Difference between revisions of "Geaiez"

From AMule Project FAQ
Jump to: navigation, search
 
m (Corrected Spelling of Español in language selection)
 
(13 intermediate revisions by 7 users not shown)
Line 1: Line 1:
<code>
+
<center>
#!/bin/bash
+
'''English''' |
 +
[[Geaiez-de|Deutsch]] |
 +
[[Geaiez-es|Espa&ntilde;ol]]
 +
</center>
  
# Create special MLDONKEY chain
+
Geaiez is known to be a [[client]] which repeteadly requests your shared files list. It has been rumoured to be an [http://www.riaa.com/default.asp RIAA]/[http://www.mpaa.org MPAA]/[http://www.cia.gov CIA]/[http://www.fbi.gov FBI] [[client]] trying to (illegally) obtain a list of illegally shared files and the [http://www.ietf.org/rfc/rfc0791.txt IP] addresses of the people sharing them. This rumor is false. At the very least, not absolutely true.
iptables -t filter -N MLDONKEY
+
iptables -t filter -F MLDONKEY
+
  
# Create the logdrop chain to log & drop a packet
+
[http://www.morpheus.com Morpheus] [[client|clients]], based on [[mlDonkey]], instead of generating a random 6 character default [[username]], uses a specific [[username]] as the default (just as [[aMule]] uses ''http://www.aMule.org'' or [[eMule]] uses ''http://emule-project.net''). This [[username]] is '''geaiez'''. In addition, older versions of  [[mlDonkey]] [[client|clients]] apparently request for ''all'' shared files from all [[client|clients]] they connect to.
iptables -t filter -N MLDONKEY_LOGDROP
+
iptables -t filter -F MLDONKEY_LOGDROP
+
iptables -t filter -A MLDONKEY_LOGDROP -j LOG --log-prefix "MLDONKEY"
+
iptables -t filter -A MLDONKEY_LOGDROP -j DROP
+
  
# Jump to the special MLD chain at the end of the INPUT chain (commented out)
+
So, what seems to be a single [[client]] repeatedly requesting from you your shared files list, is, in fact, many [[client|clients]] requesting from you your shared files list every time they connect to you.
#iptables -t nat -A INPUT -j MLDONKEY
+
  
# List of ip ranges to ban
+
There is no evidence concluding that some government agency is behind those [[client]]s but you should always remain alert and do not allow other [[client|clients]] to obtain your list of shared files especially if you have anything private being shared (we assume you do '''not''' share stuff you are not permitted to share!).
iptables -t filter -I INPUT 1 -s 38.113.0.0/16 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 38.115.0.0/16 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 38.117.0.0/16 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 38.118.0.0/15 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 65.19.175.0/24 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 66.54.0.0/16 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 66.117.0.0/16 -j MLDONKEY_LOGDROP
+
iptables -t filter -I INPUT 1 -s 207.234.0.0/16 -j MLDONKEY_LOGDROP
+
</code>
+

Latest revision as of 13:59, 24 September 2008

English | Deutsch | Español

Geaiez is known to be a client which repeteadly requests your shared files list. It has been rumoured to be an RIAA/MPAA/CIA/FBI client trying to (illegally) obtain a list of illegally shared files and the IP addresses of the people sharing them. This rumor is false. At the very least, not absolutely true.

Morpheus clients, based on mlDonkey, instead of generating a random 6 character default username, uses a specific username as the default (just as aMule uses http://www.aMule.org or eMule uses http://emule-project.net). This username is geaiez. In addition, older versions of mlDonkey clients apparently request for all shared files from all clients they connect to.

So, what seems to be a single client repeatedly requesting from you your shared files list, is, in fact, many clients requesting from you your shared files list every time they connect to you.

There is no evidence concluding that some government agency is behind those clients but you should always remain alert and do not allow other clients to obtain your list of shared files especially if you have anything private being shared (we assume you do not share stuff you are not permitted to share!).