gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
75325 Posts in 13189 Topics by 2636 Members - Latest Member: falcogiallo August 23, 2017, 04:23:46 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  WinMX World Community  |  Winmxworld.com Strategic Directions  |  Re: Attack discussion
gfx
gfxgfx
 

Author Topic: Re: Attack discussion  (Read 6435 times)

0 Members and 1 Guest are viewing this topic.

Offline RebelMX

  • Core
  • *****
  • *****
Re: Attack discussion
« on: November 09, 2012, 08:42:44 pm »
Sorry but the client is not being used to attack the network.  The client itself WinMX.exe has no place in the attackers toolset quite clearly.  They have created a modified client (similar to the clone being created) that performs the attacks.  Why they would create a program to inject info/packet data into the WinMX.exe before letting the client send it makes no sense when they can modify and send the data themselves directly.  Much more efficient and prevents fall downs, as well as allowing easier function calls and passing of data from function to function.  Perhaps I give them too much credit and they are indeed injecting data into the client, however as it was KM who appears to have written the software attacking the network (whether it be him actually using it at this or any other time or not) who had access to the entire protocol documentation and had previously written clients I would assume he would had modified something like WCB or whatever to do as he wanted.

As for supporting the old protocol, you will have to to maintain a network to begin with, and thus hard work will have already gone into creating a clone whereby the functions work correctly to support the old network.  Removing those will no doubt cause some bugs to develop, so testing will be needed to fix those, as well as thorough testing of the new protocols.  IMO the benefits (if any) of removing the old protocol (perhaps reducing the size of the new exe) are far outweighed by the potential catastrophe of opening up and creating bugs in what was a solid and stable client.  As the old network dies off, the section of the new client that supports it will become redundant and just sit doing nothing anyway, it's not like its actually using any bandwidth or causing the user any problems, and most if not all users won't know if it is or isn't left in anyway.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Re: Attack discussion
« Reply #1 on: November 09, 2012, 09:21:21 pm »
I,m puzzled RebelMX, surely you understand that the clients form the network and thus by definition of what I posted do in fact take part in all and every network level attack.

I have no clue why you wish to mislead folks but from what you have posted I have no alternative but to put the matter straight.

For those who would like further information see here

http://www.winmxworld.com/tutorials/wpn.html

A nicer version can also be found here.

http://mxcentral.winmxworld.com/index2.html

click on the article entitled "The WinMX Peer Network Explained"

Offline achilles

  • Core
  • *****
Re: Re: Attack discussion
« Reply #2 on: November 09, 2012, 11:24:51 pm »
Rebel, even if you are right then it's still the protocols that are flawed, and being exploited. Are you saying the tool would technically be classified as a modified client since it plugs into the network independent of WinMx. So you believe it does not inject info/packet data into the WinMx client itself or the WinMx.exe. Instead it injects it into the network independent of the WinMx client, and the WinMx client just facilitates the attacks by passing the attackers packets around the network. Whether it's a tool or a client they have created injects directly into the client or directly into the network without using the client will make no difference in the course that has to be taken to fix the problem. The network currently uses unsecure protocols, and will have to be updated. A new client is the only course of action for a long term fix regardless if Rebel or GS is right. It makes no difference. A new network is need. Not a new patch.
I'm a Hardware, and Cyber Security Guy.

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Re: Attack discussion
« Reply #3 on: November 10, 2012, 01:02:24 am »
if a protocol is broken its patched... if its so broken it cant be patched its replaced....

keeping the old protocol in play will leave the same lethal bugs we have now in the open.. new protocol fixes the bugs while being transparent to the users...

Offline RebelMX

  • Core
  • *****
  • *****
Re: Re: Attack discussion
« Reply #4 on: November 10, 2012, 09:16:05 pm »
New protocol doesn't fix anything.  The only way to fix the attacks is to validate each packet.  I'm fed up trying to explain how things work when noone is happy to listen.  And GS the WinMX client is not helping to attack the network any more than it facilitates search results.  All the client does is pass on packets.  It cannot tell which are true and which are false so it passes all onwards.  Therefore any user (think back to Josh and the tests he completed) can "inject" or send a packet and it will end up circulating the network, thats not an attack.

All I will say is good luck with the client but I still disagree that it was or is the only route possible to fix the network.  If thats the course of action then go for it, but dont try and pretend that the attacks on the network mean that the WinMX client is completely redundant.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Re: Attack discussion
« Reply #5 on: November 11, 2012, 01:15:55 pm »
I await your practical solution RebelMX, as its clear your unwilling to do anything but talk about how easy it is for others to do things which are great in theory but near impossible in reality.

Tbh I feel its a waste of my time also explaining to you things that I know you fully understand the theory of but seem to have little to no idea of implementational issues arising from any theoretical conclusions.

If you cannot create a solution please have the decency to step aside for those that will, that said I have no clue aside from maybe having to rework your chat server mods why you are not looking to work at improving our lot, as I explained in another parallel thread in the core section the problems are fairly well  known and the solution of a new client was proposed to allow for the future ability to change the network architecture and security mechanisms as well as support ipv6, if this is not your path then that's fine but letting folks here feel that you are all hot under the collar because others don't agree with your specific route is a dangerous avenue for you to take, why do you think these topics exist on the forum , could it be because others want a say and have their great ideas that they wish to impart and add their two cents on ?

Btw please stop paraphrasing what is said to imply what we have said is as simple as you have implied, its rude and its wrong, for instance we have never said the only way ahead is to change everything in fact if you take the time to look back we have asked for input all the way back since the attacks started and are still actively looking at many solutions, including a complete protocol rewrite but more likely a semi rewrite with a new security overlay, none of your claims reflect any of this and thus I can only suggest you have an ulterior motive for simplifying matters to look different to the reality, you of course know what that is but I am aggrieved to waste time arguing with someone who claims that making a patch to fix the network is trivial but offers nothing practical to back up his claims, the proof of the pudding is in the eating.



 


Offline Bluey_412

  • Forum Member
  • I'm Watching...
Re: Re: Attack discussion
« Reply #6 on: November 11, 2012, 01:26:47 pm »
I can see both sides of the argument, and, regardless of whether KM et-al are injecting via the existing client, messy and inefficient as pointed out, or they are using their own modified client (more efficient) the fact is disruption is being done. Their work may be nasty to us, but even their coding should be efficient, so it conserves bandwidth, processing power, etc, etc

Richy has the viewpoint of a hacker, for which I salute him, and using a different paradigm, can see what's going on

I used to support the idea of keeping the old whatever so that users would have an opportunity to 'Transition' from the old to the new, but the determination of the attackers makes me look more toward the idea of a clean break

Some warning that the new client is coming, via the status bar, and to be ready for it from DD:MM:YYYY can be given, then, cut...

If that means that some users find no connection and wonder why, maybe a fixed message on the old client status bar can tell them, game over, visit winmxconnex to get the new client and reconnect. I suspect though, that most are aware that something IS coming and they are waiting, while continuing to use the old winmx

Yes, having a compatibility limb sitting there doing nothing would not hurt, but likely the percent of users stubbornly refusing to update would diminish very quickly, so likely the need for support for the old client/protocol isn't justified or needed

The Pr0n floggers and all the rest with less-than-savoury traffic will find their way, especially as word spreads, like it or not, they have their own little 'communities',and some do support their trash with some more pleasant niceties.

(Browsing my queue has often revealed thousands of such items, but with some pleasing classical music hidden among the trash)
What you think is important is rarely urgent
But what you think is Urgent is rarely important

Just remember that...

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Re: Attack discussion
« Reply #7 on: November 11, 2012, 02:01:40 pm »
I,m not sure where the red herring of whats being used to originate the attack on the network comes from I haven't mentioned it so I'm not sure what its relevance is here, its yet another example of what I just posted about a simple technique called "paraphrasing' where you imply others have posted things that never where, its wrong and its rude.

What I and all others who know how the WPN works know is simply this:
This is a decentralised network made up of user clients and the protocol is used to route all traffic across it and  control the network in most areas, the protocol has some jumbo holes in it due to having its security mechanisms revealed to the world by one shameless ex community member who left and decided that he hadn't been missed enough so maliciously set out to reveal damaging information, there are no sides here the facts are the facts, if anyone wants to debate those please start another thread and I,ll tear down any false constructs one after the other, I don't agree with misleading users with false claims nor with giving them half the truth when the full truth is necessary for them to make informed choices, they in turn rely on me and others to be honest in our words and transparent in our deeds, I just wish others would stop making unhelpful drama and get to helping the community instead of playing distraction politics, if I have said something then they will I hope be happy to quote it, if I haven't then stop pretending that whats been posted was what was said here, its childish.

Offline RebelMX

  • Core
  • *****
  • *****
Re: Re: Attack discussion
« Reply #8 on: November 11, 2012, 05:31:49 pm »
With its ability to be used as an attack tool by unscrupulous programmers/developers I would suggest we not support the older clients for any real length of time as to do so defeats the point of rebuilding the client in many respects.
This post here is a clear comment that the older client is "used as an attack tool" when as we established is not the point at all.  The attack tool is likely to be a completely seperate program written to access the network and perform certain actions.  Therefore to quote that the old client is actually the fault of the attacks is incorrect.  It is facilitating the attacks by passing on traffic, the same as it does for real and proper network traffic.  This is why a consideration needs to be given as to how the attacks are performed as you are calling for an entire programme to be disallowed from the new network based on a false understanding (or, as you know that the client isn't performing the attacks, perhaps its a desire for the old client to be made redundant to ensure the take up of the new client is higher?).I don't know why you would imply that (A) I am making things up when its in black and white for all to see that your calling for the old client to be prevented from accessing the new network (new network is exactly what this will be if that is the action undertaken) and (B) for trying to prevent both backwards compatibility or the ability to allow the old client to access the new network using a patch to convert old packets into the new format thus being able to join in.

*me waits for some ridiculous reply about taking out of context or misunderstanding your post or something* it says exactly what you have been thinking doesn't it?

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Re: Attack discussion
« Reply #9 on: November 11, 2012, 06:17:38 pm »
Quote
when as we established is not the point at all.

That is your opinion and no one elses, to make claim we all agreed is lying RebelMX.

Quote
It is facilitating the attacks by passing on traffic, the same as it does for real and proper network traffic.

Correct.

Quote
This is why a consideration needs to be given as to how the attacks are performed

Consideration is being given to that matter even at this late stage as made clear in 3 posts by myself now.

 
Quote
its in black and white for all to see to see that your calling for the old client to be prevented from accessing the new network


Perhaps if you bothered reading instead of seeing conspiracy at every turn you might well have comprehended what the debate here comes down to, its this simple do we look ahead or do we allow naysayers like yourself with an as yet undeclared but plain to see bias to hold back the whole upgrade program simply because your unable to comprehend  how to update the modified WCS you release from your own site, I didn't want to have to say that openly but from your posts its clear your in no rush to be honest here with your reasons so one of us had to speak of your concern.

I pity you I really do, you are plainly in my opinion allowing your needs to be placed before the needs of the network and its users, I on the other hand am asking for feedback and input along with Will to ensure we have the best solution before anything is finalised, its just a shame you talk of solutions but deliver none and all simply because the situation might arrive when your server is redundant, once again your wants seem to leap ahead of those of the community whereas when the code is solid our efforts will become the property of the community, I think that makes it clear where we are coming from, its just a shame you don't wish to give to the community but instead make sly remarks while doing nothing.

If you don't want the path your suggesting is our path from being the case then use the forum to put forward some details of why your plan is the best, its what everyone else has been asked to do and they all seem happy with that democratic method.



Offline achilles

  • Core
  • *****
Re: Re: Attack discussion
« Reply #10 on: November 11, 2012, 07:41:43 pm »
A new network is needed in order to remove all the limitations we were stuck with in the old client. If someone is going to spend thousands of hours coding then it only makes since to update the protocols to remove those limitations. I don't know anyone that does not want to see the 2gb file cap removed that shares files on the network. The hash algorithm has to be changed to support that. The old client's hash algorithm cannot be changed because we do not have the source code. If the new client uses MD5, or SHA then how can the old client be made to support a network using a different hash algorithm?  Also why should legacy support be continued when it's security is so flawed? These have to be addressed in the new client if WinMx is going to have a future. Rebel, maybe you can figure out a way to make the old client able to use the new network with it's limited usability. No one will want to use the old client for the purpose of sharing files because it does not work.
I'm a Hardware, and Cyber Security Guy.

Offline RebelMX

  • Core
  • *****
  • *****
Re: Attack discussion
« Reply #11 on: November 12, 2012, 08:22:51 pm »
The update to WCS or any other server is simple.  It would involve changing the packet contents of just 1 packet (potentially adding another depending on how you guys modify the network protocol).  So using that as an attempt to justify my disagreement with you is poor.  You of all people should know that I'm more than proficient at writing let alone modifying a couple of packets.  Having written parts of standalone clients from scratch and working to assist some members of WMW with programming knowledge its laughable for you to claim I cannot fix this issue.  The question is GS can you?

My concerns are more to do with the reasons behind the need to completely disown the entire client and protocol that is the basis of this network.  There are perfectly working parts and once the new network protocol is designed and published (be it in src or docs) I will likely create a patch for the old client to prove that the client can operate on the new network without problems, whether people want to use it or not.  That is my prerogative, and until you have a working clone client there is nothing of any substance from you either.  Bearing in mind the majority (if not almost all) of the coding has been completed by a seperate individual in his own time, you can't claim to have delivered anything either.  Create a clone with fixed protocols, then worry about getting hopes up about new features and fixes.  Not try and keep the community onboard by offering to include items when yet there is no full client to even see what people like or dislike.  I appreciate the work Will has put into the client, but the "media" element that you play adds nothnig to the project and serves to heighten peoples hopes that it will be complete yesterday.

Finally, I haven't forced you to follow any of "my" plans, I have suggested reasons why it wouldn't be best to drop the entire old network in one go.  Understanding both the networks operation and having various ideas as to how sections of code will likely have been written, as well as knowing how coming back to a project that works perfectly and dropping sections out can be a pain for programmers I was offering my observations to Will and the community about how best to maintain backwards compatibility without creating bugs loopholes and other issues in the future.

@Achilles: The old client works perfectly, it does exactly what it was written to do, which is share files, pass on packets and enter chat rooms.  The issue is there is a small flaw which has been heavily exploited by a few individuals.  When (note I don't say if) the new protocol is written, a simple patch can be added which will allow the old client to work on the new protocols.  Passing the info needed to the client itself and interpreting the bits between the client and the new network.  This is the reason I state that the old client is operating perfectly.  The priority should be to have a working client that operates exactly as WinMX does.  If it has fixes for the security issues all very well.  Once that is up and running then lets worry about limitations and extra features, we are all talking about running before we can even walk.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Attack discussion
« Reply #12 on: November 12, 2012, 09:09:54 pm »
I see you talk from ignorance yet again RebelMX, I at least understand nothing I type here will unblinker you thus I see no point in yet again wasting a lot of useful time attempting to do so.
Please read what I have posted and then it may once again become clear to you what the way ahead is.

I once again challenge you to do something for the community rather than denigrating the work of others that you haven't even seen, those that have are more than happy with the work being shown to them.

When your willing to do something more than waste the time of those actually doing something then I'll pay you some further attention.

My apologies to the rest of you for being blunt with RebelMX its just irritating to have a guy whom has been helped to see how the wpn works using documentation written by myself and then he come across to me as an expert on the matter, its rather insulting for him to assume firstly that I have written no code and secondly that he is an expert on something yet has shared nothing to prove such with anyone unlike myself, I have spent months of time examining different protocols and network security mechanisms and thus I hope I speak with some kind of authority when it comes to such discussions.
Thank you all for your understanding.

Offline achilles

  • Core
  • *****
Re: Re: Attack discussion
« Reply #13 on: November 13, 2012, 12:25:32 am »
The priority should be to have a working client that operates exactly as WinMX does.  If it has fixes for the security issues all very well.  Once that is up and running then lets worry about limitations and extra features, we are all talking about running before we can even walk.
Rebel, the 2gb file cap should be eliminated now. The hash algorithm should be changed now to support the removal of the file cap. It makes no sense to code those limitations back into a new client that is being written from scratch. I don't know why any coder would want to spend so many hours coding certain parts of the client only to have to completely rewrite them again shortly after releasing the client. Those are areas of the client you yourself said you have not researched, and know little about. Those things should be changed now rather than latter to save a lot of extra work, and for the good of progress in general. Its also for that very same reason that some of the protocols should be changed now to make it possible to remove the 2gb file cap. Changing them later will double the coder's work. The file sharing functionality of the client is as important to many users as the chat functionality of the client is to you.
I'm a Hardware, and Cyber Security Guy.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Attack discussion
« Reply #14 on: November 13, 2012, 12:34:18 am »
In that list I would also be happy to see how RebelMX is going to deal with the IPV6 changes when that too is going to break the current WPN protocol  :/

Re: Re: Attack discussion
« Reply #15 on: November 13, 2012, 01:12:22 am »
Just a quick redirect in relation to some of the comments made.

As most people would know who have been following the issue, a working pre-alpha has been released to a select group of testers from various groups around the community. Any suggestion that the dev team or that Ghostship, who is part of the dev team, have delivered/achieved nothing is incorrect.

I don't profess to know which members of WMW rebel is referring to who he has help with programming knowledge. As most of you know I'm not a tech guy. As such I don't have a full understanding of the technical aspects of winmx. In seeking to understand the effects and operation of various aspects of winmx I often consult with community members, many are not part of wmw and many of those are openly critical of wmw. RebelMX has been one of those so perhaps he is referring to myself.

Suggesting that the media role Ghostship plays in the project adds nothing is both rude and misinformed. Most would notice that the topic was started by a community member to discuss ideas and shortly after hijacked to the point it needed to be split. It was not started by Ghostship as part of any media role he plays in the project, nor have most of the other discussions. Ghostship facilitates communication from the dev team to the community, mostly through this forum. To suggest this adds nothing would be to suggest that the communication between the community and the dev team adds nothing to the project when it is actually something of great importance.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Attack discussion
« Reply #16 on: November 14, 2012, 03:47:59 am »
Cheers for putting matters back on the rails Silicon, tbh I am just as eager as the rest of the community to get the client released but on the other hand I know theres little point to offer something that's broken from day one so that's why the users ideas and feedback are vital now development has reached the stage of upgrading and modifying the network to be safer and less open to abuse we do have something in the bag to build on as was the original plan but its not yet the best it can be, but it certainly exists and it will get better and better each time until its ready.

Now where have the rest of the folks with ideas got to ???

Offline White Stripes

  • Core
  • *****
  • ***
  • Je suis aimé
Re: Re: Attack discussion
« Reply #17 on: November 14, 2012, 04:01:52 am »
i think the other folks with ideas are in hiding :(

when will we see a public beta? it may not be fully ready yet but at least we could test the waters...


Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Attack discussion
« Reply #18 on: November 14, 2012, 04:33:13 am »
One of the issues with a general release is that if we havent tested it as thoroughly as we should have we could inadvertantly make matters worse by leaving in something thats not supposed to be on show to the end user as occured in an earlier test release in the search window, I think you know the one  :oops:

The developers are doing their best but as always they do only want the best for the users also and I hope that they can hold on till we can deliver something spectacular and safe.

Re: Re: Attack discussion
« Reply #19 on: November 14, 2012, 04:50:26 am »
The ideas should be going in the other topic for new client suggestions which this topic was split from

WinMX World :: Forum  |  WinMX World Community  |  Winmxworld.com Strategic Directions  |  Re: Attack discussion
 

gfxgfx
gfx
©2005-2017 WinMXWorld.com. All rights reserved.
SMF 2.0.14 | SMF © 2017, Simple Machines
Page created in 0.053 seconds with 18 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!