• 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle




  • The poneytelecom IPs would just constantly remain connected to me without actually downloading or uploading anything, which is quite unusual because torrent clients normally are supposed to disconnect from peers that they have no use for. And there would be like 15-30 IPs doing the same thing on the same few torrents. They were using Deluge, a legitimate client, which is quite weird, so maybe their shit was just misconfigured accidentally somehow. I looked up one of them on iknowwhatyoudownload.com and it was active on thosands of random torrents (including lots of CP apparently). I also recall in the past another IP from that range repeatedly downloading the same 80 GiB torrent which I am the only seed on, wasting my bandwidth for no apparent reason. So I just banned the entire IP range since clearly it’s not doing anything legitimate to me and is just acting strangely in all sorts of ways. It’s sort of a mini DDoS attack (intentionally or not) since I have my qBittorrent configured with a max number of connections.

    The Xunlei IPs aren’t really attackers per se, but the client doesn’t follow the BitTorrent protocol standard and seeding to them is useless since they are incapable of seeding to other people. Some people just ban China entirely but I can’t do that because there are lots of legitimate Chinese users on the torrents I have and I don’t want to cut them off over something other people do


  • I’ve found that the block lists on the net tend to contain extremely outdated information and blocks a lot of legitimate activity, while ultimately being ineffective at actually blocking copyright trolls sufficiently. Best to have a vpn to prevent that. Since I have a vpn, I don’t care who downloads from me so long as they aren’t abusing my resources. So I manually create a blocklist for IP blocks I’ve observed malicious activity from. The blocklist file syntax is a note and an IP or IP range (not cidr notation) on each line, separated by a colon. for example, to block 195.154.0.0/16:

    Poneytelecom:195.154.0.0-195.154.255.255
    

    (That’s an IP range I actually block, belonging to poneytelecom, a very low reputation hosting provider I was getting some weird denial of service looking activity, like 40+ simultaneous connections who wouldn’t actually download anything)

    Also, if you download torrents popular in China you may come across the Xunlei client, which always reports its progress as 0% and never seeds. Banning these would be impractical game of whack a mole. So instead, simply enable super seeding mode on those torrents. Gone instantly. Might be slower at seeding, but at least now you can seed to legitimate users.