> That is, until now. For my colleagues have found a new p2p client to > wreck havoc on our DSL line: ARES/WAREZ It seems to be a gnuttela > clone, but different enouph for ipp2p not to identify it. It just looks like a clone but protocol does not seem to match. But I just had a quick view at the network dump. > I played around a bit with tcpflow with no success of finding > something that could be taken as a positivie signature in its headers. Well, they use at least for the search a HTTP-like request I guess we cannot differ from a regular HTTP request. > Is there any info of this new p2p network ? Any open soure client ? > Something that could be used to reverse engineer (at least partially) > its protocol ? One suggestion: drop all traffic from and to matches.warezclient.com (66.45.237.99) - maybe this will help. Regards -- Supergünstige DSL-Tarife + WLAN-Router für 0,- EUR* Jetzt zu GMX wechseln und sparen http://www.gmx.net/de/go/dsl _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
