Some updates on the DDoS

Not much to say about the incident at this point, but I’ll just clarify some things on our side.

By the way, we’re on IRC (#bakabt on Feel free to drop by if you like (although most of the time we’re talking about things other than the DDoS).
You can use Rizon webchat, just register with nickserv (/msg nickserv register [password] [email]) and identify (/msg nickserv identify [password]) before joining (/join bakabt).
roffamaffia is here too, under the nick UchihaSasuke, so you can tell him how much you love him (/msg UchihaSasuke hello there).

Site downtime

Site is still down because the host nullrouted it. It’s nullrouted because despite roffa/Sasuke-/0xyG3N saying he’ll stop the DDoS, for some reason we’re still getting heavy traffic on our line (as reported by our host). This is at least 10 times heavier than normal usage and is just slightly below our peak bandwidth cap, so while the site would be barely useable if it was brought up, it would cost us a hell lot in bandwidth usage. I don’t think it’s possible that many users constantly checking on the site status would generate that much traffic.

Our stand

We refuse to give in because we have zero assurance that the DDoS would stop for good if we do (and why would Jarudin step down as requested anyway?). We got DDoSed once for banning him in accordance with the site policy of no stathacking. We got DDoSed again because he didn’t like one of our blog posts. Based on this trend there is fair reason to believe that any time he finds something he doesn’t like about us, we’ll get DDoSed again.

Giving in to each DDoS he pulls off isn’t going to do any good for us in the long run, so we decided to draw the line early. We will have to make a stand sooner or later at this rate anyway.

Anti-DDOS measures?

Yeah, that’s one possibility, but we’ve prided ourselves on staying financially low-maintenance. While we do get lots of donations (server costs are quickly covered soon after opening donations), we’d rather not spend them. We do this out of our own interest and sense of volunteerism, a sentiment I’m sure many of you other community site-owners share, and would like to see the site continue to be sustained without requiring lots of funds, which is donors’ money that should not be carelessly spent.

Getting into a DDoS arms race would be taxing, both financially and also in terms of the effort it takes to stay updated on the latest developments, related information, and news. A one-time DoS fix would be lovely, but we hope not to have to use it as a feasible long-term strategy.

I’ve read the report over at TorrentFreak, as well as all the comments that have been posted, and thank you all for your generous support; We’ve had lots of help offers pouring in through PM, which is really touching. If there are reasonable solutions I believe we have exhausted them. We will look into implementing basic ways of prevention, but I think it still holds true that any solution to prevent dedicated attacks will require serious resources or hardware.

It is a real shame that the people really feeling the pain of this are the users, not the site staff! (As many would attest, we’ve been way too busy to be watching that much anime lately anyway.

Future plans: still no DHT

By the way, we have no plans to add DHT to our torrents, because we can’t find a way to do it and still have accurate stat-tracking for our uploaders. But there is nothing in our site policy stopping people from making DHT-enabled or tracker-less versions of our torrents and submitting them elsewhere (and not like we can stop people doing that with “site policy” anyway, right?) Once it’s on your hard drive, it’s yours to do with as you please.

Source Baka blog

BakaBT Anime BitTorrent Tracker Retaliates Against DDoS

BakaBT, a torrent tracker which specializes in serving anime fans, is currently down after suffering a huge DDoS attack. Although these type of attacks against torrent sites are nothing new, the operators say the person responsible has identified himself. Instead of caving in to his demands, the site has chosen to fight back.

Over the years there have been many ‘hacking’ incidents related to file-sharing. Some attacks are carried out in support of the activity, such as the famous MediaDefender leaked emails, multiple attacks on the IFPI, and more recently when hacktivists defaced an anti-piracy group website.

Another favored assault on torrent sites comes in the form of DDoS attacks. Most recently Demonoid suffered downtime from just this type of incident.

Usually the attackers remain relatively or completely anonymous, making fighting them almost impossible. However, according to the operators of BakaBT, a site serving the anime community and one currently under sustained DDoS attack, they are very well aware of who has made their site inaccessible.

Following a difference of opinion with a member who seemed to have spoofed his ratio in 2009, the BakaBT site got maliciously taken down along with a demand that someone on the site’s staff should hand in their resignation. In response the staff at BakaBT (and another site which claims to have had difficulty with the same guy) published some of the details of the person they believed was responsible in a blog post.

Now, many months later, the BakaBT site is down again under a DDoS attack after the previous ‘hacker’ demanded that the earlier blog post be taken down. BakaBT decided not to comply, instead choosing to go to war with their attacker by publishing more of his personal details and asking people around the net to republish them everywhere they can. However, as they seem to appreciate, this act could stir up an even bigger hornets nest.

“What happens to our website and 6 year old community? I don’t know,” say the staff in a comment. “It would be a shame to loose it over something so trivial.”

Indeed it would. According to a passionate site member who spoke with TorrentFreak, BakaBT has been around since 2004 and is dearly loved by anime fans. The site has around 142,000 members and tracks around 7,000 torrents. Time will tell if the site and their perceived enemy will settle their differences.

TorrentFreak contacted the alleged attacker who while admitting that he previously carried out some kind of attack on BakaBT, denies responsibility for the current downtime. That said, he insists that if the site returns he will attack it again. He refutes the claim, however, that the identity revealed is his…..very confusing.

BakaBT are giving infrequent updates via Twitter and their backup blog, and there’s more drama here