

Exploiting BitTorrent Vulnerabilities to Launch Reflective DDoS Attacks [pdf] - _jomo
https://www.usenix.org/system/files/conference/woot15/woot15-paper-adamsky.pdf

======
Everlag
That was an interesting read!

tl;dr: Bittorrent and extensions can be exploited to cause a reflected DDoS.

The spiciest method exploits Message Steam Encryption(MSE) which combines the
dynamic port nature of bittorrent with just-sufficient crypto to make
mitigation a nightmare. MSE can get between 4-32.5 times amplification
depending on available peers; its robustness makes up for the middling
amplification capabilities[1].

Mitigation on the uTP protocol level is as simple(?) as switching to a three
way handshake but that would be quite the change for such a widely deployed
protocol.

[1][https://en.wikipedia.org/wiki/Denial-of-
service_attack#Refle...](https://en.wikipedia.org/wiki/Denial-of-
service_attack#Reflected_.2F_spoofed_attack)

~~~
magila
Bittorrent over uTP already effectively uses a three way handshake because the
connection initiator is required to send the BT handshake first. The uTP
vulnerabilities in the paper were caused by bugs in uTorrent and libtorrent's
implementations. Both projects have released fixes for these bugs.

------
0x0
For libtorrent, v1.0.6 changelog seems to hint that this has been fixed?
[https://github.com/arvidn/libtorrent/releases/tag/libtorrent...](https://github.com/arvidn/libtorrent/releases/tag/libtorrent-1_0_6)
"* fixed uTP vulnerability"

