Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I recently started my dynamic dns server, and I have not announced this address to anyone else yet, but I have so many hits.
Then, I have found out that my server is used for shareaza's network transfer point.
The number of hit is unbeliebably high!!
Does anyone know how I can prevent this from happening?
Is it possible that my server machine will get any virus from it?
Sorry, I am a total newbie, and I appreciate your help on this.
If so, I expect your machine is being used to route queries through the network. I believe this is the 'normal' operation for a Gnutella client and there's really nothing you can do about it.
You won't get a virus unless you download / run a program with a virus in it. You could of course be compromised by someone attempting to crack your machine based on the discovery of it in the routing information gleaned from the Gnutella traffic, but I'd say the likelihood of that is less than the likelihood of someone just hitting your machine randomly.
If you don't like the way Shareazaa works (it *does* suck up quite a bit of bandwidth just serving queries) you can always not run it..
I do not know much about shareasa, but I think it's P2P music sharing thing.
I use Linux Red Hat 8.0 for my server, and I do not have shareaza, but when I checked my traffic information, there was 25299 hits in one day, and the clients' agent was shareaza 1.8.1.1. Other clients are Mozilla and other browser, but their number of hits were nothing comparing with this 25299 in one day!
How can I stop this from happening?
I am using netgear rp614 router and apache as my http client.
It seems to be a gnutella thing.Don't know about this app but normally you set up how much bandwidth can be used for gnutella traffic - routing and stuff and how much for actual up/download.I don't know about hits and stuff with that network but edonkey usually reports about 30.000 sucessful connections in 24 hrs on my box.So it doesn't seem that high at all.
>I am using netgear rp614 router and apache as my http client.
Apache is your server, not your client. This is all traffic hitting your web server?
It's coming from people with a browser identification string of 'Shareazaa'? This is completely different from what we all thought.
What you have here is a bunch of people hitting your web server using the built-in browser in Shareazaa. Why, I don't know - you'll have an idea if you look for the page they're requesting. There's really not very much you can do about it, other than turning off your server (they'll still make the request to your machine regardless), or redirecting the page they're requesting to somewhere else (you'll still get the request to your machine).
I expect you've either inherited an IP address from someone else (who was running something related to Shareazaa) or your ip address / domain has been posted as one of interest somewhere on the internet (or within Sharazaa itself).
It happens... I once ran a Hotline server for personal use and friends. I had misconfigured it briefly when doing an upgrade and left the admin password at it's default. It was discovered and posted on a list of 'open servers'. For months after that I'd get hits on my server from people who'd got the list... there's really nothing you can do about it I'm afraid...
The Shareazza tag tells you only that your pages are being requested by people using Shareazaa's built in browser. It's no different than Mozilla (another browser) or IE (Windows built in browser).
I was surprised to see this in my web statistics as well. I had never heard of shareaza and I thought my system had been compromised; especially after noticing a high number of Cocos (Keeling) Islands hits. Who? Where?
Ironically, I too run RH 8.0, apache 2.0.40, and the box sits behind a RP614.
As SlickWilly explained, I don't think there is anything to be concerned about. I think this is all web traffic and is not dangerous. I can't see that anything on my system has been compromised or that there are any files being transfered.
Still, it is strange. If anyone knows anything else, please post it in this forum.
> Snojax
Great to know that you are also having the same issue, and I guess it's something that we cannot do anything about it.
It did not hurt my machine or anything, anyway.
I just want to ask you if you are using dynamic dns by using dyndns or any other services, and if you are using ddclient or any other dynamic dns client working with your RH8, apache, and netgear rp614 router, please let me know how you configured them, because I am having difficulties using ddclient as my client. I can use the router as my NAT dynamic dns client, but I prefer using ddclient, but it never works with me.
I checked this site http://freshmeat.net/projects/ddclie...50%2C152%2C253 and one guy talks about how to configure netgear rp614 with ddclient, but I am still having trouble configuring it.
Sorry that I am leading to the diffrent issues, but I hope this is a relavant issue to people.
This may be off the shareaza topic, but I do use a dynamic dns. I use Zoneedit and I wrote a script to update my IP address.
For dyndns, you may want to consider ez-ipupdateez-ipupdate. There are several examples in their forums to help you set up this program or write your own script. I think there is a specific dyndns example.
The problem with the RP614 is that you can't access the router to get the external IP address (at least I couldn't find out how to do it). So I use a site like Whatismyip to grab my IP (using wget) and write it to a file. Then the script checks my IP from this site and compares it to the file. I put this in my cron to run every 15 minutes. If the IPs are the same, nothing happens. If they are different, the script updates my new IP to Zoneedit.
I have never used dyndns, but I know it is pretty popular and that you shouldn't have too much trouble hacking up an example script to get your service to work.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.