PDA

View Full Version : Protect Yourself from eDonkey Spy Servers



ven0m
05-01-2007, 06:02 AM
http://torrentfreak.com//images/emule_prison_transparent.gifConnecting to a bad ed2k server can have some nasty consequences. They monitor your activities and report to anti-p2p outfits. They direct you to non-existent files, corrupted fakes and hide files which others genuinely want to share. Learn how to protect yourself.

Millions of file-sharers use the eDonkey (ed2k) network daily with every conceivable file and media type available for download. However, for millions of users on the ed2k network there is a threat hidden below the surface - fake (http://peerates.net/peerates/ametfiles/peerates-fakedservers.html) eDonkey servers, estimated to be as many as 60% of all the ed2k servers currently online.


These bad servers can spy on you, track your activities and report your behavior to anti-p2p companies. Others are concerned in engineering a situation to put malware on your machine. For the incomplete downloads in progress, the user’s ed2k client asks all the servers configured in its server list to find additional sources but of course, if you connected to a bad server it now knows everything that has been happening in your client - a major privacy breach.

Fake servers are also there to misdirect, to cheat, to confuse. “Simply put, those servers lie. And they do a lot of it.” explained qm2003 from eMule-Project. (http://www.emule-project.net/) “When a client is searching for something, fake servers will return files and sources to files that are actually non-existent, empty or garbage.”


Furthermore, files being offered for share by users connected to a fake server will not show up in search results of queries made by other users, effectively starving the network of millions of files. “Some fake servers deliberately return results with supposedly thousands of sources to prematurely end searches” explains qm2003, “And to make matters worse, those search results contain malware that will infect the system of any client downloading and executing those files.”


The problem of connecting to fake servers is actually something built into the standard eMule installation as the default settings result in the adding of fake servers to the server list. Probably due to legal considerations, this situation is not seriously dealt with by the developers but there are steps which can be taken now to improve the situation;

1. In eMule go to Options/Server
2. Set number of errors allowed before removing the server to 9
3. Click Edit button that appears next to the option Auto update
4. In Notepad, that is opened, add the following lines in the beginning:
http://www.gruk.org/server.met.gz
http://peerates.net/peerates/certifiedservers.met
http://peerates.net/peerates/trueservers.met
5. Save changes in notepad
6. Unmark the two following options Update list of servers
7. Click on Accept
8. Go to servers window
9. Remove all servers from static list
10. Remove all servers from list
11. In Update Server.met from URL, write any of the URL in point 4 above.
12. Click on Update button
13. If you have selected Autoconnect only to servers on the static list, add the servers you want to the static list
14. Double click on any server


We reported (http://torrentfreak.com/p2p-anti-piracy-system-defeated-with-2-clicks/) on the value of Protocol Obfuscation (BitTorrent users will be more familiar with the term Protocol Encyption.) and it is of some use to this situation. To date, no spy/fake servers support obfuscated connections, so enabling it in the options of eMule 0.47C rules out the current possibility of connecting to a bad server.

http://torrentfreak.com//images/emulepo.gif



However, as we pointed out in the earlier article, this method does carry the side effect of not being able to connect to non-eMule clients, versions of eMule before 0.47b (which do not support PO) and other clients with PO switched off.


Taking the above steps will drastically improve your chances of avoiding a bad server. Tune in next time when we cover the issues surrounding spy/fake/poisoning clients and current counter-measure techniques.

:ph34r:

:source: Source: http://torrentfreak.com/protect-yourself-from-edonkey-spy-servers/

maynard
05-01-2007, 03:49 PM
Thanks a lot.

Shando
05-05-2007, 01:21 AM
Thanks Man

haydeno
05-20-2007, 08:19 AM
interesting

eltipo
07-01-2007, 06:21 PM
thank very good:clap:

PoOki
07-03-2007, 02:28 PM
thanks!

backlash
07-03-2007, 07:53 PM
thank u

LimeJam
07-05-2007, 01:52 PM
big thx

waelisa
07-24-2007, 02:52 PM
Thanks.

ftcnt
08-07-2007, 02:21 AM
thank you

Money Fist
08-14-2007, 11:18 AM
gud stuff.

Invocation_of_Ra
08-17-2007, 04:06 PM
working with B.I.S.S. (http://www.bluetack.co.uk/forums/index.php) software but thanks for the warning :D

pissupoosa
08-22-2007, 04:35 PM
i am a heavy emule user.. thankx for this..

turbotalon21
08-23-2007, 09:18 PM
thanks

anekoik
10-14-2007, 09:00 PM
very useful thxs

jerryjuga
11-10-2007, 03:14 AM
thank you so much!

aviad
12-14-2007, 10:56 AM
thank you dude

kadii98
12-24-2007, 06:43 AM
thank you

dineshreddy
12-25-2007, 03:58 AM
thanks a lot dude

zbrushing2
12-30-2007, 03:14 PM
Thank you! Used the advice for emule.

DeathAngel
01-05-2008, 04:58 PM
Hey Guys , Keep up the good Work !!

bftk
02-06-2008, 08:44 PM
Very useful
Thanks ;)

VIZFX
02-07-2008, 06:54 AM
Better safe than sorry

Johnny Cage
02-14-2008, 06:25 PM
thanks

anto
02-14-2008, 06:51 PM
:w00t:thanks

thewho
03-03-2008, 05:40 PM
thanks

tajerina69
03-03-2008, 09:38 PM
thanks

RainRoofer
03-04-2008, 09:06 AM
I can't connect to razorbacak servers, anyone experiencing same problem ?

saqib
03-04-2008, 07:51 PM
eDonkey is the most weired p2p protocol i have ever used , and above all most un safe.

zyduuu666
05-06-2008, 03:59 PM
Thanks for help :)

antonii
05-06-2008, 04:10 PM
Thanks

mfema
05-13-2008, 11:34 AM
thanks 4 this

frod
06-18-2008, 02:42 AM
thanks, important post.

atulaclamp
08-01-2008, 10:50 AM
Thank ^^ I havent used emule much
So it's good experience
Thank :)

fr3x3r
08-02-2008, 04:59 AM
yeah, thx dude ;)

messiaah
08-03-2008, 12:38 PM
thnx dude

SonsOfLiberty
01-27-2009, 02:13 AM
The 4400 (http://www.dvdmsn.com/US$30.00-THE-4400-Season-1-2-3-4-DVD-boxset-p-511.html)is a science fiction TV series produced by CBS Paramount Network Television in association with Sky Television, Renegade 83 and American Zoetrope for USA Network. The show was created and written by Scott Peters and René Echevarria, and it stars Joel Gretsch and Jacqueline McKenzie.

WTF :ghey:

Shooster
02-04-2009, 07:14 PM
The 4400 (http://www.dvdmsn.com/US$30.00-THE-4400-Season-1-2-3-4-DVD-boxset-p-511.html)is a science fiction TV series produced by CBS Paramount Network Television in association with Sky Television, Renegade 83 and American Zoetrope for USA Network. The show was created and written by Scott Peters and René Echevarria, and it stars Joel Gretsch and Jacqueline McKenzie.
Who did ask you for that info?

PACINO
02-23-2009, 08:30 PM
Thanks Man

tripode
06-13-2009, 06:18 PM
thanx 4 the tips

scip9204
10-16-2009, 05:21 AM
Thanks a lot for the information.

jungle
10-16-2009, 06:08 AM
thanks

Farxat
10-26-2009, 08:42 AM
I trust site eMule-Security (http://emule-security.net/news.php)
IPFilter, Nodes.dat for KAD and Server.met - always up to date.

invitestor
12-03-2009, 07:03 AM
thanks

bumrocks
03-09-2010, 06:07 AM
Much appreciated...Just made a few minor adjustments!

Zoltar600
03-10-2010, 03:32 PM
thanks.

Mikity
04-13-2010, 07:01 AM
Thank you. Couldn't I just use Peerguardian to stop connecting to dubious servers?

anon
04-13-2010, 12:32 PM
In theory you can, but it's better if you use a trusted list that doesn't contain them in the first place ;)

Mikity
04-14-2010, 07:26 AM
True that :) Well, I'm off to give it a try...
Thanks!

DATTER
04-14-2010, 10:50 PM
Oh memories... i don't use eDonkey for years lol.

UltraSeed
11-24-2010, 11:35 PM
Thank you!
Very interesting.

jkl49
11-25-2010, 03:27 PM
Interesting. In the past I would just use PeerGuardian or similar, but the poster on the previous page makes a good point. If I use eMule again, I'll be sure to take advantage of this topic, thanks.

bonjasky
04-11-2011, 12:10 PM
Thanks for security.

serpents
04-20-2011, 07:41 AM
thanks for the tip.

the_wind
05-10-2011, 08:56 PM
Great post! It's been awhile since I've updated my servers list. I'll definitely give these ones a try.

I've always been trusting ipfilters from BISS (http://blocklistpro.com/download-center/ip-filters/). Not sure if anyone had mentioned them here. These add another layer on top of the list of good servers.

MixLogy
09-02-2011, 03:14 AM
Thanks Bro

aarus1an
09-04-2011, 07:43 AM
Thank Very Much....:whistling

anon
09-04-2011, 05:26 PM
Ah, I remember the days when there were so many good eMule servers... now it's only a few ones. Some people are already using Kad only.

cescfabri
12-03-2011, 03:40 AM
thanks

cheloviek
01-04-2012, 12:00 PM
good input thxs

Stabber
01-05-2012, 06:18 PM
Honestly edonkey is not needed anymore . I can get everything i need either from torrents or usenet or warez-bb . If something is really really rare and is on emule , you will need days in order to download something it would take just some minutes

anon
01-05-2012, 06:29 PM
Honestly edonkey is not needed anymore . ... If something is really really rare and is on emule

...that's when you need it. I would try to exhaust every possible resource before turning to eMule, though.

Stabber
01-06-2012, 12:39 AM
Honestly edonkey is not needed anymore . ... If something is really really rare and is on emule

...that's when you need it. I would try to exhaust every possible resource before turning to eMule, though.

The same thing i do , but until now i have found everything i needed from either torrents or usenet or warez-bb

Btw are there any emule index sites alive ? The only one i know is fileheaven and it doesn't have a lot of emule links

anon
01-08-2012, 05:24 PM
Btw are there any emule index sites alive ? The only one i know is fileheaven and it doesn't have a lot of emule links

I know a few, but they're Spanish-language sites. English ones, I have no idea. I never really used one.

drcode
04-14-2012, 05:01 AM
gracias.

bkg12
07-26-2012, 10:31 AM
damn....never knew that could happen........phew

swell
08-07-2012, 09:46 PM
Thanks.

zer0squared
01-19-2014, 03:19 PM
Yeah, thanks for that.

phillyc
01-19-2014, 08:37 PM
very handy thread, did not know this. Thanks

ally2019
01-25-2014, 09:29 PM
How do I know if I am connected 2 a ed2k server? This is all new 2 me, & I'd like 2 avoid trouble from the start. Tx

anon
01-26-2014, 03:06 AM
How do I know if I am connected 2 a ed2k server?

If you're using eMule or a mod thereof as a client, the server you're connected to should be highlighted in blue in the "Servers" tab.

megabyteme
01-26-2014, 03:14 AM
Personally, I'd suggest joining the "new" century. :idunno:

Worldwide7477
08-23-2015, 07:27 PM
Thanks for the share :)

ajandlia
05-02-2016, 07:09 AM
thanks, very helpful.

superman2013
09-07-2019, 02:38 PM
Thanks

anon
09-08-2019, 12:40 AM
For a trustworthy server list and IP filter (updated monthly), visit http://emule-security.org/

raja1
10-20-2021, 12:16 PM
interesting

anon
10-20-2021, 09:01 PM
Fake eMule servers are no longer a threat, since the network is a small target nowadays. There was a moderate revival last year, however, with around 20 good servers operational as of this writing.

Zupper
10-22-2021, 11:10 AM
Useful info