MediaDefender Defends Revision3 SYN Attack
MediaDefender Defends Revision3 SYN Attack - Via Threat Level:
When MediaDefender rained down an attack of some 8,000 SYN packets a second on an open BitTorrent tracker that pointed the way to hundreds of thousands of copyrighted movies for the taking, it had no idea it was shuttering a legitimate San Francisco media company.
Revision3, the San Francisco-based site the produces and distributes the popular DiggNation show and others via the BitTorrent protocol, went offline over the Memorial Day weekend after its servers buckled under the attack. Revision3's distribution tracker was open, and was pointing the way for pirates to download copyrighted movies unbeknownst to Revision3.
MediaDefender is paid by the recording and motion picture industries to seed fake files to illicit torrent tracking services. When Revision3 closed the tracker during the holiday weekend, the result was a denial of service attack by MediaDefender, which had been seeding the tracker with fake torrents.
"Our systems were targeting a tracker not even knowing it was Revision3's tracker," Randy Saaf, Media Defender's CEO, said in an interview. "They were using the tracker as the tracker for their legitimate content. It had been open for years."
At Fenopy.com, Revision3's tracker was used for 296,000 downloads, mostly of unauthorized copyrighted movies, Saaf said.
Jim Louderback, Revision3's CEO, said the attack shut down the company's internet site, RSS server and internal corporate e-mail.
It's an open debate whether MediaDefender's actions were lawful, even when it targets illicit torrent-tracking sites pointing the way to unauthorized, copyrighted material. The FBI is examining the Revision3 affair.
One bureau source told THREAT LEVEL that it was a "gray" area in federal computer security law.
Then there's the area of corporate responsibility. Louderback said in an interview that Revision3 closed the hole in its tracker over the Memorial Day weekend and subsequently got slammed by MediaDefender.
"That's when MediaDefender went into overdrive and started pummeling us," Louderback said. "If a tracker was previously open and suddenly shut, their systems are automatically configured to put them out of business."
Saaf said MediaDefender had been seeding the tracker with fake torrents for some time. Fake files corrupt BitTorrent downloads.
"We saw an open BitTorrent tracker with a lot of pirated content on it. We had been posting fake files to their tracker. Over Memorial Day weekend, Revision3 changed some configurations," Saaf said.
MediaDefender, of Santa Monica, Calif., holds some 2,000 servers with a 9GBps dedicated connection.
Louderback said if MediaDefender was "concerned that we were tracking copyrighted material, they should have called us."
He wondered aloud over what tragedy may have happened had Revision3 "been an airport using BitTorrent to distribute approaches to the runaway?"
See Also:
- Interview with MediaDefender Hacker
- Screenshot Purports to Show Hackers with Root Access on ...
- MediaDefender's "Swedish" Hackers Attempted to Hack AG Computer
- Source Code for MediaDefender Anti-Piracy Tools Leaked
- Los Angeles Says Piracy 'Detrimental to the Public Health, Safety'
- Anti-P2P Company Gets Bit by the Torrent
- Pirate Bay Calls Cops on Hollywood Big Shots
(Read Original Article - Via Threat Level.)
Twitter
Digg
StumbleUpon
Technorati
del.icio.us
Facebook
Furl
LinkedIn
YahooRecent blog posts
- In Bid to Sway Sales, Cameras Track Shoppers
- Unprecedented 25-Year Sentence Sought for TJX Hacker
- EFF Appeals Dismissal of Warrantless Wiretapping Case
- Viacom Makes Its Case Against Yesterday's YouTube
- Obama supports Senators draft plan to rework U.S. immigration policy - Includes National Biometric ID card for all.
- Domain Names Can't Defend Themselves
- Hacker Disables More Than 100 Cars Remotely
- Judges Approves $9.5 Million Facebook ‘Beacon’ Accord
- Hooking Up The Big Brother Machine... And Fighting It
- Court: State Can Dump Non-Sex Offenders Into Registry
