I'm running opentracker-0.2009.06.27 from ports, compiled with a white list, meaning the tracker will refuse to track any torrents unless I tell it to track a specific torrent. I'm running the tracker to distribute a legitimate file that is freely downloadable from other websites.
Now my question - it appears that I am getting hundereds of leechers, and I have done some investigating. Within a minute, I get requests from similar IP addresses:
I captured these HTTP requests using a little helper program that I wrote. You see the dates of the HTTP requests and the IP address from which it came. As an example, here are 2 of the requests from similar IP addresses, that came back-to-back:
Is this deliberate bombardment to my tracker to throw the torrent off track? I'm really puzzled by this. I am getting in the ballpark of 500 leechers reported as a result of this.
Now my question - it appears that I am getting hundereds of leechers, and I have done some investigating. Within a minute, I get requests from similar IP addresses:
Code:
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:03 request0001_89.238.168.13
-rw-r--r-- 1 nlandys nlandys 293 Aug 26 12:03 request0002_89.238.156.186
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:03 request0003_89.238.156.59
-rw-r--r-- 1 nlandys nlandys 285 Aug 26 12:03 request0004_89.238.168.191
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:03 request0005_89.238.168.152
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:03 request0006_89.238.156.119
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:03 request0007_89.238.156.109
-rw-r--r-- 1 nlandys nlandys 285 Aug 26 12:03 request0008_89.238.156.84
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:03 request0009_89.238.156.65
-rw-r--r-- 1 nlandys nlandys 287 Aug 26 12:03 request0010_89.238.168.221
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:03 request0011_89.238.168.37
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:03 request0012_89.238.168.24
-rw-r--r-- 1 nlandys nlandys 285 Aug 26 12:03 request0013_89.238.156.141
-rw-r--r-- 1 nlandys nlandys 293 Aug 26 12:03 request0014_89.238.168.168
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:04 request0015_89.238.168.179
-rw-r--r-- 1 nlandys nlandys 289 Aug 26 12:04 request0016_89.238.168.235
-rw-r--r-- 1 nlandys nlandys 283 Aug 26 12:04 request0017_89.238.156.21
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:04 request0018_89.238.156.10
-rw-r--r-- 1 nlandys nlandys 291 Aug 26 12:04 request0019_89.238.156.159I captured these HTTP requests using a little helper program that I wrote. You see the dates of the HTTP requests and the IP address from which it came. As an example, here are 2 of the requests from similar IP addresses, that came back-to-back:
Code:
GET /announce?uploaded=0&compact=1&numwant=200&no_peer_id=1&info_hash=%224%B0%89X%03S%F1%7D%95%E6.%FEj%00%12%D9%1C%5CM&downloaded=0&peer_id=-UT1770-%CA%BE%DC%0E%26%ED%95g%BA%18D%2A&event=started&left=754307397 HTTP/1.1
Host: tracker.clanwtf.net
Connection: close
Accept-Encoding: gzip
Code:
GET /announce?uploaded=0&compact=1&numwant=200&no_peer_id=1&info_hash=%224%B0%89X%03S%F1%7D%95%E6.%FEj%00%12%D9%1C%5CM&downloaded=0&peer_id=-UT1770-%40+Zr%BE%1A%28%AA%E7%EC%D7%07&event=started&left=754307397 HTTP/1.1
Host: tracker.clanwtf.net
Connection: close
Accept-Encoding: gzipIs this deliberate bombardment to my tracker to throw the torrent off track? I'm really puzzled by this. I am getting in the ballpark of 500 leechers reported as a result of this.
