There's various types of BOTs and that PyGnutella group are not necessarily browser-BOTs. Unless your GTK-G. has shown them to be browsing? Have you seen them try to download?
No idea what kind of BOT they are.
My first instinct is that they are BOTs. However, I have witnessed similar things with hosts downloading but not 100% certain they were download BOTs due to not being quite as aggressive to the task as the average download-BOT (for want of a better term.)
I have wondered if some wireless (possibly portable) devices/services can change ip on the fly, but that would make me wonder how the gnutella program could retain a connection to the network. Also, if there's more than one connected at one time then that appears to defeat that idea.
As far as the hostiles file goes, GTK comes with its own default hostiles file which is relatively small and also contains data I'm not so sure is still up-to-date because of some blocks that have been there since last decade but I haven't seen or can't find any evidence of it being a bad range over the past 4 to 5 years. With this in mind I have been gradually little by little reducing the blocks within the hostiles I work with. ip addressing has changed considerably since last decade; either new ISP owners (or even country); ip no longer rented out to proxy services or unused ip's from certain countries; changes to a dynamic ip status instead of static. I have nothing to do with updating the gtk hostiles file.
With GTK you can add your own blocks via the hostiles. You might even wish to try a hostiles I put together for GWCs as it's the smallest version I've worked upon. Also, ale5000 a GWC developer has developed a hostiles updating system, but GTK does not normally contact GWC's so that concept would need to be discussed between the GTK developers. |