Interesting features from eMule Xtreme

[lorey]

eMule Xtreme has the following interesting features:

eMule Xtreme 5.0.1

* changed creditsytsem: use linear function until half of a chunk is transferred. reduce leeching by only giving 1-2 MB

eMule Xtreme 5.0

* DLP (Dynamic Leecher Protection)
* Detect Ghost Mods
* Detect Leechermods by Modstring

eMule Xtreme 4.8.2

* added Anti-Leecher-Option for detecting emcrypt-clients

eMule Xtreme 4.8 *** (Probably best to focus on Linux rather than Windows malware.)***

* P2PThreat - Detect worms that could be harmful to the network or eMule (netfinity).

eMule Xtreme 4.7

The new Leecher-Protection provides folowing features:
- Anti-Credit-Hack
- Detect manipulated Hello-Tags (used by communities)
- Detect Bad Tags (snafu)
- Detect Ghost Mods
- Detect Leechermods by Nickname (some community mods use an encrypted nick-addon)
- Detect Leechermods by Modstring
- Detect Nick-Thiefs
- Detect Mod-Thiefs (100% detection)
- Detect XS-Exploiter (by Wizard/Xman)
- Detect Spammer

Can see more at: http://forum.emule-project.net/index.php?showtopic=30734

[wuischke]

Hi,

I personally don't agree to these features and I don't expect their inclusion into aMule.

[lfroen]

Since it's impossible to tell from the title what exactly every single one does, I think it would be fair to mark this all (except credit system changes) as "detect-and-ban possible leechers".
Whether it's good not not - can't be decided by name, more technical details would be needed. And regarding credit system - eMules (and ours) is just fine IMHO.

[Kry]

Punishing leechers is inherently flawed, always, because hash-changers will always look like new clients, and we can't punish new clients. If other stupid methods of leeching are dealt with, every leecher will be a hash-changer and we'll be at square one.

Most of the features you posted are useless, including things like detecting leechers by mod string. I mean, what leecher client is so ridiculously stupid as to send a modstring to scream they're leechers? Those don't survive long already. And analysis if the sent tags add enough CPU overhead to be just unuseful when you think eMule or even us can extend the protocol at any time. Then you would have to check if the versions are ok for the tags, etcetc. And protocol extensions can easily be harmless (aMule has one that I can think of, two if you could another that is disabled and will probably never be used).


Long story short, all that is much ado about nothing.

[xusite]

If  you know China ,you will need that features !

[stoatwblr]

If  you know China ,you will need that features !

Seconded. Im seeing a _high_ percentage of chinese connects/requests for one or 2 files at a time arriving en-masse (they've currently whacked all available upload slots on my system, sucking at about 1MB/s)

I was about to post a new topic about that.

The points about hashing and ID field fakery are noted. Trying to chase that would just turn into whack-a-mole.

On the other hand, restricting upload slots on a per-IP or per /24 basis might make more of a difference without sucking down a mountain of CPU.