Information On Current Network Attacks

Please see the bottom of this article for the most up to date progress report concerning the replacement client thats being constructed.

Whats Going On ?

Recently the network has been suffering attacks from both former 3rd party developers and disgruntled ex users who have decided amongst themselves that other users of the network are unimportant and only what they want is important, these ppl are currently abusing a few technical holes in the networking system and driving a large number of users from the network and have been doing so since the attacks began, however I know many of you are long term hard core users and will not fold to this kind of mindless activity and so we need to focus on what we can as a community do to mitigate their attacks and what steps can be put in place for the future to prevent further such attacks.

What Are The Attacks ?

When WinMX was created the information necessary for others to undertake activity on the network was not availble but over the years key parts of the system have been worked out and now most of the special instructions it uses are known to developers/coders, these special instructions are called "protocols" and all clients using the network have to follow them, however like MicroSoft's offerings requiring near constant updating WinMX also has a few holes and as most of you know theres no developer of the original client left to continue any updates and so we can only look at constructing a new complete client replacement that will take a long time but will resolve any future problems.

How Can These Attacks Be Stopped ?

As stated above the way ahead is to create a new patch and we already have one of our best developers on this project but with the scale of the attacks increasingly affecting more users we are asking all users to offer help and support of their fellow network users and you too can aid in this by ensuring users are kept informed of the problem, the progress of any solution and in the meantime support each other with files and help to the best of your abilites.

Lets look at what we can do to ensure the attackers do not win while others work round the clock to deliver us all a solution.

1) Use the open-Nap side of the WinMX client to obtain files by following the instructions here

2) Join a chat room and make friends as this will ensure you will only be dealing with real folks and real files, you can see what each user is sharing by "right clicking" on their names in the list on the right of the chat screen and selecting the files you want to download as normal, remember you get what you give so be sure to share material of your own. Please see item 7) below for a chat room list.

3) Make use of the "shareguard" file scanning bot to scan whole rooms for file lists, look here for instructions on where to get it and how to use it.

4) Keep your searches to the bare minimum so attackers cant hide so easily amongst the real users even if they do use a spoofed IP's and of course use your common sense and try different times of the day for searching as the attackers are not always attacking and "browse" users before clicking the "download" button.

5) To help stabilise the Primary network if you are operating as a Primary please open the "Settings" tab at the top of the winmx client and locate the "Bandwidth throttle" controls, then enable both tick boxes and adjust both settings to the minimums as shown below, this will enure some of the excess Primary traffic is restricted.

6) If you operate a chat room using a third party server you may find its becoming unstable and dropping users as well as eating up enormous amounts of bandwidth, this is due to the large amount of malicious traffic crossing the primary network. The solution we ask you all to undertake is to unlist your chat rooms so that they do not appear on the WPN list, this will stop them being affected.
There are two third party sites that hold room lists that you can ask to publicly list your room on so it can be listed there and not on the WPN, by doing this you should have no further problems with any of the network attacks and it may well even inconvenience the spammers as they likely will not have your room address to hand.

7) You can find a list of chat rooms at the following locations.

2sen Chat List
and also
winmxunlimited Chat List

UPDATE: 14-05-12

In August 2011 the patch idea was dropped due to a new attack method being employed that wasnt possible to fix using a patch alone, for this reason all activity since then has been to create a new client and we are well on our way with this, this means we have selected what was the longest way to fix the problem but will be the most futureproof, at this time of writing we have much of the client in hand and two sections remain to be completed, once those parts are in place and some period of testing undertaken we expect to be able to release it to you all, please remain assured we will never give up on this project, a solution is envisaged to arrive in time for our traditional september anniversary, please be ready to help spread the word and rebuild our network and community.

UPDATE: 01-10-12

The majority of the client has now been constructed and we have asked the community coders to look at the new clients protocol security arrangements and perhaps suggest changes or updates, also we have issued our community partners with a pre alpha release of the client to gather further feedback for bug fixes and possible problems as well as useful improvements, we hope to make further releases to larger groups after each successful update to the client codebase and as always thank you all for your patience and support.

UPDATE: 15-01-13

Currently the client project is working on an issue with the transfers section thats proving a pain to resolve however we are still working on it and will continue to do so, this last major area of the client is one that the current developers have little previous experience of however we do have some basic functionality but thats not in our opinion good enough for you folks yet, many of the other features are now working fine and the client is very stable and resistant to many but not yet all of the attack methods we have seen over the last few years.
We thank you for your continued patience and of course will make a public announcement when we have a completed version ready for beta testing, like yourselves we hope this is sooner rather than later

UPDATE: 05-02-13

Some but not all of the transfers problems have now been resolved and work is continuing to finalise the mulitple language support aspects of the client as well as tidying up some of the smaller bits that have been left because other parts where of a higher priority, we still have some small parts to finalise but we are again making good progress as you would expect at this period in the client developement.

UPDATE: 13-03-13
Further good progress and some screenshots can be found here

Most of the major code portions are now in place and the project is now focusing on bugs and B and C priority items.
There has been a further test release to a very small group and they are providing valuable feedback and focus for bug eradication, once they are happy the developers will look to use a larger pool of testers and fine tune some of the network traffic related components, following success with that undertaking we can expect to see a public beta and at some point in time a first release, please use the forum to ask any questions you feel are not being adressed or you have concerns over.

UPDATE: 21-9-13
Today we released a Beta of the community client now newly renamed OurMx after a forum vote, a forum to support the OurMx Client has also been launched.

UPDATE: 27-9-14
After the release of Beta 1 there was a lot of feedback and bug reports and the development team set to work on many of these, as shown here.

Unfortunately we are still fighting to resolve some areas of the client to ensure its stable given the current increase in network attacks, for this reason and the lack of developer time throughout this last year we have decided to hold off the beta 2 release until we are satisfied it will be more functional and completed than beta 1. We hope you all agree this is the most sensible way ahead although we understand its a disappointment to all in the community who wish to return to a more normal networking environment.
As always thank you all for your patience.

Please feel free to suggest further information or solutions that can be added to this guide if you have any thats not listed as we will always be happy to add them and give you credit for the idea.

©2005-2024 All rights reserved. Page last updated Sat Sep 27 2014