Hello.
I host some Debian ISO images via BitTorrent, among other things and
recently I have noticed very high interest in one torrent in particular:
"debian-12.5.0-amd64-netinst.iso".
My torrent client shows multiple connections from various networks (more
IPs than /24),
and according to "whois", all originating from China.
The odd part is these remote clients report their ID as "unknown",
connect using TCP protocol non-encrypted
and never send more than 4 download requests.
These requests add up to around 1Mbytes of outgoing traffic, but their
remote clients always reports 0% of download progress despite each
having a few Gbytes downloaded.
So they download this torrent essentially forever, hogging my upload
bandwidth.
Another weird thing, I have many other torrents and other Debian ISOs,
but these clients from China are interested only in that single one.
Does anybody have something like this on their BitTorrent clients, or
have some thoughts about this?
Should I report this strange behavior to admin of Debian torrent tracker
(bttracker.debian.org)?
Any theory about why they are interested only in that single torrent and
nothing else?
Is this really weak Distributed-Denial-of-Service type of "attack"?
What they could possibly gain from this? I can understand port scans and
open port probes, but I don't host anything else.
In other words, what is their goal?
--
With kindest regards, Alexander.
Debian - The universal operating system
https://www.debian.org
