By taklamakan | January 26, 2007
Today we noticed a huge grow of numbers in our monitoring graphs. Until today we had about 200 actual announces per second and served about 220.000 peers. Those numbers jumped to 570 announces/sec and we started serving 480.000 peers.
What happened? After some debugging and an anonymous tip we found out that the guys at torrenty.org, a large pay-torrent-site in poland, started to use our open bittorrent tracker for their torrents.
Beside the facts that we are flattered by the trust the people at torrenty.org put in our service and that we are somewhat proud how well our software works and scales for that number of requests, we can’t believe how incredibly stupid this is by the torrenty.org people.
First of all, they just changed the IP-address of their tracker “tracker.torrenty.org” to our tracker IP-address:
;; ANSWER SECTION:
tracker.torrenty.org. 1800 IN A 220.127.116.11
This means in all their torrents they still use the hostname “tracker.torrenty.org” in the HTTP header. This is easy for us to filter, just deny all request for “Host: tracker.torrenty.org” and we are all set.
The fun part is, a quick look at the torrenty.org website shows us that they in fact serve warez-torrents and take money for that. Now they provided us with a complete list of IP-addresses of their customers and an easy way to distinguish their customers from all other requests by checking the HTTP-header. If we were some kind of copyright-prosecutor, which we are totally not, now would be the time to send some letters to customers of torrenty.org. That would put them out of business relatively quick I guess, or would you like to be a customer of a warez site which provides your IP-address to copyright-prosecutor for free?
So this post goes to the people at torrenty.org and maybe all other warez-torrent people out there who think about abusing an open tracker, please stop using our tracker for your warez-business and stop putting the risk at us. We will filter requests with anything other than denis.stalker.h3q.com as a hostname anyway.
We will now implement this filtering technique in our tracker, which will take a while. And we will stop serving torrents with “Host: tracker.torrenty.org” in the HTTP header. Of course clients will continue to connect to our tracker because the DNS-record of tracker.torrenty.org will still resolve to our IP address. So hey torrenty.org, please change that DNS-record you’re wasting our bandwidth!