TorrentFreak

The place where breaking news, BitTorrent and copyright collide

Microsoft RickRolls Port Slamming BitTorrent Users

According to the on-site WiFi operators at Microsoft’s Tech.Ed Australia 2009 conference, abnormal levels of network consumption by some users led them to take action against BitTorrent by ‘Rickrolling’ users who tried to access the most popular torrent sites. Interestingly, bandwidth usage wasn’t the problem.

techedIn a blog post, Codify, the operators of the free WiFi network at last year’s Microsoft Tech.Ed Australia, described the difficulties they had when a minority of users consumed excessive amounts network resources at peak times.

Although network congestion occurred “admittedly only a few times” the blame was leveled at a small handful of people using BitTorrent, Interestingly, bandwidth consumption wasn’t really the problem, it was excessive port usage.

“At this point you have to remember that we have a heap of bandwidth available. Some clients chomping through a lot of bandwidth isn’t a problem and running BitTorrent isn’t a problem per se,” said Codify’s David Connor.

The network operators decided that blocking the ports that BitTorrent uses wasn’t enough since they are easily changed, blocking the tracker URL was deemed insufficient and inspecting the traffic wouldn’t help since the main clients all use encryption. So a much more simple method was used.

“….we implemented certain, ahem, ‘interim countermeasures’,” wrote Connor. “We quickly built a list of all of the top torrent trackers around and got the nod from Jorke [Odolphi, Web Platform Architect Evangelist for Microsoft Australia] to add them all to the local DNS resolver and point them at a local web server containing some RickRoll scripts.”

Microsoft also created a script which categorized WiFi users with a ‘naughty factor’, meaning those with the greatest number of active port mappings to distinct remote hosts were identified as BitTorrent users. The MAC addresses of the ‘most naughty’ users were blocked – around two dozen of them – and although some changed their MAC addresses and returned, they were identified again by their port usage.

For the 2010 event, users will now have to register their MAC addresses to access the WiFi network and will be allocated resources accordingly. Any problems with downloading movies and TV shows can be directed at the new BitTorrent Help Desk.

The BitTorrent Help Desk

Related Posts

  • http://www.eZee.se www.eZee.se

    I dont like where this is going…

  • Annie Moose

    Hang on.

    So they’re basically banning torrenting, even though the actual act of using Bittorrent is both perfectly legal and a completely valid use of a peer-to-peer network? That is utterly ridiculous! Bittorrent is NOT illegal and does NOT take up bandwidth, as they admitted. Maybe I’m missing the point of what they did here, but it seems to me they’re just cracking down on Bittorrent users for no reason at all.

  • MissedMemories

    Ehhh.. no, The unique problem is excessive port usage, #3. So, using bit-torrent will cause you to use a lot of ports because each client may vary on the port.. causing you like, hell. If everyone used a single port (with a random port for a ‘back up’) everyone would be happy.

  • Anonymous

    @ 2 and 3

    It’s a private event where WiFi is provided as a courtesy and the infrastructure is limited in its capacity (mentioned here excessive port usage).

    Plus they aren’t using any technique I couldn’t use to prank my roommates with our home network.

    Don’t like the restriction? Then use a mobile pay service like a 3G USB dongle.

  • Anonymous

    The article does not have the word “legal” in it so it’s not talking about the illegality of BitTorrent.

    They said bandwidth wasn’t the issue but that excessive port usage was. Lots of port connections = server resources used.

    Not sure why people would want to BitTorrent over WiFi anyway. I only trust a wired connection for that.

  • Phoenix

    Australia is the country of convicts!
    you can expect anything from these criminal descendants.

  • KingSkaFa

    Would going through a VPN service totally resolve the issue for the ‘naughty’ users?

  • Rboy

    I don’t understand this article. It is a free wifi. The operators can do what they want with a free network they are paying for it after all. You want to torrent copywrited stuff and do it for free? Get a clue aussies. You can’t have your cake and eat it too. Unless you are a douche bag and steal your neighbor’s wifi.

  • duane

    Simple: Bittorrent is used to download Linux distros, and that is strictly forbidden at a Microsoft.. thing.

  • zygulpy

    wow, first the ban of porn of smaller cup sized women and now this?
    bravo australia

  • MrFrans

    Why is it a problem if a lot of ports are being used?

  • ????

    re-read the article before commenting morons and if you dont get it then dont post…

  • ????

    take 10 and 11 as an exsample…

  • zxc

    There’s so many retarded comments here…

  • Anonymous

    “I dont like where this is going…”

    I do. I thing this was a brilliant idea. Having a little fun by RickRolling leechers.

    Cos, I mean come on, we’re talking here about a public event where they provided free wifi. Misusing that for bittorrent, that’s, as I said, leeching. If you’re gonna download large amounts of data, do it on a connection that’s yours, that you’re paying for. Don’t leech off others.

  • Unauthorized Content Consumer

    I think the MS crew were just trying to show off how “smart” they were, but they certainly lack maturity.

    Excessive port usage seems like a poor excuse. Packet inspection, port forwarding and Upnp quickly handles and directs data where it needs to go on a wired or wireless network so the MS kids can’t be that smart. They’d never be able to filter out users that are using a VPN for torrents. The data stream is scrambled/encrypted/filtered. What would they do if they found alot of ports being used by VPNs where I’m guite sure that some of it is used for torrenting? Block all VPNs too? Not possible or legal.

    If the admins of the wireless network got a complaint from a copyright holder and if they ignored it they would be in serious trouble. The copyright holder could easily track things back to Microsoft. They could then sue Microsoft for enabling piracy to occur by not taking necessary action to stop them. Microsoft has been butt buddies with the media corporations for a very long time, and Microsoft is used to subserviently bending over like a slave he-bitch each time the media corporations want some really good Hershey-flap lovin’ (which Microsoft really loves).

    So I don’t by it. They were targeting torrenting because it’s the pirates favourite way to access content. VPN is the only way to go.

    Torrent software writers can easily

  • ????

    @ Unauthorized Content Consumer

    obvious idiot is obvious

  • GP

    @16: When you’re using a VPN, you’re using a single port, to connect to that VPN. A lot of people are idiots and use poorly-coded shitty clients (e.g. BitLord (I don’t know if BitLord itself uses many ports, but it is defninitely in the shitty client category, regardless)). Those clients, rather than using a single port for all connections (like Vuze, uTorrent, and Transmission do), open each connection to a peer on a new port. There are only 65535 ports, and only 64511 are usable for non-system applications, and many of those are reserved (SMTP (25), HTTP-SSL (443), HTTP (80), etc.). If these shitty clients try to connect to 300 peers each… it also may slow down other network connections, regardless of bandwidth used, simply due to the processing the router must do for so many connections.

  • LOPPSI2

    @2 99perCent of BT traffic is swapping unlawful/illegal data, so that is the problem

    Period

  • Jim

    Australians are dumb..

  • anon

    LOPPSI2
    care to back up that fact?

  • LOPPSI2

    It’s been reported on here

  • LOPPSI2

    & Please!!!
    Dont use the Ubuntu, MiniNova Argument again.

    zzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

    We all know what the majority of .tor is

  • LOPPSI2
  • bah

    slow news day huh?

  • LOPPSI2

    Y E S

    V e r y S l o w

  • LOPPSI2

    e . . v. . e. . n
    s…..l….o….w…..e…..r

  • Annie Moose

    Ahh, I get it. This is what I get for skimming articles… I didn’t notice the whole “free Wifi” part of it! *headdesk* This’ll teach me to pay more attention in the future…

    If this had been done in a broad manner by an ISP or something, then my comments would be valid; otherwise, I’m just an idiot who didn’t read closely enough. Sorry!

  • Ninja

    lol… I have to agree with M$ actions. If u need to get something for work purposes ask the it team and they’ll let you torrent. If it’s personal grab a 3G connection or use your home connection and transfer to work via vpn. Simple as that.

    The huge number of connections bt use might be problematic for wireless connections, my router doesn’t really like when I use bt via wifi…

  • TerribleTony

    Call me a conspiretard but I need to raise the :bs: flag on this one.

    FUD?

  • Amazing!

    I only have one thing to say, “Denial of Service” attack!!

  • Grok

    Their response seemed reasonable, and pretty funny, too. It would be nice if they explained the problem to the people as well as rickrolling them, however. If the issue was explained, then when the people returned, they might have stopped their client or changed the habits of their client.

  • Proud American Pirate

    I agree it was ‘funny’.

    A fun though not so creative way to address a problem…. much better than just a boring block.

    Damn you Rick Astley~

  • Glenn

    “I think the MS crew were just trying to show off how “smart” they were, but they certainly lack maturity.

    Excessive port usage seems like a poor excuse. Packet inspection, port forwarding and Upnp quickly handles and directs data where it needs to go on a wired or wireless network so the MS kids can’t be that smart. They’d never be able to filter out users that are using a VPN for torrents. The data stream is scrambled/encrypted/filtered. What would they do if they found alot of ports being used by VPNs where I’m guite sure that some of it is used for torrenting? Block all VPNs too? Not possible or legal.

    If the admins of the wireless network got a complaint from a copyright holder and if they ignored it they would be in serious trouble. The copyright holder could easily track things back to Microsoft. They could then sue Microsoft for enabling piracy to occur by not taking necessary action to stop them. Microsoft has been butt buddies with the media corporations for a very long time, and Microsoft is used to subserviently bending over like a slave he-bitch each time the media corporations want some really good Hershey-flap lovin’ (which Microsoft really loves).

    So I don’t by it. They were targeting torrenting because it’s the pirates favourite way to access content. VPN is the only way to go. ”

    Ironic that this nonsensical blathering starts off with comments on how smart and mature MS network admins were “trying to be”.

    In other completely misinformed ramblings he also accuses MS of bending over to content producers – talk about being misinformed. It’s certain he’s a Windows user and yet he doesn’t know the role MS actually had in defining the very system he’s using, which is very permissive as far as media and piracy goes in the name of flexibility – but he can still use his imagination to work think how they tried to stop him though, LMAO.

    As well as that we have this idiots main thrust of the comment which seems to be: “If you don’t allow piracy you’re immature”. This indicates almost certainly that if he even works it’s in a minimum wage job where he cannot afford to leave the house of parents. Who else would have this attitude ?

    I teach 12 and 13 year olds, many of whom apparently have a better grasp of reality and context than this buffoon.

  • burger

    @18

    there are unlimited ports.

  • Crenshaw

    @Unauthorised Content User

    “I think the MS crew were just trying to show off how “smart” they were, but they certainly lack maturity.

    Excessive port usage seems like a poor excuse. Packet inspection, port forwarding and Upnp quickly handles and directs data where it needs to go on a wired or wireless network so the MS kids can’t be that smart.”

    Port forwarding and UPNP have nothing to do with directing traffic or restricting ports on any form of network. They have nothing to do with restricting port usage either. And DPI requires specialised hardware. So, speaking of trying to appear smart, I guess you fail. And it’s not really that mature to make up uses and functionality for arbitary functions that Windows uses in an effort to demonstrate how stupid you think others are BTW.

    Fail.

  • Anonymous

    @35

    No.

    Also, never gonna give you up.

  • Pingback: Pirate Home Page » Microsoft RickRolls Port Slamming BitTorrent Users

  • Rick Roll

    What does “rick roll” mean? And what has it got to do with Rick Ashley?

  • ????

    Again to make sure it sinks in.

    @ Gelnn

    obvious idiot is obvious

  • ????

    @ 37

    Google is your friend.

  • Bill Naysayer

    @unauthorised content user

    ““I think the MS crew were just trying to show off how “smart” they were, but they certainly lack maturity.

    Excessive port usage seems like a poor excuse. Packet inspection, port forwarding and Upnp quickly handles and directs data where it needs to go on a wired or wireless network so the MS kids can’t be that smart. ”

    Port forwarding and UPNP have nothing to do with controlling or restricting which ports are used on any kind of network. DPI requires hardware that is expensive and hence is only used on an ISP or corporate WAN setting usually.

    I think the MS crew were just trying to show off how “smart” they were, but they certainly lack maturity.

    Well you didn’t succeed and now you look like an idiot and yes that is egg on your face. Making up arbitary functions for commonly used features of the Windows operating system in order to demonstrate how stupid people are is very immature. It also proves that you have no training in network administration.

    Oh and it also proves that you’re so hellbent on showing us how awesome you are with MS bashing that you’re willing to just make up facts to suit your own argument. So mature that…

    Frankly you sound like one of those high school kids who attaches a large part of their ego to the online experience in order to avoid any social contact.

  • ex-wifi hacker

    “For the 2010 event, users will now have to register their MAC addresses”

    It’s not hard to sniff out another users’ MAC address on wi-fi – then clone it. It might even come down to that, if that’s the only way blocked users can get back online.

  • Bill Naysayer

    “It’s not hard to sniff out another users’ MAC address on wi-fi – then clone it. It might even come down to that, if that’s the only way blocked users can get back online.”

    Maybe but you’d have to be some kind of idiot to go to that length to use Bittorrent at a once a year convention that runs for a few days.

  • scenekid

    I have used lots of bandwidth when I visited hackday .lol

  • Laika

    19 Feb 19, 2010 at 22:45 by LOPPSI2
    Loppsi2 will fail. Mark my word. If it passes it will still fail b/c pirates will crack all the restrictions. Take your Lopsi2 (follow up for hadopi, lapsi) back to hell where you came from along with the other hadopi & Lopsi ideas. My eye is on France Lopsi2. :-) You will fail! I will pirate everything I own. I will make sure to get a faster connection and I will encourage other people to be pirates. Long live freedom.

  • Laika

    LOPPSI2, France state-sanctioned computer Trojans Fu k u

    France has cearly ambition to have most tightly montitored and “depolluted” Internet: The French lower house, the National Assembly, has just passed a security bill known as LOPPSI2, which is “grab bag of security items that includes state-sanctioned computer Trojans, a massive new database of citizen data (dubbed “Pericles”), and a requirement that ISPs start censoring sites on a government blacklist” – quoting ArsTechnica.

    http://arstechnica.com/tech-policy/news/2010/02/move-over-australia-france-taking-net-censorship-lead.ars

  • Meh..

    someone doesn’t have the slightest clue what RickRolling means and is just making shit up. This wasn’t RickRolling in the slightest.

  • Laika

    oh yeah I already fked hadopi & will fk all the other laws you put in place to stop censorship/etc. Have fun encouraging piracy.

  • Laika

    If you remember people during prohibition, they learned that if you prohibit something, the problem doesn’t go away, it just becomes more widespread. Perhaps France & the rest of the world need to do their research. History is repeated over and over. Wtf are we on groundhog world as far as these dinosaurs are concerned? Apparently these con jobs haven’t done their research and like facilitating piracy & making it more widespread is obvious.

  • moderated

    moderated

  • DeepFreeze

    Lol, nice trick by the admins.
    Remember, it’s just the admins’ job.

  • LOPPSI2

  • Pingback: === popurls.com === popular today

  • Pingback: Microsoft Rickrolls Port Slamming Bittorrent Users | Technology News NOW!

  • Happyclam

    For one, if you read, they said it wasn’t the bandwidth that was the problem, but the excessive port mapping that was going on.

    Also, realize that it does take a lot of bandwidth to run bittorrent, regardless of what you may think. Yes, you are spreading the load around as far as where you pull it from, but it is all going to one place, just as a lot of people are pulling from you.

    Regardless, the issue is that they are running a free event and offering the free bandwidth, then having that thrown back in their face when a small number of people are abusing it.

    The analogy would be offering free food, then having a couple of people who eat it all because of their own greed.

  • LOPPSI2

    @ Laika, you seem like an angry person to me, chill out dude

    PS if you pirate everyting you own, you’ll be uploading them. Enjoy your freedom, while it lasts.

    Presumably by own, you mean you’ve bought something, then

  • Pingback: The Interesting News Thread - Page 175 - StrafeRight Forums

  • Greg

    It was a public event. MS was paying for the wifi. They get to choose how it’s used. They could block everything except http and people from visiting any website except teched and it would be legitimate.

    There ARE a limited number of ports, so whoever told that guy to google it, you should do the same. 65535 is the max.

    Yes, you can block VPN and it be legal. Why wouldn’t it be? They were paying for the connection. They can do whatever they want.

    This is not MS adding in a block to their operating system. This is not Australian ISPs blocking consumers from using BitTorrent. This is Microsoft and the contractors they hired limiting what can be done on a private connection that they paid for.

  • Anonymous

    man…

    Okay, this is most certainly legal. Calling what they did here illegal (like some comments here have done) is like saying that blocking porn sites on a middle schools network illegal….

    This was an event hosted by a company. This was not an ISP doing anything, it was the event holder placing restrictions on usage of their property……does that make any sense…

    when did this conversation devolve into pirating? They neither claimed or pointed to pirating to be the problem with it. They stated that their network was unable to handle that many different port usages from that many different clients. If you have every personally run a large network, you would know that there is quite a bit more to it than bandwidth. Even hosting 30-50 clients can be fairly difficult without enough gear/knowledge on how to use it.

    So basically, it is funny as hell that they rickroll’d people…

  • bob

    the issue was more likely they was using an link-sys router that falls over when it passes 50 connections :)

    i guessing every connection opens an temp port when under NAT and they was using an cheap router for the event that could not handle it

  • kua11a

    monitor other MAC addresses and then clone… eh eh

  • brandon

    hey in some countrys they dont care as long as its not their programs

  • Pingback: Microsoft’s War Against BitTorrent Ends In a RickRoll | The Tech Riot

  • Will

    “For the 2010 event, users will now have to register their MAC addresses to access the WiFi network and will be allocated resources accordingly.”

    Right, sounds like MAC Filtering. And we all know how easy that is to bypass.

  • Bisby

    “when did this conversation devolve into pirating? They neither claimed or pointed to pirating to be the problem with it. They stated that their network was unable to handle that many different port usages from that many different clients. If you have every personally run a large network, you would know that there is quite a bit more to it than bandwidth. Even hosting 30-50 clients can be fairly difficult without enough gear/knowledge on how to use it.”

    All true but you’re forgetting that the majority of users here dont know anything and react to any hint of “not being allowed to download warez” with “lolwut”, “fascist”, “net neutrality”, “corporate fatcats”, “culture is being enlaved” and “free speech!” without actually knowing what the terms mean or the situation itself.

    This threads comments is a great example of this as you noticed.

  • Irrelevant

    DHT + PEX + Encryption + getting your infohashes over tor = completely invincible short of banning encryption or blocking the entire connection entirely

    This kind of technique won’t be screwing with your home use of bittorrent, or even you abroad use of bittorrent if you already had your client configured as such.

  • Information matters

    Thank you guys for showing me how to bypass the restrictions!

  • GOLLY, IS IT THAT EASY!

    “DHT + PEX + Encryption + getting your infohashes over tor = completely invincible short of banning encryption or blocking the entire connection entirely”

    DHT + PEX leads to connections no different to any other peer to peer connection over BT. Actually in some cases it can lead to more ports being used as each torrent instance needs to have a corresponding hash found over the network.

    Encryption as used in BT = masking header data which is next to useless as far as masking BT traffic. It does not provide any masking of data or it’s origin/destination. It does not hide any ports that are being used.

    In short none of the above are going to make any difference. And in this situation described in the article they were’nt worried about transfers as much as port usage.

    LRN2BITTORRENTS LOL

  • Irrelevant

    @64

    >LRN2BITTORRENTS LOL

    LOL. DHT + PEX + TOR…

    >“We quickly built a list of all of the top torrent trackers around and got the nod from Jorke [Odolphi, Web Platform Architect Evangelist for Microsoft Australia] to add them all to the local DNS resolver and point them at a local web server containing some RickRoll scripts.”

    … just got around that. DHT+PEX make actually being able to get to the tracker irrelevant. And tor lets you get new swarm information from indexers.

    As for…

    >Microsoft also created a script which categorized WiFi users with a ‘naughty factor’, meaning those with the greatest number of active port mappings to distinct remote hosts were identified as BitTorrent users.

    … I can adjust what range of ports my client uses. I can also control how many connections it will attempt in what timespan and how many it will maintain. I can just keep rotating my MAC address until I find their limit.

    >It does not provide any masking of data

    Actually, yes it does. Thats the entire point. It masks what the packet is and the data inside the packet. Sure, you can still see that I’m sending “data” over whatever range of ports to peers that don’t seem “appropriate” but all you can really do is “assume” that my traffic “looks like bittorrent”.

    So your only solution is vague traffic analysis (that I can still get around with conservative enough settings) and cutting me off completely if my traffic patterns are “suspect”.

    On that note, however, creators of bittorrent clients should really give them more conservative default settings. And users should be more responsible with their use of the protocol. But, my point is, they didn’t actually block bittorrent. They just made it more difficult to use/forced users to be more responsible or get off.

  • Gargamel

    “completely invincible short of banning encryption or blocking the entire connection entirely”

    Blocking UDP? Hardly invincible.

    “It masks what the packet is”

    It masks the header. So yes in a manner of speaking that is correct.

    “and the data inside the packet.”

    No it does not.

    “So your only solution is vague traffic analysis (that I can still get around with conservative enough settings)”

    Seeing as no other common applications behave like a p2p application it doesn’t really matter just how vague traffic analysis is.

    You seem to be saying that given the right settings a p2p application, ie. BT, is undetectable. Whilst sure, theoretically, what you’re saying is correct the downside of BT being undetected is that it is so slow as to be unuseable. So what would be the point?

    You seem to be proposing that using settings you can mask any p2p traffic so it’s no longer detectable as such. Funny then, is it not, that these conservative settings are not used to avoid throttling then isn’t it. Actually no it isn’t – the settings would make the client unworkably slow.

  • Irrelevant

    @66

    >Blocking UDP? Hardly invincible.

    The torrent protocol does not use UDP for data transfer.

    >No it does not.

    Yes, it does. To someone snooping my traffic all they can see is that I am sending packets of “data”. They cannot reasonably (i’m sure TEH NSA has super secret quantum computers on the moon that could decrypt them in some billion years) decrypt the type of packet or what the packet contains. Now, somebody could just connect to the swarm and request the data from my client, but that is not the level at which the encryption of the protocol operates at.

    >Whilst sure, theoretically, what you’re saying is correct the downside of BT being undetected is that it is so slow as to be unuseable.

    It would only be slow to “get started”. Once you have connected to your peers and begin transferring data the number of connections you make and attempt are meaningless. Once my torrent client has scraped the data it needs from the tracker and finds a good set of seed/peers and connects to them successfully, everything will progress as it always does.

  • Irrelevant

    @66

    On an additional note,

    >mask any p2p traffic

    This phrase doesn’t mean anything whatsoever. All traffic on the internet is “p2p traffic” with enough wrappers and misdirection you COULD mask any traffic. Pragmatically, though, bittorrent is not gnutella is not napster is not fastrack is not tor is not freenet is DCC.

    All of these protocols work in very, very different ways. Bittorrent can be trained to be fairly indiscernable (although, as you pointed out, a little slower than it would otherwise be) whereas masking gnutella would prove more difficult without serious modification to the software involved.

  • Pingback: MakinMo's Tech Blog

  • Pingback: Microsoft RickRolls Port Slamming BitTorrent Users - makin's posterous

  • ????

    WOW
    the internet is full of morons that dont now how to read a damn article before posting

  • Pingback: Microsoft usa script rickroll contro gli utenti BitTorrent

  • Pingback: Microsoft’s War Against BitTorrent Ends In a RickRoll « Techknology's Blog

  • BTGuard - BitTorrent Anonymously

NewsBits

Even more news...

  • Pirate Bay Founder Gottfrid Svartholm on Freedom of Speech

    Freedom of speech is a highly valued commodity, but should people be allowed to say whatever...

  • Blu-ray Anti-Piracy Tech Stops Discs and Promotes Purchases

    An anti-piracy system present in all official Blu-ray players since 2012 has received a fresh update...

  • Foxtel Breeds Pirates by Locking Up Game of Thrones

    One of the main reasons why people turn to piracy is the lack of legal alternatives....

  • UK Student Admits Breaching Sony Copyrights With Leak of PS3 SDK

    Last year an Internet user known as El Nomeo leaked version 3.70 of Sony’s Playstation3 SDK...

  • Pirates Can Be Identified Despite Sharing IP Addresses, ISP Claims

    Carrier-Grade Network Address Translation is a network mechanism through which many Internet subscribers can share the...

MostDiscussed

Below are TorrentFreak's most discussed articles of the past month. Join the discussion if you like.

CopyQuote

Left Quote

“The Pirate Bay has been one of the most important movements in Sweden for freedom of speech, working against corruption and censorship.

Peter Sunde Left Quote

PopularArticles

A selection of some TorrentFreak's classics dug up from our archives.