25.2.06

Tracking Data over Bit Torrent (.pdf)

Infosecwriters.com: "Tracking Data over Bit Torrent by Dan Morrill on 22/02/06

Bit Torrent has a reputation of being difficult to find out who is downloading movies, games, documentation, and other information. This is not necessarily true in all cases; any Peer-to-Peer system at some point relies on IPv4 and TCP/IP to make its connections. Because of that, the sender and the receiver can be well known to anyone who is using a program or programs that have robust logging, and other programs that help geolocate where those IP addresses are physically located. Anyone who produces or protects data that is confidential or otherwise protected by statute or law should have an understanding of bit torrent networks, how they work, and how they route. Bit torrent is a reliable and efficient way of sending very large data chunks from point A to a distributed points B. it was originally developed to move Linux Distributions from various points without choking the sender and spreading the download across multiple downloader’s and senders of the same data point.

While the original intent of the system was to reduce the costs of shipping very large files across the internet, it is also an excellent tool for sharing other data types. Movies, games, and entire sound tracks are common fare across the bit torrent networks. Finding out if the company’s data is on the bit torrent networks, and then being able to figure out where the data is going is an important part of any tracking and monitoring program that a company has. Once the data is in Bit Torrent, usually the only action that a company can take is to issue a take down notice, and this will work in the United States. However, in other countries, with other Intellectual Property Protection laws, take down notices may or may not work. This paper is not about sending take down notices, but discovering whom by IP and geographic location is downloading a particular file or files across the Bit Torrent networks. Your c"