Slashdot Mirror

← Back to Stories (view on slashdot.org)

BitTorrent Servers Under DDoS Attacks

Posted by ryuzaki0 on from the under-fire dept.

jZnat writes "CNet News.com reports that popular BitTorrent tracker hosts such as Suprnova and LokiTorrent underwent DDoS attacks on Wednesday (I'll bet you noticed). The culprits are primarily unknown, but these sites were flooded beyond control from the attack. This appears to be striking an interest in revising the BT protocol and Suprnova's interest in making their own protocol."

3 of 352 comments (clear)

  1. A perfect example by centipetalforce · · Score: 5, Insightful

    This is a perfect example of why it's not quite right to take the law into your own hands against someone who you **feel** is wrong.
    I have had my site targeted before, and I run a completely legit, whitehat site. Just because someone thinks they're better off financially without a competitor does not mean he's justified to try to take me down.

  2. New protocols are not an answer by gnuASM · · Score: 5, Insightful

    I find it interesting that the focus with regards to DDoS attacks that I have read about is not on proper security and precautions, but rather the client/server applications being attacked. Because your Apache server is DDoS'd, does that mean you distribute your website through ftp? Of course not, you take further security precautions and strengthen your protection against DDoS attacks. Why then should there be a need to "create a new protocol" to "protect" from attacks?

    Protocols in and of themselves do not inherently have protection from these kinds of attacks. That is not the purpose of a protocol. The purpose of a protocol is to establish an agreed method of communications between two or more identified systems in a connection. This is where the problem persists: identification.

    DDoS is not successful because it overrides the buffers or socket space for connections to a server. It is successful because these sockets are kept open longer than they should be.

    What a server needs is not a "secure" protocol, because any protocol (method of communication) can be compromised so long as the attacker can make the protocol believe that an identified, valid entitiy has made a connection and intends to communicate.

    Instead, system administrators need to strengthen the rules in their firewalling and subsystem (kernel) to improve the latency of the socket states so that the system will not fail when attacked. I believe GNU/Linux has many tools available as well as kernel modules already available in order to accomplish much of this already.

    Rather than wasting time in creating YAP (Yet Another Protocol), the time and effort may be better utilized creating the system and firewalling tools needed to combat DDoS at its root.

    This brings it even further to the point of not necessarily even having to reconfigure and install and reconfigure again the varied tools needed for server-side protection, but even look as close as the router itself and the built-in firewalls there.

    I believe even Cisco has given some hardware advice for DDoS here.

    We don't necessarily need to be creating so much as we should be perfecting and improving.

  3. Why do you keep mentioning SUPRnova damn it by Anonymous Coward · · Score: 5, Insightful

    STOP MENTIONING SUPRNOVA .. you're ruining it for everyone who actually knows what the hell it is... please stop!!!