> I am wondering what P2P clients are capable of displaying the source IP > address of the client sharing files
Most of the Gnutella P2P clients will allow you to see what IP a file is being shared from. However, I've found that this gets tedious really fast. What OS(s) do you have at your disposal? I can suggest some clients based on that. > more importantly, how I can do a P2P search for any files coming from a > particular source IP address/range? At present, I've been doing port sweeps with nmap (6346 & 6347 and sometimes 80) to see if a host is running a gnutella client within a specific IP range. From there, simply connect to the IP to see what files they are sharing. With some scripts, I've been able to make this process OKish. Larry and I had a brainstorming session on what our next steps are to smooth out the rough parts of p2p discovery work. We're in requirements gathering/refinement on a proof-of-concept white hat tool which should help ease some P2P concerns. So if you have any suggestions, do let us know. Danke! Merci! Asanti! - Mick On Thu, Oct 8, 2009 at 8:42 AM, Brian Judd <[email protected]> wrote: > Back in show 154, there was a great presentation on using P2P to discover > information. One of the guys made a comment about using P2P during > penetration testing and audits to discover information leakage. I am > wondering what P2P clients are capable of displaying the source IP address > of the client sharing files or more importantly, how I can do a P2P search > for any files coming from a particular source IP address/range? > > > > I have three class C blocks of public IP addresses that I would like to > determine whether any are being used to share files. > > > > Thanks. > > > > Brian > > This message (including any attachments) may contain confidential > information and is intended only for the individual to which it is > addressed. If you are not the intended recipient, please delete this message > and contact the sender. You are also hereby notified that any review, > disclosure, copying, or distribution of this message, or the taking of any > action based on it, is prohibited. > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
