New IPFilter Updater For BitTorrent Client Blocklists
July 30, 09 by sharky 19,888 viewsOne of the biggest problems with using an IPFilter to block bad IPs in a BitTorent client or other P2P software is remembering to update it. An IPFilter is only as good as the provider, and how often the list is updated by both you and the supplier of the list. Blocklists & ipfilter.dat files don’t update themselves automatically - but here’s a cool new utility that now makes it possible with just one mouse-click! Introducing IPFilter Updater - a tiny script that you can use to update a blocklist for virtually any torrent client.
It’s always been somewhat of a nuisance to remember to update your ipfilter.dat file. Old lists won’t recognize new threats, so it’s fairly important to keep it current. The IPFilter µpdater is a sophisticated, yet very straight-forward and simple batch script to automatically update your ipfilter for most BitTorrent clients.
• http://ipfilterupdater.sourceforge.net
µTorrent
The µpdater package for µTorrent will, by default, extract itself to the variable ‘%AppData%\uTorrent’ folder and will create a shortcut on the desktop. Clicking the shortcut will launch the µpdater batch file. When the update/download is successful, (re)start µTorrent and you will see a new entry under the ‘Logger’ tab saying: ‘Loaded ipfilter.dat’. If the ipfilter is disabled, go to Preferences -> Advanced -> scroll to ‘ipfilter.enable’ -> double click -> apply. From now on, all you have to do to update your filter is clicking the desktop shortcut.
Halite
The µpdater package for Halite will, by default, extract itself to the variable ‘%ProgramFiles%\Halite’ folder and will create a shortcut on the desktop. Clicking the shortcut will launch the µpdater batch file. When the download/update is successful, (re)start Halite and go to Settings -> Security tab -> click ‘Import ipfilter.dat’ -> Browse to the Halite installation folder and select ‘ipfilter.dat’. You will have to do this manually every time there’s an update, because Halite uses it’s own system for storing an ipfilter.
BitSpirit
The µpdater package for BitSpirit will, by default, extract itself to the variable ‘%ProgramFiles%\BitSpirit\config’ folder and will create a shortcut on the desktop. Clicking the shortcut will launch the µpdater batch file. When the update/download is successful, (re)start BitSpirit and you will see a new ‘IPFilter.dat’ entry in the General tab. From now on, all you have to do to update your filter is clicking the desktop shortcut.
Vuze
The µpdater package for Vuze will, by default, extract itself to the variable folder ‘%ProgramFiles%\Vuze’ and will create a shortcut on the desktop. Clicking the shortcut will launch the µpdater batch file. When the download/update is successful, (re)start Vuze and seek the ‘IP Filters’ tab in Preferences. Now select the ipfilter.dat from the Vuze installation folder to autoload (e.g., ‘C\Program Files\Vuze\ipfilter.dat’). From now on, all you have to do to update your filter is clicking the desktop shortcut.
BitTorrent
The µpdater package for the official BitTorrent client will, by default, extract itself to the variable ‘%AppData%\BitTorrent’ folder. Clicking the shortcut will launch the µpdater batch file. When the update/download is successful, restart BitTorrent and you will see a new entry under the ‘Logger’ tab saying: ‘Loaded ipfilter.dat’. If the ipfilter is disabled, go to Preferences -> Advanced -> scroll to ‘ipfilter.enable’ -> double click -> apply. From now on, all you have to do to update your filter is clicking the desktop shortcut.
Other Clients
In theory the µpdater could work for any applications that supports an ipfilter in .dat format. But, it isn’t always necessary. If you like to use the eDonkey network, for example, we recommend the eMule 0.49c MorphXT mod, which has excellent ipfilter updating support embedded.
Our Tests: Vista 32-bit
When installing for Vuze and uTorrent, desktop shortcuts were not created under Vista (in our tests). For uTorrent, the updater does indeed work as planned, but we needed to manually find and run the updater (called µpdater.bat) which is located in the uTorrent appdata directory: (C:\Users\<your name>\Appdata\Roaming\uTorrent).
Our Tests: WinXP
Works flawlessly for XP under all clients. NOTE: If running more than one BT client on the PC, the desktop shortcut will only update the last client that you downloaded it for (not all BT clients that are installed). A way around this is to rename each shortcut, and give each a different name such as µpdater-utorrent and µpdater-vuze after each download. Then you can run each specific updater for a chosen client.
©2007-2010 • 
01 • Bertus Says: 30.07.09 at 3:38 am
I’d say the biggest problems with using an IPFilter is that it’s useless, it gives a false sense of security. Why?
1. Nobody can’t tell how acurate the list is. Probably there are a lot of false positives (seeders that get blocked) and a lot of bad ip’s still unblocked.
2. IPFilters block a connection, but in order to make a connection you have to know an ip-adress first. So bad guys can’t connect to you, but know your ip anyway.
3. The list is public, which means also the bad guy’s know which ip’s to use and which ip’s to change.
4. With all the resources anti-piracy organisation get, it’s not that hard to change ip-adresses on a regular basis, or use other ways to get around that ipfilter (like using a fake tracker to collect ip-adresses).
02 • tofoko Says: 30.07.09 at 4:26 am
# Bertus 2. if they can’t connect then they can’t prove that you are uploading, but you are still right about the false security
a good thing about this application is that it can block for ips that uploads fake data
03 • MiKE Says: 30.07.09 at 8:37 am
and with the addition of
taskkill /f /im utorrent.exe
start C:\Progra~1\uTorrent\utorrent.exe
in the updater.bat, you can schedule an update in task scheduler
04 • JohnTheRipper Says: 31.07.09 at 12:25 am
Don’t be stupid!
This file probably blocks a ton of valid IP addresses as well. If you notice a decrease in speed when using it (and you probably will) don’t use it!
Again this depends on how paranoid you are vs. how fast you’d like to download.
05 • Frak Says: 31.07.09 at 7:42 am
The good question is : how does the anti piracy organizations work to find illegal sharers for example on public or private trackers (TL for example). Do they use dedicated servers or various other companies ? adsl line with a dns which looks like those of individuals customers ? could we have these kinds of informations ?
06 • PetFoodz.Info Says: 31.07.09 at 11:44 am
Thanks for the Utipfu notfication.. Yes they do have dedicated servers.. I think they are provided via BISS\Bluetack etc..
07 • whitehat2009 Says: 31.07.09 at 11:33 pm
I like the idea of providing updaters for a variety of BT clients, but the issue with this particular suite of programs is that it’s reliant on the author’s Sourceforge site for the blocklist instead of fetching the list directly from the source (e.g. Blocklistpro.com).
Now don’t get me wrong, I’m self-promoting here…if you’re interested in a Windows-only uTorrent updater, check out
http://sites.google.com/site/whitehat2k9/Home/my-programs/utorrent-ipfilter-updater
It’s written in Python, and gets either the normal or the paranoid blocklist from Blocklistpro.com. Blocklistpro has measures to prevent automated downloads, but thanks to Python that is all handled transparently by my program. Try doing THAT with a batch script…
08 • Unabashed Pirate Says: 03.08.09 at 2:51 am
I use Nexus23’s ipfillter.dat, IpfilterX-u23:
http://nexus23.org/warfare/content/view/17/34/
From the above website:
IpfilterX is a highly-sophisticated IPFilter that’s updated after careful analysis and study.
uIpfilterX is a modified version of IpfilterX that’s designed for uTorrent in order make sure that it can run as fast as it can.
IpfilterX is made for any unwanted connections. Our reasons are political, economical, intellectual, and for the proper sharing of human knowledge.
There’s no need to block more than 1 billion of IPs to be protected, overloading further to a certain value will result in banning innocent IP ranges which means legitimate P2P sources, this paranoid setting will hog your machine. You won’t run into risks using IpfilterX and won’t run into more risks than using an overbloated ipfilter.
09 • Daniv Says: 05.08.09 at 7:41 am
Yeah Nexus23 ipfilterX rocks !!!
You cna get whatever proggy to update your ipfilter but if you don’t update with ipfilterX by nexus23 corp you made nothin….
Actually they are about to launch new version as far as i know .
010 • enter8 Says: 05.08.09 at 11:31 am
“The good question is : how does the anti piracy organizations work to find illegal sharers for example on public or private trackers (TL for example). Do they use dedicated servers or various other companies ?”
From the Media Defender leaked emails we’ve known for quite some time that anti-piracy outfits use anonymizing services to hide their IPs, rendering filters completely useless. Filters are good one for one thing, though. They’re an excellent litmus test for weeding out those that are in touch with the filesharing community and those that aren’t. The moment someone starts talking about filtering IPs, you know, for certain, that they’re a total dumbass.
Present company included.
011 • Rostock Says: 05.08.09 at 3:49 pm
Quote:”
From the Media Defender leaked emails we’ve known for quite some time that anti-piracy outfits use anonymizing services to hide their IPs”
Yeah , tell us some so P2P will be anonymous for all in ANY P2P NETWORK.
Look who is dumbass now.
012 • Frak Says: 05.08.09 at 6:52 pm
I’ve red many things around the web I have concluded that ipfilter isn’t necessary in some places like private trackers. Maybe on public ones and eMule, yes.
But on the privates you don’t have anti piracy guys sending fake datas or warning messages like on emule. They are only here to find copyright infringements so they act like an other peer : they ask a part of a file and begin the download to identify the IP. How to find what server, vpn or isp lines they use if you don’t work for them ?
In the other hands I’ve seen many OVH or Keyweb seedboxes banned because of my bluetack “P2P” filter. And I’m pretty sure they were good users. In some cases, I’m sure Bluetack don’t even remember when they ban some ranges and why… And of course don’t check all changes. The “corp” filters also ban some places like many educational networks with a lot of students using P2P.
So IMO these filters use resources and ban good peers without any advantages… but maybe someone has better arguments ? ^^
013 • enter8 Says: 05.08.09 at 10:22 pm
“Yeah , tell us some so P2P will be anonymous for all in ANY P2P NETWORK.
Look who is dumbass now.”
Uh, you are. You call that a sentence?
Media Defender was using a service that gave them a fresh IP whenever they wanted. Even if someone could identify their IP and add it to a filter list, they’d have a new one before the filter list was even released.
014 • Rostock Says: 06.08.09 at 12:13 am
Quote: “Media Defender was using a service that gave them a fresh IP whenever they wanted. Even if someone could identify their IP and add it to a filter list, they’d have a new one before the filter list was even released.”
LoL , someone explained you what an ip range is ?
Pretty ignorant you are .
015 • enter8 Says: 06.08.09 at 12:42 am
…and they used different services which would give them different ranges.
Filtering is for imbeciles.
016 • a/s/l Says: 06.08.09 at 5:57 am
filtering is bullshit. when i played around with PG2 a few years ago, i had plenty of times when it blocked legitimate peers off viable torrents from very private and trustworthy trackers. i’ve got a dynamic IP, and i’ve also been blocked many times through IP filters.
i only see a need for an IP filter if you’re downloading a recently released movie/game/album off a public tracker. but if you’re doing that you’re a proper donkey anyway.
if you’ve ever scanned through the forums of FST or something similar you’ll see countless instances of people who’ve got DMCA notices while using an IPfilter.
017 • Rostock Says: 06.08.09 at 10:04 am
Quote : “…and they used different services which would give them different ranges.”
Do you have any idea about how much an ip range costs ?
So they buy ip ranges then launch their massive scans when they may use their own range
dun fukin care of ipfiltered people get the ips they need then ask to their providers the identities of those people , also they can only scan for statistics , etc…
However using it is not the total safety and ALL OF US KNOW IT ,
but WHY THE HELL WE SHOULD TRUST PEOPLE THAT TELL US TO NOT USE IT ?
Especially good ipfilter that try strongly to not ban legitimate ranges ?
FU
018 • enter8 Says: 06.08.09 at 1:50 pm
“Do you have any idea about how much an ip range costs ?”
They don’t buy entire IP ranges, you idiot. They utilize different anonymizing services- each with it’s own IP range. For instance, they could get an IP through Ipredator and then a few minutes later get an IP through ItsHidden, and then later Relakks. They could use Tor. The possibilities for fresh, non blacklisted IPs are practically endless.
019 • Rostock Says: 06.08.09 at 2:03 pm
You speak of bullshit….
Refrain yourself from still type on a keyboard…
With your intelligence could win the nobel of the MOST STUPID PERSON OF THE YEAR.
Quote :” THEY COULD USE TOR…”
AHAHAHHAHA
020 • Frak Says: 06.08.09 at 5:02 pm
@Rostock
How the hell can the filters maintainers know what servers or ip they use to catch people ? They can find servers when they send warning messages or fake datas. But for the most important thing I don’t know.
If you managed an anti piracy corp, would you use your own network ? No. You’d certainly use servers, vpn, isp access like other customers. And you wouldn’t act as a suspicious peer (connecting to many people and never download something etc.). I’m pretty sure that’s what they do.
021 • Rostock Says: 07.08.09 at 12:22 am
Well ,
they could do like that , but as far as i know the ipfilter projects work to block also the ips coming from networks that nothing have to do with them , and all the mess only to record and collect ips of filesharers ? I remember cases when on court the antip2p companies didn’t even keep logs as prove for incriminate users , they used to keep only their ip and claim that that ip shared files protected by copyright .
The thing is one…
Using a small ipfilter , a file of 300 400 kb is harmless for ours computers and connections ,
it’s ever better to say to the enemies : “Welcome to my peer , these are my files , get what you want , and so on..” .
However we need to get an ipfilter that blocks less legitimate providers ,
ipfilterX seems to work in this direction since always , get info about it .
022 • enter8 Says: 07.08.09 at 2:32 am
“They could do like that.”
They DO do like that, you effing retard. The exact same tools that filesharers are using to keep their own networks anonymous, the authorities are using to keep themselves from getting blacklisted.
And yes, they could use Tor. They tend to opt towards pay services, but they could easily use Tor to achieve their means. Anything that gets them the IPs of all the users in a swarm without exposing their base IP. There’s tens of different ways to do this and every day new services are coming out.
The Media Defender email leak happened two years ago. We KNOW, for certain that anti-p2p outfits were using anonymizing services, VPNs, seedboxes, etc., two years ago. Who knows what they’ve graduated to using now.
By all means, keep using your precious ipfilters. When you get that early morning knock on your door, I’ll be the last one laughing.
023 • Rostock Says: 07.08.09 at 5:04 am
In the middle of a choice EVERYONE MUST GET THE IPFILTER .
Leave them alone paying their costs (providers , services , lawyers , associations)
and we SHALL pay ours .
And “The exact same tools that filesharers are using to keep their own networks anonymous” …like whose ?
024 • enter8 Says: 07.08.09 at 6:09 am
Like I said before
Ipredator
Relakks
Anonymizer
ItsHidden
Are a few popular anonymizing services.
There’s also tens of seedbox providers- all of which will give you a certain level of anonymity- certainly enough to escape being blacklisted for ant-p2p activity.
025 • ROSTOCK Says: 07.08.09 at 6:53 am
In your opinion why the hell they use these services ?
IF NO ONE should use , used or use the ipfilter why they use these services ?
AND MOST IMPORTANT THING
you spoke of programs that work on port 80 ,
but we get for example TOR ,
TOR used in emule for is a pity … and strongly its creators suggest to NOT USE TOR with P2P clients…
and again , if instead the enemies use TOR to collect ips of filesharers then they do this
BECAUSE THEY KNOW THAT people use ipfilters .
So AGAIN to you , why u tell us to not use ipfilters ?
What you gain ( or earn ? ) advising such similar command ?
026 • enter8 Says: 08.08.09 at 6:09 am
It’s not my opinion that the anti-p2p groups use these services, I have hard evidence that they use these services. Media Defender, an anti-p2p group that was a big player a few years back had it’s email hacked into. In those emails, it goes into depth all of the services that they use to avoid being traced/blacklisted. They would get fresh, untraceable IPs whenever they pleased from the types of services I listed above.
Like I said, ipfilters are worthless against anti-p2p groups using anonymizing services. I have no agenda in this regard. I’m just stating the facts.
If you really want to protect yourself against anti-p2p measures, 1. don’t use public bittorrent sites (low hanging fruit) and 2. try not to use bittorrent at all. Sites like Rapidshare and Megaupload are pretty much risk free for the downloader. You’ll never see anyone taken to court for a $20 DVD/CD download.
027 • Frak Says: 08.08.09 at 4:14 pm
@ENTER8
It’s right that in Mediadefender email’s we can see they used various networks and ways to access to P2P including isp individuals, dedicated servers on the same companies than seedboxes users etc. It’s funny to learn how they discovered what a seedbox is reading the FST forum etc lol
But in the other hands we also can see they paid attention very much to the filters. They speak a lot of peerguardian in their emails, check every updates, and sometimes some of their projects were broken because of the blacklist.
So I think ipfilter is a good initiative but is useful only in some places, like edk, public trackers, old P2P. The filters block fake servers, fake peers, servers used to send warning messages etc. And all that makes the antipiracy fight more expensive.
But I have a doubt about its usefulness on private trackers. If we take the exemple of TL monitored by BayTSP, i don’t know how the Bluetack people could identify and blacklist IP’s used to caught people there. And I’m not sure they work with trackers teams. Maybe the both could work together in the future.
028 • enter8 Says: 10.08.09 at 9:18 am
Frak, you make some good points. I do agree that ipfiltering can be effective against anti-p2p campaigns spreading fake torrents on public trackers, but no one reading (or writing) this blog should be using public trackers- at least not with the obscene number of private tracker opportunities this venue has showcased.
029 • jj Says: 15.08.09 at 3:11 pm
I have invites to the following private torrent sites:
bitmetv.org
waffles.fm (when open)
torrent-damage.net
bit-hdtv.com
hd-bits.ro
Email me if interested: teflon701@gmail.com
030 • backer Says: 08.01.10 at 8:52 am
Bertus you are an idiot.