macmee
-
Posts
2 -
Joined
-
Last visited
Posts posted by macmee
-
-
I'm just curious in general about DHTs and found this great article on kademlia:
http://gleamly.com/article/introduction-kademlia-dht-how-it-works
From what I understand and based on these resources on how the bittorrent DHT works:
https://en.wikipedia.org/wiki/Mainline_DHT
It seems like, when I begin seeding a torrent, my client does the following:
- determines the key within the DHT corresponding to my torrent
- the value for a key is a list of seeders, and my client inserts its own IP into that list
but, consider an attacker with 100 clients, what's to stop that attacker from inserting his own, or a bogus IP for the key for this torrent, even though the attacker is not seeding the torrent at all.
And then, wouldn't it be the case that when some person X comes along to start downloading the torrent, when they look up the seeders in the DHT (find the value in the DHT for the key corresponding to the torrent), then wouldn't X get back a list of 100 bogus IPs and perhaps some small amount of legitimate seeders?
- determines the key within the DHT corresponding to my torrent
Trying To Understand How Mainline Dht Works
in General Discussion
Posted
Even though my post is a year old, the other day I did an experiment which is relevant exactly to the concerns I asked about:
Any node can announce to the network that they're seeding a torrent. I generated a random SHA1 and announced I was seeding it.
24 hours goes by and I ask the DHT to do a lookup for the SHA1. I'm not expecting to get anything back because I assume the announce interval is like 15 minutes or something. But to my surprise, I get back, from like 20 peers, two IPs from China and Saudi Arabia.
So for some reason, two nodes in China and Saudi Arabia thought it would be a great idea and lie about seeding a torrent which doesn't even exist.
Why would they do this? What's the advantage in doing it?