Jump to content

Direct Connect (protocol)

From Wikipedia, the free encyclopedia

Direct Connect (DC) is a peer-to-peer file sharing protocol. Direct Connect clients connect to a central hub and can download files directly from one another. Advanced Direct Connect can be considered a successor protocol.

Hubs feature a list of clients or users connected to them. Users can search for files and download them from other clients, as well as chat with other users.


NeoModus was started as a company funded by the adware "Direct Connect" by Jon Hess in November, 1999 while he was in high school.[1]

The first third-party client was called "DClite", which never fully supported the file sharing aspects of the protocol. Hess released a new version of Direct Connect, requiring a simple encryption key to initiate a connection, locking out third-party clients. The encryption key was cracked, and the author of DClite released a new version of DClite compatible with the new software from NeoModus. Some time after, DClite was rewritten as Open Direct Connect with the purpose of having an MDI user interface and using plug-ins for file sharing protocols (similar to MLDonkey). Open Direct Connect also did not have complete support for the full file sharing aspects of the protocol, but a port to Java, however, did. Later on, other clients such as DCTC (Direct Connect Text Client) and DC++ became popular.

The DCDev archive[2] contains discussions of protocol changes for development of DC in the years 2003–2005.


The Direct Connect protocol is a text-based computer protocol, in which commands and their information are sent in clear text, without encryption in original NeoModus software (encryption is available as a protocol extension). Clients connect to a central server acting as a "hub". This hub provides content discovery and allows clients to negotiate direct connections between each other for transferring content. Since this central hub only deals with metadata, it does not have anywhere near the same bandwidth requirements as if it also had been serving the content itself; an estimate shows that handling 1000 users would require about 2.5 mbit/s of bandwidth.[3]

There is no official specification of the protocol, meaning that every client and hub (besides the original NeoModus client and hub) has been forced to reverse engineer the information. As such, any protocol specification this article may reference is likely inaccurate and/or incomplete.[4]

The client-server (as well as client-client, where one client acts as "server") aspect of the protocol stipulates that the server respond first when a connection is being made. For example, when a client connects to a hub's socket, the hub is first to respond to the client.

The protocol lacks a specified default character encoding for clients or hubs. The original client and hub use ASCII encoding instead of that of the Operating system. This allows migration to UTF-8 encoding in newer software.

Port 411 is the default port for hubs, and 412 for client-to-client connections. If either of these ports are already in use, the port number is incremented until the number of a free port is found for use. For example, if 411, 412 and 413 are in use, then port 414 will be used.

Hub addresses are in the following form: dchub://example.com[:411], where 411 is an optional port.

There is no global identification scheme; instead, users are identified with their nickname on a hub-to-hub basis.

An incoming request for a client-client connection cannot be linked with an actual connection.[5]

A search result cannot be linked with a particular search.[6]

The ability to kick or move (redirect) a user to another hub is supported by the protocol. If a user is kicked, the hub is not required to give that user a specific reason, and there is no restriction on where a user can be redirected to. However, if another client in power instructs the hub to kick, that client may send out a notification message before doing so. Redirecting a user must be accompanied by a reason. There is no HTTP referer equivalent.

Hubs may send out user commands to clients. These commands are only raw protocol commands and are used mostly for making a particular task simpler. For example, the hub cannot send a user command that will trigger the default browser to visit a website. It can, however, add the command "+rules" (where '+' indicates to the hub that it's a command - this may vary) to display the hub's rules.

The peer-to-peer part of the protocol is based on a concept of "slots" (similar to number of open positions for a job). These slots denote the number of people that are allowed to download from a user at any given time and are controlled by the client.

In client-to-client connections, the parties generate a random number to see who should be allowed to download first, and the client with the greater number wins.

Transporting downloads and connecting to the hub requires TCP, while active searches use UDP.

There are two kinds of modes a user can be in: either "active" or "passive" mode. Clients using active mode can download from anyone else on the network, while clients using passive mode users can only download from active users. In NeoModus Direct Connect, passive mode users receive other passive mode users' search results, but the user will not be able to download anything. In DC++, users will not receive those search results. In NeoModus Direct Connect, all users will be sent at most five search results per query. If a user has searched, DC++ will respond with ten search results when the user is in active mode and five when the user is in passive mode. Passive clients will be sent search results through the hub, while active clients will receive the results directly.

Protocol delimiters are "$", "|", and U+0020   SPACE. Protocol have for them (and few others) escape sequence and most software use them correctly in login (Lock to Key) sequence. For some reason that escape sequence was ignored by DC++ developers and they use HTML equivalent if these characters are to be viewed by the user.

Continued interest exists in features such as ratings and language packs. The authors of DC++ also proposed a complete replacement of the Direct Connect protocol called ADC, or unofficially, Advanced Direct Connect. ADC uses the same network topology, concepts, and terminology as the original protocol.[7]

One example of an added feature to the protocol, in comparison with the original protocol, is the broadcasting of Tiger-Tree Hashing of shared files (TTH). The advantages of this include verifying that a file is downloaded correctly, and the ability to find files independently of their names.

Direct Connect used for DDoS attacks[edit]

As the protocol allows hubs to redirect users to other hubs, malicious hubs have redirected users to places other than real Direct Connect hubs, effectively causing a Distributed Denial of Service attack. The hubs may alter the IP in client to client connections, pointing to a potential victim.[8][9][10]

The CTM Exploit surfaced in 2006–2007, during which period the whole Direct Connect network suffered from DDoS attacks.[11][12] The situation prompted developers to take security issues more seriously.[13]

As of February 2009,[14][15][16][17][12] an extension for clients was proposed in order for the attacked party to find out the hub sending the connecting users.

Direct Connect Network Foundation[edit]

The Direct Connect Network Foundation (DCNF) is a non-profit organization registered in Sweden that aims to improve the DC network by improving software, protocols and other services in the network.[18]

Articles and papers[edit]

The DCNF maintains a list of articles, papers and more documentation that relate to DC.[19]

See also[edit]


  1. ^ Annalee Newitz (July 2001). "Sharing the Data". Metro, Silicon Valley's Weekly Newspaper. Metro Publishing Inc. Archived from the original on 2021-01-21. Retrieved 2006-10-16.
  2. ^ The DCDev archive Archived 2016-12-20 at the Wayback Machine
  3. ^ Fredrik Ullner (April 2007). "Command and bandwidth estimations in NMDC". DC++: Just These Guys, Ya Know?. Archived from the original on 2007-10-16. Retrieved 2007-07-27.
  4. ^ "NMDC Protocol". Nmdc.sourceforge.net. Archived from the original on 2017-02-10. Retrieved 2016-12-04.
  5. ^ "CTM tokens in ADC (or why the NMDC protocol is terrible, part 2)". DC++: Just These Guys, Ya Know?. August 2007. Archived from the original on 2007-10-15. Retrieved 2007-10-07.
  6. ^ Todd Pederzani (June 2006). "Filtering Redux". DC++: Just These Guys, Ya Know?. Archived from the original on 2007-10-15. Retrieved 2007-08-31.
  7. ^ Jacek Sieka and Fredrik Ullner (January 2019). "ADC Protocol". DCNF. Archived from the original on 2020-12-01. Retrieved 2020-12-21.
  8. ^ Paul Sop (May 2007). "Prolexic Distributed Denial of Service Attack Alert". Prolexic Technologies Inc. Prolexic Technologies Inc. Archived from the original on 2007-08-03. Retrieved 2007-08-22.
  9. ^ Robert Lemos (May 2007). "Peer-to-peer networks co-opted for DOS attacks". SecurityFocus. Archived from the original on 2015-09-24. Retrieved 2007-08-22.
  10. ^ Fredrik Ullner (May 2007). "Denying distributed attacks". DC++: Just These Guys, Ya Know?. Archived from the original on 2016-03-15. Retrieved 2007-08-22.
  11. ^ Ullner, Frederik (2008-01-17). "Press coverage regarding DC being used as a DDoS tool". DC++: Just These Guys, Ya Know?. Archived from the original on 2016-09-23. Retrieved 2017-05-19.
  12. ^ a b Fredrik Ullner (2011-07-20). "Long lost response regarding DC being used as a DDoS tool". DC++: Just These Guys, Ya Know?. Archived from the original on 2011-09-08. Retrieved 2011-07-20.
  13. ^ Furtunã, Adrian (July 2008). "DC++ and DDoS Attacks" (PDF). Archived (PDF) from the original on 2016-11-09. Retrieved 2017-05-19.
  14. ^ Jan Vidar Krey (February 2009). "Referral extension". DC++ Launchpad Page. Archived from the original on 2011-08-12. Retrieved 2009-02-11.
  15. ^ Jan Vidar Krey (February 2009). "Referral extension on ADCPortal wiki". ADCPortal.com. Archived from the original on 2011-07-07. Retrieved 2009-02-11.
  16. ^ Eugen Hristev (February 2009). "DC++ pointing out the corrupted". DC++: Just These Guys, Ya Know?. Archived from the original on 2009-03-09. Retrieved 2009-02-11.
  17. ^ Toast (January 2009). "CTM Review and the errors of past". ADCPortal. Archived from the original on 2011-07-07. Retrieved 2009-01-27.
  18. ^ "DCNF - Direct Connect Network Foundation". Archived from the original on 2016-01-25. Retrieved 2016-01-07.
  19. ^ Direct Connect Network Foundation: Documents and Resources Archived 2016-12-20 at the Wayback Machine

External links[edit]