On Tue, 20 Aug 2002, Bob Tanner wrote: > > Ok, how is a gnutella expert? > > How about a tclug-RIAA-honeypot rpm and deb? > > Need some backend code to generate fake mp3s with the right names and length, > and some way to report the hits on the honeypot. > I think these are an important first step. Next couple questions, what other ISP's in the country are looking at this as a possible service to their customers, and can a database similar to the sendmail dnsbl be setup that would allow ISP's to share info between themselves on IPs that are running attacks. This could grow into a much larger protection environment than just RIAA ( but stopping the RIAA would be the most fun) other tech issues that come to mind, the RIAA isn't the only people that scan for hosts via gnutella, and then come looking for exploits, (see firewall log while running any gnutella client) an automated system like this would quickly have the dhcp addresses from most ISPs in the blacklist. these ranges would need to be exempt. ( or only blocked for a period of time) if this doesn't make sense, it's cause it's 5:00 AM. whaddayado? http://www.linuxsnob.com