IPB

Welcome Guest ( Log In | Register )

> Hydrogenaudio Forum Rules

- No Warez. This includes warez links, cracks and/or requests for help in getting illegal software or copyrighted music tracks!
- No Spamming or Trolling on the boards, this includes useless posts, trying to only increase post count or trying to deliberately create a flame war.
- No Hateful or Disrespectful posts. This includes: bashing, name-calling or insults directed at a board member.
- Click here for complete Hydrogenaudio Terms of Service

 
Reply to this topicStart new topic
anti-leech scripts etc., Thread split
rjamorim
post Apr 5 2004, 19:52
Post #1


Rarewares admin


Group: Members
Posts: 7515
Joined: 30-September 01
From: Brazil
Member No.: 81



QUOTE (dev0 @ Apr 5 2004, 03:10 PM)
QUOTE (askoff @ Apr 5 2004, 06:38 PM)
Koepi should use BitTorrent or something. I hate to download anything in his pages.

Elaborate. I never had a problem downloading anything from his pages and the speed has always been excellent too.

He uses one of those broken & lame anti-leech scripts that forces you to disable your firewall.


--------------------
Get up-to-date binaries of Lame, AAC, Vorbis and much more at RareWares:
http://www.rarewares.org
Go to the top of the page
+Quote Post
dev0
post Apr 5 2004, 20:35
Post #2





Group: Developer
Posts: 1679
Joined: 23-December 01
From: Germany
Member No.: 731



I'm using a NAT device and it doesn't cause any problems here. Even behind various proxy configurations it has always worked perfectly.
Go to the top of the page
+Quote Post
rjamorim
post Apr 5 2004, 20:38
Post #3


Rarewares admin


Group: Members
Posts: 7515
Joined: 30-September 01
From: Brazil
Member No.: 81



QUOTE (dev0 @ Apr 5 2004, 04:35 PM)
I'm using a NAT device and it doesn't cause any problems here. Even behind various proxy configurations it has always worked perfectly.

The problem is triggered by software firewalls that block the referer field from the HTTP headers you send to the server.

This post has been edited by rjamorim: Apr 5 2004, 20:40


--------------------
Get up-to-date binaries of Lame, AAC, Vorbis and much more at RareWares:
http://www.rarewares.org
Go to the top of the page
+Quote Post
polandro
post Apr 5 2004, 21:24
Post #4





Group: Members
Posts: 5
Joined: 10-August 03
Member No.: 8291



So if you're using flashget or similar, just put the url of the page that the d/l link is on in the 'referrer' field/box and it works every time! wink.gif

...for me anyway. rolleyes.gif

This post has been edited by polandro: Apr 5 2004, 21:25
Go to the top of the page
+Quote Post
dev0
post Apr 5 2004, 21:36
Post #5





Group: Developer
Posts: 1679
Joined: 23-December 01
From: Germany
Member No.: 731



Or use non-b0rked application firewall software...
Enough flaming for today.
Go to the top of the page
+Quote Post
askoff
post Apr 6 2004, 08:11
Post #6





Group: Members
Posts: 445
Joined: 23-December 02
Member No.: 4214



QUOTE (dev0 @ Apr 5 2004, 12:36 PM)
Or use non-b0rked application firewall software...

What could that be? Norton is qute good firewall afterall.
Go to the top of the page
+Quote Post
Doom9
post Apr 10 2004, 13:00
Post #7





Group: Members
Posts: 6
Joined: 12-April 02
Member No.: 1758



I hardly ever post here but I cannot let this stand as it touches an area I myself are sensitive in.

QUOTE
He uses one of those broken & lame anti-leech scripts that forces you to disable your firewall.

Broken? Let me correct you.. your "privacy" tools are broken. They dont' actually protect your privacy, they just remove important header information. You don't need a referer removal, as you can easily achieve this using out-of-the-box means. Right click - open in new window, or right click - open in new tab will work just fine and not send a referer. I think you can even press control and click and that will open a new window as well. Referers are not really a privacy issue, what do you care of a webmaster knows where visitors come from? You cannot be traced more than one step, even if multiple sites were owned by the same entity, I doubt anybody would go to so much trouble as to match logs from different sites (and at least in my case, more often than not I open links in new tabs or go to sites that are not related so all effort would be in vain).

On the other side, as a webmaster who has to pay for his traffic (I doubt you'll find anyone that has to pay for hundreds of GBs per month would ever complain about such a measure), referers allow you to control who gets to use your bandwidth. If you don't do it, download managers use file search engines that will return them links to your site, and so even somebody who's not even trying to download from your site, gets sent to your place from another site (cos a search engine like filemirrors returns your site as download location for a particular file). The only other use I have from referers is seeing the 20 top sites where my visitors come from.. most of these links are from one of my mirrors or search engines.. it wasn't always like that. in the early days referers helped me to find leeches.. without those indications I'd have never been able to locate websites copying my content or trying to steal my downloads.

No anti-leech script I'm aware of forces you to disable a firewall (plus, a firewall is actually not supposed to remove referers.. does any real firewall - like the ones from Checkpoint et all do such a thing?, that's a "feature" that they sell you as a bonus, but it really doesn't do anything for you. I still have your IP when you come to my site, and from that I can get a geographical location and the name of your ISP, and I can also track which pages you're visiting. If you want to be truly anonymous, you have to use a proxy service like some German universities offer, where data is channeled through multiple anonymous proxies and where no connection data is logged. Everything else is just a farce.

I have three firewalls in a row (hardware, then two software firewalls since upgrading to WinXP SP2) but none of them has ever prevented me from any download wink.gif


--------------------
Go to www.doom9.org for the web's most comprehensive collection of DVD backup articles.
Go to the top of the page
+Quote Post
rjamorim
post Apr 10 2004, 15:56
Post #8


Rarewares admin


Group: Members
Posts: 7515
Joined: 30-September 01
From: Brazil
Member No.: 81



I personally run a site (among others) that consumes more than 50Gb of bandwidth per month. And I never blocked so-called "leechers". The reasons are:

-I don't abuse my site visitors with banners and pop-ups. There is absolutely no way I could get any income from my sites. So, it makes no difference for me if the user downloads the file directly from elsewhere or visits my pages before.

Also, I noticed allowing "leeching" sometimes increases my site's popularity. Some "leecher sites" are nice and, next to the direct link, they mention the url of the place the file is being obtained from.

You did that, when you direct-linked to Psytel AACenc on inf.ufpr.br/~rja00, some years ago. And I didn't mind one bit smile.gif

-It is my opinion that users get very frustrated with an angry leecher message thrown at them when they inadvertedly click a link from elsewhere, or forget to disable referrer blocking on their software firewall. Not a nice way to present your site to a potential visitor, IMO.

QUOTE
download managers use file search engines that will return them links to your site, and so even somebody who's not even trying to download from your site, gets sent to your place from another site (cos a search engine like filemirrors returns your site as download location for a particular file).


Hehehe. Most of these same download managers (GetRight particularly, which, BTW, is from the creators of filemirrors) are able to fake referrer URLs.

Precisely:
http://pessoal.onda.com.br/rjamorim/getright.png

The same probably applies to FileZilla, FlashGet...

Regards;

Roberto.


--------------------
Get up-to-date binaries of Lame, AAC, Vorbis and much more at RareWares:
http://www.rarewares.org
Go to the top of the page
+Quote Post
Doom9
post Apr 10 2004, 17:37
Post #9





Group: Members
Posts: 6
Joined: 12-April 02
Member No.: 1758



QUOTE
I personally run a site (among others) that consumes more than 50Gb of bandwidth per month.
And do you have to pay for it? My site makes about 850 GB a month, that's not something you get with any regular hosting package. The number one download requires more bandwidth than your whole site wink.gif Imagine you had a 5 MB download, that was quite popular.. your traffic goes up like crazy when other sites link to it. And I'm sure if I, instead of hosting all audio and video tools you also carry, link to your site, you'd start to mind because you'd notice a considerable increase in traffic.

QUOTE
Also, I noticed allowing "leeching" sometimes increases my site's popularity. Some "leecher sites" are nice and, next to the direct link, they mention the url of the place the file is being obtained from.
You are obviously dealing with nicer webmasters than I have to. But then again your software archive is more specialized and selective than mine.

QUOTE
You did that, when you direct-linked to Psytel AACenc on inf.ufpr.br/~rja00, some years ago. And I didn't mind one bit
Must've been a long time ago.. it's been a long while since I've had a no direct links policy when it comes to software (there are some exceptions to the rule though, but none that are small and where the traffic would matter), so I'm hoping this was an honest oversight or had another important reason. Is the link still there?

QUOTE
Most of these same download managers (GetRight particularly, which, BTW, is from the creators of filemirrors) are able to fake referrer URLs.
Evil evil. Is it turned on by default (I'm a no DL manager user)?


--------------------
Go to www.doom9.org for the web's most comprehensive collection of DVD backup articles.
Go to the top of the page
+Quote Post
rjamorim
post Apr 10 2004, 18:19
Post #10


Rarewares admin


Group: Members
Posts: 7515
Joined: 30-September 01
From: Brazil
Member No.: 81



QUOTE (Doom9 @ Apr 10 2004, 01:37 PM)
And do you have to pay for it? My site makes about 850 GB a month, that's not something you get with any regular hosting package. The number one download requires more bandwidth than your whole site wink.gif Imagine you had a 5 MB download, that was quite popular.. your traffic goes up like crazy when other sites link to it. And I'm sure if I, instead of hosting all audio and video tools you also carry, link to your site, you'd start to mind because you'd notice a considerable increase in traffic.


My point is, if you are not getting income from unique visits (banners, popups, etc.), it makes no difference if the user reaches the file directly, or is greeted first by an anti-leech message and then starts browsing the site to download the file. He'll end up downloading it anyway and using the same amount of bandwidth.

Of course, if you want your users to see banners or pop-ups, forcing them to browse your site first is very justifiable.

About you linking to RareWares instead of hosting the apps: I think it wouldn't make much difference if you linked to the home page or directly to the file. Actually, my traffic would probably be even bigger if you linked to the home page, because then visitors might start finding other interesting apps and downloading them.

QUOTE
You are obviously dealing with nicer webmasters than I have to. But then again your software archive is more specialized and selective than mine.


True. And maybe I don't notice the webmasters that are direct-linking, since I don't check the bandwidth usage statistics often.

QUOTE
Must've been a long time ago.. it's been a long while since I've had a no direct links policy when it comes to software (there are some exceptions to the rule though, but none that are small and where the traffic would matter), so I'm hoping this was an honest oversight or had another important reason.


It was more than an year ago, if I remember correctly. And yes, you had a good reason: by that time people were still scared by Dolby threats and avoided hosting AAC binaries.

QUOTE
Is the link still there?


As far as I can see, no.

And there would be no problem, really. That file was (and still is) hosted in an uncapped (although relatively slow) host.

QUOTE
Evil evil. Is it turned on by default (I'm a no DL manager user)?


On GetRight, the screenshot I posted is the default configuration. I personally use the "Generated from download URL" setting. Dunno about other managers.

Regards;

Roberto.

BTW: Your links page is still pointing to rarewares.hydrogenaudio.org. Could you please replace it with www.rarewares.org? Thank-you.

This post has been edited by rjamorim: Apr 10 2004, 18:23


--------------------
Get up-to-date binaries of Lame, AAC, Vorbis and much more at RareWares:
http://www.rarewares.org
Go to the top of the page
+Quote Post
saratoga
post Apr 10 2004, 20:22
Post #11





Group: Members
Posts: 4868
Joined: 2-September 02
Member No.: 3264



QUOTE (askoff @ Apr 5 2004, 11:11 PM)
QUOTE (dev0 @ Apr 5 2004, 12:36 PM)
Or use non-b0rked application firewall software...

What could that be? Norton is qute good firewall afterall.

I disagree. Its crappy and causes way more trouble then its worth.

Anyway theres no sense in blocking referers, because if you do it will break sites that depend on support for them while provideing you with no extra security.
Go to the top of the page
+Quote Post
askoff
post Apr 10 2004, 21:30
Post #12





Group: Members
Posts: 445
Joined: 23-December 02
Member No.: 4214



QUOTE (Mike Giacomelli @ Apr 10 2004, 11:22 AM)
QUOTE (askoff @ Apr 5 2004, 11:11 PM)
QUOTE (dev0 @ Apr 5 2004, 12:36 PM)
Or use non-b0rked application firewall software...

What could that be? Norton is qute good firewall afterall.

I disagree. Its crappy and causes way more trouble then its worth.

Well I guess that it depends on user and his/hers computer. It has never gave me any problems, exept this Koepi web page issue.

QUOTE
Anyway theres no sense in blocking referers, because if you do it will break sites that depend on support for them while provideing you with no extra security.

As I just said, Kopeis page is the only one where I'm having problems. www.doom9.org work fine and so does everything else. No whait DivX diggest also gave me some problems, but usualy they just offer link to original site only.
Go to the top of the page
+Quote Post
Doom9
post Apr 10 2004, 23:52
Post #13





Group: Members
Posts: 6
Joined: 12-April 02
Member No.: 1758



QUOTE
My point is, if you are not getting income from unique visits (banners, popups, etc.), it makes no difference if the user reaches the file directly, or is greeted first by an anti-leech message and then starts browsing the site to download the file. He'll end up downloading it anyway and using the same amount of bandwidth.
Well, you do have a point bandwidth wise, though I think such messages also encourage some people to inform webmasters that direct links aren't okay. And in my case, I want people to see the mainpage regardless of traffic. I want them to see there's more to my site than just a download archive.. there's daily news and a lot of guides as well. Hence the frame reloading script I'm using, so that any external deep-links to documents are okay, but reload my frameset so people get to see what else there is on my site.

QUOTE
BTW: Your links page is still pointing to rarewares.hydrogenaudio.org. Could you please replace it with www.rarewares.org? Thank-you.
I've changed the link.


--------------------
Go to www.doom9.org for the web's most comprehensive collection of DVD backup articles.
Go to the top of the page
+Quote Post
Bonzi
post Apr 11 2004, 05:30
Post #14


A/V Moderator


Group: Members
Posts: 278
Joined: 22-February 03
Member No.: 5132



QUOTE (Doom9 @ Apr 10 2004, 04:00 AM)
I still have your IP when you come to my site, and from that I can get a geographical location and the name of your ISP, and I can also track which pages you're visiting. If you want to be truly anonymous, you have to use a proxy service like some German universities offer, where data is channeled through multiple anonymous proxies and where no connection data is logged. Everything else is just a farce.

Ok, what really important is that people figure out how to protect themselves from any intrusion of privacy. But is there any other way for users to protect themselves other than doing this? I have never bothered before with such things but about 1 month or so ago while visting one of message boards I frequent, one of the mods revealed my location to the world which kind of scared me. I won't mention which board but it wasn't doom9. But it got me thinking that maybe I should be a little more careful Luckly I do live in a big city and all so if someone wanted to find me it would be tough. Is there any way to be sure that you can browse *completely* anonomously?
Go to the top of the page
+Quote Post
Andavari
post Apr 11 2004, 13:31
Post #15





Group: Members
Posts: 935
Joined: 3-June 02
From: USA
Member No.: 2204



QUOTE (Bonzi @ Apr 10 2004, 10:30 PM)
QUOTE (Doom9 @ Apr 10 2004, 04:00 AM)
I still have your IP when you come to my site, and from that I can get a geographical location and the name of your ISP, and I can also track which pages you're visiting. If you want to be truly anonymous, you have to use a proxy service like some German universities offer, where data is channeled through multiple anonymous proxies and where no connection data is logged. Everything else is just a farce.

Ok, what really important is that people figure out how to protect themselves from any intrusion of privacy. But is there any other way for users to protect themselves other than doing this?

With so many security exploits that constantly need patched in the Windows family of operating systems it's no surprise to me that people would try to mask as much info as possible, including removing referrer information. "Some" people may see a script do one harmless thing that makes a site work, or protects a site and may immediately think it's some security issue and bark virus, or trojan.

I can only speak for myself; I do not initially trust any website right off the bat since there are so many that can install whatever the hell they like automatically without my consent.


--------------------
Complexity of incoherent design.
Go to the top of the page
+Quote Post
Artemis3
post Apr 12 2004, 07:29
Post #16





Group: Members
Posts: 515
Joined: 29-September 01
Member No.: 68



I don't see the benefit of said scripts since it doesn't help with the bandwitdh issue. Its also against the spirit of the www, attempting to twart external linking.

People that believe things on the web "belong" solely to a site, are not being realistic at all. Just like "copy protection", such scripts can always be bypassed by the determined, and will only cause annoyances to regular users.

Servers that face bandwidth problems should address the issue for what it is. For example, i like an apache module that limits connection per IP (limitipconn). This helps with certain download helper apps that divide a file in many small parts and downloads them simultaneously (it may cause some NAT issues).

There is also the powerful tool of BitTorrent for "very popular downloads".

And finally, you can always limit the bandwith allowed. A site could release a .torrent for a certain popular file, and allow a bandwidth limited direct download, for instance.

I think something more bittorrent like but more transparent will emerge for normal web browsing and flle downloading, simply because its more efficient for everyone. The traditional server/client model seems to be gradually shifting in favor of more decentralized methods. Interesting times indeed happy.gif


--------------------
She is waiting in the air
Go to the top of the page
+Quote Post
rjamorim
post Apr 22 2004, 01:21
Post #17


Rarewares admin


Group: Members
Posts: 7515
Joined: 30-September 01
From: Brazil
Member No.: 81



QUOTE (Artemis3 @ Apr 12 2004, 03:29 AM)
People that believe things on the web "belong" solely to a site, are not being realistic at all.

These people don't believe the files hosted belong to the site. They do believe that the bandwidth being used belongs to it. You can't argue with that.

QUOTE
Servers that face bandwidth problems should address the issue for what it is. For example, i like an apache module that limits connection per IP (limitipconn). This helps with certain download helper apps that divide a file in many small parts and downloads them simultaneously (it may cause some NAT issues).


There are countless problems with your argument

1)Limiting connection according to IP won't limit people from leeching. The real usefulness of such module is to help distribute bandwidth equally for servers using slow pipes. Keeping people to use download helpers to their full potential will only make users download the file slower, it won't change your bandwidth bill a bit.

2)Usage of apache modules depends on the server administrator. If your account is on a very limited bandwidth server, it's most likely you aren't on a dedicated server - therefore, it's out of your hands to enable it or not.

3)This doesn't help the bandwidth usage issue at all.

QUOTE
There is also the powerful tool of BitTorrent for "very popular downloads".

And finally, you can always limit the bandwith allowed. A site could release a .torrent for a certain popular file, and allow a bandwidth limited direct download, for instance.


Again, a flawed argument.

1)BitTorrent only works optimally for large files - ISOs, movies, etc. 90% of the files hosted by RareWares, for instance, are smaller than 500Kb. For a recent example of bittorrent experiment gone useless, check foobar2000.org.

2)BitTorrent requires that you are server administrator to set up a tracker. Again, if you are so concerned about limiting your bandwidth usage, you probably aren't running a dedicated server and can only hope the server admin will accept your request to set up a tracker. Considering BitTorrent is often associated with illegal p2p distribution... tough luck.

QUOTE
I think something more bittorrent like but more transparent will emerge for normal web browsing and flle downloading, simply because its more efficient for everyone. The traditional server/client model seems to be gradually shifting in favor of more decentralized methods. Interesting times indeed happy.gif


Wild speculation won't help our problems now.

Now, I've been thinking about this issue a lot lately. I've been kinda forced, since a %$&#! kraut started stealing about 2Gbs from RareWares daily. Even though I don't like anti-leech measures, that was a case of either setting up an anti-leech or seeing my bandwidth bill shoot through the roof.

So my take on anti-leeching now is this: I will only set up mod_rewrite anti-leech on a per-case basis. I won't set it so that only people coming from RareWares can access the files, like sites usually do. IMO, it's valid that small sites, or people using web boards, link to my files. People using web boards often don't have anywhere to upload to, and small sites usually run on a very limited bandwidth quota. Fair is fair.

But I get very pissed when big sites like audiograbber.de direct-link to my files - and don't even give me credit! There are absolutely no links to rarewares.org there - although, amusingly, there are links to Mitiok. This is another example of a site, although a small one this time, that directly links to rarewares without giving us credit (interestingly, they link to foobar2000.org's home page, but direct-link to rarewares neverthless. I wonder who is the fine, fine lad running that site...). That makes me quite mad.

Another decision I took is that I won't present the visitor with a nasty-looking "LEECHER!!!!" message. It's not his fault, for sure. People coming from these leechers are silently redirected to rarewares' main page. Hopefully from there they'll find what they were looking for.

These are some examples of nice sites linking to RareWares:
http://www.mpex.net/software/download/lamedll.html
http://www.cestfacile.org/telechargements.htm

To end this long rant, an image that speaks for itself:
http://pessoal.onda.com.br/rjamorim/bandwidth.png

On April 12th, Audiograbber.de started direct-linking to RareWares.
On April 14th, I started using the anti-leech measure.

Regards;

Roberto.


--------------------
Get up-to-date binaries of Lame, AAC, Vorbis and much more at RareWares:
http://www.rarewares.org
Go to the top of the page
+Quote Post
Toe
post Apr 25 2004, 00:39
Post #18





Group: Members
Posts: 10
Joined: 28-June 03
Member No.: 7422



QUOTE
2)BitTorrent requires that you are server administrator to set up a tracker. Again, if you are so concerned about limiting your bandwidth usage, you probably aren't running a dedicated server and can only hope the server admin will accept your request to set up a tracker. Considering BitTorrent is often associated with illegal p2p distribution... tough luck.

Actually, there's several PHP-based trackers out there that will run fine on a shared host....
Go to the top of the page
+Quote Post
Jan S.
post Apr 25 2004, 12:03
Post #19





Group: Admin
Posts: 2549
Joined: 26-September 01
From: Denmark
Member No.: 21



QUOTE (rjamorim @ Apr 22 2004, 02:21 AM)
1)BitTorrent only works optimally for large files - ISOs, movies, etc. 90% of the files hosted by RareWares, for instance, are smaller than 500Kb. For a recent example of bittorrent experiment gone useless, check foobar2000.org.

AFAIK foobar doesn't use torrent anymore because of lack of a stable tracker.
Beta versions use torrent though. There are no problems with the idea itself.
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 1st August 2014 - 00:10