Slashdot Mirror
BitTorrent Servers Under DDoS Attacks
jZnat writes "CNet News.com reports that popular BitTorrent tracker hosts such as Suprnova and LokiTorrent underwent DDoS attacks on Wednesday (I'll bet you noticed). The culprits are primarily unknown, but these sites were flooded beyond control from the attack. This appears to be striking an interest in revising the BT protocol and Suprnova's interest in making their own protocol."
Whoever was responsible, it surely isn't one of the many-many, oh yes, and many other :) people, who use bittorent regularly to fetch stuff. That is, we all have some hunch who might be the bad guy: a). those who oppose all forms of sharing (won't name them, you know those bad, bad, bad guys in associations :) needn't have been themselves personally, but you know this alright b). somebody who just has something against suprnova or the others.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
I ran a very small BitTorrent tracker for distributing our videos. (2 torrents, very few clients)
A few weeks ago we started receiving a massive attack, mostly from client addresses in Asia.
The attack wasn't a DDoS per se - they were just "hijacking" my tracker by using it for their own torrents. But the volume of traffic (>100 requests/sec) had the effect of a DoS attack.
I was surprised that the standard BitTorrent server does not have some way to prevent unwanted torrents from appearing on your tracker. I was also surprised that my "small-time" tracker (only named by via 1 web page) attracted such a hijacking.
I will not run a tracker without the ability to deny usage to unwanted torrents. Although I'm uncertain about running any tracker at all now, since the hijack basically killed our internet connection.
At the very least, do not run a BitTorrent tracker on a critical DNS name like your primary web site. The attacking clients in my case were all performing DNS lookups. (I could tell they were attacking a DNS name, not an IP address, by changing my DNS entries). Luckily I had used a separate DNS entry for the tracker, so I just pointed it to 127.0.0.1 to stop the attack. But if I had used my primary web server's address, I'd be in real trouble.
At least here in the most countries of Europe there's nothing wrong with distributing copies of music, video and software.
/. for a while.
If you are in a country with membership of the EU, you might be interested* in reading Directive 2001/29 EC on the harmonisation of certain aspects of copyright and related rights in the information society. This has most definitely had an impact on the copyright regime in the UK, although, even before this, unauthorised distribution of copyrighted files was not permitted.
And, on the topic of wondering whether there is "nothing wrong" with distibuting, perhaps some thoughts about the moral rights of authors? Not protected as much in mainland Europe as in the UK (mainland seems to prefer protection of economic rights), but important nonetheless.
*Disclaimer. You might not be interested in reading this at all, but it is of sufficient length to help prevent you posting misleading statements on
A slight flaw in your thinking. You assume that the internet is currently running at capacity, and that there will not be an increase in that capacity.
Both assumptions are wrong. 35% of current internet traffic may be bittorrent, but that doesn't mean that 35% of the internet's capacity is.
Suprnova isn't a tracker :)
If you want to put something up on it you have to find your own tracker first!
www.monkeys-in-bras.com - _the_ place for the decerning monkey viewer.
A network with no central servers or even 'supernodes' reduces the effect of DoS-attacks, and leaves no single person or company to attack with a lawsuit. But that alone isn't enough. Other problems remain, like the privacy issue. Many P2P networks reveal IP addresses of nodes on 'the other end'. Thus, after retrieval of a file, you know from what IP address(es) the file came from. That leaves the network vulnerable for attacks or legal steps against individual users.
To prevent this, it must be impossible to find out who/where a retrieved file (or search query) actually came from (IP, geographical location or otherwise).
Besides the well known Freenet, there's another promising one called ANts. From what I can tell, it works by passing data between nodes, without passing info on the endpoints where data is coming from/going to. Each node passes data on, but doesn't know if the next node will keep it, or in turn pass it on to yet another node in a path. IP addresses are replaced with a virtual 'network ID' (regularly discarded), and combined with encryption, a single node can't tell what it's passing on, where it came from, or where it's going. IP addresses are only known for a few neighbours it contacts directly. For an analogy, think anonymous remailers. The project page also mentions something similar called MUTE. I guess you could call projects like this 3rd generation P2P networks. Looking forward to it! (and please add if you know more like these)
Hi Michael, ;).
f f=0
Im hoping you read this
You don't need a static IP, just get a DNS address from DynDNS.org for your tracker..or use a public tracker [http://thebeehive.info/?p=tlist&o=score&w=desc&o
is suprnovas list, i havent had much luck as of yet]
to host your torrent files and seed them.. If your files are popular, running a tracker AND seeding might be too much for your modem.
If you need any more help you can find my contact info @ lfi.net
- Mike
do everyone a favor and post .flac files instead, smaller size for the same quality
Snowden and Manning are heroes.
Suppose server X hosts a really popular large file of, say, 100MB in size. Suppose that server only has 1MB/sec upstream bandwith. Suppose users A and B both want the file. The server needs to send the file twice, once for A and once for B. Obviously, this takes twice as long as sending the file just once. And if there's two more people, C and D, also downloading the file, it needs to be sent four times and takes four times as long as sending it only once. In other words, the more people are downloading the file, the slower each download gets.
The torrent principle tries to solve this problem. The idea is that A and B start downloading different parts of the large file. For example, A could start downloading the first half and B the second half. Once A has downloaded some of the file, he starts sending it to B, and B does the same. Suppose, for the sake of simplicity, that both A and B have the same bandwith as the server, and that everyone has the same up- and downstream bandwith.
Now, A is getting the file from server X at 1/2 MB per second. A is also downloading the file from B at 1/2 MB per second, and thus is getting a combined speed of 1 MB/sec. The same goes for B.
This is the torrent principle: use the upstream bandwith of downloaders to help ease the load on server.
Now, A and B need to learn about each other's existence in order to cooperate in this way. In BitTorrent, this is done via a tracker. You download a small torrent file, which contains the address of the tracker, the names and sizes of the files in this torrent, and checksums for each part of the file (to prevent people from sending fake parts). Someone generated this torrent file from file(s) he had on his computer, uploaded it to a torrent tracker, and then launched BitTorrent. BitTorrent checks the files against the checksums, notices that there is no pieces missing, and thus doesn't try to download any - just upload (making it a so-called "seed"). It then connects to a tracker and lets it know that "I'm here". When someone else uses this torrent file, their BitTorrent client connects to the tracker, asks for addresses of peers, and starts downloading pieces from them (and uploading pieces to them - there is a simple "tit for tat" method that ensures that you serve best the nodes which upload to you, thus ensuring that everyone will indeed participate). Once a node gets all the file pieces and has thus finished the download, it becomes a "seed" and keeps on uploading untill the user terminates it.
So, the trackers are absolutely vital for BitTorrent; without them, the clients can not learn about each other, and thus can't connect to each other and up- and download.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Smaller size, same quality, you can tag them with labels (song name, composer, performer) and the files are checksummed to protect against corruption (though that's less of an issue when distributing over BitTorrent, which has its own checksum protection).
Ita erat quando hic adveni.
Use a DynDns account and azureus. It facilitates the making of the torrent file and has a nice web based tracker. You'll also need the Java JRE to run Azureus, btw.
Firefox now has a setting to open links from other apps in a new tab. That's the great thing about free software: useful features do get added in a timely fashion--and if they don't you can add them yourself.
> There's no technical reason for asymmetric cable connections
Read the spec sheets on the cable equipment, and you'll see they are all asymmetric! The amps, the cable modems, and the head-end equipment are. It's a simple fact that the cable companies should and do care more about download bandwidth (TV channels) since that's their core business.
Also, you're forgetting that for the past 5 decades the vast majority of cable plant installed was one-way. On our system we have nice large, expensive amps that amplify the signal from the head unit with smaller, cheaper ones that were added later to bypass the one-way amps to send the signal back from the cable modems. Bandwidth-wise, there's about 500x the bandwidth to the customer as there is coming back from the customer. Maybe one day in the future amps that have the same capabilities in both directions will be prevalent, but it's not today.
Here's another way to think about it. When you buy one box to support hundreds of customers versus one box per customer, which one is going to be higher quality? It isn't going to be the cable modems you pass-out like candy. When you have millions invested in equipment to provide TV channels, are you going to replace it all just to provide more upload bandwidth? No. Also, the customers mainly care about download speeds therefore the provider does too.
> Maybe upload bandwith costs them more
It does because the people with content to share (think of that as a company web site) typically have more money than people that are simply downloading. It has to do with supply and demand. For example, we charge our web customers enough so we can make a profit, but like most people, we lose money on each cable customer because we charge market-price. Someone has to pay for the bandwidth and equipment, and the cost companies pay subsidizes the price end-users pay. It's not a great model, but after @Home offered connections at a huge loss, people are conditioned to think that's a fair price. After you price telco lines, you realize it isn't. Our T3 to Sprint costs us $65,000 per month in bandwidth and telco charges and taxes(huge since it crosses a state-line). Think of how many $30/month cable customers you have to have in order by pay for that. The money to pay the loss-leader cable and DSL connections has to come from somewhere.