119

Security
01.05.2004 18:38

IP-Filter
IP-Filters are used to restrict connections to and from other clients. All IP ranges that are entered in the ipfilter.dat file cannot connect to eMule nor can eMule connect to them. This file can be edited via the Edit Button and is saved in eMule's install folder. For more information on filtering IP see the topic IP Filters of this FAQ.
eMule has to Reload the ipfilter.dat file before any changes apply.

o Filterlevel
Each entry of the ipfilter.dat has an access level assigned. This value describes how trustworthy this entry is. High values (default 128+) are considered secure whereas lower values are to be blocked. The Filterlevel determines the limit of blocking. Each entry in ipfiletr.dat which has an access lower than the set Filterlevel will be denied connection to eMule. The default value should not be changed.

o Filter Servers too
The IP-Filter rules are usually only valid for other clients. This option will extend the filtering to servers as well.

o Update from URL
Entering a link to a filter file and pressing Load will add the found IPs to eMule's ipfilter.dat. See the IP Filter chapter for links and more information

Messages
Unwanted messages can be blocked by entering them in this filed. If the text matches no messages will be displayed. Multiple messages may be chained using | as separator.

o Accept from friends only
All messages except from users added to the friends list will be blocked.

o Accept from valid clients only
This setting makes sure, that messages are only accepted, if the sender client is valid and does not appear to be a fake. This setting should be turned on.

o Advanced Spam Filter
The Advanced Spam Filter will check every incoming message. If any of the following filter criteria is met, the sender of the message will be ignored. A spam ignore will last for the current session only.

> A webadress or URL is sent on first contact

> The user already sent 5 messages without receiving a reply

Users on the friends list will never be marked as spammer.

Comment
This functions works like the message block above but is applied to file comments

Note:
File comments should help other users to judge the quality of a download. They are not intend to talk about the weather or for advertisements of any sort. Please leave proper comments.

Miscellaneous
o Use secure identification
It is recommended to use the secure user identification. For more information on this topic see here.

o Run eMule as unpriviledged User
This option is only available in the Win NT series (2k, XP, 2003) and allows eMule to profit from the tighter security these systems provide.
Usually a user is logged on to his machine with an Administrator account. This account type allows him and all executed software full control over the system. In this case also all malicious code executed will have its full bad effect.
Running eMule as unprivileged user will create an own user account in the operating system called emule_secure and sets the permissions for full access to the folders it needs (installation folder, temp and incoming folders) for this special user. Otherwise this account is heavily restricted and denies access to other parts of the system. eMule starts itself under this user account making sure that any malicious code which may be injected has no rights on the system, thus not being able to do any harm. This is a preventive measure in case of any vulnerable code is found which could be exploited.

Notes:

o eMule cares for the file access it needs. Further security can be achieved by deliberately restricting file access to other folder or entire drives. Restricting file access is only possible with NTFS but not with FAT

o The separate account offers the full possibilities of control mechanisms in modern operating systems like disk quotas etc.

o A bug in Windows XP prevents any visual styles from working when eMule is run in this mode. The GUI will look like standard Win98. Windows XP SP2 seems to solve this problem.

o This setting will not provide any anonymity in the network but makes the system eMule runs on more resistant to any possible outside attack.

Applies to Version: .42f +
Last Update: 2003-06-20 by Monk

>	A webadress or URL is sent on first contact
>	The user already sent 5 messages without receiving a reply

Notes:
o	eMule cares for the file access it needs. Further security can be achieved by deliberately restricting file access to other folder or entire drives. Restricting file access is only possible with NTFS but not with FAT
o	The separate account offers the full possibilities of control mechanisms in modern operating systems like disk quotas etc.
o	A bug in Windows XP prevents any visual styles from working when eMule is run in this mode. The GUI will look like standard Win98. Windows XP SP2 seems to solve this problem.
o	This setting will not provide any anonymity in the network but makes the system eMule runs on more resistant to any possible outside attack.