[LINK] technical question: security alert

Tom Koltai tomk at unwired.com.au
Fri Mar 6 10:08:57 AEDT 2009 

> -----Original Message-----
> From: link-bounces at mailman1.anu.edu.au 
> [mailto:link-bounces at mailman1.anu.edu.au] On Behalf Of Kim Holburn
> Sent: Thursday, 5 March 2009 11:55 PM
> To: Link List
> Subject: Re: [LINK] technical question: security alert
> 
> On 2009/Mar/05, at 1:28 PM, Jan Whitaker wrote:
> > > Jan [half kidding because I don't download illegal material 
> knowingly; 
> > although who knows what is legal on YouTube, but p2p and 
> torrent not 
> > by me]
> > At 11:22 PM 5/03/2009, Kim Holburn wrote:
> >> Wow.  I've definitely heard of them.  They are the PI firm 
> that works 
> >> for the RIAA.  So this is a scan or trace of some kind and 
> not really 
> > random noise at all.
> >
> <snip>
> 
> Assuming you weren't using bittorrent then (and anyway from the fact  
> that it was logged rather than passed through) it's most likely that  
> mediasentry were responding to a previous inhabitant of that IP  
> address.  I don't know what they do exactly but possibilities spring  
> to mind:  maybe examining what torrents were being accessed by the  
> client or possibly offering a fake media file for download or even  
> surveying data for their clients about what is the most popular  
> download (it's very useful data).
>

Therefore Kim, I think you might be proposing that MediaDefender is
possibly stepping through the IP ranges 
looking for live ports with which to further operate from as in
http://www.dailybits.com/media-defender-attacks-revision3-with-a-ddos/
and had Jans computer responded positively - then her bandwidth would
now be used without her permission to interogate other Torrent users. In
this way - mediadefender can continue interdiction activities without
being identified by ip blacklists - even though by doing so they are in
clear breach of the US wiretap Act and are in effect stealing bandwidth
from innocent users without offers of compensation.
That's suprising - I actually thought they had stopped doing that sort
of stuff.

(I just thought I would translate your (it's very useful data) comment.)

 






_______________________________________
No viruses found in this outgoing message
Scanned by iolo AntiVirus 1.5.6.4
http://www.iolo.com

More information about the Link mailing list