spam user = available.above.net

[gadgetanda2]

For the past 36 odd hours my uTorrent has been Swamped on each of the 4 downloads, all from different torrent sites, with MULTIPLE user links all from = available.above.net, all saying U.S.A. and using Azures 2306. All port address starting with 209.133.121.... , 209.133.122.... or 209.66.177....

An 86MB download turned out to be 314MB others are at least 2x. Because left going overnight cost me 1.12GB. 174 failed Hash per this link with at least 130 connections left. Have tried blocking via firewall etc and removed uTorrent from exceptions list, spyware & virus scans, reg. defrags etc. Nothing so far has worked. This is a REAL BIG Problem

Anyone else with the same problem or how the hell do I block with uTorrent.

[Smoovious]

gadgetanda2... sounds like you've stumbled on a poisoner group...

Only real solution I can suggest right now is to block those IP ranges in your ipfilter.dat file (see the FAQ for the syntax).

In the meantime, would you mind saving copies of those .torrent files and sending them in? There is a feature being worked on, and those look like they'd make excellent test-fodder.

-- Smoovious

[gadgetanda2]

Am more than willing to assist in any way possible but are BRAND NEW to Both Forum & Bittorrent

So need to know in REAL Easy to Follow STEP BY STEP Exactly how to (Sorry for being so Green)

(1) Exactly where & what to type for Blocking the IP Addresses = Range, I assume from 000 - 999,

or if a 'wildcard' symbol is typed to cover that Range (Tried both But obviously doing it wrong)

(2) Exactly how to attach the Torrents & some Screen shots I took

Ran Azures 2504 very briefly, which with just 2 of the Torrents, was not configured, etc. = Same Problem (Some 'trigger file' obviously written on my PC somewhere)

Found that ViewPoint had a Media Player Folder etc. in Program Files (Unaware of this)

Have trashed heaps (probably too much) just quickly ran uTorrent again, after deleting Port Forwarding & changing Port = STILL SAME PROBLEM

Have noticed in the main the 209........ problem IPs load 1st. but always in the Banned Hash the

1st. to be banned = 0.0.0.0

Also whilst right click on File or Folder to say Rename or Properties kept coming up with pop-up window saying Please wait while Windows configures Trend PC Internet Security 2007 (My Spyware/Virus Program) - Then asked for Password. Nothing I have run re: Spyware, Viruses etc. seems to be able to I.D. or rid my system of the Problem

Had only completed 2 of the 5 Torent Files (Sorry I said 4 but as 1 was duplicated I shut it down after 1%) 1 was OK - The other said completed but only got 8 or the 22 songs

Whilst I realise I can get this from Torrent, using a downloaded torrent or simply by the P2P downloading process it leaves a VERY BITTER Taste in ones mouth & ALL steps to Stamp it Out & Eliminate these users should be taken - I am currently staying Off-Line in an attempt to Stop Spreading this to others.

Whilst a Format & Reinstall may be my only way out I STILL NEED to KNOW the ANSWERS to (1) & (2)

I thank you in anticipation of answers to the above....Gadget....

[µtorrent-Guest]

ipfilter.dat is a textfile that is to be saved in the datafolder of µT.

http://www.utorrent.com/faq.php#What_is_ipfilter.dat.3F

Note that you must stop the torrent briefly after activating the file since µT does NOT disconnect peers in a blocked range that are connected at the moment

[Switeck]

I use TCP View from www.sysinternals.com to break connections.

[madking]

I also have had this problem. I didn't have an ipfilter.dat in my utorrent AppData folder so I created one with Notepad and added the IP addresses beginning 209.133 etc with a range from 1 to 255 and it seems to work fine. I've noticed there are similar IP addresses beginning 38.10.xxx.xxx but which don't have the 'available.above.net' at the end. Should I block these addresses as well?

[jewelisheaven]

38/8 (that means all 38.1.1.1 - 38.255.255.255) are owned by an anti-filesharing company. So if you notice them on your swarms yep you can add them to your ipfilter. It will keep you from connecting to them and giving them your bandwidth (which they don't reciprocate anyway).

[Switeck]

38/8 means all 38.0.0.0-38.255.255.255

[jewelisheaven]

38.0.0.0 is not a valid IP. It's a err multi-cast address?

[madking]

Thank you jewelisheaven and Switeck for your help. Can I enter 38.1.1.1 - 38.255.255.255 as a range in my ipfilter or do I need to enter each address indvidually?

[GTHK]

Ranges will work.

[jewelisheaven]

And you must enter ranges as it says ... (IP octet) A.B.C.D - E.F.G.H

CIDR notation (as used previously, when looking at whois registration information, and in the WebUI restrict access field) does not work.

[Ultima]

38.0.0.0 is not a valid IP. It's a err multi-cast address?

... says who? The entire range is owned by Cogent. Multicast addresses run only from 224.0.0.0 to 239.255.255.255 -- no more, no less.

[Switeck]

It is also possible for a "regular" connection to end with a .0 in its ip address, especially if it falls in the middle of a range...such as 38.10.5.0 in the above-mentioned range. With strange switch/router configurations, it's probably possible to do the same on a home LAN network even with the first ip address.

[madking]

Thank you GTHK and jewelisheaven. You have been most helpful.