PeerBlock 1.0+ (r484) Beta

[jalaffa]

<img src="http://nsanedown.com/images/logos/PeerBlock.png" class="logo" alt="PeerBlock" title="PeerBlock" />PeerBlock lets you control who your computer "talks to" on the Internet. By selecting appropriate lists of "known bad" computers, you can block communication with advertising or spyware oriented servers, computers monitoring your p2p activities, computers which have been "hacked", even entire countries! They can't get in to your computer, and your computer won't try to send them anything either. PeerBlock currently supports Windows 2000, XP, 2003, Vista, 2008, and 7 in 32-bit and 64-bit.

<a href="http://www.nsanedown.com/?request=34602678" target="_blank">Download</a>

[silencer]

Last time I found this topic http://fora.demonoid.com/index.php?topic=25342.0 on Demonoid about PeerBlock/Guardian. I don't know if this is true, but arguments are logical for me. Now I only use IP filter in utorrent. What's your opinion guys?

[spootnack]

Last time I found this topic http://fora.demonoid.com/index.php?topic=25342.0 on Demonoid about PeerBlock/Guardian. I don't know if this is true, but arguments are logical for me. Now I only use IP filter in utorrent. What's your opinion guys?

Very interesting. Thanks.

Maybe PB is good to block spyware / ads IP's but what about dynamic IPs ??? And about peers and seeders with p2p apps ???

Does it really work ???

Need informations !

++

PS: What are the differences between IP filter and PB ?

[bwop]

I couldn't read that article. You have to be registered and they are not taking new registrations.

Could you summarize?

[Sonar]

I can read that forum post as guest - im not registerd to the forum.

Copy/paste of the first post explaining why not to use PG or PB. (if you see bad language inform me and ill star it out)

-

Here's GW's wall of PG2 text for archival and linkage purposes.

Quote from: GreatWizard on August 30, 2008, 12:46:30 PM

PG2 is a placebo. Of course, you see some addresses blocked. The ******* thing blocks ONE-THIRD of the Internet address space, by its own claim.

What you do NOT know is whether the  addresses this piece of **** blocked were, in fact, the very peers who had the pieces you were downloading.

By inducing and then reinforcing paranoia, PG2 does more harm to torrenting than the RIAA, the MPAA and the FBI combined. I've said it before - if PG2 didn't exist, the MPAA would have invented it.  Smiley

Here's just a small selection of the problems with this overhyped garbage:

http://www.slyck.com/forums/viewtopic.php?t=38295

The Media Defender internal email leak offered plenty of information for the taking. MediaDefender-Defenders said that they hoped that the email leak will prove to be a viable tool to protect against anti-P2P efforts. This is something BlueTack has been trying to do. After the email leak, a text file that compiles the complete IP (Internet Protocol) list Media Defender used while dropping fake files onto various P2P sites and networks was posted. While judging the effectiveness of these lists had proven to be an impossible task before the major leak, the effectiveness can now be tested.

Slyck began the investigation when BlueTack's 'Paranoid' IP filter blocked one of TVUnderground's new eDonkey2000 servers. A request for comment or information on the matter to BlueTack's team went unanswered. To this day, why BlueTack has blocked only one of TVUnderground's servers is unknown. In the meantime, Slyck is currently in the possession of a copy of BlueTack's IP filter lists, and further investigation into related matters appeared warranted.

According to the BlueTack website, "B.I.S.S. is a site dedicated to improving the safety and awareness of all our members and guests, providing News, Security articles, Software Reviews, Technical Support, Guides, IP Research and Free Software needed to help us keep our connections to the net and each other safe, secure, and free from unwelcome intruders."

Among the things offered are the blocklists, which have been met with either acceptance by the file-sharing community or complete rejection. Some say that the blocklists allow users to simply block any anti-filesharing company and allow users to connect with non-industry IPs. Others say that there is no way to get the right IPs before the IPs are changed to different addresses, thereby rendering the filters ineffective. It's been the subject of debate for quite some time amongst many experts with no real way to test the lists, at least until the Media Defender email leak.

The 'Paranoid' eMule IP filter was retrieved on September 27, 2007. The Level1 IP blacklist, which is supposed to block all known anti-p2p IPs, was retrieved on September 30, 2007. The idea behind getting these lists now is to offer ample time for Media Defender's now public IPs to be added to the lists for a much more effective blocklist for PeerGuardian users.

Slyck then obtained a copy of the publicly available 14.3MB compressed text file which lists all of the Media Defender's IP addresses. At this point, it became obvious that testing such a large volume of IPs would prove to be an overly time-consuming challenge, at least by hand. In order to alleviate this problem, it was best to test one particular IP range. Conveniently enough, the first range started with 116. Slyck then decided to test all of the IPs that started with the number 116.

The total number of IPs used by Media Defender starting with 116 was 1,474. Obviously, BlueTack did block all IPs that started with 116, but how many Media Defender IPs were successfully blocked? When Slyck investigated, there was a common theme that blocklists seemingly jumped over several ranges used by Media Defender. After some extensive study using the Level1 list for anti-p2p companies and the 'Paranoid' list, BlueTack would have successfully blocked 16 IPs. Thus, this sample test offered 1.09% protection against Media Defender in that range.

The IPs that were successfully blocked were: 116.255.1.109, 116.255.1.154, 116.255.1.244, 116.255.1.27, 116.255.1.52, 116.255.1.85, 116.215.157.243, 116.212.14.223, 116.199.202.170, 116.199.202.240, 116.199.207.83, 116.199.207.84, 116.199.226.78 , 116.199.227.11, 116.199.227.27, 116.199.227.67. The remaining 1,458 IPs would still be allowed through even with these two filters being used today.

While BlueTack may still perpetuate the idea that their filters are 99% effective, these latest findings will only fuel criticisms towards BlueTack's actual effectiveness. A complete test might not be possible short of creating a simple program to test every single number or spending weeks hand-testing every single Media Defender IP address. In the mean ime, it seems very apparent that BlueTack's filters have a few holes.

And that was tested against known and published addresses!! In order to catch those 16 addresses (probably by dumb luck and the law of large numbers), BlueTack also blocked more than 4 million INNOCENT addresses in the same range.

==============================================================
A SECOND TEST:

I am convinced that it is not authentic. I did a reverse lookup on 500 or so somewhat randomly picked addresses from the 5.3 million addresses in that list. Look at the results -- it's pretty clear that the vast majority of the items in the list are residential dynamic IP addresses from all over the world.

===============================================================

http://www.physorg.com/news110035755.html

Not Much Anonymity for Unprotected File-Sharers: Researchers Examine P2P Networks
The same technology that allows easy sharing of music, movies and other content across a network also allows government and media companies easy access to who is illegally downloading that content.

"Note that it is not our intention here to examine how accurate and comprehensive these lists are, though this would be interesting and challenging future work."


=============
"after a quick look through the document, found elsewhere (PDF) (thanks again guys), all their stats are based on a couple of assumptions: that the blocklist contains no false positives, and more importantly, that it fails to contain no address that should be included. i will leave it to others to comment on the likelyhood of these assumptions being correct."
===============
FROM PG;s ow website:

Well, it is accurate in the sense that it blocks everything on your blocklist. <No shit, really?>
It is impossible to know _all_ the addresses to block

PeerGuardian is known to be incompatible with McAfee and BlackICE firewalls. Outpost is also known to cause a problem if you shut down PG2 while it is running. There is currently no way around this, so we recommend you try switching to another firewall

PeerGuardian blocked someone, should I be worried?
Well, it was blocked, so why would you worry?

PeerGuardian is slowing down my connection!
This occurs because of the way PeerGuardian blocks packets, not connections.

PeerGuardian is blocking an IP like crazy, should I worry?
PeerGuardian will constantly block IPs. Many times you will see IPs get blocked three or more times before giving up - this is due to the way most computers handle reliable connecting. After a period of time, people may retry to see if you are responding yet. This does not mean people are spying on you. <No ... it means they are trying to download or upload files in a swarm where you are connected ...duh ...>

A block list is a list of bad IP ranges that are know to spy on people’s computers.
<That's simply a lie. A blocklist is =just a list of IP addresses. Its accuracy and completeness depend ENTIRELY on who created it and who contributed to it.>


This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.  <Translation - it's a POS, we know it's a POS and you're just as liable to get caught with it as without, and we ain't responsible. But thanks for the donation anyway ...>

Total of IP's being blocked right now:

    * 2,377,645,666

<Yep TWO FUCKING BILLION blocked connections all to TRY to prevent one percent of the known addresses of MD from getting through.>

first things first, if the government was and/or are spying on you right now, it will be on a IP range that is not on our blocklists and is a secret range of IPs, second thing is, if the government was and/or are spying on you right now, they would be doing it on a whole diffrent level.


<Then why are you blocking the Department of Agriculture's IP range? Are you afraid they'll detect someone pirating a seed catalogue?>
==================================

I have more. Lots more.  Smiley

Just felt that this will make explanations a bit easier. Smiley

In summary:

Peerguardian does not work at all and actually damages bittorrent by blocking millions of good peers. I mean they blocked their own update servers...come on.... Roll Eyes

[wenwind]

thanks for update

[HX1]

Information seems a bit dated and I do remember some of this... back in the days of PG... I do know that for a fact the current listings which are ( I use ) bordering on 1.7 billion right now.. do block quite a few addresses.. I see it n the log.. I have an ID on those but this too can be outdated.. I mean how easy is it to change addresses? Also another point is how often ALL of these lists are updated? I remember IPFilter being updated VERY seldom.. while PB ( or PG ) are always updated on Mondays.. and many times some of the other lists which are actively maintained are updated daily.. Like Nexus 23... some of the point I see as some of the problems that occurred and happened as PG came along and over the course of time which eventually lead to its demise in a sense... Nobody I know uses PG anymore.. I also know some people who use both...IPFILTER and PB.. along with several other options for filtering and traffic shaping..( which mind you traffic shaping is not JUST prioritization either - anything that alters its default function and changes behavior )..

I personally like using PB.. works great even when using Vidalia Bundle.. even with the Tor lists.. and does a better job at logging for those of us who like to have a look and investigate each and every thing.. the details are there.. without really causing a huge problem.. ( which at one point in time is NOT something PG could say - including fiascoes like promptly blocking ESET Updates.. and other things )

IMO.. this is without looking into it farther.. I would stay with current information and study them both for yourselves... I doubt very seriously if IPFilter is truly nabbing them all.. one easy way to check is to hook up a high profile torrent... Use both turning PB on and then OFF.. then ON again after some time.. and take a look at some of the places being blocked..

I am going to do some checking because I am not for sure .. but I would be willing to bet that not JUST IP's would be used but also Domain Names... I run PB all f the time.. I have had to make allowances for a few things to allow network connectivity and several other options in making sure it works properly.. but all in all.. I think really is a better choice..

EDIT: One more thing as well.. its not just geared at blocking the MPAA... It is also geared at suspicious activity that gets logged.. like addresses and companies that are data mining and snooping around.. and random addresses which have been logged doing the nefarious.. another thing I always like to be reminded of as well..

[Ultravires]

How come there official site doesn't have this update to download? also is it safe to use both PG and IP filtering at the sametime cause thats what i am doing.

[RobrPatty]

I am a moderator on PeerBlock forums and was shocked that this version had been leaked. Its not posted on Peerblock.com because its not suppose to be released yet.

But having tested every version implemented to date I can safely say this version is rock solid. The developers do an outstanding job on updating and solving various issues.

And to sum up Peerblock is an outstanding piece of open-source software and iblocklist.com has the latest up-to-date list. With a great combination like that you can't go wrong.

[kmr1684]

Last time I found this topic http://fora.demonoid.com/index.php?topic=25342.0 on Demonoid about PeerBlock/Guardian. I don't know if this is true, but arguments are logical for me. Now I only use IP filter in utorrent. What's your opinion guys?

well my friend if you want to realise some good fact about blocklist then download primary blocklist from iblocklist and then used it with outpost firewall and log the blocked packets then check the port number of the remote ip address it will be different port number from the same ip address with in 2 to 3 seconds different. i say one thing even i will get scanning from us residential ip address when i will start torrenting. this true but god sake i do not remember that ip address so you can cross verify it. so any way i just stopped torrenting becoz of 2 reason first one nsane forum, second one i stopped collection the software it is my hobby before but not know.

[spootnack]

A question :

How an organization can manage, collect and update so many IPs ??? And about "dynamic IPs", how do they work with this problem ?

++

[kmr1684]

A question :

How an organization can manage, collect and update so many IPs ??? And about "dynamic IPs", how do they work with this problem ?

++

simple my friend some kind of crazy people out there, their job is only checking ip address checking and reverse checking the dna server, if you do not trust me go to iblocklist forum and search the forum for reporting ip address, you will find lot of information where and how to report follow the link, so happy hunting regarding this info.