Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BitTorrent programs can be abused to amplify distributed denial-of-service attacks

Lucian Constantin | Aug. 18, 2015
Attackers could launch crippling attacks by reflecting the traffic through millions of computers running BitTorrent programs.

There are several types of countermeasures that could be implemented to prevent such attacks, according to the researchers.

One requires ISPs to implement recommended security practices like network ingress filtering to prevent IP spoofing in general. According to the Spoofer Project, which tracks how many networks allow IP spoofing on the Internet, about 24 percent of publicly routed IP address prefixes in the world can currently be spoofed.

Another countermeasure would be to implement a TCP-like, three-way handshake in the Micro Transport Protocol (uTP) that is currently used by most BitTorrent clients. However, this would be a significant change that would require a long adoption time and would create incompatibility with older clients.

Finally, BitTorrent programs could limit the messages that they include in their first uTP packet to one, which some clients already do. This wouldn't prevent the attack, but would reduce the amplification factor to around 4 or 5, the researchers said.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.