Client Analyzer并不像其它反吸血系统,它并不需要吸血客户端的特征,如昵称tag和modstrings。CA会主动检测客户端的运行习惯及状态,这样可以尽可能公平的对每一个客户端进行检测。那些没有特殊特征的Mods,像ZZ-R,XDP,Toxic等,它们从己方下载大量数据,却没有任何上传,CA一样会给予惩罚。CA和其它反吸血系统,就像杀软和主动防御,杀软需要特定人员更新病毒识别码,而主动防御自主分析程序行为,自动进行清除。
一些CA主要检测依据:
* 已知客户端的时间(userhash);
* 下载和上传比例;
* 下载和上传状态(完整文件或不完整,还是稀有文件);
* 昵称盗窃,发送损坏数据;
* 不正常的源请求速度(client-aggressive);
* 如果你是完成源,却多次拒绝或忽略上传请求。
CA的最大优点是每一个客户端都有机会被ban或是unban。这样避免了大量误杀。在其它反吸血系统中,ban掉一个客户端相当于“失去”一个客户端。(不包括no upload to leecher)但CA会继续检测,如果此客户端恢复正常,CA会unban。
CA项目的启动是因为Wizard为他的反吸血列表更新了无数次。
DLP和Argos的缺点:
* 要不断的更新特征;
* 较高的CPU占用;
* ban掉一个客户端无法恢复,即便它开始上传;
* 误杀严重,会ban掉很多欧洲发布级community mods,如Fireball,Fincan,Flowerpower,OrangeSpirit,eChanblard。
粗略统计
正规mods整合CA:AcKroNiC,AnalyZZUL,Beba,eMuleFuture,NextEMF,SharkX,Spike
吸血mods:Apace,MorphCA
PS:相信很多驴友都听说过Wizard,它对eMule有很多原创的改善和功能补充,在很多Mods的更新日志都可以看到Wizard,在很多eMule正规和吸血论坛都可以看到他的身影,他跟很多吸血Modders都有密切的联系。欧洲除了Applejuice Community,其次的Flowerpower Community就是Wizard编译的。Wizard的eMagiC(吸血)整合EM 和BT,早在一年前就在秘密进行内部测试。
The Client Analyzer (or CA) is a project of the German modder Wizard. This system has the goal of recognizing Leecher as do alternative systems to the IC, such as AntiLeechClass always wizard (for example, contained in Ionix), the DLP Xman (Xtreme) or the Argos to Xanatos (NeoMule) .
The CA creates a ranking of conduct based on heuristics which is to give a more complete picture on the clients and their real identity.
[edit] Operation
The Client Analyzer does not block tags, nicknames or modstrings, analyze first the behavior of the client, thus making possible a fair treatment of all customers by behavior. So, for example-Spammer Mod as ketamine, but also customers, who download a lot without posting, will be punished by the CA.
Some aspects of the CA Exchange:
* How long a client is known someone (who retains his Hash-user gets a small bonus);
* Report DL: UL;
* What kind of UL / DL's state (files complete, incomplete, rare);
* If you use a nickname stolen, a sequence mod stolen or corrupted files are sent;
* If requests are made too quickly (client-aggressive);
* If requested source can be done too often and / or ignoring the requests received.
Each client has a chance to be punished, rehabilitated, this is one of the biggest advantages of CA, in practice, a client identified as incorrect, if you send files to upload to the network is rehabilitated and no longer banned / penalized (this does not happen in other systems other than CA where clients are banned inevitably "lost" even if they could send files to upload, this is both unfair and unnecessary).
Rehabilitation is effective when we receive from these clients banned / penalized for chunks, which vary according to the penalty in the case of Mod that steal Nick, the penalty is 5 chunk to return to 'normal' level.
The idea behind the CA was a Wizard and update the list leecher for the umpteenth time. Alternative systems to the IC have some disadvantages:
* Must be constantly updated;
* High consumption of CPU (because of continuous monitoring);
* Block / sanction to all Bad-Mod blacklisted in some cases even if they are "useful" to the network (sending files to upload).
* Are sometimes punished releaser.
Relative to AC 1.4 and 1:55
[edit] Clients that implement the Client Analyzer
AcKroNiC, AnalyZZUL, Beba, eMuleFuture, NextEMF, SharkX, Spike
0 comments:
发表评论