ࡱ> dcn5(|./!PNG  IHDRpsRGB pHYs+IDATx^mUՙ|5HŒpik:Q0۩h4֔K?MD Z;@$b: @ yIF 5Xl$LCI8htK;ߜ+۽g}>srrk=Y~kʇ~)B@!B! >B@q G!U"e! G= ")k ! )SXFUQݭ !;"e{H !(Dʍn5V)COF! RnTwB@H~B@4 r[BwDʾBQj# RB@ܨVc=Tw.^hMp?"/:H6Zƍy ޽{WZpBȑ#۱gGΝ#'wGFC$Khm`-[̛7ϥ߿?(… fM:yeNPLU9+k=A@rO^jߨ 6,Zdh6m'x"@={F?vJ!P6"Lh,X`Żvr B׳f A{nRhxRs}Cf?xĭ b¢+W,2`sL֢QRSnĥF_ޘ3rLEupA &׭[gcΝzkfT# RUޡC )A |^vN@K:uA C@ܼ>A###Ƨm̡N c̙3GK+CUU5"oH}ΟLGGGeG%ER{>l.s)MB}M!"ezG9vX0l5kDw6GM!R@xUL! o#ݠfN,CQ,`oTX́rT[qA9ٺ:CO٤fvrX lTLM9+id*OO"0VPLCh2'N@ܹs}ά;}3gpxgRҤ>XXYZ]Z%=KGsN!|1<<}tr R)io SpY @Akn9ILLh3)$ vP1?)R0n,ParV@2{CQK: !  R΃! :HCJB "<BC; !  yP]RV_Ԯվ)\pUbrsXݡx+}Q\~,gqR.T wr1.-+ J B@tŔ; <ڑ/wx!;|&=w7l D_K96c֬S2{/YqxtN4ƛۮ,|wV}7>\+[G OVme dxr˧08H]Rk.h8YѱG~mT==ЕmPWOF?ُygTčw/Z-#k6Onzd>̉SN^I\z;dƍlwC/l޻x1~@Qcʕ @"$0/CL`C^s w&􂗹+Z^k? -p+I۳GV)[<[8YuP~!ߨ9m`(q̛GL XQi̱Eԡ'e q\in宁U9,1hhtʹ^l,0ס#]Gjd8)1o&0g~1[b_|37gc2cd懷ړ2}c^* ׅp.Їpk'7",3+78CO)"N 캕FȻ[b@ @d\zIo쯾%c__f/e 霺|?w/z"gue̽@Fs8`^qL?@([z;ʺ-SE6Uғp2u' 4F|j\Z|ۑK{r>k,; *͂02zI O`R|ð|sskp/vm;NnJh8mW1WOzIip(~-lO8{> /Ǵlt媕!e`»˖cd=ķ:q|?]uJ |ؽB(p2cTO{"lOt)0|37:44{Z 8LL*֡)"o?ުFy;aY ѱkuJ!zc Ajs}}P\M;l.0βie8s% R \H#KLGk@TC(qMcOi!lo 5"hz/[oRuUFv\t))23:ŗC h/Ŀ!Po8 Ƙ ~B7f>[Hk^$ԕB Ģc肫.lrr$ 1_0TD 1=/"}}L3D2U'G*cUxKE % ;5> ca} f>l^JG+Y=TU-=N9w_A1iYy͡VE,v7E6%(T\rӌ)ysAޫɃ=3߾nޜygw9:6vѯM@-HA.k&Ξ a`k3dIp_^8ה}x"z&Ű|aqv>(m[xxe%+YT2}mիΟ/,)# Ck'φO|wt4#M+j|d٥^=޽ӓK/|a֐YSqCO ULxK7hV=ٷŋo,YN%/}LcG[<*hQ9O{o ݇1}@۳9K("׸\<) ޹ ު&`qxe=[Dd.[ [1b N%ʼydcZb:S4 '.U&կ=\ٮFCC| RH =[mVDt?b 0oAGT>+%{i[o%j鸌~c.eOkvVb)oY"?pYׇ2zÒ&vpD+9ݲ%٬#Ft1O xLcn_Ă)GI,˨ƚU>OxRR7$#KD9_SXH`tOYs9{e޴?/#@Ry3an`G[^]a|T؋ ,v{$M? DRX~{db{P* c5svV4)bIB 6"E*% p+tɅ]< r䁑qE'dj71{2ȵ,mgaATڪd."=~<eM}}ofV`)_t(e+chw̟SsKN=Զ8U'x[JP5)l\oVVw_(R_N7o&b>o C5,Ӄ.1X]&|SZUNͼPJ4mtk. 0bi[6GlW3^|MJ+# Z}^\UTJ.ϥ|[?] +{9dSgjJ~ajb˒8B }v4'+Sf}s2 ~ls/-/}p0֜INx&eJ\))[8(ĉVM7>=Nʾ?Di"P+4\Rn ѹ b(EZe f0m3-I0 [s ƚt3)SbJIGB [z0gaкcRuk&We9?4q({-@MLaHBy0a/F.D9REGfr~ĸܼ\m92 yu`1UjH+;10*%e<>YBH\'EHY׋4mpK&l EoεiH0P؀EHpy0x-<#dޠ9bԷah"aQ3g,=hf(CUb㥏J}^\WO~L*MԂ3^egS+ŒϦ G@(Gzl=Y/25,YHX9*Nx%]6iN/$ 5Ö$=V*yB@Uh`"PiLKf !]D_ ! >@}¾[d떞7 Ŕ@IMyT-)kfݓnW0j^NB@Xh3\kOdy2+⩍}Ͻ%RV"Jde5%eX՞v6$<`ūigqOT%Mߣx;ec3%E=ӕ5%es+n ^=u¾ U Ŕ+Z !ĺtZNޏ l#H= Ŕw4,Skl7KFD61F,$v:<]c?\>=fwP;^B( Ǯa "l+k֭߱8`3{& á߃>}:=8đ7D9kV_Ժ}ztD1_&8p%VTG^&ؒU e! R. ad:22b|n:jba=F%dCϜ9CD⧞zU7cƌ%. /BDD%QΟLYf)?qKH{饗XVA8t BET,4lk<x0x9 bS:"!},R62viptCY?.HGsrS)fSD;v,5^[fM/_N%Jn ѕ"ӀRCϘki&W%HD$o .mIiʠQ;#BGz  T͚ 9YJp+.`"1o~OYzx!NxHrp;bhB$mCf*q@+eL &%VKlOH@B|x$eV Z=JyJ|IO8Asfz$-&&߲fЃ'mf0gٿ|ː@v4)YW# Rzt_pBxY^WK-9.3j99hQern4r{mhjYT|B#; ! ! R·J ! :H#JB "|B#hEG`PRn ; 5^jHzSmB(|Q.T%DʽԛjG@\.T%DʽԛjG@\.T%DʽԛjG@\.T%zIENDB`!(    D0www.projectfasttrack.com4 www.rapidroad.tk/ 0DTimes New Roman;0Wo 0DTahomaew Roman;0Wo 0," DWingdingsRoman;0Wo 0, a.  @n?" dd@  @@`` ( LZ   /X$b$(|./!= 0e0e A@A5%8c8c     ?1d0u0@Ty2 NP'p<'p@A)BCD|E?@87 uʚ;2Nʚ;g4TdTd0ppp@ <4!d!d 0L<<4dddd 0L<? %lKaZaA: Behind the Scenes7Shreeram Sahasrabudhe Lehigh University sas4@lehigh.edu88-Fasttrack networkCreated in Mar 2001, Fasttrack was a software company that developed a software library for a P2P network. KaZaA was their first application to use the library. Today, Grokster and iMesh are other licensed clients of the Fasttrack network.Why Fasttrack?KaZaA has over 200million downloads and shows over 4 million users online at any time. It s a closed protocol All Traffic is encrypted Minimal information available about the network  scalability, robustness and operation.Z What we know?t2-tier Architecture: nodes & supernodes Supernodes are high bandwidth users who aid searches of neighborhood nodes.  tuProject Idea / GoalsTo understand how the Fasttrack network works. No focus on cryptanalysis of the traffic. Understand behavior (communication, allocation etc.) of supernodes. Establish patterns in supernode communication.   Methodology6Ran KaZaA software on a lab machine for about 4 weeks. Using a custom packet sniffer we logged the packet information such as: Date & Time of Packet, Source Address, Destination address and Protocol. Analyzed the log files using Perl scripts to give us detailed report of each log file: Total Unique Destination IP Addresses List of destination IP addresses and number of packets sent to each. Total Unique Source IP Addresses List of source IP addresses and number of packets received from each. Besides this, we also analyzed the traffic during the login of KaZaA.NZZFZF"F  Install & Login ObservationsThe available KaZaA setup file is just a web install. During setup, it connects to a peer and downloads the KaZaA install file  kmd210.exe Each time you try to install it connects to a new peer with varying download speeds. At login Connects to a central login server rr1.kazaa.com (7 IP addresses) in Denmark. Sends information like country, client, version etc.@   W   Immediately after, the peer sends ICMP ping messages to about 4  5 other peers. Those who reply to these messages are then contacted by a separate TCP connection on specific destination ports. The purpose of this communication seems to be to let the peer know of a port to contact us. On repeated attempts to login  different sets of peers are contacted! If none of the peers reply to initial ping messages then a different set of peers are sent UDP packets. Then the same procedure as above.Z. !Traffic Analysis and ObservationsParsed the list of IP addresses in each report to get their frequency. About 7 address were communicating with our machine on a regular basis for over 4 days. (3 from Lehigh ;), 3 from other universities and 1 broadband) These were our candidates for supernodes. Also, our node had reached the status of Guru (309 points). A new node starts with a status of medium (100 points). We were now set to do further detailed analysis with an improved packet sniffer when & BZ1%W *& the Traffic Stopped! "This is not the first of its kind.$#The giFT project, a relatively big project, was successful in reverse engineering the Fasttrack protocol. Fasttrack changed their protocol (and encryption) and things were back to where they started. Currently two projects are working on this task: Project Fasttrack www.projectfasttrack.com RapidRoad www.rapidroad.tk None of the above companies have released any public software or documentation to validate their claimed progress. \ZFZsZZFs 0 $ 0/? Queries?  ` 33PP` 3333` ___MMM` 13` 333fpKNāvI` j@v۩ῑ΂H` Q_{>?" dd@,?n<d@ `7 `2@`7``2 n?" dd@   @@``PR    @ ` ` p>>    @ (  @ @ <r" B   @ TLvd" B   @ <xy"U_ B   @ T{d">& B   @ N~"P B   @ <"p B   @ C x?d?"bUv B    @ 60 "U  T Click to edit Master title style! !$  @ 0X "   RClick to edit Master text styles Second level Third level Fourth level Fifth level!     S  @ 64 "@  D*   @ 6 "@`   F*   @ 6p "`  F* B @ s *޽h ? 3333  Blends+     0Dq (  DT + D "+bb P@ D# "Dwoh D s *"PP D Bd" P@bb P 0  D# "Nyh D s *"P   D Bd"P 0 z  D <" a*h  D s *"  D  f?d?"+)  D < G ?"pP G T Click to edit Master title style! !  D 0T#G " `   G W#Click to edit Master subtitle style$ $ D 6'G "`p  G H*  D 6+G "`p  G J*   D 6/G "` G J*  B D s *޽h ? 3333  *(  x  c $9G D@` G r  S 9G D @ G H  0޽h ? ̙33  p$(  r  S Lp @P   p r  S D p @  p H  0޽h ? ̙33  0(  x  c $p @U  p x  c $`p @@ p H  0޽h ? ̙33  {s  (   r  S p @P   p r  S  p @    p 2  C G@p  ; Supernode   2  C G  ; Supernode    l @   @ ,$D 0@     B   `D??`     ZdG ??`p  J {File 1?} $ &  @ 0 @   0 @ B   `D??` `     ZG ??0 @  J {File 1?} $ &  2  C 4T U  ; Supernode   2  C P̙ `  8Peer 1 2  C L9̙ P  8Peer 2 2  C :̙ > p  8Peer 3   # 8 O FFile 2 File 4 File 5   # 58 { @  FFile 1 File 3 File 6   # p8  GFile 3 File 7 File 10 l       ,$D 0TB  c $D 0     C $p   _Search query {File 1?},xX  rl  P    P ,$D 0TB  B c $D     C *p P  JPeer 2: File 1 xX hl  3 `    3 ` ,$D 0TB   c $D_ ` `    C .p 3 `  @ GET File 1   z   f02p ??,$D 0 n A detailed study was done earlier by& ?? RIAA of course&8 n<8H  0޽h ? ̙33  $(  r  S :p @P   p r  S |;p @  p H  0޽h ? ̙33  ($(  (r ( S ?p @Pp  p r ( S @p @ P p H ( 0޽h ? ̙33  @4$(  4r 4 S ̯G @p@  G r 4 S tG @P G H 4 0޽h ? ̙33  zr8 (  8r 8 S Kp @p p X 8 0A? pH 8 0޽h ? ̙33  ,$(  ,r , S HOp @  p r , S ^p @  p H , 0޽h ? ̙33j  0(  0r 0 S bp @    p H 0 0޽h ? ̙33  `$$(  $r $ S G @p`  G r $ S xG @ G H $ 0޽h ? ̙33  P<P(  <r < S G @`   G  < 0G|   > Thank You! 2 $H < 0޽h ? ̙33rD:Q<>@\wS!Y [cUOWk^!0`Oh+'0h% hp  0 < HT\PowerPoint PresentationoweLC:\Program Files\Microsoft Office\Templates\Presentation Designs\Blends.pot Shreeramm F43eMicrosoft PowerPointoso@`aw @@P) YG$g  +& &&#TNPP2OMi & TNPP &&TNPP    --- !---&o& i=33--- !2. ---&G i=&--NN- $G Q Q=G=- $Q [ [=Q=- $[ e e=[=- $e i i=e=---&&&&+8yj--- !2,8,---&R8yi&--6- $R8\8\iRiߎ- $\8f8fi\i- $f8p8pifi- $p8y8yipi---&&&&0;\&--&&- $<0<:DD- $<:<Dkk- $<D"<N- $<N",<X- $<X,6<b- $<b6@<l- $<l@J<v- $<vJT<- $<T\< $<\\<&&&- & $0\;\;0&&-&& &&-&&]<0&&- $<0<:DD- $<:<Dkk- $<D"<N- $<N",<X- $<X,6<b- $<b6@<l- $<l@J<v- $<vJT<- $<T\< $<\\<&- --&&--- !oC---&!V\&--- $!V+V+\!\ - $+V5V5\+\###- $5V?V?\5\%%%- $?VIVI\?\(((- $IVSVS\I\+++- $SV]V]\S\...- $]VgVg\]\111- $gVqVq\g\333- $qV{V{\q\666- ${VV\{\:::- $VV\\===- $VV\\@@@- $VV\\CCC- $VV\\FFF- $VV\\JJJ- $VV\\MMM- $VV\\QQQ- $VV\\SSS- $VV\\WWW- $VV\\[[[- $VV\\^^^- $VV\\bbb- $VV\\eee- $VV\\iii- $VV\\mmm- $V%V%\\ppp- $%V/V/\%\ttt- $/V9V9\/\www- $9VCVC\9\{{{- $CVMVM\C\- $MVWVW\M\- $WVaVa\W\- $aVkVk\a\- $kVuVu\k\- $uVV\u\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $V V \\- $ VV\ \- $VV\\- $V)V)\\- $)V3V3\)\- $3V=V=\3\- $=VGVG\=\- $GVQVQ\G\- $QV[V[\Q\- $[VeVe\[\- $eVoVo\e\- $oVyVy\o\- $yVV\y\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $VV\\- $V#V#\\- $#V-V-\#\- $-V7V7\-\ $7VAVA\7\- $AVKVK\A\- $KVUVU\K\- $UV_V_\U\ $_ViVi\_\- $iVsVs\i\ $sV}V}\s\- $}VV\}\ $VV\\- $VV\\ $VV\\ $VV\\- $VV\\---&&&&g1&ww@ ww w0- &g& --I`-- @"Tahomaw@# rww w0- 33.+2 7jKaZaA: Behind the Scenes#!#"! !!!! .--aH-- 33@"Tahomaw@ ww w0- .'2 dShreeram Sahasrabudhe   . .!2 Lehigh University    . .2 Dsas4@  . .2 Dlehigh. . 2 D%.edu.--"System !w-&TNPP &՜.+,D՜.+,$    ~On-screen Shown-s0~S  Times New RomanTahoma WingdingsBlendsKaZaA: Behind the ScenesFasttrack networkWhy Fasttrack?What we know?Project Idea / Goals MethodologyInstall & Login ObservationsPowerPoint Presentation"Traffic Analysis and Observationsthe Traffic Stopped!#This is not the first of its kind. Queries?  Fonts UsedDesign Template Slide Titles , 8@ _PID_HLINKSA !http://www.projectfasttrack.com/http://www.rapidroad.tk/ _`pShreeramShreeram  !"#$%&'()*+,-./0123456789:;<=>?ABCDEFGHIJKLMNOPQRTUVWXYZ\]^_`abeRoot EntrydO)Pictures=Current User[SummaryInformation(@%PowerPoint Document(`DocumentSummaryInformation8S