If you are looking for the Security Updaters, see post #38 (can click link) further below. Or use these links: LimeWire Security Updater installers via MediaFire, OR via Sabercat


Not all the Japanese peers are good peers, but that's true for a number of countries I guess. In my connection lists I've posted for people having connection problems, I removed most Japanese hosts, only a few 'if any' left on the list from memory.

I've done the same thing as you at times, continually removed such hosts. If you desperately wanted to get rid of Japanese hosts full stop, you could ban all their ranges. lol I've tried that too.

Just as a note, I find Phex tends to get a nice mix of European and USA hosts. Not sure why LW attracts them, both LW 4 & 5, perhaps because it IS LW. But LW was designed to give some preference to connecting to LW and LW clones (such as Cabos), also for search results. This is a common trait for most gnutella clients to be set to favor their own kind when they can. My Phex just connected to 3 French, 1 UK and 1 USA, then later a 6th ultrapeer.

Here's a funny episode. Whilst using BearShare, I accidentally replaced my hostiles with the original and ... these hosts, each time I removed them they were replaced with more of same ip address or similar, example 3 snaps joined here (all same port, all same shares): snapshots joined. These are in fact what I refer to as Download-BOTs; they attempt to fill all your upload slots. Their program ID's are fake & not what they advertise themselves to be. The security Hostiles file(s) blocks these BOTs (edit: WireShare blocks them by default internally.)

If you have a firewall that can ban ports such as Windows 7 firewall, I guess you could set up a disallow rule for port 6346 but this might also mean the possibility of missing out on some good hosts who are using port 6346 as a static port and not necessarily using Cabos or similar. But I would recommend banning ports 27016 and 7001 for both tcp and udp if you can, only LW spammers use that port. More on spam or bad addresses here http://www.gnutellaforums.com/open-d...tml#post368141. Note: the technutopia hostiles document itself is not read by any version of LW 5 due to its older address format layout.

If you want a full list of Japanese ip's I can send you one privately. Or else send you the list I use for blocking many of them. The majority of Japanese ip addresses below the 200.x.x.x range are static and do not change.

Edit: Port Block instructions
I have included some instructions on how to block port 27016 in your firewall (you should also block port 7001.) This example applies to Windows 7 firewall but most 3rd party firewalls will probably have a similar option. (Note: whilst LW 5 might connect to many spammers using port 27016, both LW 4 and FrostWire are total magnets for them.)

For Windows 7 and 8, go to Control Panel, open up Windows Firewall. Click on the Advanced Settings option. Once the Advanced Settings is open, look to the left-side and click on Inbound Rules.
Now, shift your eyes to the right-side of the firewall window and look for the Actions section for Inbound Rules and click on New Rule underneath it.
In the window that appears you will have 4 options for type of rule to add, choose Custom. Then click Next button.
You can either specify All Programs or simply one here. Then click Next button.
Protocol Type drop down menu: select TCP first (later do another identical rule for UDP.) Leave Local port set to All Ports. Then select Specific Ports option for Remote port and type in port 27016 into the port number box. Then click Next.
Set Scope to Any ip address (leave it as it is.) Then click Next.
The next window gives action choice. Check the option to Block the connection. Then cilck Next button.
Check all the options for Domain, Private and Public, then click Next button. This is the final window giving you the choice to name and describe the new rule. Description is optional. Name it something that represents the new rule. I named mine Port Block 27016 TCP then click Finish. I would recommend you do a new equivalent rule also for UDP. It is possible to duplicate a rule, double-click it and then simply change the protocol from TCP to UDP and rename it appropriately.

Port 27016 is not officially used for anything you would ever use it for. Port 27016 spammer hosts tend to use proxy switchers so there is little point in banning their ip's for longer than a week. Port 7001 is used by upload-slot container hostile hosts which not too many people know about, example image snapshots of upload attacks here and here.

(Click sample image to see larger view, click again to see in its own window unless you have pop-up blocker.)
* Sorry, last year I accidentally gave incorrect instructions for this. This is the correct way to block ports for Windows 7+8.

* This similar example might even be slightly better.



A Gnutella ip Group Block in Windows 7 or 8 Firewall
Windows 7's firewall has the option for doing a group block. I created one for TCP and UDP. In fact, you only need to do one then duplicate it and change the rule's protocol from TCP to UDP then rename it or alternatively a single rule and set the protocol to All. Sounds easy? Set up a new inbound rule, and set it to Custom in the window that appears. Choose either all programs or LimeWire/FrostWire, etc. path (my sample shows all programs but you can choose a specific program), then all ports. Then start adding the host addresses you wish to add. Then when finished, name the rule. I have created a sample image but note, the sample GiF is a little large in size and has quite a few frames. The advantage of a group block is you could disable it if or when necessary, or simply set it to only apply for LimeWire/FrostWire, etc. in the program/path option. For a good reference for hosts to block in a firewall see http://www.gnutellaforums.com/open-d...tml#post368141.
Why would you block these ip's in your firewall? To reduce very high pings directly aimed at your program (such as LW), so the firewall handles it instead. This will mean less lag building up in LW over a period of time. It will also mean less chance of LW being affected by the pinging and drop its performance as a result.

(sample GiF image 250 KB, click to see in large view) * (this sample only needs a single rule by using the 'Any' protocol and applied specifically to the program to be used for.)

How to add an ip group block list to Kaspersky Firewall:
Firewall -> Settings -> Network Packets -> select 'Addresses from Group' and click Add -> click Add to add an ip address and continue doing this. After adding all the addresses, name the rule something like 'ip address block list' & click OK. Make sure that rule is still selected in the Network Packets section and select 'Block' at top and 'Any Network Activity' in the middle section. Though you can select the Block option after selecting addresses from group option near beginning of the process.
Later versions of Kaspersky Firewall might look a little different but the process will most likely be the same or similar.

Kaspersky Firewall sample image (click to see sample image)


Outgoing rules?
Why set up outgoing rules to block certain ip ranges instead of only incoming rule blocks? Because if you are sharing files, your program sends your shared files details that correspond to a particular search. Do hostile clients search? Since some hostile clients are known to browse hosts, then chances are they also do searches. Hosts with port - 7001 are known as upload-slot containers, they will download everything you have, they get paid to do this to prevent you sharing to anybody else. Having equivalent outgoing rules may help to slightly reduce some incoming traffic from bad hosts. (I also strongly suspect 'they' have BOTs that search the network and every client they can find.)

Replicating incoming block rules for outgoing rules has an effect of keeping you partially invisible to hostile hosts. This also applies to the ports 27016 and 7001 block rules. I have found the outgoing rule for port 27016 UDP ping count now out-numbers the incoming. And some other blocks now count as zero incoming but high numbers outgoing. This suggests your shares details have been blocked from being sent to 'them' if you also choose to use firewall outgoing block rules. This also helps with reduced spam results, overall better performance without receiving as many pings from the hostile hosts. There was a very noticeable increase in search results (two to three times more than average in initial testing.) If running as an ultrapeer, then leafs in search mode.should arguably be receiving less results from bad hosts via searches that touch your client in any way.

First of all Thank you very much LOTR! Secondly I PM'd you right after this post and then again today. Then when I go into my PM "SENT" box it shows "zero" It apparently it is not sending out any of my PM's. Yes I would sure like a list you use for blocking many of them. And who should I inform about the PM glitch?

You need to check the option to save a copy when sending a PM. Otherwise the default is not to save a copy. I will investigate but don't think this default PM behaviour can be changed.

I have been tossing a coin so to speak for a considerable time as to whether I should offer a copy of the ban list publicly or not. I've decided I will. A copy is attached below. This is a combination Japanese and Taiwanese list. Introduction then shows a list of the addresses arranged on separate lines. A 2nd list in middle of the document is the complete list, just in case you wanted to use more than I provided in the shorter list and use ranges of /19 or higher for the smaller sub-ranges. A 3rd list is provided at bottom of document describing how to add them to LimeWire. This 3rd list lists them horizontally exactly how LimeWire lists them. I hope that does not sound confusing.

The full list has 2,139 listings, the shorter one uses 873. The smaller list will block out the majority (probably over 98%), perhaps the odd one will slip through. (The full list excluded partial ranges that were smaller than a total of 256 addresses. The shorter list excluded ranges of 8,192 addresses or smaller.)

(Remember this list is only a country block, not a spam host block list. But it will have a similar effect since a significant percentage of spammers and bad clients do come from the two countries in question. And for those whom have been asking, it will enable you to get search results more regionally.)

If you find it confusing, just ask.

Scroll to bottom of the document and copy all the addresses listed after the BLACK_LISTED_IP_ADDRESSES=

Then paste them into the equivalent location in the limewire.props file. Or at the end of any banned address listings already there would be best. Make sure there's no spaces or carriage-returns before the numbers after you paste them in.
You might not see the .props extension on the file in the LW preferences folder. But if you get the file's properties, it will say it's a props file.

Edit: Just discovered if you have never previously banned hosts then the black listed ip address section will not show in the props file. Though I imagine most people have banned hosts. I've amended the instructions just in case of that scenario. ie: in that scenario, copy the Black_listed_ip_addresses= as well as the numbers as an entire paragraph into a new line at the end of the props file.

I've edited the file several times after some errors and some LW fussyness, I think it should be as good as it can now. Apologies. uh, maybe I should quit.

Edit: I have provided an installer to do it all for you for MacOSX users. ie: simply run the installer once and it will place the block list exactly where it needs to be whether you have a previous ban list or not. The installer is only for MacOSX users. Warning: do not run the installer more than once, it's a large list so you do not want double that. The applescript does it all in 1 or 2 seconds or less, takes fraction of a second on my computer (when you see the Quit menu, it has finished.) If you have a previous ban list then this list will be inserted at the beginning. If you have no ban list, the installer will insert one at end of the props file. LimeWire must be closed before you run this installer.

Edit: installer no longer needed, so has been removed.
The list updated to correct a few minor items of formatting and removed instructions for adding to LW. Re-attached in case anybody wishes to use for firewall blocking. For other purposes, the security list should be used instead. Firewall listing will reduce pings directly on LW and thus less chance of lagginess after multiple day long sessions.

(Attachment removed, needs updating anyway as the ipv4 addresses had not yet finalised in 2012.)