+ Reply to Thread
Page 2 of 7 FirstFirst 1234 ... LastLast
Results 16 to 30 of 101

Thread: [Tutorial] How to block harmful IP ranges with P2PFire

  1. #16
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    For me it's using 3.6MB RAM right now (just started my comp) And under heavy IP-blocking activity, I have never seen it go higher than 5MB and 1% CPU (which is probably because Windows's Task manager can't show decimal numbers so it rounds up to 1, but P2PF's main window shows a 0.1% usage)
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  2. #17

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    This tool seems interesting.But would it not be easier to import block list simply into a firewall?
    Reply With QuoteReply With Quote
    Thanks

  3. #18
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    How?
    The firewall would need to have an IP blocking module anyway.
    The Blockpost plugin adds that functionality to Outpost v4, for example, but makes it work like PG, blocking packets and not connections.
    I chose this tool because it blocks connections instead, and has an extremely low CPU and RAM usage.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  4. #19

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    I have the newest outpost 2009 and under settings is this IP blocklist.Can't i just import list there under edit host list?

    [IMG][/IMG]
    Reply With QuoteReply With Quote
    Thanks

  5. #20
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    You could, if you prefer it that way.
    But I don't know what format OP2009 uses for its blocklists. Maybe this on-line converter helps you.

    And I'd untick the 2 checkboxes at the bottom of that config window, or else you most likely would end up with huge logs and be bugged by hundreds of warnings.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  6. #21

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    Maybe this helps you explain it better:
    IP Blocklist
    This Monday we’re revisiting a feature that originated as a third-party plugin as part of Outpost 2008 and has now been revamped for the 2009 product. Here’s a little history.

    The Blockpost plugin was originally developed by an Outpost fan and was designed to prevent any installed software from accessing malicious web sites or ad networks by using a blacklist of IP addresses. Many of you wanted to see this feature as an integrated part of the Outpost products, but there were compatibility issues with Outpost 2008 related to support for Vista, IPv6 and x64 systems. We were able to resolve these issues, and as an integrated module in Outpost, Blockpost now works faster, is more reliable, and fully supports the new technologies.

    Blockpost’s IP address blacklist is completely user-controlled and user-generated. You can upload your own lists of infective IPs, even define a range of IP numbers that you consider unsafe. And you don’t have to spend extra time creating rules - there are text-based lists of bad IPs easily available on the Internet. But we recommend you double-check the IPs before adding them to the blacklist - some lists are old and the IP addresses on those lists may have become legitimate in the meantime.

    In summary, Blockpost saves you time and trouble by ensuring that the websites you visit are legitimate, supports the new Outpost architectures, and provides more control and stability for your browsing.

    In Outpost 2009, we’ve embedded the Blockpost functionality into the IP Blocklist tab on the Firewall menu. Using the Add button, you can specify host addresses as IP, IP range, IP with mask, and domain name; the Remove button deletes any selected address from the list, and Removal all clears the entire list. The Export and Import buttons save or upload lists of addresses in or from a file respectively. The lists for the old Blockpost plug-in are fully compatible with the new module.

    Blocking events are added to the Packet Log as Blocked according to IP Blocklist. The ability to log the blocking event or show a corresponding alert are controlled by the Log the dropped packet and Show visual alert when packet is dropped options
    Under import list says it needs ist.,txt.,dat file.So on that site you gave me, what to select?

    Yea and what list to import,Level 1,iana....
    just readed this
    WITH IP BLOCKLIST CAPABILITY - PEERGUARDIAN LIST COMPATIBLE
    ,yupi
    Last edited by kazuya; 31.08.08 at 22:45.
    Reply With QuoteReply With Quote
    Thanks

  7. #22
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Seems it uses the Blockpost format, then.

    * In the on-line converter, choose "PeerGuardian plain text" as source format, and "BlockPost plugin for OutPost v2" as output format.
    * Download PG's main level1 list here (it's a 7z archive, so you'll need 7-Zip or WinRAR to unpack it)
    * Open the file inside with Wordpad (Notepad will take forever to load the file).
    * Copy all its contents.
    * Open the on-line converter, go to the "Source list" tab and paste the text you've copied in the text area.
    * Click the Convert button below.
    * Go to the "Output" tab, select everything that's inside the text field and copy it.
    * Open Notepad, paste it, and save it to a file.

    Then you can tell Outpost to import that file as a blocklist, and everything should work.

    Edit: just seen your edit.
    If it's PG compatible, you can disregard everything I have posted, just import a PG list and done
    Last edited by anon; 31.08.08 at 22:47.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  8. #23

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    Im using this Blocklist manager from bluetack.it can automaticaly find new sources and update lists for applications i use eg.my firewall.so i just need to select now source level 1, outpost blockpost v2,the location where the file will be und update.

    [IMG][/IMG]



    [IMG][/IMG]

    And i can now turn off safepeer in vuze?firewall should now take care off it,right

    It would be good to give a tutorial about this Level1, IANA,SPIDERS list..what to use and what for
    Reply With QuoteReply With Quote
    Thanks

  9. #24
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Quote Originally Posted by kazuya View Post
    Im using this Blocklist manager from bluetack.it can automaticaly find new sources and update lists for applications i use eg.my firewall.so i just need to select now source level 1, outpost blockpost v2,the location where the file will be und update.

    (pics)
    Sounded good and like it will save you a lot of work
    But in the 2nd pic you haven't specified Outpost's directory... or did you just conceal it from the image?

    And i can now turn off safepeer in vuze?firewall should now take care off it,right
    Yes, you can even uninstall Safepeer to save resources, as Outpost should take care of all IP blocking now.

    It would be good to give a tutorial about this Level1, IANA,SPIDERS list..what to use and what for
    Here you are:

    LEVEL 1 BLACKLIST

    Companies or organizations who are clearly involved with trying to stop filesharing (e.g. Baytsp, MediaDefender, Mediasentry a.o.).
    Companies which anti-p2p activity has been seen from.
    Companies that produce or have a strong financial interest in copyrighted material (e.g. music, movie, software industries a.o.).
    Government ranges or companies that have a strong financial interest in doing work for governments.
    Legal industry ranges.
    IPs or ranges of ISPs from which anti-p2p activity has been observed. Basically this list will block all kinds of internet connections that most people would rather not have during their internet travels.

    PLEASE NOTE: The Level1 list is recommended for general P2P users, but it all comes down to your personal choice.

    LEVEL 2 LIST

    General corporate ranges.
    Ranges used by labs or researchers.
    Proxies.

    LEVEL 3 LIST

    Many portal-type websites.
    ISP ranges that may be dodgy for some reason.
    Ranges that belong to an individual, but which have not been determined to be used by a particular company.
    Ranges for things that are unusual in some way. The L3 list is aka the paranoid list.

    SPYWARE LIST

    This list is a compilation of known malicious SPYWARE and ADWARE IP Address ranges.
    It is compiled from various sources, including other available Spyware Blacklists, HOSTS files, from research found at many of the top Anti-Spyware forums, logs of Spyware victims and also from the Malware Research Section at Bluetack.

    DShield Recommended List

    This list contains known Hackers and such people in it.

    Microsoft List

    This list covers the known Microsoft Corp ranges that are not on Level1, as well as their known associated IP ranges from around the world.

    AD TRACKERS

    This list is constructed to block connections from advertising - marketing research data tracking sites, bad pop-ups...

    Educational Institution Ranges - EDU

    This list contains known Educational Institutions - University IP ranges - Educational Networks - School Districts a.o..

    Tor / Proxy List

    This list has been compiled from a list of Tor servers and various other proxy servers.

    SPIDERS LIST

    Automated software programs also known as spiders or bots, survey the Web and build their databases for search engines and some are used to track people down to automatically serve them with copyright violation notices. This list is intended to be used by webmasters to block hostile spiders from their web sites.

    PLEASE NOTE: Google and other search engines are blocked by this list.

    Master Exclusions

    This is a list of websites and other IP's some people may not want to block.

    Range Testing

    This list contains addresses of suspicious IP's that are under investigation.

    IANA - Bogon - Hijacked - Non-LAN lists

    Internet Assigned Numbers Authority (IANA) List

    These are the Internet Assigned Numbers Authority lists. They are for reserved listings and IP addresses that are supposedly not in use as of yet. This list (IANA Private) and possibly the other IANA lists contain IP Ranges that will conflict with your connection if you are one a home network or a company network. You should add the IPs or Ranges that belong to your network to your Exclusions list in the Blocklist Manager.

    Bogon List

    Contains known Bogon IP-Blocks.

    From CompleteWhois:

    Bogons is the name used to describe IP blocks not allocated by IANA and RIRs to ISPs and organizations plus all other IP blocks that are reserved for private or special use by RFCs (the actual term bogons comes from word bogus, as in bogus IP announcements). As these IP blocks are not allocated or specially reserved, such IP blocks should not be routable and used on the internet, however some of these IP blocks do appear on the net primarily used by those individuals and organizations that are often specifically trying to avoid being identified and are often involved in such activities as DoS attacks, email abuse, hacking and other security problems. These activities obviously pose great danger to everyone and ISPs should try to filter all these bad IP routes and we are trying to help in that by working to create complete detailed list of unassigned bogon ips based on whois data.
    In other words, if you get hit by an IP address from this range, then they have spoofed their IP address and they, most likely, are trying to do something untoward.

    Hijacked List

    Contains hijacked IP-Blocks and known IP-Blocks that are used to deliver Spam.

    From CompleteWhois:

    Hijacked IP space are IP blocks that are being used without permission by organizations that have no relation to original organization (or its legal successor) that received the IP block. In essence it's stealing of somebody else's IP resources.
    These ranges are being used illegally and are most likely being used for illegal activities. They should not be being used and should therefore be blocked.

    Non-LAN List
    This list blocks LAN [Local Area Network] IP ranges. It is only recommended for use by people that do not have home networks and want to block the IANA Private address ranges which should not be used on the internet.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  10. Who Said Thanks:

    kazuya (31.08.08)

  11. #25

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    But in the 2nd pic you haven't specified Outpost's directory... or did you just conceal it from the image?
    I have not yet try it for outpost.used it for safepeer.will add it now.

    will post if something goes wrong
    Reply With QuoteReply With Quote
    Thanks

  12. #26
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    OK, add it, then untick the Safepeer checkbox and uninstall it [safepeer]
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  13. #27

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    Ok here we go,first problem, i downloaded that level 1 and import it to blocklist.
    It blocks my nod32 update.i have take a look in that list and there are listed several names under eset.wich one to add to exclusion list now,all or just one that its blocked?

    [IMG][/IMG]

    Problem two,xfire cant connect to server.there are also several items under same name listed.wich one to remove?

    [IMG][/IMG]

    [IMG][/IMG]

    Reply With QuoteReply With Quote
    Thanks

  14. #28
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    Quote Originally Posted by kazuya View Post
    It blocks my nod32 update.i have take a look in that list and there are listed several names under eset.wich one to add to exclusion list now,all or just one that its blocked?

    ...

    Problem two,xfire cant connect to server.there are also several items under same name listed.wich one to remove?

    ....
    Unblock all entries for both.
    PG's manual acknowledges that Steam, Xfire and ArenaNet connectivity, among others, is blocked. And you're using the same blocklist PG uses...
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

  15. Who Said Thanks:

    kazuya (01.09.08)

  16. #29

    Join Date
    01.07.08
    Posts
    1,191
    Activity Longevity
    0/20 19/20
    Today Posts
    0/5 sssss1191
    And also now i see that it blocks sun microsystems.i googled a little bit and find that they developed java.so i assume to unblock that to?

    Sorry i beeing so bored
    Reply With QuoteReply With Quote
    Thanks

  17. #30
    Moderator anon's Avatar
    Join Date
    01.02.08
    Posts
    39,386
    Activity Longevity
    11/20 19/20
    Today Posts
    5/5 ssss39386
    It's OK
    Yes, you may also want to unblock Sun, as you'll be most likely unable to download/update Java if you don't.
    "I just remembered something that happened a long time ago."
    Reply With QuoteReply With Quote
    Thanks

+ Reply to Thread
Page 2 of 7 FirstFirst 1234 ... LastLast

Tags for this Thread

Posting Permissions

  • You may post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts
  •