Slashdot Mirror
BitTorrent Servers Under DDoS Attacks
jZnat writes "CNet News.com reports that popular BitTorrent tracker hosts such as Suprnova and LokiTorrent underwent DDoS attacks on Wednesday (I'll bet you noticed). The culprits are primarily unknown, but these sites were flooded beyond control from the attack. This appears to be striking an interest in revising the BT protocol and Suprnova's interest in making their own protocol."
it is more like shooting a guy because he wears a gun on the street .. no matter what
because we know most guns are used to kill peoples
self justice is wrong
think about the federal police agents burned in mexico while protecting the school from drug dealers
stop supporting microsoft with pirating their software!!!!!
I would like to know whether suprnova.com and suprnova.net were hit by the DDoS attacks. They try and maky money of the popularity of suprnova.org and there are a number of people that actually get suckered into paying those sites.
Indeed this is a striking comparison to the previous story about spam sites suffering drom a DDoS attack. I for one had quite different reactions to them. Perhaps this shows that I am a hypocrite. However there is another component. Spammers target individuals, infact the maority of individuals. Corperations however are not people, despite how they may be treated by the law, and I think that Bittorrent is by far less damaging to corperations than spam is to the productivity of people (not to mention their happyness). SO perhaps I do have some justification for my differnt reactions to these articles.
Philosophy.
So it's time to switch to a serverless network under an open-source project? You mean something like Kademlia in the eMule?
Please speak for yourself. The fact that you're living in a country with strict file copying/distribution laws doesn't mean this is the same in the rest of the world. At least here in the most countries of Europe there's nothing wrong with distributing copies of music, video and software.
Suprnova's interest in making their own protocol.
I am all up for new protocols, but there is a reason why we do not have:
http, httmyp, tthpp, hhtp, mshttp [I wouldnt doubt], SCOhttp, HPhttp
Don't fragment the issues, work on a common protocol, if we can uncouple protocol and application (which has happened in all major networks I think) then good.
Go for it supe..r..pr..nva...! but make it open.
I kinda knew bit torrents would be attacked, can't they just publish the ip's that are attacking them, and get us to click on them a bit?
teardrop attack?
#hostfile 0.0.0.0 primidi.com 0.0.0.0 www.primidi.com 0.0.0.0 radio.weblogs.com
As of right now (0047 : 03/12/2004 GMT-8) Loki Torrent seems to be dead... Slashdot effect? or another DDos ? (or is there a difference?)
I'm not sure who is going to give sn.org/lt.com any sympathy over this, they are just glorified warez sites, after all.
Although this DoS does highlight the largest problem with BitTorrent - it still relies on a central(tracker) server to operate.
I believe it's that specific "function" of BT that got me one of those nifty letters in the mail. I can't see any kind of a workable solution to this problem, everything that has to do with file trading has an entry point somewhere along the line.
I don't have the first clue how to get started. Thank you for enlightening me despite my not having already found the answer via google.
Request your free CD of my piano music.
Still there is difference between considering illegality of so-called piracy and actively pursuing so-called pirates. In many larger cities of Poland and Germany, you can easily find a computer stockmarkets, usually run on weekends. An example would be my city, Wroclaw(Breslau), where Technical University - a goverment funded institution, runs such stockmarket. There you can get everything - from brand new DVD movies, cheap as 2$/piece, to cheap (3-5$) software packages like 3dsmax or Adobe CS.
I know personally such places in Warsaw, Berlin, Leipzig and Dresden.
So, announcements are one thing. Realpolitik is just another. Our countries have interest in allowing for nearly-free software/multimedia distribution, and this lies in the roots of educational policy. Simple lies told to BSA/RIAA are just - lies.
While these two sites may be the biggest sites that we know of under DDoS attacks to me it seems to be more widespread. I am a moderator of a small Mazda enthusiast forum and we underwent a variety of DDoS attacks pretty much all night from varying addresses. I have no clue why someone would want to DDoS a small non-profit forum (we have our own server) but seems to me like Suprnova.org and the other BitTorrent sites are just collateral in a much larger game.
Luckily for us, we have a very good admin and he was updating the firewall rules pretty much left and right. Site never went down but at least we weren't posted on the front page of Slashdot either... then things would have been a bit different.
...there's just too many variables that are directly opposing.
Central vs decentral
Peers vs supernodes vs superservers vs tracker
Anonymity vs speed
Integrity vs fuzzy search
Search by content vs by index vs by hash vs...
Routing vs direct links
Indexing vs index poisoning
Trust vs anonymity
Leeching vs control
It is impossible to create a network that can achieve all of them at once.
Http is by comparison a trivial protocol. It involves only the connection between two hosts. Creating a virtual network of P2P clients is more like reimplementing the whole of layers 3 (IP), 4 (TCP), 5 (sessions) in the OSI model.
Kjella
Live today, because you never know what tomorrow brings
I too, was getting these about 2 months ago, a few hundred per-hour, until I decided to lock sshd down to known IPs that I regularly ssh from:
Problem solved. I'm going to be moving this to portknocking soon, so that'll open it back up a bit for my partners and clients to ssh in from, while they're on the road.
For example:
On the bright side, the article also contains the following quote from the judge:
The corporate world isn't trying to control the dissemination of information. They are protecting their profits. It's not necessary for them to have symetric lines for most DSL customers as their downloading habits are very much skewed towards the download bandwidth. It's also cheaper for them to provide aDSL service then it is to provide sDSL. Upload bandwidth I beleive is more expensive, bit for bit, then the download. There is also distance limitations on the speeds available. sDSL may work well at relative slow speeds, but once you get to faster speeds, the upload speeds greatly reduce. Verizon offers download speeds between 768kbit@18,000 feet and and 7.1mbit@9,000 feet. There is no way that they can provide 7.1mbit upload speeds@9,000 feet.
Dynamic IP addresses are used for several reasons. The first is that it discourages customers from running servers. It doesn't eliminate it, but it makes it more of an inconvienence.
Those that truly need static addresses typically are willing to pay a premium for it. Business customers for instance. They can't afford to have e-mail not delivered or their website unavailable during that short period when an IP address may be updated. In this case, it is about the $$$. Most ISPs will renew a lease so in effect your dynamic address is typically static, but it's not guaranteed though.
Dynamic addresses are also cheaper for the ISP. In many cases the addresses aren't actually owned by the ISP but instead "leased" to them. The ISP ends up paying for each one of them. If they give everyone static, they need to have 1 or more addresses per customer. If they hand them out on a as-needed basis, they can save money as not everyone needs one at all times. At most they would need the same number of addresses as what they would need with static. At the least, they would need 1 per active customer. As leases expire the addresses can be reused, reducing the total number of addresses needed over the long term.
PPPoE is used because it can simplify the back end support and accounting process for the ISP as they can use essentially the same system for both dialup and DSL customers. If everyone is essentially treated as a PPP customer, regardless of the actual connection method, the same authenticaion servers can be used, the same tracking/billing servers, etc. ISPs didn't have to get another set of conectivity to migrate dialup users over to DSL.
No, some of us just control-click on a link. That opens the link in a new tab without having to navigate a context menu.
Control-click? That is so 2001. Most of us middle click to open a new tab.
#!/
If 'the man' wanted to control dissemination of information you'd think he'd try to limit downloads, not uploads.
I think you've bought into the conspiracy that just doesn;t exist. All these ISPs don;t care what you do, they only care that you pay them and don;t cause them any (costly) support calls.
Adding a static IP is something they *can* charge you extra for and people will pay it. So they do.
In the UK, my ISP gives a free static IP if you ask for it, so I have one. I think they have different cost models than the states, ie. no-one thought to charge loads for a static IP, and now no-one can do it because customers would migrate to the other ISPs. (oh also we use PPoA in the UK for our ADSL).
And lastly, you still can act as a server, you need DDNS service to register with - try DNSPark for 1 free entry
You need to account for that customer using an IP address whether you assign it dynamically or whether it is static...
No you don't. An ISP never has as many IP's in their pool at they have customers. They only have to keep as many as they will ever have connected at one time. With cable and DSL that's a higher percentage than it used to be with dial-up, but it's excess cost to keep an IP for each customer.
Think of Gmail: no way does Google have a gig of storage for each account. They know about how much each person is really using, then just keep ahead of the total usage.
I do the same thing with account quotas in my lab. If everyone used the full amount, we'd be use 7 times what we have, but we're currently at less than half capacity!
> instead of taking it like a man
.doc format or in a proprietary .chm file that only one reader for on OS can read, and you'll probably get banned. Ask why looking for books in #bookwarez is now verboten (it's allowed in #bw), and you'll probably be banned. It's ridiculous.
Wrong. The problem usually isn't the person banned. It's the idiots doing the banning that work so hard to piss-off as many people as they can. Just post something some op doesn't like to a channel, and you'll see just how childish those people almost always are. Rather than stating in an adult manner something like "in the past we've had problems with X due to Y, therefore we no longer allow X on this channel," you usually see immature idiots spouting random insults.
As an example, I used to be an fserver on #bookwarez on Nullus. I gave-up when the ops went from people that cared about spreading knowledge to people that care only about how many people they can make mad. For example, ask a question about why some idiot put content in a proprietary
I've been on IRC for just over 15 years (all the way from using a mainframe terminal Penn State while working on my PhD to a UNIX terminal client to using mIRC before I gave-up on IRC due to the idiot ops), and I keep seeing people over and over again with op status that seem to make it their goal in life to wring every bit of sadistic pleasure out of their small power. It's those small minded people that have kept IRC from becoming mainstream. No one likes to go somewhere that is ruled by punks screaming "Respect My Authority!"
> some pimply-faced 14 year old
No. It's usually the 14 year-old with no life that is intentionally making people mad and kicking or banning them. They're the ones that have enough free time to make friends with the other punks in control of the channel so they can get op status. They're the ones that make other made enough to strike back.
PS: I'm not talking about all of IRC. I'm just talking about the 99.9% that makes the other 0.1% look bad.
Dynamic IP addresses are used for several reasons. The first is that it discourages customers from running servers. It doesn't eliminate it, but it makes it more of an inconvienence.
My dynamic IP changes once a year. It has nothing to do with running a server (dyndns anyone?) - if they wanted to do that, they would be blocking inbound ports. If anyone remembers @home, you could actually configure your machine for static once you received your IP (which was necessary due to the stability of fetching a DHCP address from the other side of the continent).
The reason for DHCP? As the cable companies reconfigure networks (splitting/combining areas), it's sometimes necessary to change IP blocks (keep in mind, their network is heavily tied to location). Is it easier to change a DHCP server and release/renew, or notify hundreds of customers that their IP is changing? For the same reason, I often run my networks entirely on closed DHCP (using the MAC to IP mapping)
PPPOE has more to do with the fact that various companies resell or piggyback from the phone company, instead of sticking their own infrastructure in each CO. Static requires more work to setup and maintain (routing the line to a different DSLAM/network/etc)
I use Macs to up my productivity, so up yours Microsoft!
So, by my saying that there is a place on the web called suprnova.org, I've just contributed to the infringement of copyright? Should I be prosecuted for spreading information that someone might use illegally?
Maybe.
If that was a material contribution, there was a direct infringement, and you had actual or constructive knowledge of such infringement, then yes.
My favorite case on this -- because it's clearly written and tends to shock people; I don't actually like the holding -- is Intellectual Reserve v. Utah Lighthouse Ministry.
Basically website A posted a link to website B, knowing that website B had posted copyrighted documents in an infringing manner. Because people reading website A were encouraged to go to website B, and because reading the documents at website B would constitute an infringing reproduction of those documents, and because website A's owners knew of the infringement -- they were felt to be substantially likely to themselves be infringers.
N.b., you're more likely to be sued civilly than prosecuted criminally.
Of course, the bare statement that suprnova exists really wouldn't be sufficient. But saying something like 'You can download movies from suprnova' might. In the end, there are no magic words. Courts'll look at the character of what you said, your audience, etc. If you're a model citizen (e.g. a New York Times with an article about piracy since its' a newsworthy thing) then you'll probably avoid liability. If you appear disreputable (e.g. a 2600 posting links to suprnova and talking about how people ought to pirate movies and stick it to the man du jour) then you'll have a harder time. This is because in the latter case -- aside from not getting much sympathy because you seem like a bad guy -- there probably is a higher chance of material contribution.
For suprnova themselves -- they'd be toast. You can't possibly say that hosting torrent files is not a material contribution. They'd have to argue the knowledge angle as far as contributory liability goes. I think it would be hard.
This is why they're not in the US, IIRC. They wouldn't have a chance here.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
I was thinking about that, but then I'd be locked out if at a friend's place or if an IP changed. I was thinking about doing knockd, except I have a regular hardware router, I don't want to foward the closed ports to my box. But just for you, here's my compromise :)
tail -F current | bash ~/bin/sshdblocker2.sh
#!/bin/bash
#This script will go through the sshd log and DROP all the script kiddies/ wormed zombies out there attacking my precious server.
#written by JT Hundley
#This function will block the bastards. It will make sure that they are only blocked once.
dropem()
{
#Extract the offending IP address from the line:
ip=$(echo $line | cut -d " " -f 12)
#if that ip is already specified in the iptables rules, then do nothing.
if iptables -L -n | grep "$ip" &>/dev/null; then
echo Duplicate
else
#otherwise, drop it like a sack o' shit!
iptables -A INPUT -s $ip -j DROP
fi
}
#Here's the real shit:
while read line; do
#Check for bad stuff:
if echo $line | grep -i 'Illegal user test' ; then dropem
fi
done
In the following excerpt by the past head of the CIA,
line 1 is either (a) silly, (b) evil, or (c) intelligent depending on your point of view. Silly because it sounds like sticking your finger in a hole in a dike; evil because it could mean anything draconian; intelligent in case it happens to be only talking about companies running critical infrastructure, who would maybe have to take rigorous security audits or not be allowed to have those facilities online. (c) makes sense but is the lowest probability, since the talk was made intentionally very vague and without press.
Line 2 similarly is (a) silly or (b) evil if talking about anybody not running sensitive infrastructure, and (c) intelligent if talking about the critical facilities. Line 3 sounds like he wants software companies to be more careful about security. Sounds like a good thing but then again what the CIA calls security is smoke and mirrors for ulterior motives, control, and punitive damage (until recently only outside U.S. borders), whereas most other people would call building strong personal firewalls and encryption security because it keeps the individual owner safe. No stomach for multiple choice here. Perhaps he has an occupational disease which prevents him from saying anything clearly and putting himself on the line? No chance of rehabilitation for this guy. Even if he was I guess the successor of the President's father or something like that. Maybe he should take up skydiving?
My analysis is that this is a retired professional scary guy trying to be relevant but incapable of doing anything but sounding silly or scary to anyone with a brain. People without brains generally think he's smart, etc. Which is too bad because if he could learn to speak more clearly he would be more effective and might have something useful to say about dealing with cyber-security threats (though I'd rather hear from the NSA's linux team about it than from a failed spymaster). This is why businesspeople in the real world never listen to government types. They can never say anything useful about anything directly, it is always vague scariness about vapor policies with a hint of powerplay behind it. BORING 90s SHIT!