Free Weekly Tech Newsletter

glenrose · 11-02-2000, 04:11 PM

Hi

trying to understand this.

If I download a song from using Napster, I am not connecting to a personal computer to download from, but a server where someone has uploaded the song to. The names that appear when you log on with napster are just people who have logged onto a server and have downloaded the song.

when you download using napster you are logging onto a server somewhere not directly to someones personal computer.

correct or not because would be a big issue.

thanks dennis

***glc*** · 11-02-2000, 07:08 PM

You in fact ARE connecting to someone else's computer to download the MP3. All the Napster server does is provide the directory listings and the means to get to the computer that has the MP3 that you want. Conversely, when you have MP3's listed on the Napster server, other people can connect to YOUR computer to download them. This is the definition of "peer to peer networking".

glenrose · 11-03-2000, 05:03 PM

thanks glc

what are you feelings about security.

It someone can get into my harddrive to get mp3, what else can they get.

**HAL9000** · 11-03-2000, 05:42 PM

I don't use Napster for that reason. They have never been able to give me a reply to the question of security. So what I have done is put Serv-U on my friends machines and connect to them to get what I want

Statica · 11-03-2000, 08:44 PM

Its a vicious cycle isnt it... on the one hand with messengers, napster and other "peer" networking front-ends you can basically go under the garb of anonymity .. people supposedly connect to you just by your user ID and not by your IP [unless of course they happen to use IPtraf or netstat

], the central server supposedly knows all .. but then again consider every bit of code to have a backdoor, and vulnerabilities can be exposed. The basic rule of thumb is .. EVERY PORT OPENNED IS A VULNERABILITY. The ports openned can be exploited... especially when you consider that Win 9x clients that run it have been historically vulnerable. Besides its much harder to deny access to troublesome clients.

While running FTP daemons might seem better they too have inherent problems. The obvious drawback is letting ppl know that the particular IP has an open port. The good news is that you can track those that log in much better. The other drawbacks are well documented.

11-02-2000, 04:11 PM	#1
glenrose Member (8 bit) Join Date: May 1999 Posts: 218	Hi trying to understand this. If I download a song from using Napster, I am not connecting to a personal computer to download from, but a server where someone has uploaded the song to. The names that appear when you log on with napster are just people who have logged onto a server and have downloaded the song. when you download using napster you are logging onto a server somewhere not directly to someones personal computer. correct or not because would be a big issue. thanks dennis Share Share this post on Digg Del.icio.us Technorati Twitter

11-02-2000, 07:08 PM	#2
*glc* Forum Administrator Staff Premium Member Join Date: May 2000 Location: Joplin MO Posts: 37,771	You in fact ARE connecting to someone else's computer to download the MP3. All the Napster server does is provide the directory listings and the means to get to the computer that has the MP3 that you want. Conversely, when you have MP3's listed on the Napster server, other people can connect to YOUR computer to download them. This is the definition of "peer to peer networking". Share Share this post on Digg Del.icio.us Technorati Twitter

11-03-2000, 05:03 PM	#3
glenrose Member (8 bit) Join Date: May 1999 Posts: 218	thanks glc what are you feelings about security. It someone can get into my harddrive to get mp3, what else can they get. Share Share this post on Digg Del.icio.us Technorati Twitter

11-03-2000, 05:42 PM	#4
HAL9000 Red-eyed Moderator Staff Premium Member Join Date: Dec 1999 Location: Regina, Saskatchewan, Canada Posts: 17,576	I don't use Napster for that reason. They have never been able to give me a reply to the question of security. So what I have done is put Serv-U on my friends machines and connect to them to get what I want Share Share this post on Digg Del.icio.us Technorati Twitter __________________ -At Ford, quality is job #1, job #2 is making them explode. ~Norm MacDonald, SNL News -Switching to Glide..Balancing in my head..inside of me... taking the glide path instead.

11-03-2000, 08:44 PM	#5
Statica Premium Member Join Date: Jun 1999 Posts: 9,231	Its a vicious cycle isnt it... on the one hand with messengers, napster and other "peer" networking front-ends you can basically go under the garb of anonymity .. people supposedly connect to you just by your user ID and not by your IP [unless of course they happen to use IPtraf or netstat ], the central server supposedly knows all .. but then again consider every bit of code to have a backdoor, and vulnerabilities can be exposed. The basic rule of thumb is .. EVERY PORT OPENNED IS A VULNERABILITY. The ports openned can be exploited... especially when you consider that Win 9x clients that run it have been historically vulnerable. Besides its much harder to deny access to troublesome clients. While running FTP daemons might seem better they too have inherent problems. The obvious drawback is letting ppl know that the particular IP has an open port. The good news is that you can track those that log in much better. The other drawbacks are well documented. Share Share this post on Digg Del.icio.us Technorati Twitter

Need Some Help? Type Your Keywords Here:

Still Need Help? Type Your Keywords Here:

Free Weekly Tech Newsletter

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Subscribe to THE INSIDER

Need Some Help? Type Your Keywords Here:

Still Need Help? Type Your Keywords Here:

Free Weekly Tech Newsletter