Gnutella Forums  

Go Back   Gnutella Forums > Current Gnutella Client Forums > LimeWire+WireShare (Cross-platform) > Technical Support > General Windows Support
Register FAQ The Twelve Commandments Members List Calendar Arcade Find the Best VPN Today's Posts

General Windows Support For questions about Windows issues regarding LimeWire or WireShare or related questions


Reply
 
LinkBack Thread Tools Display Modes
  #21 (permalink)  
Old May 1st, 2005
Sputter
Guest
 
Posts: n/a
Question

Looks like Blarg's right about how to handle bogus search results, but he's left how to deal with spoofers polluting the mesh as an exercise for the reader. ;P
Reply With Quote
  #22 (permalink)  
Old May 1st, 2005
Lord of the Rings's Avatar
ContraBanned
 
Join Date: June 30th, 2004
Location: Middle of the ocean apparently (middle earth)
Posts: 656
Lord of the Rings has a distinguished reputationLord of the Rings has a distinguished reputationLord of the Rings has a distinguished reputation
Default

There was a thread I very almost linked to this one but without proof of the results I thought it best not to at this time. One person traced the ipod ads back thru several sections/links to a major telecommunictions company ... the largest one in that country. And so has it they were offering discount iPods (about 20-30% normal price) to those who joined one of their mobile phone plans (well it was either mobile phones or internet or cable or digital TV services. I found the latter out for myself b/c I was offered one. I just can't remember what it was they were selling off hand.

Perhaps that might be the reason (corrupted downld mesh) which certainly does or was known to in the past to have at least some issues. But I'd tend to disagree. How in all heck could it give auto-feedback with spam adds to the same websites & always the same sizes. It just looks to well setup & organised to have this effect for the benefit of those sites or their parent/ relative companies. Who has invested interests in www.clearoutclub.com or is it just a lolly pop to attract people to their business. Just a thought! lol

Some links to someone who knows what the spam is 1. Diallers (click on link), 2. Spam 2 ,
3. Spam 3 , 4. Spam 4 , 5. Spam 5 , 6. Spam 6 . All of these point to what these files are & why they should be either filtered out or ignored, but never opened!!! Some interesting discussions if you're interested!

Last edited by Lord of the Rings; May 16th, 2005 at 10:39 AM.
Reply With Quote
  #23 (permalink)  
Old May 1st, 2005
Blargleschutz
Guest
 
Posts: n/a
Default

Quote:
Originally posted by Lord of the Rings
There was a thread I very almost linked to this one but without proof of the results I thought it best not to at this time. One person traced the ipod ads back thru several sections/links to a major telecommunictions company ...
It would explain how they have access to send those search results from such a huge variety of IP addresses.

I personally think it's AOL though. :P
Reply With Quote
  #24 (permalink)  
Old June 4th, 2005
Disciple
 
Join Date: June 4th, 2005
Location: CA
Posts: 12
cool boy is flying high
Default

I guess one just have to avoid downloading files that are extraordinarily too small for the file they are looking for. Like say for example a 364 KB Smallville EP4.wmv. Also try checking the "Browse Host" button if its on or lit if you click the file from the selection of downloads. If it's not then you can suspect that it may be a spam. And perhaps if we ever downloaded these type of files we should delete it right away so it won't be downloaded by other unsuspecting victims.
Reply With Quote
  #25 (permalink)  
Old June 12th, 2005
Valued Member contributor
 
Join Date: August 4th, 2002
Location: Chicago, USA
Posts: 321
LeeWare is a great assister to others; your light through the dark tunnel
Post Filtering These Results

So that you are all aware I've been working on a solution to this problem solution by for filtering out results for those hosts. I've tested in my lab and it's pretty effective. I will keep you posted
__________________
Lee Evans, President
LeeWare Development
http://www.leeware.com
Reply With Quote
  #26 (permalink)  
Old June 18th, 2005
Unre857857
Guest
 
Posts: n/a
Default

Quote:
Originally posted by cool boy
I guess one just have to avoid downloading files that are extraordinarily too small for the file they are looking for. Like say for example a 364 KB Smallville EP4.wmv. Also try checking the "Browse Host" button if its on or lit if you click the file from the selection of downloads. If it's not then you can suspect that it may be a spam. And perhaps if we ever downloaded these type of files we should delete it right away so it won't be downloaded by other unsuspecting victims.
Too small works for the wmvs, but not the jpegs, as they are a typical size for legit jpegs. The spoofed results all have a name that's just your search term, perhaps with the capitalization changed and/or underscores inserted after every letter. It's easy to avoid them. Harder to avoid are spoofed files -- the search result is legit, but the file you end up with is bogus due to a spoofer participating in the mesh for the file. For example, you search for "foo" and go to get foo1.jpg, foo2.jpg, ..., foo15.jpg and all of them look normal except foo2.jpg and foo11.jpg, which are corrupt, or ipod spams, or those damaged-and-spammy sara18 or michelle18 images, or whatever. AFAIK the only thing you can do about those is delete them after the fact and retry downloading them until you get the genuine foo2.jpg and foo11.jpg that actually fit into the sequence with the others instead of the spoofed files.

I also recommend you make your shared and download directory separate and move files to the former only after previewing them. This avoids inadvertently sharing spam and damaged files, but moreover, it might keep your *** out of jail if you inadvertently download some mislabeled material that proves to be ... unacceptable. If you accidentally share something like that, you could end up in a bad situation trying to prove your innocence. To be sure you don't, don't share any file you haven't pre-screened for being acceptable. Preview media; virus scan executables. Anything unacceptable, secure-delete the file if you can, and definitely delete it.
Reply With Quote
  #27 (permalink)  
Old July 1st, 2005
fiddlesticks
Guest
 
Posts: n/a
Angry

I avoid downloading wmvs under 1 meg (or any wmvs for that matter, yuk) or jpegs that show dozens of sources, a T1 speed, and whose name contains all and only the words in my search query.

Despite this, I still occasionally get one of those ipod spams, as a jpeg that had not matched any of the warning criteria above -- it may well have shown only one modem source and been named with a query term missing and a word not in my query.

These can't be spoofed search results, but they are not legitimate either. So how can a legitimate search result not result in getting the intended file when downloading? Is it possible for a spammer to insert their garbage into a download without having generated the search result you used to start that download? How can they be stopped? I'm getting sick of this crap!
Reply With Quote
  #28 (permalink)  
Old July 5th, 2005
Spextacle
Guest
 
Posts: n/a
Exclamation

I get this too. It used to be easy to avoid that ipod crap -- don't download anything with a zillion T1 hosts whose name doesn't contain any words except only and exactly the ones in your search query. If it was from a cable host it was safe. If it had only 3 sources it was safe. If its name didn't contain a word from your search it was safe. If its name contained a word you never used in your search it was safe.

Not anymore. Now it seems the mesh is being polluted too -- every batch of files I get contains at least one ipod spam that looked like a legitimate, normal, non-spoofed result in the search I did.

How do I keep these F*#!ING THINGS OFF MY F&*!ING HARD DRIVE! It's MY COMPUTER! I DECIDE! I WANT THESE THINGS GONE! NEVER AGAIN! HOW DAMMIT?!

I could Bitzi lookup all the files in every single search, but that would TAKE FOREVER, not to mention Bitzi isn't very dependable -- I checked a bunch of known spams and maybe half of them had bad ratings on Bitzi and the rest were simply "unknown".

I NEED A BETTER SOLUTION. NOW GODDAMMIT!
Reply With Quote
  #29 (permalink)  
Old July 8th, 2005
Amy Weber
Guest
 
Posts: n/a
Default

Has anyone noticed that the spammer seems to be on at certain times of day? It's enough to make a guess that they live in the eastern time zone of north america.

In fact it's rather strange -- surely the spam operation is automated and could operate 24/7 with a minimum of supervision? Yet the spammer disappears shortly after midnight eastern time, which suggests otherwise. Only one type of computer system is that incapable of remaining up for any length of time unassisted by a human. The spammer is running Microsoft Windows ME without any service packs.
Reply With Quote
  #30 (permalink)  
Old July 8th, 2005
Frustrated001
Guest
 
Posts: n/a
Red face

GAAAAHHH

Can anyone tell me how the hell this is being done?

Isn't it enough to send 40 or so bogus results for every search? Now the *******s have to start substituting their spew for normal images as well?

I just found an ipod spam in my download directory titled "Resident Evil Front Cover.jpg". I did not do a search for "resident evil front cover" or any permutation thereof. It can't possibly have been me accidentally clicking on on of those bogus results. So where the HELL did it come from? It seems the following has occurred...

1. Someone that isn't the spammer has a file titled Resident Evil Front Cover.jpg. Presumably, this file is legitimate, since they aren't the spammer and therefore wouldn't be sharing it if it weren't.
2. My search finds this file. (It was for generic cover art.)
3. I go to download the file.
4. Somehow something goes wrong at this stage, and it starts downloading from the spammer instead of from the guy with the real "Resident Evil Front Cover.jpg" file.

How does step 4 happen? How does the spammer hijack downloads for normal files and not just put in their own spoofed search hits for their not so normal files? And how the hell can this attack be stopped? Avoiding the bogus search results is easy. But if any ordinary jpeg or wmv whatever can get hijacked en route and substituted with the dreaded ipod, there is no escape is there???
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Search results disappointing ... biased results with Spam ChrisAvalon Open Discussion topics 63 April 5th, 2008 07:07 PM
confused(spam showing in results) xand_scenex Download/Upload Problems 2 February 11th, 2007 03:38 PM
no results, just spam dapork Open Discussion topics 3 August 30th, 2006 09:43 PM
autogenerated spam results superesonator General P2P Network Discussion 8 February 12th, 2005 08:23 PM
Spam or What? Unregistered Open Discussion topics 2 June 26th, 2002 06:52 PM


All times are GMT -7. The time now is 03:14 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 ©2011, Crawlability, Inc.

Copyright © 2020 Gnutella Forums.
All Rights Reserved.