PeerGuardian - IP Blocking for Windows Vista

April 01, 2008 by sharky

The first thing that PeerGuardian users notice when upgrading to Windows Vista is that the old PG2 doesn’t work. That being said, the PhoenixLabs team has been hard-at-work on a Vista solution, and thus far have come up with a working beta-release of PeerGuardian3 (called RC1-Test2).

Installation - Vista users

Download the latest version from http://phrosty.phoenixlabs.org/pg2-rc1/. The current release is “pg2-rc1-test2.exe“. NOTE: This beta release has been tested with all versions of MS Windows, although it is not recommended for anything other than Vista at this point in development. Non-Vista users should ideally opt for a “stable” release from the http://phoenixlabs.org/pg2/ page.

Vista Tips

TCP/IP Max Connections: Vista imposes a limit on the number of half-open TCP/IP connections. Patching this to a greater number can significantly increase your download speeds through P2P programs & web browsing (as well as PeerGuardian).

Important note for Vista x64 users

(courtesy of the Phoenix Labs website)

New in Vista x64, Microsoft requires all drivers to have a special code signature, or they won’t load. They call this a security feature, but we believe this is basically snake-oil: although code signatures let you verify where the driver came from, it does not protect at all against a malicious driver (such as a virus).

Unfortunately, the certificate to perform this signing costs from $300-$500 USD/year. Until Phoenix Labs is able to afford one, Vista x64 users will need to perform the following steps.

  • Start -> All Programs -> Accessories -> Right click Command Prompt -> Run as administrator.
  • Copy the following exactly (without quotes):
  • bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS
  • Right click on the title bar, go to Edit -> Paste. Make sure what was pasted is correct, then hit enter to execute the command.
  • Reboot the machine.
  • Now the first time you load PeerGuardian2 you will see a message like below. If you performed the above steps correctly, it is safe to ignore this. You can make sure by turning on Show Allowed under settings (in PG2), and making sure an IP scrolls by when you visit a website.

Vista x64 Tips

(courtesy of the Phoenix Labs forums)

The current beta release of PeerGuardian2 for Vista is not compatible with x64 (SP1) unless:

1. Certain Windows Updates are removed:

  • KB932596
  • KB938979
  • KB938194
  • KB941649
  • KB943078 (in December, 07 updates)
  • KB943899 (in January, 08 updates)

2. Or, as an alternative to removing these updates, boot into Vista using the F8 key. At menu, choose this option to boot without driver signing (near the bottom of list):

“Disable Driver Signature Enforcement”

Advantage: Lets you keep your security updates in place.

Disadvantage: You must always use F8 to boot if you choose this method of getting PG2 RC1 to run successfully w/Vista x64.

This is the ONLY way to get this PG2 to run correctly if you have SP1 installed on your Vista x64.

3. In either case above, it is recommended to disable the Windows Defender. Use a proper firewall, instead:

PeerGuardian2 Firewall Software Compatibility:

PeerGuardian2 is compatible with most firewall software, including:

  • Sunbelt Counterspy V2
  • Most Norton software (although there have been isolated incidences)
  • Kaspersky Internet Security (any version)
  • Zone Alarm Internet Security Suite (any build, including the latest v7.0.462.000) and Zone Alarm (free version)
  • Comodo 3.0
  • McAfee (firewall) software is not recommended for use in conjunction with PeerGuardian. It can lead to IP addresses not being properly blocked.

Remember, when installing PeerGuardian2 it must be ‘allowed’ by your firewall software.

µtorrent & PeerGuardian2

If you are using µTorrent, it M*U*S*T not be running until PG2 is completely loaded! Once PG2 is fully loaded, you can manually open µTorrent.

Troubleshooting Vista & PeerGuardian2

(courtesy of the Phoenix Labs forums)

This tip can help speed up the load time of PG2, and make it run more smoothly. Instead of launching PeerGuardian2 from the Start Button, create a small batch file and use it to launch PG2. Here’s how:

1. Create a *.TXT file on your desktop (or anywhere) and open it with Notepad. As an example, call it “pg.txt“.

2. Copy/paste this text into the new file:

cls
tskill pg2
del /Q “C:\Program Files\PeerGuardian2\lists”
del /Q “C:\Program Files\PeerGuardian2\cache.p2b”
del /Q “C:\Program Files\PeerGuardian2\history.db”
“C:\Program Files\PeerGuardian2\pg2.exe”
cls

Now, the file should look similar to this:

3. Save the file. Now, close it, and rename it to pg.bat (instead of pg.txt). Double-click it to launch PeerGuardian2.

NOTE: This clears out the PG2 cache, lists and history - starting PG2 RC1 on a clean-slate. The IP blocklists M*U*S*T be updated again each and every time when using this “batch” method to launch PG2 (see below).

Updating the IP Blocklists

Important steps that should NOT be overlooked when updating the IP lists in PG2:

1. Run PG2, and disable it. Close it down with it being disabled (make sure it is no longer running in Task Manager).

2. Run PG2 again (it should be disabled), and update the lists.

3. Enable PG2, and verify that it is working. In the Protection window, IPs should begin to list.

Other Vista—IP Blocking Solutions (non-PeerGuardian):

BitTorrent:

One alternative to using PeerGuardian2 & Vista is to incorporate IP blocking into your P2P application. An example of this is to use the “ipfilter.dat and µtorrent” solution to block these same IP ranges at the BitTorrent client level. For Azureus, the “SafePeer” plugin is equally effective.

eMule/eDonkey:

The ipfilter-eMule approach may also be used to block unwanted IPs in Vista systems that are running eMule (and derivatives/mods).