December 2, 2004 3:41 PM PST
BitTorrent servers under attack
- Related Stories
Group cites Microsoft threat, says no SP2 over P2PAugust 13, 2004
Windows update hits file-sharing networksAugust 10, 2004
'Zombie' PCs caused Web outage, Akamai saysJune 16, 2004
The distributed denial-of-service (DDoS) attack on the BitTorrent infrastructure prevented some users from downloading files for up to 10 hours on Wednesday, said the administrator, who asked to be identified only by his online handle, "Lowkee." The target was the central BitTorrent directories, or trackers, which are used by people to find movies, music and other content on the file-swapping network, he said.
"It maxed out our 100-megabit connection," Lowkee said Thursday in an online interview with CNET News.com. "I can't say how many systems were attacking, because our Web server took a dive at the time."
A DDoS attack is a common online assault that aims to overwhelm network bandwidth using a flood of data, to prevent access to servers. While BitTorrent technology eases bandwidth requirements for downloading files, since the data comes from pieces stored on various members' computers, it does little to protect against such attacks on the central servers.
Lowkee claimed that administrators at three other networks said servers on those hubs had been attacked. CNET News.com could not confirm those outages. The BitTorrent networks are currently in operation as normal.
BitTorrent technology lets people download files from the computers of other members taking part in a peer-to-peer network. Centralized directories, known as tracker servers, hold critical information that pinpoints which users' computers have the various fragments that make up a single file. Once a fragment of a file is cached on a PC, that machine then makes it available to other users, to speed downloads. Though distribution is shared, the technology still relies on central tracking servers to direct a downloader's software to different pieces of a file, which could be hosted on several users' PCs.
While the technology allows members to share the bandwidth costs of file sharing and speeds downloads, it doesn't prevent a flood of data to the tracker servers from interrupting the service.
"Avoiding future attacks will require an overhaul of the BitTorrent protocol itself, as right now there lies too much reliance on the trackers," Lowkee said. "We're hoping future changes will reduce the requirement of the tracker to an initial connection, therefore moving the actual peer-sharing burden to the peers themselves."
This is the latest attack against peer-to-peer file sharing services. Last spring, a variant of the Netsky virus leveled a denial-of-service attack against Kazaa and eDonkey, two other peer-to-peer networks. Web site caching service Akamai was hit by a massive data attack earlier this year as well.
It is unknown how widely the BitTorrent attack affected other networks. The creator of BitTorrent, Bram Cohen, could not be reached for comment.