Back in February we reported that Trident Media Guard, the French anti-piracy outfit that was selected by the music and movie industries to assist in enforcing their rights under the new Hadopi legislation, was already being seen in action.
Although their activities with Hadopi will be limited to monitoring and gathering evidence against file-sharers, we saw them trying to smother a lone file-sharer with their P2P-spamming technology, for which they have submitted a patent. The screenshot below shows TMG ‘DDoSing’ the BitTorrent user in question.
Just as file-sharers make their IP addresses known when they connect to file-sharing networks and other file-sharers, anti-piracy companies do the same. As can be seen from a WHOIS on the range of IP addresses shown above (126.96.36.199 – 188.8.131.52), they belong to TMG.
Now, according to a report over at Numerama, TMG have also been busy setting up fake eDonkey servers (located on IP ranges 184.108.40.206 – 220.127.116.11 and 18.104.22.168 – 22.214.171.124). To avoid connecting to fake servers, users are advised to only use those listed here.
There does, though, appear to be an even greater threat. Fake file-sharing clients running on the IP address range 126.96.36.199 to 188.8.131.52 (again registered to TMG, this time in the UK) are connecting to users and gathering data about the files they are sharing. This is exactly the sort of data that will be used to generate warning letters which could eventually lead to Internet user disconnections.
Through some clever monitoring, Peerates were able to discover some of the files that TMG are monitoring, which include TV shows such as Heroes and music by The Black Eyed Peas.
As the IP addresses used by companies such as TMG get revealed, at some point they will have to change them for new ones. Equally, as new ones are brought into service, those will too be revealed to the public and so the cat and mouse game continues.
While the savvy file-sharer will probably be able to stay ahead of the game to minimize their chances of being monitored, the casual file-sharer may not be so lucky. But after a warning or two, rest assured, they too will change their ways. Whether that will be by using a VPN or heading back to the media stores will remain to be seen.
Update: TorrentFreak reader Marcel wrote in with the following information:
You can do reverse lookups in RIPE database and since the linked whois record points out that CB1756-RIPE (Casalta Bastien) is admin-c and tech-c for the TMG network you can do a reverse lookup for this ripe handle.
The ip-ranges revealed there might be of interest to your readers:
184.108.40.206 – 220.127.116.11
18.104.22.168 – 22.214.171.124
126.96.36.199 – 188.8.131.52
184.108.40.206 – 220.127.116.11
18.104.22.168 – 22.214.171.124
126.96.36.199 – 188.8.131.52
184.108.40.206 – 220.127.116.11