Slashdot Mirror
BitTorrent Servers Under DDoS Attacks
jZnat writes "CNet News.com reports that popular BitTorrent tracker hosts such as Suprnova and LokiTorrent underwent DDoS attacks on Wednesday (I'll bet you noticed). The culprits are primarily unknown, but these sites were flooded beyond control from the attack. This appears to be striking an interest in revising the BT protocol and Suprnova's interest in making their own protocol."
We have one opinion about taking down spammers, but we have a seperate opinion about services that we may be using.
I think that's perfectly fine. For some reason, people want us to have a single unified opinion about a broad range of subjects that are different from one another. Each answer and opinion needs to be circumstantial and based on each instance rather than sweeping generalizations, otherwise we end up in a situation similar to:
(Note: This isn't a political statement, nor am I trying to show my opinion, it's just the example that seemed to fit the most right now)
Man: So are you for or against abortion?
Woman: AGAINST! It's wrong, it's taking life, and is the same as murder! Any instance of it is WRONG! Put it up for adoption, or take some responcibility!
Man: So you are saying that if the young woman was raped so badly, that she should have the child from the instance regardless of the future psychological damage it would have on her? And even if having the child would, if the circumstance brought it up, kill her?
Woman: Well.. um
"We're breaking out the ramen noodles. . . "
"Really? Is it someone's birthday?"
That some Hollywood company didn't just wait for the Lycos thing to set a precedent? What's good for the goose is good for the gander in their book.
I've used bittorrent a fair bit for downloading and upload large files which either I own the copyright to, or the person distributing them does.
It's very good indeed when you want to distribute something from a slowish adsl line to maybe 30 or 40 people.
I was somewhat dismayed when I first found out anout these bittorrent file sharing sites because they are leading to bittorrent being considered a tool for "illegal" file sharing when it's clearly a very useful general tool too.
Of course I'm not happy thay they be DDOSed but it would be nice if they did invent their own protocol and leave bittorrent to those who don;t want to use it for possibly "illegal" activities.
This is a perfect example of why it's not quite right to take the law into your own hands against someone who you **feel** is wrong.
I have had my site targeted before, and I run a completely legit, whitehat site. Just because someone thinks they're better off financially without a competitor does not mean he's justified to try to take me down.
or Gnutella, with a shitload of open source clients.
or Gnutella2, with Shareaza and Gnucleus and a few others.
or Freenet... or OpenFT...
I find it interesting that the focus with regards to DDoS attacks that I have read about is not on proper security and precautions, but rather the client/server applications being attacked. Because your Apache server is DDoS'd, does that mean you distribute your website through ftp? Of course not, you take further security precautions and strengthen your protection against DDoS attacks. Why then should there be a need to "create a new protocol" to "protect" from attacks?
Protocols in and of themselves do not inherently have protection from these kinds of attacks. That is not the purpose of a protocol. The purpose of a protocol is to establish an agreed method of communications between two or more identified systems in a connection. This is where the problem persists: identification.
DDoS is not successful because it overrides the buffers or socket space for connections to a server. It is successful because these sockets are kept open longer than they should be.
What a server needs is not a "secure" protocol, because any protocol (method of communication) can be compromised so long as the attacker can make the protocol believe that an identified, valid entitiy has made a connection and intends to communicate.
Instead, system administrators need to strengthen the rules in their firewalling and subsystem (kernel) to improve the latency of the socket states so that the system will not fail when attacked. I believe GNU/Linux has many tools available as well as kernel modules already available in order to accomplish much of this already.
Rather than wasting time in creating YAP (Yet Another Protocol), the time and effort may be better utilized creating the system and firewalling tools needed to combat DDoS at its root.
This brings it even further to the point of not necessarily even having to reconfigure and install and reconfigure again the varied tools needed for server-side protection, but even look as close as the router itself and the built-in firewalls there.
I believe even Cisco has given some hardware advice for DDoS here.
We don't necessarily need to be creating so much as we should be perfecting and improving.
DDOS attacks do not target individuals regardless of how pleasant it is to think so. If you're sending a server enough traffic to be a nuisance, that traffic will be a nuisance elsewhere as well.
Saying that it's okay to DDOS spammers is especially obnoxious given that the most important argument against spam isn't that it's annoying but rather that it is a waste of bandwidth that other people are paying for.
My only political goal is to see to it that no political party achieves its goals.
The problem is that the community doesn't have the same say over the actions of DDoSers that a wild west town's citizens would have over their sheriff.
If a small group decided that slashdot was politically unsettling (and they'd have quite a lot to go on) and decided to take it down for a few days I expect that most of us would be annoyed.
DDoSing the pirates and spammers of the web is just one more way to fill the net with junk, and it's usually a small group (or single lycos) who decide to take the action without approval.
For once I prefer Microsoft's approach of taking the spammers to court. At least that might have some positive results.
moral rights preserve the "artistic integrity" of a work. You could have "moral rights" in the complete absence of copyright. Copyight controls distribution of a work.
It's a common myth that one needs copyright to defend against plagiarism - this is completely false. If I give a verbatim copy of a work and say "this was authored by $WHOEVER_DID" I haven't plagiarised.
Also, Europeans are sophisticated enough to understand that illegal and wrong aren't the same thing. Most europeans I know see nothing WRONG with copying information. They are aware it is "illegal", but that doesn't really influence european behaviour much, particularly not when you know the laws in question were ghostwritten by american corporations.
STOP MENTIONING SUPRNOVA .. you're ruining it for everyone who actually knows what the hell it is... please stop!!!
Only somebody on slashdolt would think it's okay to DoS spammers but not sites trafficing in copyrighted material illegally.
The key word in my message is "distributing". I doubt that distributing an album to 300 people through bittorrent falls under non-commercial personal use copies
Mother is the best bet and don't let Satan draw you too fast.
Almost a week ago, eMule's default IRC network (LiquidIRC) was DDoS'ed and Floodbot'ed. LiquidIRC has been taken down for an unknown amount of time due to the attacks..
Related?
google "Parallel RSync". This guy is spouting nonsense. I'd call him a karma whore, but he posed AC.
The best answer to a distributed attack is a distributed network. If no node in the network is essential to its operation, such an attack isn't possible.
suprnova.org probably doesn't want to be the world's supplier of content, even without the DDoS part. I find your reasoning completely backwards. Why should your Apache server be the only server?
If you had a dozen mirrors hosted around the world, it'd be much harder to take down. With web pages, you can do that. With trackers, you can not. Not yet. Because the protocol doesn't support it.
Kjella
Live today, because you never know what tomorrow brings
and no one spoke out.
then it was bittorrent, and no one spoke up.
then its your own connection...
Gnutella is pretty easy to DoS, just launch as many queries as your connection can sustain, all with max TTL. Gnutella2 might be even easier because you can focus on superpeers. Not that they're bad filesharing systems, but whoever is DoSing BitTorrent could probably DoS Gnutella just as easily.
The key word in my message is "distributing". I doubt that distributing an album to 300 people through bittorrent falls under non-commercial personal use copies
And I'm sure the people distributing those copies don't believe that 70 years after the death of the artists counts as the "limited time" granted in the constitution... go figure.
Of course, we all know that's never true which is the problem with other P2P software. ADSL and cable modems unfairly favor downloading (consuming) content rather than uploading (serving). This is just another example of the corporate world trying to control the dissemination of information. There's no good technical reason they couldn't run a symmetrical DSL signal over your voice line like they do ADSL, they just don't want to. It's the same reason many of these ISPs still require you to login via PPPoE and get a dynamic IP for your "always on, high speed dedicated connection". They're stuck in a 1995 mentality of dialup users consuming content rather than sharing information. Dynamic IPs on cable and DSL really bug me. You can get one plan with dynamic IP and PPPoE from SBC for $29/month, but add in a static IP and suddenly you're looking at $75/month. WTF? You need to account for that customer using an IP address whether you assign it dynamically or whether it is static... why the rape on static prices?
Last time I checked suprnova.org, I didn't see many 70-year old warez, but then again I don't know what sites you frequent...
Mother is the best bet and don't let Satan draw you too fast.
Suprnova traffics in torrent files, not copyrighted material. Of the content represented by those torrents, pretty much all of it is legal in some parts of the world.
It's hard to be religious when certain people are never incinerated by bolts of lightning.
It is more likely that the attacks originates from the fake suprnovas. If the main sources for torrents go down, they might sucker yet more users to pay for their service.
Apple built a platform for their ideas, Google built one for everyone's.
The sad thing is that it probably wasn't the MPAA or the RIAA. I've seen this over and over on several IRC networks (dalnet especially). Some idiot gets banned from their favorite channel, and instead of taking it like a man or going home and crying themselves to sleep, they get pissed off and start DDoSing the entire network. Since they got kicked, they have to ruin the fun for everyone.
I'm sure that in the end it will be something along these lines: someone in the forum started flaming, words were exchanged, feelings were hurt, and some pimply-faced 14 year old decided to get even.
If I have been able to see further than others, it is because I bought a pair of binoculars.
You know, I have 5 moderator points, and I just couldn't find a single good post to mod up, here. So I'll say what I think needs saying.
How do you know that the Lycos spam-DDoS screen saver *isn't* what is taking out bittorrent?
I can think of a number of possibilities, any of which might be worth investigation.
(1) - As was mentioned elsewhere, it *could* be that lycos is leasing its services out to the RIAA.
(2) - It could be that the spammers are using Bittorrent servers
(3) - It could be that the spammers have hijacked the bittorrent servers (as I understand, a lot of bittorrent hijacking has come from China. Perhaps not coincidentally, a lot of spammers use servers in China to host their activities.)
(4) - It could be that the spammers have somehow masked their servers' real identities to look like bittorrent servers.
There are a few possibilities that might be worth checking out. Anyhow, I'll hold onto my 5 points, I guess. Shoot, I might just deposit them in the bank and wait till inflation takes em out.
Slashdot just ain't what it used to be (as you can tell by looking at my low slashdot ID number).
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
"because we know most guns are used to kill peoples"
In Iraq, Israel's West Bank, Congo, eta la, probably. In the U.S., Canada, and most of the Western World, not even close.
Unless something has changed in the past few months, open-holster carry is legal in several U.S. states (e.g. Arizona), and concealed carry is legal in many others.
If "most guns [were] used to kill peoples" (sic), the U.S. would differ littlke from a Third World country embroiled in civil war.
Guns are not evil, period.
Ignorance is curable, stupid is forever.
...is longer than that. It could be an intriguing investigation...kind of like "who shot JR".
RIAA if I'm not mistaken lobbied (unsucdessfully thank goodness) to have legislation put in place to permit them to hack into suspect computers at their discretion if I recall, and MPAA is just another pea in that IP-hoarding pod.
Other suspects? There are too many to mention, but boradly speaking they might fall into one of several categories besides the above:
* Large closed source software vendors or someone connected to them (Microsoft, etc). They would be trying to shut down a big source of piracy. I doubt it is Microsoft, they are not that dumb. In any case suprnova et al are not the right target...that is shooting the messenger, not the perpetrators who make use of their resources.
* One of the above-mentioned perpetrators (copyright violators who up/download cracked software and movies). I've noticed that a sizeable minority of heavy BT users out there are immature and petty (probably teenagers sequestered in their basements). If they are knocked off suprnova or similar sites or are slagged in a community forum they get all out of joint and retaliate. The stupid turds brought it on themselves and such retaliation is not warranted.
* Some of the seedier on-line proprietors, such as those who run revenue generating sites imitating the free suprnova.org, because if the free sites go away it might steer more revenue to them. I wouldn't put it past them
* Commercial porno sites. P2P networks are full of porn (you don't even have to search on an obvious sexual keyword sometimes) and it is pretty much all ripped off of some pay site. Most (not all, but most) on-line porn businesses are run by people lacking morals and intelligence (witness the whining by one porno purveyor about Google caching thumbnail images and deep-linking into his site with regard to the latter). SO it is very likely a porn-vendor arranged the dDOS attacks.
Part of me hopes it really was RIAA or MPAA...they are cartels that are unhealthy for the industry and it would be cool if there was finally a reason to shut them down. However, I think it's one of the latter 3 groups I mentioned.
Insightful 4??! You're so wrong on practically everything you've said I don't know where to begin. First, ADSL is "Asymmetrical" (that's the "A" part) -- they steal frequency from the upload channel to increase the download speed as that is what most consumers want. Most of the time a user has to get their speed profile dropped is because they are too tight on the upload capacity to maintain sync. As for symmetrical, SDSL speed is about 1Mbps around 8000 feet and can stretch to about 20,000 feet at 128Kbps. ADSL can do up to 8Mbps to over a mile, and 3 or 4Mbps towards 3 miles. Which do you think has more consumer interest? As for PPPoE, it's for management, it's a hell of a lot more work to cut off service at the DSLAM than it is at the central authentication servers, plus it makes accounting possible as well as sharing infrastructure giving you the choice of ISP's in several areas. As for the static IP it's not the IP you're paying for, it's a tax in terms of demand on both the system and support. DSL is priced artificially low at a price point where customers will buy, but on the assumption of personal use, not providing the rest of the world with access. Network circuits, bandwidth, equipment, support and administrative costs does not work out to less than $10/Mbps. If you want a dedicated line you can pay the same rates the ISP does, otherwise expect to share fairly and pay a fraction of the real cost.