement selective filtering based upon IP/MAC addressing, but at this current time no such feature is being used.

But I don't have a problem with blocking torrents, if this is only done within the environment of a work place.
I think that if somebody is payed to do something, they shouldn't be downloading torrents instead... (Yah I know it doesn't take much time to do and they can use the content outside of the workplace and there are also legitimate reasons to use them (that's why it should be optional, as well as some companies may not have problems with their employees using torrents...), but it wastes the companies bandwidth too... )

I 110% agree. That is one of the core beliefs that set this OS project into motion.

I really don't have a problem with this as long as ISPs don't start using it to block my torrents and throttle my bandwidth...

lol, I made a promise to myself never to sell this to an ISP. I have multiple reasons for not doing so. You must face the facts though, eventually this technology will be open to the market and others will begin developing anti-p2p/torrent devices that may or may not be used in an ISP environment.

[suthers]

Not only will it leak, but it already has unfortunately
Thought I have to say that I respect anybody who has the ability and patience to develop such complex technologies...
Just out of interest, are you going to release a D.i.N.S. beta version that we could test?
Jules

P.S. I'm an expert at reverse engineering

[01000101]

expert at reverse-engineering eh?
no binary for you.

I havent decided on what I want to do as far as public testing goes. I will ponder on the issue and get back to you.

[suthers]

expert at reverse-engineering eh?
no binary for you.

Damn It, I knew I shouldn't have said that...
Jules

[suthers]

expert at reverse-engineering eh?
no binary for you.

That's ok, I can compile, assemble and link it myself
Jules

P.S. Sorry i had to make another joke about that...

[01000101]

well it looks as if I will be diving into the evil underworld of SSH sooner than expected. BearShare uses SSH from startup to shutdown. I have already written parsers to detect what the session ID is, the version of SSH, what encryption algorithm was chosen, if compression is utilized, and a structure to hold the intercepted certificate. As for SSH being the 'unstopable monster' as described earliers... I wouldn't put too much stock in that. If I can't decrpyt it, I will at least be able to readily identify it and put server certificate blockings so that particular server wont be able to preform SSH, and even moreover, if THAT fails, I can just block the first packet sent... the DNS Resolution packet and never allow the client to get an IP.

But, those are just ideas being thrown around... I haven't done any serious work on SSH yet.

[01000101]

Well I decided on a method to filter out the unique SSH signature/ID and some other checks; fortunately I didn't have to resort to DNS Resolution blocking. Now BearShare is blocked from logging in and preforming initialization tasks, but now I need to make an account and start ripping apart its searching/downloading mechanisms.

[JamesM]

Just a thought - are you going to allow not just the enabling of certain technologies (like bittorrent but not limewire, as mentioned earlier) but selective filtering based on (bittorrent) tracker?

The reason I ask is that it would be a rather nice asset to be able to connect to, e.g. Ubuntu's distribution bittorrent tracker and download Ubuntu, but not copyrighted material (i.e. stuff tracked on trackers your program doesn't know about).

Is that possible? feasible? easy?

[Combuster]

@SSH: Man-in-the-middle FTW. And then hope they bait

[JamesM]

@SSH: Man-in-the-middle FTW. And then hope they bait

~/.ssh/known_hosts ?

[Combuster]

the fingerprint need not be in there yet, and you should know that everybody hits 'yes' when seeing a broken signature

Humans are the worst security