We've all heard the fuss about the R.I.A.A. and tons of other corporations that are scanning the P2P networks, for the people who share the most, monitoring the activities, etc. This firewall hopes to block and prevent snooping, mainly what the R.I.A.A. and associates are using to snoop the users of the P2P networks.

The homepage for the firewall and some information about it can be found here.

way to go thasp

ah crap I left out half the article. Here's what the homepage says

"PeerGuardian Introduction

Peer Guardian is an experimental firewall program. Among other things it...

- Detects and closes connections from specified IP ranges.
- Blocks out known P2P enemy IP addreses by default.
- Allows you to manually close connections that have been opened by other programs.

PeerGuardian blocks connection on TCP/IP.
(KaZaA, Grokster, DC(++), Fileshare, etc. use TCP/IP)

PeerGuardian doesn't block connections on UDP.
(Blubster uses UDP)

The program was written after I'd seen many requests for something to universally block these companies out of file-sharing programs. A lot of people were asking where to get free firewall software, how to add the addresses to the firewalls block lists or how to add them in their specific P2P program. I'm not completely sure of it's effectiveness and that's why I'm releasing it as an alpha release. I can guarantee that PeerGuardian is safe and won't do anything bad but I'll have to wait for feedback before I can make any statement on it's effectiveness. It should work without problems for most people though.

PeerGuardian blocks out known IP ranges used by MediaForce, MediaDefender, BayTSP, Ranger, OverPeer, RIAA, MPAA & NetPD by default.

Recently added: Spyware IP blocking against GAIN & Xupiter.com"

Also, it is not meant to be used instead of a normal firewall. It should be used with it, as a second one.

neat!

I hate Xupiter, even worse that GAIN...

cool..... this might solve the problem at the Career center

downloaded PeerGuardian v1.2 ALPHA and used it last night when i was sharing files to the world and look what i came accross this morning

Connection forcefully closed on: 128.241.221.115 - NetPD

its war time huh. i started 2 years ago when napster went down, i stoped buying cd's, and now ive gone completely to linux OS f**k them all.

share share share, boycott boycott boycott

I think that these blocks will become more and more widely used. It will be hard to stop them, because it is hard to get new IP ranges (for example, see www.arin.net to find out about a range).

I feel that the RIAA, NetPD, MediaDefender, and the like will lose the war!

I had gnucleus on for a half hour and this came up on it;

"Connection forcefully closed on: 209.204.181.213 - BayTSP"

It's working

Excelent. Ive been investigateing self-defence systems for a while myself, without much success. This is a start at least.

Heres a suggestion through. When it detects a TCP request arriveing from one of the problem ranges, let it complete the TCP handshake before blocking the connection. That way the bot scanning the network will wait for a few minutes before timeing out. Imagine the effects of a network equiped with several thousand of those things and a bot which can only support a limited number of simutainous connections

URGENT;

The big version of this installer will not allow WinMX primary connections! Get the smaller one!

This is what PeerGuardian 1.2a lists as RIAA.

208.225.90.0 - 208.225.90.255
12.150.191.0 - 12.150.191.255
208.192.0.0 - 208.192.255.255

whois search of www.riaa.org turned up
164.109.0.0 - 164.109.255.255

also found a www.netpd.net, in Korea, with a range of 203.233.237.0 - 203.233.237.255. (website comes up primarily in Korean and is only about 5 lines long)

in PeerGuardian 1.2a, Mediaforce is listed as 65.192.0.0 - 65.192.255.255, 65.223.0.0 - 65.223.255.255, and 4.43.96.0 - 4.43.96.255. Whois search adds 209.133.224.0 - 209.133.255.255.

Well, the RIAA wouldn't attack from their usual address range even if they did monitor themselves. They dont. The RIAA, or more frequently individual labels, hire companys such as netpd and mediaforce to do it for them. You should also check if that www.riaa.org is on the RIAA network or somewhere in a colocation server farm. I scanned the range and theres a lot of port 80s open, through strangely they dont seemt o be doing anything. Glitch in the scan?

Connection forcefully closed on: 216.122.217.249 - Ranger

oh and another Connection forcefully closed on: 128.241.221.115 - NetPD

thanks to the creator of this software, you da man!!

might as well block as many IP's related to the RIAA as possible.

Connection forcefully closed on: 64.94.89.142 - GAIN(spyware)

cool, it works!

> "Connection forcefully closed on:
> 209.204.181.213 - BayTSP"
> It's working

Sure, except that IP belongs to someone's personal DSL account, not BayTSP. The filters on Sonic.net are way too broad, and they probably are for other ISP's as well.

hey im new to this site, i had kazaa but ended up deleating it because of all the spyware that it gave me and that it mest up my IE so bad that i had to change to mozilla explorer.

even though for right now i dont have access to the p2p network, i was wondering if it was a good idea to be blocking these ip addresses u guys are posting on here just incase, like say i got another program for the p2p network later on.

on my mcafee virus scan thingy it has a visual tracer which gives you address, city, and state, netrange, netname, nethandle, nameserver, phone numbers,e mail address and a few other things.i did some traces on some of the ip addresses that are posted on here and heres what i came up with for one trace (not sure if this helps anyone but still i think its useful in someway)

>209.204.181.213 came back as sonic.net and under netrange it has 209.204.128.0- 209.204.191.255

i still dont understand the whole netrange thing im not sure if it means 209.204.128.0 through 209.204.191.255 is how many ip addresses they own or what.

if more of this information that i get from this tracer program would help in anyway just let me know.