The current state of anonymous file-sharing - Marc's Blog
The current state of anonymous file-sharing - Marc's Blog
The current state of anonymous file-sharing - Marc's Blog
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
4.3 eDonkey<br />
<strong>The</strong> eDonkey Network came into existence with the "eDonkey2000" client by a com-<br />
pany called Metamachine. After some time there were several open-source Clients that<br />
had been created by reverse-engineering the network. Especially a client called "Emule"<br />
gained popularity and soon was the major client in the network with a thriving developer<br />
community creating modified versions <strong>of</strong> the main emule client that introduced lots <strong>of</strong><br />
new features.<br />
<strong>The</strong> eDonkey network, unlike the Bittorrent network, is a "real" network. It is fully<br />
searchable and information about <strong>file</strong>s on the network can therefor be gathered without<br />
the need <strong>of</strong> any metadata besides the <strong>file</strong>s name.<br />
4.3.1 Joining the network<br />
To join the edonkey network, there are 2 basic possibilities:<br />
1. Connecting using an eDonkey Server<br />
2. Connecting using the Kademlia DHT<br />
<strong>The</strong> concept <strong>of</strong> eDonkey Servers was the "original" way to connect to the network and<br />
already implemented in the original eDonkey2000 client. <strong>The</strong>re are a lot <strong>of</strong> public servers<br />
available which are interconnected and able forward search requests and answers to one<br />
another.<br />
<strong>The</strong> Kademlia DHT was integrated in an application called ”Overnet” by the creators<br />
<strong>of</strong> the original eDonkey2000 client and later on by EMule clients. It has to be noted<br />
that although they both used the same DHT algorithm, these networks are incompatible<br />
with one another.<br />
On an interesting side note: As <strong>of</strong> 16 October 2007 the Overnet Protocol was still being<br />
used by the Storm botnet for communication between infected machines. For more infor-<br />
mation on the ”Storm Worm”, I recommend reading A Multi-perspective Analysis <strong>of</strong> the<br />
Storm (Peacomm) Worm by Phillip Porras and Hassen Sa¨ıdi and Vinod Yegneswaran<br />
<strong>of</strong> the Computer Science Laboratory [25].<br />
4.3.2 File identification<br />
Files inside the eDonkey network are identified by a so called "ed2k hash" and usually<br />
are exchanged as a string looking like this:<br />
15