Shareaza

[siavoshkc]

There are actually two things. First I need to see a dialog box asking for expiration time when I ban an IP in search result. Second I want to be able to ban files by hash.

Thanks for your care

[ailurophobe]

First, why do you need this dialog? Most of us don't, or only need it so rarely it is easier to change it in the security manager. Also do you want it always, if an option is set in advanced settings, or as an alternative to normal quick ban in the context menu?

Second, since it is already possible to ban files by hash, you probably want some specific GUI for doing it in some specific context? Please tell more.

[cyko_01]

shareazaplus has the options "ban file"(by hash) and "ban user"(by IP address) in the context menu. I think this is how we should implemente it

[ocexyz]

[ailurophobe]

Actually, the security manager could use a full remake on par with what is being done to the scheduler. The performance boosts possible alone would be worth it. Better add/edit rule options, better import/export options (like auto-update when the list added is online), better UI (like breaking up the rules by type of which we have more than two)... We just need someone with the resources to do it.

[ocexyz]

deleted - accidental double post

[cyko_01]

[ocexyz]

[siavoshkc]

The idea of being able to ban user in search window is to avoid unwanted and harmful files. There are two ways to do this.

First is to block IP. This is done due to presumption that this IP is trying to share bad files to infect clients or to damage network. As it can be temporary this type of ban should have an expiration date. In status bar Shareaza explains it will ban IP for this session, but it actually blocks it forever (THATS A BUG). This is why in the first place I asked for a dialog box, to set an expiration period.

Second is to ban file using its hash. This is done when user realizes the file is harmful in some way. I think this option is necessary in search window. This way user will feel protected from that treat. I believe it won't confuze any user as this is an option they expect to have.

Maybe there should be two options:
Ban user
Ban file and user -> To ban both IP and file hash at once

[ailurophobe]

Thanks, that was a good explanation of what you wanted. (I think.)

I think that the current behaviour in the search window is to quick ban both file and address permanently. I think the file should always be banned since that is what the user sees and bases the ban decision on. The file ban should probably also stay permanent, since files either are bad or not. You might be wrong about it being bad, but even if you are it doesn't depend on duration, so setting a duration other than permanent does not make sense. It might make sense to have a duration based on number of searches without a hit in order to remove blocks to files no longer in the wild.

For the IP blocks... yeah making them temporary might make sense. As long as somebody collects blocklists the address block should probably default to something like twice the update period for the lists. (Or just letting the next security list update overwrite quick bans, as I think happens now.) Of course this requires regular updates of the lists (auto-update engine?) and making the security manager able to handle full-size lists that really have all the addresses that need to be blocked. This would also automatically remove wrong and out-of-date quick bans so adding extra options to the context menu would not be necessary. Substitute a reasonable default for added options.

Btw, I often edit the bans to have a 255.255.255.0 netmask so they are more likely to ban scum with dynamic IPs or several addresses. The idea is that the chance of a legit peer hitting the block is one in a million or so (big chunks of address space are not actually relevant) and that is low enough to ignore while the odds of a bad peer using several IP over time is much bigger. Any thoughts on this?

EDIT: Also having quick ban on the ED2k host cache would be nice... I like keeping track of how many servers are available, so I enable getting servers from both server and clients and then remove known bad servers.

[swampmonster]

Hello, everyone!

I recently downloaded the latest version of Shareaza, 2.5.2.0. I then uninstalled it and reverted to version 2.4.0.0, for one simple reason. I am trying to build a security filter based on file hashes, and while 2.4.0.0 automatically inserts the file hash along with the IP number, all later versions I have tried do not. While this may be of little interest to the average user of this fine product, it is of vital interest to me.

When it comes to P2P security, IP-blocking is not enough. I have been identifying and offering blocks for bad peers' IP numbers for several *years* now, and while that helps, it isn't enough. I have been downloading and scrutinizing fake files, holding virus- and Trojan-infected fake files on my hard drive for a couple of years now (850 megabytes' worth), and creating Bitzi tickets for them, and *that* is not enough. I have been working to identify fake eMule servers, and had some limited success there. Most recently, I have been working on fake BitTorrents and found great success in that area, both with regard to IP numbers and infected software.

I have also, for the first time ever so far as I know, and despite objections from detractors, created a filter for Shareaza based on file hashes. In my own experience, using the filter reduces fake-file hits in my search results anywhere between 33 and 75 percent.

My problem is this: I want to use the latest release of Shareaza, but cannot because when I want to "ban" a user, so as to insert not only the IP number but also the file hash into my security page, 2.4.0.0 is the only version that does this. I cannot migrate to a later version because whenever I do, Shareaza no longer adds file hashes to bans, and I need those hashes for my experimental filter.

Any thoughts? I am open to any and all comments.

Cheers!
Richard