Your continued donations keep Wikipedia running!    


From Wikipedia, the free encyclopedia

Jump to: navigation, search

PeerGuardian 2 under Windows XP
Maintainer: Phoenix Labs
Latest release: 2.0 Beta 6b / September 18, 2005
OS: Cross-platform
Use: Firewalls
License: GPL or zlib/libpng license (depends on OS)

PeerGuardian and PeerGuardian 2 are free and open source programs developed by Phoenix Labs. They are capable of blocking incoming and outgoing connections based on IP blocklists. Their purpose is to block several organizations, including the RIAA and MPAA while using filesharing networks such as FastTrack and BitTorrent. The system is also capable of blocking advertising, spyware, government and educational ranges, depending upon user preferences.



The original PeerGuardian (1.0, led by programmer "method" Tim Leonard) was programmed in Visual Basic and quickly became popular among more knowledgeable P2P users despite blocking only the common TCP protocol and being known for high RAM and CPU usage when connected to P2P networks. The original version was made open source, and development began on a new version (2.0, led by programmer Cory Nelson) to resolve the shortcomings of the original. The latest version, PeerGuardian 2, is coded in C and C++ and sits low in the kernel so that it can block all IPv4 protocols and ports.


On Windows, Linux, and Mac OS X, PeerGuardian uses a driver to queue all incoming and outgoing connections. Connections are checked for their status in the blocklist using a binary search.

Blocklist formats

The blocklist is stored in a number of different formats:

Binary Formats

The binary formats (known as P2B) were created at the release of the first beta version of PeerGuardian 2, in order to create the smallest possible blocklist.

  • P2B Version 1 - This format was used only in the earliest releases of PeerGuardian 2. It was compressed using the gzip format. Lists are no longer produced in this format.
  • P2B Version 2 - The most widely used format, this is supported among a number of applications, including eMule and the Linux version of PeerGuardian. It is equivalent to the first version of the P2B format, but instead uses UTF-8 to store names. Lists are produced in this format.
  • P2B Version 3 - The newest version of the P2B format, this is currently supported only on the latest version of the Windows flavor of PeerGuardian 2. This format uses 7z compression for additional size reduction. Unfortunately, the recent adoption of this format and the somewhat obscure nature of the compression used make this format not the most compatible one. Lists are produced in this format.

P2P Plaintext Format

The original format for PeerGuardian version 1.x was a simple format that utilised plain text. Unfortunately this meant that lists became very large and cost a lot of bandwidth to distribute, heralding the construction of the smaller binary formats.

The format is as follows:

 Range Name:FirstIP-LastIP

For example:


This format is used in eMule, in the SafePeer Azureus plugin and in Protowall.



PeerGuardian is often misunderstood as an application. Many presume that the purpose of the software is to hide the user's IP address from various groups, such as the RIAA and MPAA. This is nearly impossible and is thus a misconception of the intention of the program.

The design of PeerGuardian is to prevent the collection of evidence that can be used as proof that a particular IP address is connected to a particular network. In order to successfully sue in the United States, one must receive data from that person, very detailed logs must be obtained as to their activity on the network, and there must be proven evidence that particular files are available from that person.

This means that the information provided by a tracker or eDonkey peer is insufficient, and the organizations hired by RIAA, etc must directly connect to each individual they wish to investigate. This process is automated and is carried out through high speed connections bought by various subcontractors, such as BayTSP, MediaSentry.

In the case of fake eDonkey servers, such as the ones hosted by MediaSentry, PeerGuardian will prevent you from connecting to the server in the first place, preventing all danger in this respect.

It is important to note in addition that P2P protection is not the sole purpose of PeerGuardian, a large number of spyware and advertising IP addresses are also monitored, and the purpose of the website is to allow general purpose IP address research.

Despite the criticism, the development team behind PeerGuardian have clearly and repeatedly stated that PeerGuardian is not and never should be considered 100% protection, clarifying that PeerGuardian is only supposed to help reduce the likelihood of being caught or fooled by fake servers and content.


Another common criticism of the PeerGuardian application is the lists that it utilises. PeerGuardian will block all IP addresses in the blocklist, but the accuracy of the Blocklist is critical to the operation of the entire system.

The intention of Phoenix Labs is to administer the blocklist in public - opening * to allow users to comment on and submit ranges that might have been missed by the Bluetack staff.

An MIT student's report, made in late 2003, claimed that an out-of-date PeerGuardian blocklist was capable of blocking 75% of fake files on the Fasttrack network. This is an indicator of the success of the application, since many anti-p2p organisations also distribute fake files.

Also of note: Valve has now added to their technical support FAQ indicating to users they will need to exit PeerGuardian and then exit and restart Steam in order to connect to the VAC servers. A number of PG users have, in fact, quit using the software altogether due to its aggressive policies regarding hostile IPs.

Because of such instances with companies such as Valve the Windows application allows any IP address to be allowed, either permanently or temporarily via a simple right click in the Log or History Windows.

Recent improvements to list auditing have created a marked improvement in list quality, and the developers encourage the public to examine and comment on the lists. makes it possible for any user to mark a range as invalid for analysis by moderators. -- 18:21, 11 July 2006 (UTC)

CPU Usage

Early Windows versions suffered from CPU usage problems. This was caused by the way the first version operated (reading the connection table several times a second). The issue was corrected in the 2.0 version with the introduction of a proper driver-based system.

See also

External links

Personal tools
In other languages