Microsoft RickRolls Port Slamming BitTorrent Users
According to the on-site WiFi operators at Microsoft’s Tech.Ed Australia 2009 conference, abnormal levels of network consumption by some users led them to take action against BitTorrent by ‘Rickrolling’ users who tried to access the most popular torrent sites. Interestingly, bandwidth usage wasn’t the problem.
In a blog post, Codify, the operators of the free WiFi network at last year’s Microsoft Tech.Ed Australia, described the difficulties they had when a minority of users consumed excessive amounts network resources at peak times.
Although network congestion occurred “admittedly only a few times” the blame was leveled at a small handful of people using BitTorrent, Interestingly, bandwidth consumption wasn’t really the problem, it was excessive port usage.
“At this point you have to remember that we have a heap of bandwidth available. Some clients chomping through a lot of bandwidth isn’t a problem and running BitTorrent isn’t a problem per se,” said Codify’s David Connor.
The network operators decided that blocking the ports that BitTorrent uses wasn’t enough since they are easily changed, blocking the tracker URL was deemed insufficient and inspecting the traffic wouldn’t help since the main clients all use encryption. So a much more simple method was used.
“….we implemented certain, ahem, ‘interim countermeasures’,” wrote Connor. “We quickly built a list of all of the top torrent trackers around and got the nod from Jorke [Odolphi, Web Platform Architect Evangelist for Microsoft Australia] to add them all to the local DNS resolver and point them at a local web server containing some RickRoll scripts.”
Microsoft also created a script which categorized WiFi users with a ‘naughty factor’, meaning those with the greatest number of active port mappings to distinct remote hosts were identified as BitTorrent users. The MAC addresses of the ‘most naughty’ users were blocked – around two dozen of them – and although some changed their MAC addresses and returned, they were identified again by their port usage.
For the 2010 event, users will now have to register their MAC addresses to access the WiFi network and will be allocated resources accordingly. Any problems with downloading movies and TV shows can be directed at the new BitTorrent Help Desk.
