Information On Current Network Attacks

Whats Going On ?

Recently the network has been suffering attacks from both former developers and disgruntled ex users who have decided amongst themselves that other users of the network are unimportant and only what they want is important, these ppl are currently abusing a few technical holes in the networking system and driving a large number of users from the network and have been doing so since the attacks began, however I know many of you are long term hard core users and will not fold to this kind of mindless activity and so we need to focus on what we can as a community do to mitigate their attacks and what steps can be put in place for the future to prevent further such attacks.

What Are The Attacks ?

When WinMX was created the information necessary for others to undertake activity on the network was not availble but over the years key parts of the system have been worked out and now most of the special instructions it uses are known to developers/coders, these special instructions are called "protocols" and all clients using the network have to follow them, however like MicroSoft's offerings requiring near constant updating WinMX also has a few holes and as most of you know theres no developer of the original client left to continue any updates and so we can only look at either a complete client replacement that will take a long time or a new patch release, a new patch release is the only realistic way ahead at this time.

How Can These Attacks Be Stopped ?

(2012 update - Please read update notice at the bottom of this page)

As stated above the way ahead is to create a new patch and we already have one of our best developers on this project but with the scale of the attacks increasingly affecting more users we are asking all users to offer help and support of their fellow network users and you too can aid in this by ensuring users are kept informed of the problem, the progress of any solution and in the meantime support each other with files and help to the best of your abilites.

Lets look at what we can do to ensure the attackers do not win while others work round the clock to deliver us all a solution.

1) Use the open-Nap side of the WinMX client to obtain files by following the instructions here

2) Join a chat room and make friends as this will ensure you will only be dealing with real folks and real files, you can see what each user is sharing by "right clicking" on their names in the list on the right of the chat screen and selecting the files you want to download as normal, remember you get what you give so be sure to share material of your own.

3) Make use of the "shareguard" file scanning bot to scan whole rooms for file lists, look here for instructions on where to get it and how to use it.

4) Keep your searches to the bare minimum so attackers cant hide so easily amongst the real users even if they do use a spoofed IP's and of course use your common sense and try different times of the day for searching as the attackers are not always attacking and "browse" users before clicking the "download" button.

5) To help stabilise the Primary network if you are operating as a Primary please open the "Settings" tab at the top of the winmx client and locate the "Bandwidth throttle" controls, then enable both tick boxes and adjust both settings to the minimums as shown below, this will enure some of the excess Primary traffic is restricted.

6) If you operate a chat room using a third party server you may find its becoming unstable and dropping users as well as eating up enormous amounts of bandwidth, this is due to the large amount of malicious traffic crossing the primary network. The solution we ask you all to undertake is to unlist your chat rooms so that they do not appear on the WPN list, this will stop them being affected.
There are two third party sites that hold room lists that you can ask to publicly list your room on so it can be listed there and not on the WPN, by doing this you should have no further problems with any of the network attacks and it may well even inconvenience the spammers as they likely will not have your room address to hand.

UPDATE: 14-05-12

In August 2011 the patch idea was dropped due to a new attack method being employed that wasnt possible to fix using a patch alone, for this reason all activity since then has been to create a new client and we are well on our way with this, this means we have selected what was the longest way to fix the problem but will be the most futureproof, at this time of writing we have much of the client in hand and two sections remain to be completed, once those parts are in place and some period of testing undertaken we expect to be able to release it to you all, please remain assured we will never give up on this project, a solution is envisaged to arrive in time for our traditional september anniversary, please be ready to help spread the word and rebuild our network and community.

Please feel free to suggest further information or solutions that can be added to this guide if you have any thats not listed as we will always be happy to add them and give you credit for the idea.