Your donations
fuel
development!
Crypto:
Bitcoin
BitcoinCash
Monero
Litecoin
ZCash
Verge
Dogecoin
Credit Card:
PayPal Secure Payments
Discover
Download
Find Content
Optimize
Help & Support
Forum
News
Log In
Register
Help and Support
Ask a question, report a problem, request a feature...
<< Back To Forum
Block Clients?
by
Sailor24
on 2014/06/09 01:28:32 AM
I know we can block IPs but I really want to block clients, well one? I want to block all SD100's that don't call themselves thunder, ideally I could manually allow some after review.
by
Guest
on 2014/06/09 10:24:22 AM
I'm a fellow user.
I have no idea, what you are talking about.
What is "SD100" ?
What you mean with "Thunder" ?
Please explain.
A similar problem is, when I choose Disconnect for a specific IP
(because the ratio is like 100U/1D),
Tixati Connects automatically again after a few minutes.
I don't know, how to Disconnect+Block a specific IP permanently.
by
Sailor24
on 2014/06/10 07:42:06 AM
SD0100 is the ID for Thunder another client like Tixati or Utorrent. If you right click on a peer and choose properties you will see these near the top on the right side.
Sounds like you want to block a specific person or group. Just right click on them and choose ignore. They will be just that until you restart Tixati or unblock them. Warning they will be ignored in all torrents.
by
Pete
on 2014/06/10 10:25:37 PM
I'd like that feature too, Thunder is a terrible client. Thunder doesn't support UDP connections and encrypted connections. You can block this client by forcing UDP or encryption.
by
Sailor24
on 2014/06/11 03:11:49 AM
I wish I could do that, but I will loose too much traffic. If you see SD0100 and the client is not called Thunder block it for sure. Especially if it says BCTS/2.4.6. That is some group, and they can get access to your computer. They will show RI and LI even though they show no bytes downloaded. They will light up like they are sending and receiving but bytes in or out will show 0.
Got a couple security emails last week saying someone accessed some of my accounts online. The reason for the flag was the log in was from China. Spent some hour using google translate and .cn.
Short of it was I found that group and they appear to be up to no good. Also found out that the client can easily be modded to do bad things. I reloaded all my torrents from the previous week and sure enough found the behavior and the BCTS name.
Now as far as I am concerned it is a security risk and would love to have an auto block on it. Might try getting an IP address list for China and block the country.
by
Bugmagnet
on 2014/06/11 03:55:37 AM
I just scanned all my connections and didn't see a single Thunder client. And as far as SD100.. do you only see that by looking at peer properties? I have never seen either but then I don't ever examine peer properties.
I think I did see one client advertising BCTS/2.4.6 earlier today but none now. maybe you scared them off by outing them :)
I can't imagine administering shares/connections by examining the properties panel for each peer. If is not on one of the sortable transfer tab columns, it would seem impracticable to manage.
by
Sailor24
on 2014/06/11 03:07:28 PM
Yes the only way to tell is by looking at properties, upper right. Location, client then peer ID. Easy to spot, look for a Chinese flag no data on the bar yet they will be interested in you even if you have no data. Check properties and you will see you have no blocks for them yet RI is lit and you will have unchoked them and out is lit so you will be sending something. Yes it is a lot to do, which is why I would love an auto ignore for that client. At least when the client does not say thunder.
This is only the second time I have heard about it in a year. First time it has happened to me. I see a lot of China clients so I don't think it is that wide spread. That said the forum I found I could only access once then I got a bad gateway error. I tried a ton of things from clearing cookies to getting a new IP and tried a different browser. The forum was old and active so they have been doing this for sometime. If you have ever tried to read translated Chinese, you would know I was not able to get any sort of clear picture of what they were saying. A lot was not what you would expect from a torrent conversation however. That is why I am suspicious and now cautious.
You never know this weeks Windows update may have removed the holes, but they will look for more. Don't read to much into this I am likely just paranoid. Someone did gain access to my passwords, this means nothing because I only save passwords to forums and accounts I would gladly let the world see.
by
Bugmagnet
on 2014/06/12 09:53:46 AM
I never saw thunder
but I am seeing some with a client as : 7.9.16.4670 and 7.99.12.258 - no names, just numbers... and when I looked at the peer properties, I did see SD0100 in the peer ID
Past that, I don't note anything unusual... - they seems to be downloading what I am seeding...
by
Sailor24
on 2014/06/12 06:16:50 PM
Those are a version # of thunder. They appear legit sort of. I think you will find that they are trying to download sequentially. Likely they will also only be downloading not uploading much. Check and see if they have uploaded to you, if not I would ignore them. They are not doing any good for you.
To the rest of the world they maybe considered malware, to the computer they are on. They come with tool bars and frequently Trojans that log internet activity. They are both produced by a company that belong to the state. To me that is like getting a client from the NSA. (Which I think you have if you are running Utorrent)
Inconclusive is just that, not really known, which does not mean they are safe or dangerous.
by
Guest
on 2014/06/17 02:12:20 PM
If anyone is intrested in the "Thunder" client itself:
http://en.wikipedia.org/wiki/Xunlei
It's a Chinese downloader that uses BitTorrent as well as HTTP, FTP, and other p2p protocols. It is known to ignore rules, and for HTML downloads it was blocked by many websites (it now spoofs itself to look like other browsers).
On the subject of automatically blocking peers based on client if it is added I think they should also add priorities based on Client. eg. If I liked Tixati could give Tixati users a AN priority and for Xunlei peers give a priority of BN. In that case if the only users online used Xunlei then I wouldn't stop dl/ul but I'd have a preferred choice of others if others are online.
by
Stack
on 2014/06/17 02:51:05 PM
Just like to add a note: Not sure what algorithms Tixati uses but the "standard" one makes sure that when you're downloading you're seeding the most to peer you are also downloading the most from. When you're seeding it's possible that they'll hog bandwidth but you usually don't care so much. Of the one Thunder user I found in my peer list Tixati was choking them and they seemed to not get data from anyone else either.
Full disclosure, I have Tixati set to UDP > TCP and Encrypted preferred, which could be the reason for the choking. Their client is TCP and Unencrypted.
by
Sailor24
on 2014/06/18 02:25:03 PM
@ Stack
The behavior of most Thunder clients is to not show their activity and never to show what they have. Example I upload 10Mb to one. Disconnect then reconnect to get updated stats and that client reports that it's total bytes received is only 1 or 2 Mb. Give them another 10 Mb and it says the same thing. One way around giving back is to show you don't have it.
Often with China you have poor connections and poor line quality, that can cause choking. Depends what part of the world you are from.
That said not all clients are configured that way, but I am always suspicious of any client setup to dupe; rather the person configuring it that way. Also find a group of Thunder users on a single torrent. Check the port # I have seen many using 6 digit number, or 6 IP addresses all using the same port or one or two numbers off. This could be 10234, 10134 and 10734.... I mean what are the odds.
by
Guest
on 2019/08/12 02:50:29 AM
Sorry for the very late reply... I'm sad to say that Xunlei clients support UDP and/or encrypted connections for now, but they still use SD0100 for their peer IDs so there is still a chance of blocking them by applying patterns.
Also I'm a bit frustrated by OP's idea of blocking the whole country, there are still some users using normal clients and follow the rules, I guess one shouldn't block a whole country while he has a better solution to those corrupted clients. (e.g., I'm a Chinese user who follows the rules, there are also other Chinese IPs with uTorrent or Deluge.)
Finally I'd appreciate it if this can attract devs' concern (again) and client-blocking feature will be implemented eventually.
Additionally, as I live in China, I think I know more about Xunlei than you others. Any questions about them are welcomed to ask.
Add Reply
<< Back To Forum
This web site is powered by
Super Simple Server