In the second part of my Understanding eMule series, I advised against evil devil servers in the eDonkey network, which could return false files among other things. I suggested cleaning the list and using the good server list made available by Maurice: “http://ocbmaurice.no-ip.org/pl/slist.pl/server.met?download/server-good.met”
However, in the last month or so I’ve been seeing false results in my eMule search, due to one of these bad servers. Today, since I was bored, I actually bothered searching for the evil devil server impostor in Maurice’s good list. It turns out that they’re not one, but two servers. Their IP address are 212.179.133.218 and 212.179.133.219. Please go to your server list, search for these two false, evil devil servers named Wmule, and delete them!
Edit: It seems that the third Wmule server, with IP 62.90.175.146, is also sending fake results, although I am unsure under which circumstances. It doesn’t always, that’s why at first I thought that this third server was not a fake one. To be sure, I’ll remove all Wmule servers in the future (three in total for now).
The trick of the two evil and fake Wmule servers is that they work together. Even if you’re connected directly to one, a search won’t return anything if you do a server search. But if you do a global server search, the search is sent first to one, then to the other server. When the first one receives the search query, it tells to the second server “hey, this someone searched for this stuff”. Then when the second server receives the same search query from you in a short period of time, it knows you so he invents right then the file names and sends them to you.
Since the servers didn’t return any fake result (actually no results at all) when they were queried alone, it was a bit harder to locate them. They only return fake results when queried together and sequentially. A smart trick, but for us it’s a crap trap. These servers distributed dangerous files, probably trojans under the disguise of powerful downloaders. Beware of evil devil servers!
Sometimes, one receives nice things in emails »« Understanding eMule (and part 3)
