Peerblock an alternative to Peerguardian

[GhostShip]

You talk from ignorance Blitzen, just because your unable to detect attackers you suggest others may not be able to yet our track record here is undeniable. We are able to detect many types of attacker, the data miner and the fake file list flooder are the two most common and thus the ones routinely blocked.

 I know this may come as a surprise to you but we only block winmx attackers, thus if an IP is not attacking winmx in any way we dont need to block it, simply blocking billions of IP's "just in case " is based on stupidity and fear, if your going to mislead folks your whole case for using blocklists is flawed, why on earth would we block trident media guard when its not attacking winmx in any way, we also dont block any other range thats not here either 

Let me even up the false picture you have painted for folks.


http://www.slyck.com/story1593_MediaDefender_Leak_Offers_BlueTack_Users_a_Reality_Check

While BlueTack may still perpetuate the idea that their filters are 99% effective, these latest findings will only fuel criticisms towards BlueTack's actual effectiveness. A complete test might not be possible short of creating a simple program to test every single number or spending weeks hand-testing every single Media Defender IP address. In the mean ime, it seems very apparent that BlueTack's filters have a few holes.

http://neuron2neuron.blogspot.com/2006/05/blocklist-balderdash.html

Use a blocklist? Think it makes you safe, allows you to share with impunity? Think again. I will say this now, up front, and clearly.
The amount of overall protecton given by a blocklist is minimal at best.

http://torrentfreak.com/study-reveals-reckless-anti-piracy-antics-080605/

The last paragraph sums things up better than I can, however: “We have further demonstrated that IP blacklists, a standard method for avoiding systematic monitoring, are wholly ineffective given current identification techniques and provide only limited coverage of likely monitoring agents.”

Now make your minds up folks, if your scared of your own shadow then block the world out, if you use a filesharing network look for a specific list created for that network by someone reputable similar to the lists created by ourselves and emule folks, there is no magic wand in protecting yourself from attackers but an on the ball detection team is the best start any blocklist can have.

[Blitzen]

Many flaws in them links Ghost  in the secound it is a guy who worked ( works) for anti p2p company so his opinion woild be bias to say the least!  in the last link they was sent DMCA noticed to their network printer .........  don`t most network printers usually only allow access from network users espcially at such a prestigious location? as regards the first link no blocklist author claims to be 100% proof as anti p2p can and do change ip and isp but as soon as they are detected they get added. Iam not trying to scare anyone simply pointing out that for those who do not want to simply rely on you to protect them that there is other otions availible. Have you even looked at the "research"  link posted on the previous page ?

[Blitzen]

many typos above sorry*

[Blitzen]

Indeed proir to wmw caches being added to Bluetacks blocklist you openly promoted using blocklists
https://www.winmxworld.com/tutorials/block_the_riaa.html

Then after your opinion changed to this
https://forum.winmxworld.com/index.php?topic=4113.0.html

But in counter argument see this
http://blocklistpro.com/faqs/ip-block-lists-myths-misconceptions/blocklists-block-billions-of-innocent-people.html

[Blitzen]

Seems to me the way you come across is you do not believe in prevention rather dealing with as it happens, but prevention is around in many ways like being immunized against a disease you may never catch, theres is a saying that prevention is better than cure and that's what peerblock with a blocklist offers. I provided on the previous page solid research into if blocklists work and you claim they do not yet provide no evidence only articles of questionable sources

[wonderer]

According to your very last statement Blitzen, it is best to be immunized by a short blocklist, 0.0.0.0-255.255.255.255
Then, create an allowlist with yhe IP you trust 100%, connect to the network and oh, my, you find yourself flooded again.

Now, explain me how this happens.

[Blitzen]

Why would you want to block every ip range then just allow ips you trust, by being immunized i meant from anti p2p groups not the whole damn internet! you do not get immunized against every disease known to man just those common in your country or a country your travelling to, so the comparison was being immunized against p2p but maybe it is the wrong word as no blocklist can guarantee 100% protection but something is better than nothing.

Iam assuming you have tried your theory wonderer and can therefor provide the answer ? maybe iam not understanding your angle....................

[Blitzen]

Heres an article asking the question  do p2p blocklists keep you safe, it is up to people to make up their own mind from all the information in this topic both for and against

http://torrentfreak.com/do-p2p-blocklists-keep-you-safe/

You may find comment 16 at the bottom interesting.......................

[GhostShip]

Bombarding people with information that states simply nothing of proof or consequence is misleading folks, the initial study you point to was based on a flawed method of counting and I know this because I remember the original story and the team who did the research, their statistics where brought into question because they did not count any ips not on a blocklist and thus any claims about how many attackers it did or did not block where flawed.

As I make plain because your unable to work out how we track down attackers dont expect anyone here to pretend they dont, your "block everything just in case" strategy merely shows why you shouldn't be left in charge of a blocklist. Leave the blocklisting to those who know what they are doing

[Pri]

Pri,
its a shame you dont keep the PG2 blovklist updated,
the new script for metis i found was using a lot of bandwidth on the 2 metis' as i run 2 rooms, this seemed to make me feel like i was restricted and found sometimes i couldn't google/surf the net, so removing the scripts allowed me to carry on as normal,
so i have no other way than to use PG2.

As I said the spammers have software which allows them to cross reference their proxy servers with the PG2 list. They go to a bunch of sites collect tons of proxies they then load them in to a proxy program that tests each proxy to make sure its active. That software then removes any that are already dead and they move the IP's to a new program which then checks the list against my PG2 list and further removes any that are on that list.

This leaves them with IP's they can spam with that are guaranteed to connect and work and also that won't be blocked by anyone running my list.

Also the script doesn't use much bandwidth. It makes 1 online query each time someone enters your room. It costs around 20KB of data and takes less than a second. For this you get a 99.9% detection rate.

I do understand that the bandwidth use may be heavy for dialup users or people on an incredibly restrictive cap so I will release a new version with caching but I don't really think that the bandwidth use is really all that high to be honest. I mean lets say you have 1000 people enter your room each day that's only 23MB per day to run this software.

[GhostShip]

Try reading my comment at 14 Blitzen.

Looking at comment 16 simply proves that Blutak are childish and unprofessional, we dont do what we do for money.

I shall post a few posts missing from the biss forums showing why they repeatedly slander wmw, ignorance and stupidity seem to go hand in hand in the blutak organisation and the remedy is not to use their erroneous lists.

[Blitzen]

In simple terms the way i see it............. you block network attackers and flooders of the network that you pickup by your team of 24/7 experts  thats great that may indeed be protecting the network now what aout the users ?
lets say mr media defender comes onto winmx network with his winmx and connects by secondary to a primary user called lets say Ghostship who believed they are using the winmx blocking patch so they are protected from anti p2p groups connecting to them. Mr media defender then simply browses this primary user takes some screen shots of their shares then converts their winmx hash to their REAL ip and takes it from there sending letters etc. Ok great your doing a fine job protecting the network but what about the users. Maybe at this moment you have not heard reports of winmx users being sent notices for copyright but that is down to winmx being a small fish nowadays but the day may come and maybe already has but it has not been reported to you.

[GhostShip]

Blitzen let me be polite here, your once again straying into areas you know nothing about and its simply wrong for you to make claims like you have above, if you can be bothered to use the site search you may find that we can indeed detect such intrusions using our "honeypot" system, do you really think I would ask folks to trust the blocklist if it was not doing as we claim ?

You may do so but I wont.

Now lets move on to real world matters and why I am currently unable to guarantee the security of the network, there is this chap who calls himself "Sabre" and he provides network access for all the unblocking primaries that host both data harvesters and flood the network with fake file listings, while he remains in operation WinMX is currently compromised, you personally are aware of this because you  have posted in the threads where I made this fact known and asked the pie team to help close the security hole that has appeared.


I really wish you would check all your facts before making statements that simply attack or belittle the work of the blocklist volunteers here, they look out for all WinMX users and surely its little in return for you to look out for them instead of running them down with ill thought out comments.

[Blitzen]

Ghostie me ole mucka in no way am i trying to belittle the blocklist team they are doing a fantastic job of protecting the "network" and i applaud them all! but no one needs to be an "expert" of the winmx protocol and network to see anti p2p activity. Yes winmx network flooders and attackers are on the winmx blocklist but anti p2p companies that are not attacking the "network" are not. Anyone can simply install peerblock and its default list, connect winmx on primary and look at the ips and companies being blocked to their winmx ports that are "not" on the winmx blocklist but at the same time you would also see ips that are blocked on the winmx blocklist mainly the flooders and DDOS  attackers. At the end of the day its up to the user i guess.

The community patch is the best option for any winmx user that is without doubt fact as that can at least protect the network by default where as the host file method and asking users to install winmx specific blocklists in peerguardian simply failed as many users did not bother to take the advice given and left themselves wide open and at the same time allowed their primary connections to be used by data harvesters and attackers.

[Joshua203]

you got to admit youpaint a kindoff weird scenario blitzen, if you gonna do all those what if's i could really add a few and give a solution but rule out the same solution at the same time... and really if i started doing that there would be no blocking device usefull anymore ..welll uuuhm maybe one ...pull the internet plug!!!!¿¿¿???!!! heheheh

1 example.. what if one of those "internethounds" would taske winmx home and pretend to be an innocent user ..take screenshots of your browse ...calculate your hash to ip >>>>>HIDE your hash!!! but would that help?? no because any tcp tool would also tell the ip wouldn t it?? ...would they be on a blocker list ??? nope>>>>pull the plug and run like hell ....hehehehehe

[]-[êll.Ôñ.ËÀR'][']-[.]

The community patch is the best option for any winmx user that is without doubt fact as that can at least protect the network by default where as the host file method and asking users to install winmx specific blocklists in peerguardian simply failed as many users did not bother to take the advice given and left themselves wide open and at the same time allowed their primary connections to be used by data harvesters and attackers

Exactly and that's why The community patch beats any other method you like to point out hands down ....fact is a good many users cant be arsed to use any other options even if they knew how to & a lot fall into the bracket of .... I'm just one of many thousands so they wont catch me even if i don't secure myself..... that is why a automated method even if it isn't 100% perfect is definatly 100% better than relying on users to use other methods or not using any at all to secure themselves.

There is only one secure fool proof way to be safe and that is to not download and share any copy protected material at all .... but then in many cases that would totally defeat the reason why people are here anyway
 
note** i say in many cases and not in all before people mount that high horse that they don't use winmx illegally 

[Bluey_412]

i would prefer, if anything, to have an ability to insert my own custom set of IP's to block, directly into the patch, rather than using an extra tool, such as PG2 or PB, but the designer/maker of CP 1.0 didnt provide that ability...

[Joshua203]

i would prefer, if anything, to have an ability to insert my own custom set of IP's to block, directly into the patch, rather than using an extra tool, such as PG2 or PB, but the designer/maker of CP 1.0 didnt provide that ability...

maybe because firewalls are very good at that ? lol

[GhostShip]

The community patch was obviously designed to protect WinMX users from attack while it was actually running and we believe their is little reason for adding a user adjustable blocklist as this would undermine the premise of the "basic protection for all" we try to deliver, a stand alone program that is not dependent on WinMX for its operation would be a superior solution and ensure any IP's you choose to block remain so.

[Joshua203]

hte upside of using a firewall for this is that most of us would be able to pick the firewall closest to the internet plug (router firewall) ..this not onhly will block traffic from your computer but also from the router ...at least that's how i see it