Direct Connect (protocol)

Last updated

Direct Connect (DC) is a peer-to-peer file sharing protocol. Direct Connect clients connect to a central hub and can download files directly from one another. Advanced Direct Connect can be considered a successor protocol.

Contents

Hubs feature a list of clients or users connected to them. Users can search for files and download them from other clients, as well as chat with other users.

History

NeoModus was started as a company funded by the adware "Direct Connect" by Jon Hess in November, 1999 while he was in high school. [1]

The first third-party client was called "DClite", which never fully supported the file sharing aspects of the protocol. Hess released a new version of Direct Connect, requiring a simple encryption key to initiate a connection, locking out third-party clients. The encryption key was cracked, and the author of DClite released a new version of DClite compatible with the new software from NeoModus. Some time after, DClite was rewritten as Open Direct Connect with the purpose of having an MDI user interface and using plug-ins for file sharing protocols (similar to MLDonkey). Open Direct Connect also did not have complete support for the full file sharing aspects of the protocol, but a port to Java, however, did. Later on, other clients such as DCTC (Direct Connect Text Client) and DC++ became popular.

The DCDev archive [2] contains discussions of protocol changes for development of DC in the years 2003–2005.

Protocol

The Direct Connect protocol is a text-based computer protocol, in which commands and their information are sent in clear text, without encryption in original NeoModus software (encryption is available as a protocol extension). Clients connect to a central server acting as a "hub". This hub provides content discovery and allows clients to negotiate direct connections between each other for transferring content. Since this central hub only deals with metadata, it does not have anywhere near the same bandwidth requirements as if it also had been serving the content itself; an estimate shows that handling 1000 users would require about 2.5 mbit/s of bandwidth. [3]

There is no official specification of the protocol, meaning that every client and hub (besides the original NeoModus client and hub) has been forced to reverse engineer the information. As such, any protocol specification this article may reference is likely inaccurate and/or incomplete. [4]

The client-server (as well as client-client, where one client acts as "server") aspect of the protocol stipulates that the server respond first when a connection is being made. For example, when a client connects to a hub's socket, the hub is first to respond to the client.

The protocol lacks a specified default character encoding for clients or hubs. The original client and hub use ASCII encoding instead of that of the Operating system. This allows migration to UTF-8 encoding in newer software.

Port 411 is the default port for hubs, and 412 for client-to-client connections. If either of these ports are already in use, the port number is incremented until the number of a free port is found for use. For example, if 411, 412 and 413 are in use, then port 414 will be used.

Hub addresses are in the following form: dchub://example.com[:411], where 411 is an optional port.

There is no global identification scheme; instead, users are identified with their nickname on a hub-to-hub basis.

An incoming request for a client-client connection cannot be linked with an actual connection. [5]

A search result cannot be linked with a particular search. [6]

The ability to kick or move (redirect) a user to another hub is supported by the protocol. If a user is kicked, the hub is not required to give that user a specific reason, and there is no restriction on where a user can be redirected to. However, if another client in power instructs the hub to kick, that client may send out a notification message before doing so. Redirecting a user must be accompanied by a reason. There is no HTTP referer equivalent.

Hubs may send out user commands to clients. These commands are only raw protocol commands and are used mostly for making a particular task simpler. For example, the hub cannot send a user command that will trigger the default browser to visit a website. It can, however, add the command "+rules" (where '+' indicates to the hub that it's a command - this may vary) to display the hub's rules.

The peer-to-peer part of the protocol is based on a concept of "slots" (similar to number of open positions for a job). These slots denote the number of people that are allowed to download from a user at any given time and are controlled by the client.

In client-to-client connections, the parties generate a random number to see who should be allowed to download first, and the client with the greater number wins.

Transporting downloads and connecting to the hub requires TCP, while active searches use UDP.

There are two kinds of modes a user can be in: either "active" or "passive" mode. Clients using active mode can download from anyone else on the network, while clients using passive mode users can only download from active users. In NeoModus Direct Connect, passive mode users receive other passive mode users' search results, but the user will not be able to download anything. In DC++, users will not receive those search results. In NeoModus Direct Connect, all users will be sent at most five search results per query. If a user has searched, DC++ will respond with ten search results when the user is in active mode and five when the user is in passive mode. Passive clients will be sent search results through the hub, while active clients will receive the results directly.

Protocol delimiters are "$", "|", and U+0020 SPACE. Protocol have for them (and few others) escape sequence and most software use them correctly in login (Lock to Key) sequence. For some reason that escape sequence was ignored by DC++ developers and they use HTML equivalent if these characters are to be viewed by the user.

Continued interest exists in features such as ratings and language packs. The authors of DC++ also proposed a complete replacement of the Direct Connect protocol called ADC, or unofficially, Advanced Direct Connect. ADC uses the same network topology, concepts, and terminology as the original protocol. [7]

One example of an added feature to the protocol, in comparison with the original protocol, is the broadcasting of Tiger-Tree Hashing of shared files (TTH). The advantages of this include verifying that a file is downloaded correctly, and the ability to find files independently of their names.

Direct Connect used for DDoS attacks

As the protocol allows hubs to redirect users to other hubs, malicious hubs have redirected users to places other than real Direct Connect hubs, effectively causing a Distributed Denial of Service attack. The hubs may alter the IP in client to client connections, pointing to a potential victim. [8] [9] [10]

The CTM Exploit surfaced in 2006–2007, during which period the whole Direct Connect network suffered from DDoS attacks. [11] [12] The situation prompted developers to take security issues more seriously. [13]

As of February 2009, [14] [15] [16] [17] [12] an extension for clients was proposed in order for the attacked party to find out the hub sending the connecting users.

Direct Connect Network Foundation

The Direct Connect Network Foundation (DCNF) is a non-profit organization registered in Sweden that aims to improve the DC network by improving software, protocols and other services in the network. [18]

Articles and papers

The DCNF maintains a list of articles, papers and more documentation that relate to DC. [19]

See also

Related Research Articles

Gnutella is a peer-to-peer network protocol. Founded in 2000, it was the first decentralized peer-to-peer network of its kind, leading to other, later networks adopting the model.

<span class="mw-page-title-main">IRC</span> Protocol for real-time Internet chat and messaging

IRC is a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called channels, but also allows one-on-one communication via private messages as well as chat and data transfer, including file sharing.

In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by e-mail clients to retrieve e-mail from a mail server. Today, POP version 3 (POP3) is the most commonly used version. Together with IMAP, it is one of the most common protocols for email retrieval.

The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server. FTP users may authenticate themselves with a plain-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP).

<span class="mw-page-title-main">Shareaza</span> Peer-to-peer file sharing application

Shareaza is a peer-to-peer file sharing client running under Microsoft Windows which supports the Gnutella, Gnutella2 (G2), eDonkey, BitTorrent, FTP, HTTP and HTTPS network protocols and handles magnet links, ed2k links, and the now deprecated gnutella and Piolet links. It is available in 30 languages.

Direct Client-to-Client (DCC) is an IRC-related sub-protocol enabling peers to interconnect using an IRC server for handshaking in order to exchange files or perform non-relayed chats. Once established, a typical DCC session runs independently from the IRC server. Originally designed to be used with ircII it is now supported by many IRC clients. Some peer-to-peer clients on napster-protocol servers also have DCC send/get capability, including TekNap, SunshineUN and Lopster. A variation of the DCC protocol called SDCC, also known as DCC SCHAT supports encrypted connections. An RFC specification on the use of DCC does not exist.

<span class="mw-page-title-main">Gnutella2</span>

Gnutella2, often referred to as G2, is a peer-to-peer protocol developed mainly by Michael Stokes and released in 2002.

RealVNC is a company that provides remote access software. Their VNC Connect software consists of a server and client application, which exchange data over the RFB protocol to allow the Viewer to control the Server's screen remotely. The application is used, for example, by IT support engineers to provide helpdesk services to remote users.

Secure copy protocol (SCP) is a means of securely transferring computer files between a local host and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol. "SCP" commonly refers to both the Secure Copy Protocol and the program itself.

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft Corporation which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

Client-to-client protocol (CTCP) is a special type of communication between Internet Relay Chat (IRC) clients.

File eXchange Protocol is a method of data transfer which uses FTP to transfer data from one remote server to another (inter-server) without routing this data through the client's connection. Conventional FTP involves a single server and a single client; all data transmission is done between these two. In the FXP session, a client maintains a standard FTP connection to two servers, and can direct either server to connect to the other to initiate a data transfer. The advantage of using FXP over FTP is evident when a high-bandwidth server demands resources from another high-bandwidth server, but only a low-bandwidth client, such as a network administrator working away from location, has the authority to access the resources on both servers.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

<span class="mw-page-title-main">DC++</span> Free and open-source, peer-to-peer file-sharing client

DC++ is a free and open-source, peer-to-peer file-sharing client that can be used for connecting to the Direct Connect network or to the ADC protocol. It is developed primarily by Jacek Sieka, nicknamed arnetheduck.

In computer networks, a tunneling protocol is a communication protocol which allows for the movement of data from one network to another. It can, for example, allow private network communications to be sent across a public network, or for one network protocol to be carried over an incompatible network, through a process called encapsulation.

eMule Free peer-to-peer file sharing application for Microsoft Windows.

eMule is a free peer-to-peer file sharing application for Microsoft Windows. Started in May 2002 as an alternative to eDonkey2000, eMule now connects to both the eDonkey network and the Kad network. The distinguishing features of eMule are the direct exchange of sources between client nodes, fast recovery of corrupted downloads, and the use of a credit system to reward frequent uploaders. Furthermore, eMule transmits data in zlib-compressed form to save bandwidth.

Peer-to-peer file sharing (P2P) systems like Gnutella, KaZaA, and eDonkey/eMule, have become extremely popular in recent years, with the estimated user population in the millions. An academic research paper analyzed Gnutella and eMule protocols and found weaknesses in the protocol; many of the issues found in these networks are fundamental and probably common on other P2P networks. Users of file sharing networks, such as eMule and Gnutella, are subject to monitoring of their activity. Clients may be tracked by IP address, DNS name, software version they use, files they share, queries they initiate, and queries they answer to. Clients may also share their private files to the network without notice due to inappropriate settings.

This article compares features and other data about client and server software for Direct Connect, a peer-to-peer file sharing protocol.

<span class="mw-page-title-main">Shadowsocks</span> Free and open-source encrypted proxy project

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named "clowwindy", and multiple implementations of the protocol have been made available since. Shadowsocks is not a proxy on its own, but (typically) is the client software to help connect to a third-party SOCKS5 proxy, which is similar to a Secure Shell (SSH) tunnel. Once connected, internet traffic can then be directed through the proxy. Unlike an SSH tunnel, shadowsocks can also proxy User Datagram Protocol (UDP) traffic.

References

  1. Annalee Newitz (July 2001). "Sharing the Data". Metro, Silicon Valley's Weekly Newspaper. Metro Publishing Inc. Archived from the original on 2021-01-21. Retrieved 2006-10-16.
  2. The DCDev archive Archived 2016-12-20 at the Wayback Machine
  3. Fredrik Ullner (April 2007). "Command and bandwidth estimations in NMDC". DC++: Just These Guys, Ya Know?. Archived from the original on 2007-10-16. Retrieved 2007-07-27.
  4. "NMDC Protocol". Nmdc.sourceforge.net. Archived from the original on 2017-02-10. Retrieved 2016-12-04.
  5. "CTM tokens in ADC (or why the NMDC protocol is terrible, part 2)". DC++: Just These Guys, Ya Know?. August 2007. Archived from the original on 2007-10-15. Retrieved 2007-10-07.
  6. Todd Pederzani (June 2006). "Filtering Redux". DC++: Just These Guys, Ya Know?. Archived from the original on 2007-10-15. Retrieved 2007-08-31.
  7. Jacek Sieka and Fredrik Ullner (January 2019). "ADC Protocol". DCNF. Archived from the original on 2020-12-01. Retrieved 2020-12-21.
  8. Paul Sop (May 2007). "Prolexic Distributed Denial of Service Attack Alert". Prolexic Technologies Inc. Prolexic Technologies Inc. Archived from the original on 2007-08-03. Retrieved 2007-08-22.
  9. Robert Lemos (May 2007). "Peer-to-peer networks co-opted for DOS attacks". SecurityFocus. Archived from the original on 2015-09-24. Retrieved 2007-08-22.
  10. Fredrik Ullner (May 2007). "Denying distributed attacks". DC++: Just These Guys, Ya Know?. Archived from the original on 2016-03-15. Retrieved 2007-08-22.
  11. Ullner, Frederik (2008-01-17). "Press coverage regarding DC being used as a DDoS tool". DC++: Just These Guys, Ya Know?. Archived from the original on 2016-09-23. Retrieved 2017-05-19.
  12. 1 2 Fredrik Ullner (2011-07-20). "Long lost response regarding DC being used as a DDoS tool". DC++: Just These Guys, Ya Know?. Archived from the original on 2011-09-08. Retrieved 2011-07-20.
  13. Furtunã, Adrian (July 2008). "DC++ and DDoS Attacks" (PDF). Archived (PDF) from the original on 2016-11-09. Retrieved 2017-05-19.
  14. Jan Vidar Krey (February 2009). "Referral extension". DC++ Launchpad Page. Archived from the original on 2011-08-12. Retrieved 2009-02-11.
  15. Jan Vidar Krey (February 2009). "Referral extension on ADCPortal wiki". ADCPortal.com. Archived from the original on 2011-07-07. Retrieved 2009-02-11.
  16. Eugen Hristev (February 2009). "DC++ pointing out the corrupted". DC++: Just These Guys, Ya Know?. Archived from the original on 2009-03-09. Retrieved 2009-02-11.
  17. Toast (January 2009). "CTM Review and the errors of past". ADCPortal. Archived from the original on 2011-07-07. Retrieved 2009-01-27.
  18. "DCNF - Direct Connect Network Foundation". Archived from the original on 2016-01-25. Retrieved 2016-01-07.
  19. Direct Connect Network Foundation: Documents and Resources Archived 2016-12-20 at the Wayback Machine