hadiceberg Posted March 12, 2008 Report Share Posted March 12, 2008 After getting a lot of hash fails on a CERTAIN torrent, I changed this variables to the values hereunder:bt.ban_threshold=1bt.use_ban_ratio=0but i'm still connected and downloading from peers/seeds with more than 1 hash fails!http://www.hotlinkfiles.com/files/1084340_yhiql/peerlist.GIFdownloaded 75.8MB, wasted 37.2MB, 146hashfails!why is this happening?why utorrent doesn't ban them? Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 12, 2008 Report Share Posted March 12, 2008 You turned off banning.bt.use_ban_ratio needs to be TRUE. Once a peer reaches bt.ban_threshold it will be banned on the next piece. That is unless it has sent bt.ban_ratio # of good pieces.You want to invest in ipfilter.dat 38/8 is a known anti-filesharing range. (That's 38.0.0.1-38.255.255.255) Link to comment Share on other sites More sharing options...
hadiceberg Posted March 12, 2008 Author Report Share Posted March 12, 2008 you mean after reaching the threshold (1 here), because of bt.use_ban_ratio=false, IP will not be banned!!?I thought that when bt.use_ban_ratio is set to false, when an IP reaches the threshold, it will be banned without considering how many good pieces it has sent.however I set it to true.BTW how can I get a good ipfilter.datedit:you're right. it's now banning them on first hash fail.Is there any secure updated ipfilter.dat on net? Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 12, 2008 Report Share Posted March 12, 2008 Since blocking is useless the only ipfilter.dat is one you made yourself... or from someone you trust made themselves. Everything from utorrent's IP to antivirus software has been included in the PG one time to time. Link to comment Share on other sites More sharing options...
hadiceberg Posted March 13, 2008 Author Report Share Posted March 13, 2008 thanks fellas, now I know what to do with those ba*trds will setting bt.use_rangeblock=true help? Link to comment Share on other sites More sharing options...
Ultima Posted March 13, 2008 Report Share Posted March 13, 2008 That depends on who's poisoning the swarm. If it's a large range of IPs (like 38.x.x.x or something), then rangeblock banning will help ban the entire range (eventually) without your manual intervention. Link to comment Share on other sites More sharing options...
yourpcguy Posted March 13, 2008 Report Share Posted March 13, 2008 PeerGuardian 2http://phoenixlabs.org/pg2/ Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 13, 2008 Report Share Posted March 13, 2008 No. NOT peerguardian 2http://neuron2neuron.blogspot.com/2006/05/blocklist-balderdash.htmlhttp://www.slyck.com/story1593_MediaDefender_Leak_Offers_BlueTack_Users_a_Reality_Check Link to comment Share on other sites More sharing options...
yourpcguy Posted March 13, 2008 Report Share Posted March 13, 2008 well wtfnew ppl shouldnt install pg2?should i remove it too? Link to comment Share on other sites More sharing options...
tinkywinky Posted March 14, 2008 Report Share Posted March 14, 2008 Dont listen to the anti blocklist FUD spreaders who have no more information to support their claim that they do not work than some random blogger whos opinion doesnt really count for jack. There have been proper scientific studies into the effectiveness of blocklists and wether they provide any protection againts anti-p2p groups, and the consensus is they do.Analyzing over a 100 GB ofTCP header data, we quantify the probability of a P2P user of beingcontacted by such entities. We observe that 100% of our nodes run intoentities in these lists. In fact, 12 to 17% of all distinct IPs contactedby any node were listed on blocklists. Interestingly, a little caution canhave significant effect: the top five most prevalent blocklisted IP rangescontribute to nearly 94% of all blocklisted IPs and avoiding these canreduce the probability of encountering blocklisted IPs to about 1%.http://www.cs.ucr.edu/~anirban/Anir-networking07.pdfI might also add that there is more to blocklists than simply blocking known or suspected anti-p2p. The also block known bad trackers, and bad peers. Though in my opinion, blockilsts are better served client side, and not as some sort of psuedo firewall addition. Link to comment Share on other sites More sharing options...
Firon Posted March 14, 2008 Report Share Posted March 14, 2008 Blocklists are worthless. The fact that they had <10% of MediaDefender's IPs is a good sign of that.IT WILL NOT HELP YOU IN ANY WAY. Link to comment Share on other sites More sharing options...
GTHK Posted March 14, 2008 Report Share Posted March 14, 2008 I wouldn't go so far as to say worthless... just highly ineffective and in Bluetacks case problematic. Link to comment Share on other sites More sharing options...
tinkywinky Posted March 14, 2008 Report Share Posted March 14, 2008 And a bullet proof vest wont stop you from getting shot in the head, but some protection is better than none at all. Its a broad statement to make that blocklists are worthless, and a fairly ignorant one at that considering the various types of ranges that they deal with. The majority of which would have absolutely no business whatsoever being a peer on a a p2p network. I'm well aware of your feelings towards blocklists Firon. The fact that less than 10% of MD ip's were present in the p2p blocklist only means that the rest of them were unknown so could not be included. What? Do you expect some kind of psychic knowledge on behalf of the list compilers that they should know who every IP on the internet is assigned to at any given time? No. They can only work with the information they have at hand. If Safenet are known to be using servers with IP's in the 38.100 range, perhaps you can explain how it does not help to block that range? That can be proven quite easily on certain music related torrents where entire blocks in that range would otherwise be connecting to you as a peer. If I were a tin foil hat wearing nutcase, I'd almost think that you want people to be caught. I suggest you read the report I linked to, though I rather doubt it would make any difference. I mean dont let facts get in the way of your opinions or anything. Link to comment Share on other sites More sharing options...
GTHK Posted March 14, 2008 Report Share Posted March 14, 2008 Continuing your analogy though poisoners and the such don't use a pistol, they use an assault shotgun and fire into a P2P crowd. IPA's do change. If anything though it would be better to load the blocklists into µT's ipfilter.dat so that its effects are limited to the application your worried about, with consideration to µT's bootstrap address of course. Otherwise you might loose your AV updates in the future. Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 14, 2008 Report Share Posted March 14, 2008 ...... Using a pre-made blocklist especially by bluetack is trusting they are only blocking said "bad" entities. The fact uTorrent and an ANTI VIRUS COMPANY'S update servers have been banned in the past is proof they have little to no oversight what gets added.Though in my opinion, blockilsts are better served client side, and not as some sort of psuedo firewall addition.... Aren't the peers clients? Or are you the one who doesn't know what you're talking about. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted March 14, 2008 Report Share Posted March 14, 2008 The biggest problem I've found with blocklists FIRST HAND is that the maintainers (bluetack) are known to have a VERY bad history of blocking legitimate traffic more often than they block anti-p2p traffic.http://torrentfreak.com/peerguardian-malware-080224/http://torrentfreak.com/do-p2p-blocklists-keep-you-safe/Why should we EVER rely on premade blocklists when the blocklist maintainers are typically this uninformed. Link to comment Share on other sites More sharing options...
jewelisheaven Posted March 14, 2008 Report Share Posted March 14, 2008 DWKnight linked what I alluded to.The point is.... especially with recent activities, the blocklists from and the people at bluetack are showing more and more "corporate" tendencies of their own silencing dissenters of their own philosophy.Those who are concerned but don't want to use an overzealous IP blocker could start with these MediaDefender IPs and increase their own blocklist as they see fit from uT logs of their own experience. It's all up to personal preference, and since uT allows ipfilter.dat also, the point can be made people who want to "protect" themselves should employ the list in uT instead of installing PG... the former keeps the clients from connecting to you by blocking the attempt entirely. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.