Anybody can make a blacklist. A simple experiment is to start running an apache webserver +modsec2 read your logs, and grep out the bad ip’s. Eventually you’ll find entire nets that are bad ip’s.

But just like I wouldn’t put my money in the ^DOW, instead I would put it in a SAFE. So too you should not rely on the word of my brother Ben above telling you no need to invest in Gold, or T-Bonds, buy some of his leveraged 40:1 CDO’s.

No thanks Ben, we’ll keep our money under our home safe, where the bankers can not steal it. To fail math is beyond belief. Just like we will *back up our powerful blacklists to a CD* so that if we reinstall our servers they won’t get hit by the same nonsense. We will also SHARE our blacklists. ala cryptome.org for example!

We don’t need your forced control. Or your false ethics on why we desire to be anonymous. If you don’t know why there is a need to be anonymous, then you don’t know why we need a constitution.

Just because it’s listed int he bad ranges doesn’t mean it’s bad. Similarly because you’re communicating with IPs not in the ‘bad ranges’ doesn’t mean they’re good. List makers will accept the latter, but steadfastly refuse to even accept the former.

If you open the blocklist, and change entries so that where the dsecription said ‘BayTSP’, it now said ‘God’, by the same reasoning that you’ve used to say you’ve blocked antip2p groups, you’ve proved the existance of God, and gone to hell for ignoring him.

If this sounds silly, thats because blocklists ARE silly. They require a suspension of belief on par with following a cult, and likewise a similar abandonment of common sense. AntiP2P companies don’t publish the IP addresses they use, they don’t tell you if they ask nicely, they have never even included the information in a court filing. The only ways to know are from leaks (like the MD-D leak - see Slyck’s investigation to see how accurate they found blocklists to be based on that) and if you work there. Since there’s only been one leak, it seems that bluetack can only manage what they claim by working for the antiP2P groups. Of course, it’s silly to assume that based on little/no evidence, but then, thats how blocklists are made anyway. Working for AntiP2P would solve a few other riddles though, such as why the people behind blocklists are so hell bent on staying annonymous, and why, despite using the lists, thousands of people still get notices.

if you want more, lets not forget the UWash study, where using the blocklists got a higher incidence of notices/C+Ds than not. Somewhere on the order of 40% more notices, on half the number of torrent swarms.

If I were as paranoid as those that run blocklists, i might think that the lists were blocking legitimate peers, and allowingt he antip2p through. That is, after all, what all the independant evidence suggests, while the only evidence supporting blocklists work, comes from the people making the blocklists. Strange that.

Apart from that, “Allow Std” should be adequate, but try to block the Bogon ranges as well. Here’s an interesting site that has multiple IP Blocklists: http://iblocklist.com/lists.php - I’d recommend that you try to install the IPFilterX (by Nexus23) from that list - it’s a well-maintained blocklist that doesn’t overblock.

http://www.encrypt-the-planet.com/outpostfirewall.htm