-----Original Message----- From: Salvatore Sferrazza Date: 11/5/04 17:35 To: [EMAIL PROTECTED] Subj: [nyc-g33ks] Overpeer / Open AP traffic
Fellow G33ks, I run an open nycwireless wi-fi AP out of my apartment that gets a decent amount of traffic, presumably from people inside my building. I occasionally monitor and spot-check traffic out of the access point, as any admin would. I often see various P2P traffic patterns and such, along with plenty of traffic to Speedera and Akamai sites. However today I saw quite a bit of unidentifiable TCP traffic from several netblocks owned by Overpeer. >From their website: -- Overpeer, a Loudeye company, provides a full suite of data mining, anti-piracy and promotional solutions for major record labels, film studios, television networks, game publishers, and software companies. Built on a proprietary technology platform, Overpeer enables companies to generate comprehensive, real time reports on digital media usage, block unauthorized digital media transmissions and convert illicit downloads into actual media sales. -- Interesting stuff. Now what I am wondering is: * Does the particular wi-fi client generating this traffic have some sort of virus that does this p2p spying when he uses kazaa, gnutella, bittorrent, etc? Anyone know how this Overpeer stuff works? * Are the feds gonna subpoena or worse, kick in the door on me at 3:00 am to seize my machines? Of course I am being overly paranoid here, but y'know.. This should spawn some interesting discussion at least. The specific IPs observed were: 216.74.172.158 216.74.172.159 216.74.172.162 216.74.172.199 216.74.172.3 64.14.61.75 64.14.61.87 The particular traffic pattern observed was the wi-fi client generating persistent traffic (many small packets) to multiple ports on each one of those IP's. I used pktstat for monitoring. Similar to ntop, but I like it better. Thoughts? Sal _______________________________________________ NYC-Geeks mailing list [EMAIL PROTECTED] http://lists.thestonecutters.net/mailman/listinfo/nyc-geeks -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/
