Peer Guardian
24.02.2006
 http://emuleserver.elite.to · http://eselserver.elite.to · http://edonkeyserver.elite.to

[Home] [Nach oben] [Blacklist] [blacklist-Kandidaten] [Peer Guardian] [emulesafety]

PeerGuardian Lite

PeerGuardian 2 (beta6a)

Methlabs’ IP Blocker für Windows. Der große Bruder von PeerGuardian Lite (s.o.) Unterstützt u.a. mehrere Listen, hat einen Listeneditor, macht automatische Listenaktualisierungen (von blocklist.org), und blockiert alle IPv4-Varianten (TCP, UDP, ICMP, etc). PeerGuardian 2 ist ein einfacher und sicherer Weg seine P2P-Privatsphäre zu schützen. (Plus, by integrating with Blocklist.org, lists are built custom just for you.) Freeware/Open Source!

As many of you have seen, the Blocklist.org site has been “Under Construction” for some time now. I am pleased to say that the coding for the new IP database has begun, and the full blocklist (IPdb) system should be completed by late August.

das Original PeerGuardian 2 Manual

(vielleicht wirds noch "irgendwann" eingedeutscht) http://methlabs.org/wiki/start

how_peerguardian_works

PeerGuardian is an open source IP filter that is designed to block the IP addresses of certain organizations and corporations that may wish to harm a users privacy while using the Internet and peer-to-peer networks.

PeerGuardian 2 requires no driver installation, yet blocks IP addresses at a far higher speed than was previously available - never above 1% CPU on most test systems. On Windows 2000 and greater PeerGuardian 2 blocks at a kernel level, acting against every protocol used within the windows system. On Windows 98 or Me it blocks TCP only (due to technical reasons, kernel blocking in 98/ME is not feasible) with the same high performance of the Windows 2000 version.

PeerGuardian blocks IP addresses based upon a list of IP addresses collected by many methods. By default, PeerGuardian 2 collects IP addresses from the Blocklist.org website.

Blocklist.org is a website designed to allow users to interactively manage and block the IP addresses of certain organisations and companies. Founded in late 2004 by Methlabs.org, it is intended to be a platform agnostic database that utilises published open formats.

Blocklist.org is still under construction, and more detail about how to use the database to submit new ranges, and report bad ranges will be added to a later version of this manual.

what_s_new_in_peerguardian_2

PeerGuardian 2 is now totally automatic. You do not need to install a driver, simply run the program without any visits to the control panel. The new start-up wizard makes things easier than ever.

Also kernel level blocking make the system far more efficient and powerful than any previous version.

how_safe_is_peerguardian_really

Well, it is accurate in the sense that it blocks everything on your blocklist. It is impossible to know all the addresses to block, so while it will increase your safety to a good extent, it can never be perfect.

license_information

PeerGuardian 2 is Open Source, meaning the program code is available on line for anyone who wants it. ........

what_the_media_say

prepare_your_computer

download_peerguardian_2

installing_peerguardian_2

running_peerguardian_2_for_the_first_time

Advice: There are better ways to block ads than an IP blocker. See the Adblock extension for Firefox, for example.

On running PeerGuardian 2 for the first time, you will be presented with a short wizard that talks you through the process of configuring PeerGuardian 2.

Select which lists you wish to use. The

bare minimum we recommend you use is ‘P2P’, however you can select more based on personal preferences.

The lists are split into the following categories:

P2P The addresses of corporations and organisations that scan or monitor peer-to-peer networks.

Ads Advertising agencies such as Doubleclick.

Spyware Companies that distribute ad or spyware applications, such as Cydoor or Gator.

Government Government addresses, including police, from all over the world. You can never be too careful.

Education The addresses of educational institutions.

If you have your own lists you can add them now or wait until later. For details on how to do this see chapter 4.4, “List Management”. PG2 will automatically handle zip and gzip files. When you are done selecting your lists, click on next to continue.



“Automatic Updates” are very important; please select how often you wish to update PG2: you can update the program and/or the lists please select next to continue installation.

We recommend as a bare minimum updating the lists every week. However, checking more frequently keeps the lists of IP addresses up to date, and checking for new versions of the program means that you will never miss a new version of PeerGuardian 2.

Click next to finish the set up!

You will now receive your first update.

your_first_update

First thing first, if you ever get this window don’t panic, it is a reminder that you have some or all lists missing and for the optimum protection for PeerGuardian 2, we recommend that you click on the Check Updates button, this usually corrects this problem.



This is your first introduction to the update process. A window will be shown as the program downloads and configures the lists that are required for successful operation. When the lists are done downloading click on close.

When you click on “close” and PG2 will load.

your_first_update

First thing first, if you ever get this window don’t panic, it is a reminder that you have some or all lists missing and for the optimum protection for PeerGuardian 2, we recommend that you click on the Check Updates button, this usually corrects this problem.



This is your first introduction to the update process. A window will be shown as the program downloads and configures the lists that are required for successful operation. When the lists are done downloading click on close.

When you click on “close” and PG2 will load.

the_basics

This section describes the visual features of the PeerGuardian 2 user interface.

The view is split into two tabs: “Protection” and “Settings”. Simply click the tab to move to the different page.

We will look at the “Protection” tab first.

the_protection_screen

There are several features to this screen:

Connection Log

The white table that takes up most of this screen is the connection log. It logs whenever a packet is blocked from accessing your computer. You can use this to discover when you are being hit the most, or as a method of removing bad IP ranges. To allow a range (for example a website that you visit that you know is not bad), simply right-click upon it’s message in the connection log, and select a period of time to allow it for.

This means that the range will not be blocked for the selected time period. Choosing “Allow Permanently” means that it will never be blocked again! Note that blocking takes precedence – if a source IP is allowed, but the destination is blocked then the IP connection will still be blocked.

See Common Problem - "My favourite webpage is blocked!" for more detail on unblocking IPs.

Temporary allows are flushed when the program exits.

Status Display

Warning: Leaving PeerGuardian Disabled or out of date will counteract any protection you might have from PeerGuardian! You must always update frequently, or turn on Auto-Update.

common_problem_-_blocking_0_ips

When viewing the protection page and you see that you are blocking 0 IPs as in above all you have to do is click on the check updates button , this should correct this problem.

common_problem_-_my_favourite_webpage_is_blocked

There are two solutions to this problem:

Solution 1: Allow All Webpages (Unblock HTTP)

If a website you trust is not loading, the chances are that PeerGuardian 2 is blocking it. If you are confident that none of your peer-to-peer or insecure applications operate via HTTP on port 80 or 433 then you can simply allow all connections on these ports.

This means that all traffic on these ports will not be checked by PeerGuardian.

The status screen allows HTTP blocking to be turned on and off via the button shown above. The status text next to it says what is currently happening.

If you right click on the system tray icon, then you are able to select or deselect “Block HTTP“. This performs exactly the same task, but may be slightly more convenient.

Warning: Simply allowing all HTTP connections is a somewhat inefficient and possibly insecure way of solving this problem. We recommend keeping HTTP blocked, and instead allow specific IP addresses, as shown below.

Solution 2: Allow a Specific IP Address

If an IP address that you trust is blocked, then the easiest way to enable access to it is via the right click menu.

Simply right click in the log window and allow the IP manually, PeerGuardian 2 will automatically create a new list for you. Can allow the IP for 15 minutes, 1 hour or permanently. You also have the option to copy the IP range to your clipboard and record the IP manually.

In the example below Apple Computer has been blocked. If you wish to view the Apple computer website, or connect to any Apple Computer IP you must allow them from the right click menu as illustrated.

Advice: IP addresses in the database are there for a reason, however it may somehow seem. Many IP addresses could be safely allowed, but it is a good idea to research any IP address that you are going to permanently allow.

list_management

The manage lists button is located above the “Check Updates” button on your left hand side of PG2.

List Manager

Once you click on it a new screen will open.

You can click “Open List” to view a list that is already installed, and “Add” to add a new list.

“Edit” edits the settings of a list, while “Remove” removes it from the list.

There are two types of list:

Well PG2 is designed for blocking, but if you come across a site or IP address that you 100% trust you can add it to your allowed list.

The check boxes next to lists can be used to enable/disable each list. When a list is disabled it will be ignored, meaning the IP addresses in that list will not be allowed or blocked.

Add a List

Here you can add a URL (i.e. an on line list) or a local file to be included in the PeerGuardian 2 lists. You can select to block or allow. PG2 will automatically handle zip, gzip and 7zip files.

Exporting Lists

You can export a list to either P2P or P2B format by right clicking on the list in the list manager and selecting either “Export to p2p” or “Export to p2b”.

Selecting multiple lists will cause them to be merged together.

list_editing

In this part you can create own custom lists. This section takes place in the List Management review, as previously described, but now instead of managing our lists we are actively creating and editing them.

Open a List

This button opens the lists you have selected.

There are three kinds of lists you can open.

  1. Personal lists (block or allow)
  2. Permanent allows lists
  3. Blocklist.org lists

When you open a list you can add and remove IP addresses, as well as edit IPs that are already in the list.

When a list is opened it can be searched using the search box at the top of the List window. You can search by range name or IP address. This can be used to check whether an IP address will be blocked or allowed by a list.

URL-based lists may not be edited, but it possible to turn them into a static list by pressing the right mouse button and selecting “Make static”.

Warning: Making a list static will disable updates from that list!

Create a List

Press the “Create List” button to start making your own lists.

Description

Enter a description of the list. This will help you find the list later on.

File

The location on your hard drive where the list will be stored.

Type

This will determine if the connections in your personal list is blocked or allowed, please be careful which one you select.

Once you make a new list you must add IP ranges to the list manually.

This is a relatively simple process, but we will walk through it carefully.

Adding a Range

An IP range is a series of IP addresses. An IP address is the basic “phone number” of any particular computer, and PeerGuardian is designed to block these IP addresses from a certain blocklist. However you may decide you wish to block some ranges that you have chosen yourself.

IP addresses are usually bought in selections - starting at one IP address and finishing at another. Thus 1.0.0.1 - 1.0.0.5 is five separate IP addresses. This is called an IP range, and it means that IP addresses from 1.0.0.1 to 1.0.0.5 inclusive will be added into the list.

To add a range click the “Add” button and a new range will appear in the table.

First enter the name you wish to give the range, for example “Test” or “Microsoft” - try to make the name descriptive so you can remember the range later if it is blocked.

Next, click once in the Starting IP column and type in the first IP in your range. Click the Ending IP column and enter in the last IP in your range.

Advice: If you only want to block one IP then simply enter the same IP for both the Starting and Ending IP.

Once you have finished your list, press save and the list will be stored.

history_viewing

To view the history of your PG2 logs click on the “View History” button, which is located on your right hand side of the PeerGuardian2 protection page.

The History window is designed to quickly search through the vast logs of every IP address that has been allowed or blocked by PeerGuardian.

The history window can be used for the following things:

These tasks can be performed through an intuitive user interface that allows you to perform all these tasks in just two simple tabs: search and calender.

The Basics

Before we look at the two tabs to the right of the screen we must consider the main tabs on the left. These tabs show the actual entries in your history. Every connection that was ever blocked or allowed appears as one line in the screen shown below.

The screen shows all entries by default, but by switching between the tabs at the top it is possible to choose between Blocked and Allowed connections, showing only entries that were blocked or allowed respectively.

If you right click on an entry you can choose to allow or block that IP address. You can also copy the IP address to the clipboard so that you can paste it into other programs.

Calender

Now we’ll look at the tabs to the right of the screen. These are used to filter the entries that are shown on the left. The calender tab is the default, but by switching between the tabs you can see both the “Calender” and the “Search” view.

The purpose of the calender is to display entries in your history that were blocked or allowed on a particular day. Click “Today” to show the IP addresses that were blocked today, or use the calender to move to another day.

The arrows at the top of the calender cycle between months, and a single click on any day will show the history for that day.

Search

The “Search” tab lets you filter the history shown on the left according to 7 criteria.

To search simply tick any number of the check boxes that correspond to the various criteria, enter information you are looking for, and then press “Search”.

There are a number of criteria that can be searched:

Range The name of a particular IP range.
Source The source IP address.
Destination The destination IP address.
From Search entries from a particular date.
To Search entries up until a particular date.
Protocol The protocol that the IP was allowed/blocked on.
Action The action that was taken, either allowed or blocked.

Export History

If you want to look at your history in another program then you can use the export function to make a new file. This function will export in a simple text-based format that can be viewed in a text editor like Notepad, or imported into another application such as Excel.

Each entry in the table is separated by a ; symbol, and is laid out as one entry per line:

YYYY-MM-DD HH:MM:SS; NAME; SOURCE:PORT; DESTINATION:PORT; PROTOCOL; ACTION

To give an example:

2005-05-05 01:15:03; n/a; 85.225.24.167:3516; 192.168.1.50:21235; TCP; Allowed

The port number will not be shown for certain protocols which do not use ports (for example, ICMP).

To use this feature click File and then select “Export to...”.

The above screen allows you to select the criteria of the output in exactly the same way as the search tab described above.

If you want to export everything then don’t tick any boxes.

Choose an output file by clicking “Browse” and following the usual procedure, and finally press OK to save the output file.

Clear Database

Over time your History will become very large. If you feel that it has become too big then you can clear it by clicking “File” and then choosing “Clear Database”.

You will be asked if you really want to clear the database, choose Yes to clear it immediately.

Advice: Instead of deleting your history, why not just use the auto-archive feature, which is described on settings page one.

Warning: Once your history has been deleted it will not come back! Make sure you definitely want to clear the database before you do so, you may need it in the future. This will keep your history database at a sane size.

using_whois_with_list_management

Finding Information About An IP

If you want to find out who owns an IP address, you can use a WHOIS search.

Using a tool like the Methlabs WHOIS at http://methlabs.org/forums/whois/ it is possible to find information about any given IP range.

Simply type in the IP address you wish to search, and the page will display information about the IP’s owners.

Finding An Entire Range

IP addresses are sold in ranges. If you want to block all the IP addresses from a particular company, perhaps Doubleclick or Gator then it is possible to use a WHOIS search to find the entire range of IP addresses to block.

Using a tool like the Methlabs WHOIS at http://methlabs.org/forums/whois/ it is possible to find an entire IP range and then add it to a personal blocklist.

First, simply type in your IP address and press “Submit Query”.

When the WHOIS database searches that IP range, look the “inetnum”.

This is the entire range that was sold to the company/organisation. It is possible to add this to a personal blocklist if you wish to block it.

the_settings_screen

This screen is used to manage PeerGuardian 2.

There are 6 settings sections that allow you to configure PeerGuardian 2 to your liking. Changing settings could improve the performance of the application, enhance features, or just make things work in a way that is better for you.

Settings are set out on two pages, which are described below. To move between the two screens use the “Next” and “Back” buttons in the bottom right corner of the screen.

Settings page one

Settings page two

settings_page_one

Log Window

Here you can customise the options used within the Logging and History functions of PeerGuardian 2.

Log * Lines

The first option sets the number of lines that are logged under the protection tab.

Show Allowed Connections

This shows all connections that are allowed by PeerGuardian (that are not blocked).

Colour code log window

This colour codes your allows and blocks.

Allowed

The default colour is light grey for text and white for the background.

Blocked

The default colour is black for text and white for the background.

Blocked HTTP

The default colour is dark blue for text and white for the background.

To change a colour and make it more personal, right click on one of the colour boxes

  (fehlt)

And a new window will appear.

  (fehlt)

Just find the colour you wish to use and click “OK”

History

Click “Log allowed connections” if you wish to log allowed connections in your history logs.

The box next to “log allowed connections” is an archive option so PeerGuardian2 logs don’t get so large. You can select three options.

Do Nothing

Remove

Archive & Remove

Warning: For tracking purposes we strongly recommend that Log Allowed Connections is kept ON.

Notification

Notification is a useful feature in PeerGuardian2; If PeerGuardian2 blocks a bad IP range the Tray Icon will blink three times to catch your attention.

The box next to “Notify On” has a two notify options.

HTTP Blocks

All Blocks

Advice: Enabling notify for HTTP blocks is a good way to tell if a website is being blocked by PeerGuardian 2.

The last box is “Blink tray icon” if you wish PeerGuardian2 tray icon to blink when something is blocked, check this box.

settings_page_two

Startup

This controls the settings related to the starting of PeerGuardian 2.

Updates

You have the ability to change your original selections from when you first ran PG2; you can update the program and/or list.

“Check PeerGuardian” will check for new versions of the PeerGuardian application and prompt you to download them.

“Check Lists” will automatically update your lists.

“Auto Update every * Days” lets you decide how many days PeerGuardian will wait before checking for updates.

“Use proxy”: If you want to use a proxy to download updates then you can enter one here. PeerGuardian supports HTTP and Socks5 proxy connections.

“Auto-close update window after * seconds”: allows you to set the number of seconds that elapse before the update status window closes. If you don’t want it to close automatically just untick the box.

Miscellaneous

This is the miscellaneous area for the settings.

There are three areas:

This feature will hide the tray icon for PeerGuardian.

This option will hide the window when you press the X in the top right rather than closing the application.

This option will keep PeerGuardian on top of all other programs.

appendix_1_changelog

appendix_2_press_release_regarding_peerguardian_2_launch

appendix_3_creative_commons_license