Bi-directional HOSTS file?

[Oddysey]

Gang;

This here's a link I found at Shell Extension City. I'm not sure just what to make of it, so I thought I'd pass it on, and get your feedback.

The link: Protowall. I think there are a couple of reasons for considering using this proggie, so I decided to write this post. Submitted for your consideration:

1) If you don't have a hardware firewall installed, with Stateful Packet Inspection, then this might be of some benefit. It purports to check both incoming and outgoing packets, blocking any that have addresses found in the accompanying blocklist.

2) If you run a P2P network on your machine, you should be able to set this up to block incoming requests from certain addresses, thus leaving the bulk of the sharing network open for business as usual. In that analysis, you could conceivably block the RIAA nad MPAA from sneaking in to see what's on your shared folder.

Otherwise, the HOSTS file is probably a better bet, if for no other reason than it is much better supported, by a greater number of sources. Even the Bluetack site that carries Protowall has its own HOSTS file.

Opinions, anyone?


Oddysey

[a_stupid_box]

I use both. Here's why:

in 41 hours, on a P2P program, 3058 connections have been blocked by Protowall. The majority being from SONY and RIAA.

in 41 hours without a P2P program running, 1156 connections were blocked by Protowall. The majority being from SONY and Baytsp.com.

None of the IP's are on my HOSTS file (I use the one from here, now, not my monster list).

True, the non-P2P connections were blocked by Sygate before I had protowall, as those connections weren't calling on an authorized program. However, once Shareaza is running, Protowall blocks the connections.

It takes up very few resources and currently blocks 94076838 IPs in 5930 ranges.

[Oddysey]

a_s_p;

Quote:.... currently blocks 94076838 IPs in 5930 ranges.

In the word of the not-quite-immortal Neo, "WOAH!!" That's a few entries, no doubt. Makes my head spin just think what it would do to ZoneAlarm and other proggies like that. [unsure]


Oddysey

[Kye-U]

Mine is set to detect and block: 2660902008 known IPs in 20402 ranges.

Here is my P2P file.

[a_stupid_box]

thanks, Kye. What did you add? Or did you get this from somewhere?

[besafe]

Oddysey Wrote:2) If you run a P2P network on your machine, you should be able to set this up to block incoming requests from certain addresses, thus leaving the bulk of the sharing network open for business as usual. In that analysis, you could conceivably block the RIAA nad MPAA from sneaking in to see what's on your shared folder.



Opinions, anyone?


Oddysey

Highly unlikely. They may leave a few addresses around for people to block and make themselves feel comfortable; but they are probably doing their snooping from P2P software that people ar considering safe to allow. Best way to snoop on enemies/allies is to infiltrate; and they have the resources. This is my opinion of course, others may vary.

besafe

[a_stupid_box]

besafe Wrote:Highly unlikely. They may leave a few addresses around for people to block and make themselves feel comfortable; but they are probably doing their snooping from P2P software that people ar considering safe to allow. Best way to snoop on enemies/allies is to infiltrate; and they have the resources. This is my opinion of course, others may vary.

besafe

Doesn't matter. Protowall screens ALL packets and connections. They can't even connect to you via P2P software if their IP is blocked.

And yes, a friend and I tested this by blocking his IP in Protowall then having him attempt to connect to my machine via every program I'd marked "safe" in Sygate. Protowall is more akin to a HOSTS file than a firewall in this respect. The only way around it is for a company to dump their entire IP range.

Kye-U;

Who/what is this "Rogers" connection I keep blocking with your IP list?

[besafe]

That is my point exactly. They are not going to use their IP at all to do the real work and you are not going to know who to block are you. They can afford really knowledgeable folk now can't they.

[Shea]

Rogers is Kye-Us ISP. Just in case they feel like snooping on him.

[Oddysey]

Opinions? I asked for 'em, I got 'em! In spades, yet. Hooboy! [lol]

I just wanted to see if this thing might do anybody any good, that's all. It looks like I may have done some kinda good thing here, introducing Protowall to some new faces on this forum. (I vaguely remember seeing it some time ago, but it didn't dawn on me then what good it might do. And I don't even use P2P - go figure. <_<)

~~~~~
besafe;

If the RIAA and their cronies do succeed both in capturing your data and your identity, they'd best do it in a legal manner if they wanna prosecute successfully. In this country (the good ol' USofA), it is a crime to spoof one's IP address for any reason, including that of attempting to entrap individuals in the commission of a crime. That's straight from the law books.

While the RIAA might have the money (and therefore the manpower, time, expertise, bandwidth, serverpower, etc.), they don't have anywhere to go with their ill-gotten intel. The only way they might be able to use this information is if they decide to start harassing people's individual machines (with or without legal permission).

<span style='color:red'>EDIT:</span> (I can't leave this thing alone, can I? [rolleyes])

I'm beginning to think that you're talking about stool pigeons, aren't you? The kind of slime who, when faced with prosecution, will turn on his fellow sharers, and give them up in exchange for the hope of a reduced penalty. Is that your contention? Well, bless my soul, son, but that bears further examination. Let's do that, shall we?

Paid informers (whether in money or reduced penalties) have been accepted as useful tools and credible witnesses for a long time. But there is a fine line between "I saw him pull the trigger" or "I heard him plan it all out", and the more nebulous "Well, that's who my computer says I was sharing with". In the first instance, there was a direct contact, i.e., visual sighting. In the second case, there was no way to corroborate the evidence. In such a scenario, the tables can (and will!) be turned - how does the stoolie know he was sharing with a non-spoofed IP address?

Given the lack of irrefutable evidence, courts that have not been bought and paid for by the RIAA will throw out any such case. There are still a few such courts laying around, but I admit that they're getting as scarce as hen's teeth. [angry]

Besides, don't you think any such stoolie won't be found out? He won't last long, take my word for it. [hehehe]
[/edit]

Surf safely, share safely. I see no harm in trying to do that.


Oddysey

[Kye-U]

a_stupid_box Wrote:thanks, Kye. What did you add? Or did you get this from somewhere?

I got this from Blocklist Manager.

I used most of the sources except the test ones and the Proxy list.

[besafe]

Hi Oddysey;

I don't think I was referring to "Stoolies" so much as "information grabbers" that would never testify that they did anything. Gathering information through not altogether legal methods is used by many people, countries and corporations IMHO and something the perpetrator would not divulge. Computer espionage through social engineering etc. is where the big money is IMO and these are individuals that operate under extreme stealth.
Maybe these people don't exist although I do have a friend with multiple OS and software degrees that tells me they do. He works for a large US corporation and deals with people he deems as very dangerous that you "stay friendly with at all costs".

I guess we do all we can to make ourselves feel safe and that is good. I know I set up all my friends and relatives computers to show them that they are "stealthed" to give them peace of mind. If Protowall does the same for people then I'm all for it.

besafe

[Oddysey]

besafe;

Your friend is 100% correct - very powerful individuals do indeed exist. But I don't think I'd label any of them as 'information grabbers'. Those kinds of guys, corporate spys, etc. don't lift a finger until they know what's in it for them.

And the rub of it is, the law still stands as I stated earlier - you can't even open a lawsuit unless you have all your ducks in a row. Merely exposing someone as a "cybercriminal" isn't going to accomplish your mission - you'll just be laughed out of the park. You must have a legal chain of evidence before you approach a judge, and it had better not smell of any underhanded tactics like such as entrapment. Defense lawyers love that kind of thing, believe me, I know.

Picture this with me.......
~~~~~~~~~~~~~~~~
Bailiff: "All rise. Court is now in session. Be seated."

Judge: "Call the first case."

Plaintiff's Attorney: "Your Honor, we are suing for damages under copyright law. We have proof that the defendent willfully gave away multiple copies of our material."

Defense Attorney: "Your Honor, with all due respect, the Plaintiffs have no such evidence."

J: "All right, let's hear it"

PA: "Your Honor, we have irrefutable proof that the Defendant uploaded our materials to various other computers on the Internet, and did so numerous times."

DA: "Your Honor, we have asked the Plaintiff many times to let us examine this so-called irrefutable proof for ourselves. You will note that no witness is named in any documents currently before the Court, neither any corporation employee, nor any other individual. If we can't question anybody, either before or during this suit, how can we establish the veracity of the accusation? How can we defend ourselves against what amounts to an unknown, and unknowable, accuser?"

J: "Mr. PA, I'd like to hear how you intend to verify and corroborate your witness's testimony, presuming you do have a witness that you will call to testify.'

PA: "We can't produce him, Your Honor. We have an agreement to keep him anonymous, so that he can perform futher services for us, in the future."

DA: "The Defense strongly objects, Your Honor. If we can't face our accuser, how can we defend ourselves? This flies in the face of all jurisprudence that our country is founded upon......"

J: (to the DA) "Just a minute, Counselor. I too wonder as to how the Plaintiff will handle this. Mr. PA, I must insist that you either produce a witness, or I will grant the Defense motion to dismiss for lack of evidence. Your mere accusation won't be enough, you must have corroborable evidence. Do you have any such, sir?"

PA: (meekly) "No, sir. Your Honor."

J: "Mr. DA, do you wish to make any motions at this time?"

DA: "Thank you, Your Honor. Defense moves to dismiss the suit for lack of merit, and to acquit the Defendant of all charges, with prejudice."

J: "Mr PA, any response?"

PA: "No, Your Honor."

J: "Then I'm going to enter an order to dismiss this suit, with prejudice. Further, I am releasing the Defendant from all consequences of this suit, with the exception of his own legal fees. Mr. DA, you may submit an accounting to this Court within 10 days, making any claims for reimbursement you feel necessary to make your client whole for any expenses related to this lawsuit, including all reasonable attorney's fees, as established by the appropriate State laws. So ordered."

Gavel: SLAM!
~~~~~~~~~~~~~~~~

Thus ends another case of skulduggery on the RIAA's part. If they don't have it, they can't flaunt it. End of story.


Oddysey

? 2004. All rights reserved. The foregoing dialog was formulated and expressed wholly as an example of what might happen in a court case. No real life events or characters were harmed in this transliteration.

[besafe]

By slapping people with lawsuits useless or not; and getting people to settle out of court paying them. They have succeeded in stopping some multiple gigabyte sharers from doing so and scared many from downloading and sharing as many files as previously. They would probably consider this a success.

[Oddysey]

besafe;

Quote:By slapping people with lawsuits useless or not; and getting people to settle out of court paying them.&nbsp; They have succeeded in stopping some multiple gigabyte sharers from doing so and scared many from downloading and sharing as many files as previously. They would probably consider this a success.

Until they met me!

I'm not fooling. I've been involved in lawsuits against major corporations, and for megamillions of bucks. And I don't mean as lawyer either, I mean as a Plaintiff, and as a Defendant. That's how come I can quote chapter and verse about how proceedings.... proceed. Been there, done that, bought the souvenir bronzed gavel from the vendor in the lobby. Ho hum.

After that kind of artillery, the only thing new that the RIAA can bring on my butt is national noteriety. And I'd welcome it in a heartbeat. Can you see the headlines now? RIAA picks on Santa Claus! I've attached a picture taken a few years ago, during the appropriate time frame.

Now, if I could just find a viable reason to need to use P2P...... Nope, got everything I need right here. Oh well, maybe some other time. The whole point of my stance is that you are correct; people do back down in the face of litigation, and the attendent costs. I don't. I know how to blow their ducks out of the water, and do it without a lawyer (excepting the paperwork part, then a lawyer is necessary). All of which says; If you don't stand on your own two feet, how the hell can you expect someone else to stand on them for you?! (Or something like that. I think. [unsure])


Oddysey, the unbowed citizen who knows how the game is played, because he's won, and lived to tell about it