Rodi

Download Rodi | Comment on Rodi | Rate Rodi

Rodi is a free open source project (GNU-GPL license). Currently only Java implementation is available. Rodi makes a promise to work from behind NATs and intelligent statefull firewalls. Rodi utilize DNS, RTP and HTTP tunneling to penetrate the firewalls. Rodi obfuscates IP protocols to work in the hostile environment where traffic shapers and traffic analyzers are installed. Rodi supports both Java applet and standalone application modes.

Rodi network provides some limited privacy features:

• In the network setup, where IP spoofing is possible Rodi client can use spoofed IP address.
• Seeds can use bouncers to hide identity

Being based on the ideas of Bitorrent Rodi provides:

• Multiple sources download
• Rarest block first
• Snubbing of leachers
• Torrent like files

Here is some very detailed infomation on Rodi and anonyminty:

Data distribution networks today provide only search in the file names (if any) and no content search. They were originally created for delivery of binary or un-searchable content. Rodi network functional requirements include context sensitive content search. Because Rodi is distributed network keyword rating and consequently search results can differ from publisher to publisher. One can view the Rodi network as a group of loosely related or completely unrelated search engines. Publishers belonging to the same Rodi House can use the same function when calculating keywords rate.

Existing search engines do not provide search in the previous versions of the index files like HTML, but only in the cached and supposedly recent version of the file. We argue that content of the Web is getting more and more dynamic and updated much more frequently than in the past. Rodi's functional requirements include file version manager which will support content searchs for previous versions of the file as well as in the current one.

Security is a huge problem for the existing bitTorrent network. In most cases BitTorrent trackers accept any client and in some cases the client must go through a registration procedure which is run by a regular WEB server before the client gains access to the tracker. Part of the registration procedure is saving client IP address which are assumed to be unique. Many questions immediately arise. It is not clear how the system can work if the client is protected by a proxy server and real IP address is invisible for any 3rd party. Also, what happens with dynamic IP addresses? How can the tracker assure that the current request is arrived from the client registered on the server and not from one with the same (faked?) IP address. How can the host make sure that request arrived from the authorized client? How can the client make sure that the host answering data request is authorized?

Traffic analysers use some simple rules based on IP address and port number to collect the statistics or even drop the packets if ISP's decide that the traffic is illegal or parasitic. In the more advanced analysers "deep inspection of packets, including the identification of layer-7 patterns and sequences" is supported. P2P network can use a simple encoding algorithm, for example XOR with long key. The strength of the scheme is regulated by the length of the key, frequent renewing and total number of keys. Let's assume that the length of the key is 1M characters, there are 1M different keys (hosts generate different keys for the published files). At this point a reliable analyzer is expected to store and actively use about 1T characters of keys. Let's also suggest that keys are made accessible for registered clients using different protocols, like E-Mail, FTP, HTTP, etc. Because normal high speed analysers are real-time embedded devices they can't reach the goal of collecting 1Tbytes of keys.

In the case of DDOS the solution is to use a network of friendly bouncers behind different ISP's using different types of equipment. This way DDOS will require more resources from the adversary than when attacking a single host and the adversary can not attack the publisher directly because the source IP of the arriving packets can not be relied upon. It comes with relatively low bandwidth costs on part of the bouncers, because Rodi streams data directly between participating nodes and only Rodi control messages routed by the bouncers. Publishers are expected to spoof IP source or use dynamic and ever changing IP addresses and ports known only to the bouncers.