Kad network
The Kad network is a peer-to-peer (P2P) network which implements the Kademlia P2P overlay protocol.[1] The majority of users on the Kad Network are also connected to servers on the eDonkey network, and Kad Network clients typically query known nodes on the eDonkey network in order to find an initial node on the Kad network.
Usage
The Kad network uses a UDP-based protocol to:
- Find sources for eD2k hashes.
- Search for eD2k hashes based on keywords in the file name.
- Find comments and ratings for files (hashes).
- Provide buddy services for firewalled (Low ID) nodes.
- Store locations, comments and (keywords out of) filenames.
Note that the Kad network is not used to actually transfer files across the P2P network. Instead, when a file transfer is initiated, clients connect directly to each other (using the standard public IP network). This traffic is susceptible to blocking/shaping/tracking by an ISP or any other opportunistic middle-man.
As with all decentralized networks, the Kad network requires no official or common servers. As such, it cannot be disabled by shutting down a given subset of key nodes. While the decentralization of the network prevents a simple shut-down, traffic analysis and deep packet inspection will more readily identify the traffic as P2P due to the high variable-destination packet throughput. The large packet volume typically causes a reduction in available CPU and/or network resources usually associated with P2P traffic.
Clients
Client Search
The Kad network supports searching of files by name and a number of secondary characteristics such as size, extension, bit-rate, and more. Features vary based on client used.
Major Clients
Only a few major clients currently support the Kad network implementation. However, they comprise over 80% of the user base and are probably closer to 95% of ed2k installations.
- eMule: An open source Windows client which is the most popular, with 80% of network users. It also runs on Linux using the Wine libraries.
- There are a number of minor variants, or forks, of eMule which support the same basic features as eMule itself. They include: aMule (A Linux client similar to eMule) and eMule Mods (not eMule Plus), possibly others.
- aMule: An open source client popular among Linux Operating Systems. Currently aMule (officially) supports a wide variety of platforms and operating systems.
- MLDonkey: An open source, cross-platform client that runs on many platforms and supports numerous other file-sharing protocols as well.
- iMule: An anonymous, open source, cross-platform client. Supports only the Kad network and I2P network. eDonkey network has been dropped.
Malware/Virus
- TDL-4: A botnet virus that is reported[2] to use this network as a backup for updates and new instructions if its Command and Control servers are taken down.
See also
References
- ↑ Wang, Peng; Tyra, James; Chain-Tin, Eric; Malchow, Tyson; Foo Kune, Denis; Hopper, Nicholas; Kim, Yongdae (September 2008). "Attacking the Kad Network" (PDF). SecureComm.
- ↑ "Botnet access to the Kad network". SecureList. Retrieved 30 June 2011.