Slashdot Mirror
BitHammer, the BitTorrent Banhammer
michaelcole writes: Its name is BitHammer. It searches out and bans BitTorrent users on your local sub-net.
I'm a digital nomad. That means I travel and work, often using shared Wi-Fi. Over the last year, I've been plagued by rogue BitTorrent users who've crept onto these public hostpots either with a stolen/cracked password, or who lie right to my face (and the Wi-Fi owners) about it.
These users clog up the residential routers' connection tables, and make it impossible to use tools like SSH, or sometimes even web browsing. Stuck for a day, bullied from the Wi-Fi, I wrote BitHammer as a research project. It worked rather well. It's my first Python program. I hope you find it useful.
I'm a digital nomad. That means I travel and work, often using shared Wi-Fi. Over the last year, I've been plagued by rogue BitTorrent users who've crept onto these public hostpots either with a stolen/cracked password, or who lie right to my face (and the Wi-Fi owners) about it.
These users clog up the residential routers' connection tables, and make it impossible to use tools like SSH, or sometimes even web browsing. Stuck for a day, bullied from the Wi-Fi, I wrote BitHammer as a research project. It worked rather well. It's my first Python program. I hope you find it useful.
but, so help me God, if Comcast blocks bittorrent traffic, I'm going to call for heads to roll!
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
Maybe he should be more angry at the business owners for using cheap routers and/or not implementing traffic shaping, etc. With a proper traffic shaping implementation, you can absolutely SLAM a connection with Bittorrent usage, even torrents with thousands of seeds and peers, and casual web-browsing remains essentially unaffected. I've download torrents that are several hundred gigabytes, pegging my connection the whole time. Thanks to my PFsense traffic shaper, it doesn't even so much as impact my pings when I play videogames.
Vigilante beats up on people in order to get public wifi access that he believes is rightfully his
That's what it amounts to. He can't get the access he wants, so he just pushes his way in and takes it.
If access is so important to your work, why aren't you/they paying for it?
I am Slashdot. Are you Slashdot as well?
You're using a free public network and selectively booting the users who don't fit into your specified profile.
Why not just buy your own connection and stop being such a fucking Nazi?
Other people are using a *public* wifi connection you're connected to, using some of the bandwidth you feel you're entitled to, so you attack them with a cache poisoning exploit?
Hopefully you do this to someone who can hit back. Or just get arrested.
This basically boils down to: "My use is more important than your use, under a flimsy excuse that your use could potentially interfere with my use, I will deliberately abuse the network in order to wilfully interfere with your use."
The computer abuse act and FCC guidelines about wilful interference comes to mind....
You can ask this person to stop doing it, because he's not anonymous.
That does not fix the problem that what he's doing is possible in the first place.
Right, so someone comes in, gets an IP address via DHCP, turns on BitTorrent and gets banned 'as long as the program [BitHammer] is running'. Rinse, lather, repeat: now you have no traffic on your network, because all IP addresses in your subnet are on the banlist. Niiiiice.
I don't like your announcing on WWE programming, and I don't like Bittorrent BanHammer. Please leave Slashdot.
Over the last year, I've been plagued by rogue BitTorrent users who've crept onto these public hostpots either with a stolen/cracked password, or who lie right to my face (and the Wi-Fi owners) about it.
Huh? They lie right to your face about it? Wait a minute. Who the hell are you anyway and what do you have to say about it? If it bothers you, buy yourself a mobile hotspot and STFU. At least maybe they are actually buying food/coffee/whatever and aren't just using the cafe as their personal office. What's the next complaint? That their conversations are too loud and you can't hear your conference calls?
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
Just because is missing words does not mean it a bad article.
Get free satoshi (Bitcoin) and Dogecoins
This doesn't have to do with bandwidth. It has to do with the size of the connection table... a table used to keep track of which internal/external addresses have established connections. With these cheap residential routers, they have very little memory, so when you have a hundreds of connections, it fills the table and things go to shit.
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
It's kind of convoluted but still technically correct.
"bans BitTorrent users your local sub-net" = "prohibits them your local sub-net." = "forbids them your local sub-net." = "forbids your subnet to them".
I agree it could have been reworded but it's not a complete fuck-up.
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
The issue is that cheap access points/firewalls run out of resources trying to manage (and possibly do connection-tracking) on all the different connections. If a bittorrent user suddenly opens up a few thousand additional connections (regardless of actual bandwidth) then that ends up knocking everyone else off that firewall.
The bittorrent users could prevent the problem by limiting how many connections are allowed per torrent, but it sounds like they're not doing that.
Rather than forcing bittorrent users off the network entirely, it would be better if the access point itself limited the number of connections per MAC address to something reasonable. This would prevent the symptom from occurring.
I'm shocked by some of the replies so far. Some of you are furious because this guy is trying to limit the people who abuse the system?
Imagine you are at a buffet. It's all-you-can-eat but with no instructions or limits on the way to do it. Now imagine there's a few people at the front of the line and they're putting all the food available into buckets, leaving nothing but scraps for everyone else. Would you be pissed at those people or at the one who would stand up and yell "Hey, leave some for the others"?
Get free satoshi (Bitcoin) and Dogecoins
The BitHammer relies on Local Peer Disocovery which gives priority to peers that are close to the bit torrent client. This is good for ISPs because it tries to keep the bit torrent traffic inside their own network instead of hammering peering connections. This also makes connections faster for the bit torrent client.
If you want to get around BitHammer you just need to turn off Local Peer Discovery, if BitHammer can't find you it can't block you. But now the ISPs are going to get screwed because Local Peer Discovery is turned off. This will also make the torrents slower for the client.
Sounds like a loose/loose situation to me.
....every problem tends to look like a nail.
If you read poster's GitHub page, he even admits there are better ways to do this than using his program. This program is not an elegant solution. It is the equivalent of using duct tape and plastic wrap to replace a broken car window. Sure, it solves the problem, but it's not a good longterm solution. Best usage case: solve the problem of BitTorrent users hogging the connection until proper QoS is set up.
Then maybe the business should be using a commercial level router in a commercial setting......
Good-bye
This is not your Internet. If a public hotspot is being overloaded by any client, not just someone's porn torrent, then that's between the user and the network admin. It's not your job or your right to be The Internet Police. Running a BT client on a public net is a dickish thing to do, but I can imagine scenarios when I might need to do it myself: "oh crap, my root drive is horked and I desperately need to download a Debian USB image. Good thing there's a Starbucks around the block!"
A sane policy would be for the net admins to limit the number of open connections or UDP sessions from a single machine. An insane policy is to think that "my technodick is bigger than yours and I'm going to knock you offline" is less than sociopathic.
Guess what, OP: I don't like your SSH sessions interfering with my Skype. Check out my new SSHWACK Banhammer that frees open networks from latency-hogging assholes like you. Are you sure you want to start this game?
Dewey, what part of this looks like authorities should be involved?
It usually goes hand in hand. Someone describing himself as a "digital nomad" is usually on par in assholeness as the average "carbon neutral" person or anyone else who turns what people simply do into their lifestyle.
I can't help it, "digital nomad" always sounds to me like the internet version of the guy who keeps bumping from one friend to the next and camping on their couch 'til they get tossed out 'cause they're too cheap to buy or rent an apartment themselves.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
File "./bithammer", line 57
print "Finding network gateway
SyntaxError: Missing parentheses in call to 'print'
So it won't work anyway.
Doh.
You write a utility that scans network traffic (strike 1) so you can find traffic *you* don't agree with (strike 2). Then, you engage in a DOS attack to stop it? (Strike 3). You are out; at least you should be.
What on earth entitles you to do such nonsense on a network you don't own? The business owner can do what he wants and allow what he wants. If you want to offer to run your little hack, after explaining what it does and getting their permission have fun, but you have ZERO right to just march in and start making a mess of somebody's ARP cache because you don't like what's going on. Morally, You need permission to do this kind of thing on a network you don't own or legally control, so until you have permission BUTT OUT!
You probably yell at your neighborhood kids for riding their bikes in the street or not crossing at the corners after the full "Stop, Look, and Listen" routine too.... If it's not your network, keep your packet sniffing and ARP poisoning attacks to yourself. You don't know if the BitTorrent traffic isn't the owner's laptop downloading CentOS in the back room or some guy working for the MPAA who hacked in from 2 miles away, and it's NONE OF YOUR BUSINESS.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
I'd agree if the word denies were used in place of bans. When using bans, it doesn't seem correct to omit the from.
I was more struck by the hostpots. I'm not entirely sure what they are, but I think it probably means that the owners of the cafes where OP does his web browsing serve their own fingers for cannibalistic patrons.
It would be nice if this could get translated down into something that could run out of busybox on a WRT54G. I've got the latest Shibby Tomato with bandwidth limiting, and this would be a nice add-on.
^Agreed! There are so many legit reasons to utilize torrents, ugh! Being an admin of over a dozen public wifi locations, the largest having nearly 1000 clients a day, with 30 WAPs. I never block bitTorrent only traffic shape to extreme cases (eg some one DL at 100Mbps for over 15mins will be bumped to a 10Mbps speed), and each client is in a /30 subnet to protect users from self righteous people like this.
One wrong is greater than another? In this instance, no. Neither own the network, both are abusing it in their own ways. I like hat you did there, with the ripped movies/porn reference. Cause those are the only things people do with bittorrent, right? That's why their wrong is greater, cause they must be stealing from both ends, bandwidth AND content, right?
There are already tools available for network owners to manage their networks with a minimum of fuss, QoS, port blocking and other tools right in the router their IT guy already set up for them. This is a greifer tool, pure and simple. If it can knock a bittorrent user off the network, it can knock anyone off the network.
This uses ARP spoofing as a way to deny service to another legitimate user of the network. The same thing can be used to defend or even fix this issue. This tool will work for maybe a few weeks before torrent clients upgrade to defend against it. Probably by doing the same thing but redirecting ALL local traffic to the bittorrent user instead. Let's face it, a few extra connections form people trying to watch Youtube vids and browse websites and email really aren;t gonna affect the leech much if he's busy downloading gobs of files.
This guy is an idiot anyways, as the people clogging up his local wifi spots are not torrent users, but everyone else around him. The kid watching youtube, the girl watching netflix, the guy downloading sports highlight clips from ESPN's website....video is here and business connections are actually pretty shitty on a small scale like your local coffeehouse or a hotel. Gigabit would help but it ain't here for 99% of America.
This guy has made a hacking tool for small networks. A little tweaking and you own the network instead and can use ALL the bandwidth. Just read his github page, the guy basically admits that its a hacking tool, it won't work at least half the time to "fix" the problem it claims to fix, and the bittorrent use may not even be the problem in the first place.
This shouldn't be on Slashdot in its current context, its an advertisement for a scriptkiddie tool.
>> is leeching your bandwidth, they aren't paying cu ... eliminated all the legal utility of bit torrent FOR ME
>>
> corporate cocksucker
Let me see if I understand you correctly. Because IKR pays his own bills rather than mooching off his neighbors, and prefers to download legitimate copies rather than malware-infested torrents, he's a corporate cocksucker? Lay off the drugs, dude. And get a job.
> A torrent with few seeders isn't very efficient, but one with many hundreds of well-configured peers is hard to beat on overall transfer speed.
From that phrasing, it almost sounds like you're supposing that more speed is more efficient. Faster means less efficient more often than not. For something easy to visualize, a moped going 20 MPH requires several few ounces of fuel per hour. To go several thousand miles per hour, an X-37 must burn around 15,000 pounds of fuel per MINUTE.
Downloading from many sources means taking up many resources. Downloading from one source (the closest one) would be significantly more efficient, and almost as fast.
Hey everybody, thanks for the comments. Most of you probably won't ever see this comment, but I appreciate your interest and feedback about the program. Believe it or not, I thought about alot each of the ethical issues yall brought up. And well, frankly there isn't a good way for strangers to work together anonymously. That's probably a good definition of a stranger. If you have any questions, I'm happy to answer them here. Anyways thanks again and best wishes! Mike