Log In     Register    

Help and Support
Ask a question, report a problem, request a feature...
<<  Back To Forum

How to block bots

by pryodon1 on 2025/03/24 05:22:00 AM    
I want to know how to block bots from accessing my server?

I am getting many bot IP's in DHT or they are connecting to me from all over the world so IP block bans don't work.

The main bot I am having issues with is called "BM 0.0.0.1"

How do I block a peer with a client named "BM 0.0.0.1" or a Peer ID that starts with "-BM"??

It appears that this bot is trying to overflow a buffer.

I am trying to ignore them, but there are so many it is difficult!!!
by pryodon1 on 2025/03/24 05:40:49 AM    
FYI... The status code the bot is creating is called "metadata request overflow"

Is there a way to block misbehaving clients?
by Guest on 2025/03/24 11:58:14 AM    
check out settings-transfers-files
https://support.tixati.com/client%20filter
Client Filter
This will open a window that lets you full configure the client filters that are applied to all transfers.  You can filter peers based on Client ID or their unique Peer ID.  Allows for whitelist / blacklist / exemption rules.
by Guest on 2025/03/25 09:13:12 AM    
can you post screenshot in postimages.org and teach me how to identify such malicious peers?
by pryodon1 on 2025/03/30 01:49:27 AM    
In response to your question:
can you post screenshot in postimages.org and teach me how to identify such malicious peers?

Here is an image showing status codes of misbehaving clients. I was having a large number of clients with the same status code of "metadata request overflow" as you will see in the image. Almost all of these errors were generated by the same client software which was mostly likely a bot. I have my own web space, so I will post the image there.
(link removed by Mod - please re-post the image with IP's blurred)
by pryodon1 on 2025/03/31 03:58:08 AM    
Here is the image with the IP's blacked out.
https://nyx.mynetblog.com/dl/Tixati-error-messages.png
by Guest on 2025/04/10 03:56:15 PM    
will not click unless in postimages.org
by Guest on 2025/05/19 07:34:47 AM    
To filter the BM/0.0.0.1 botnet, as well as its little cousin, the MC/0.0.0.8 botnet (which does the same thing but less aggressively), go to settings > peers > client filter > peer ID tab

and in the bottom box that says "never allow", copy and paste the following wildcard filters:

-BM0001-*
-MC0008-*

This will filter them by client ID, preventing them from ever connecting. They will still appear in the peer list, but they cannot waste your bandwidth or take up resources anymore.

I've been following this bot for a long time, and whoever is behind it is one evil SOB and likely attempting to sabotage BitTorrent DHT on a massive scale.
by Guest on 2025/07/12 04:42:34 AM    
I was having this same issue, and with many different client IDs, so I did a who-is lookup, and they came from the same subnet.

https://whois.domaintools.com/31.200.249.233

IP Location  Russian Federation Russian Federation Moskva
ASN  Russian Federation AS216158 TeleportMedia-AS Teleport Rus LLC, RU (registered Oct 12, 2023)
Whois Server  whois.ripe.net
IP Address  31.200.249.233

% Abuse contact for '31.200.249.0 - 31.200.249.255' is

inetnum:        31.200.249.0 - 31.200.249.255
netname:        Teleport_Rus_network
country:        RU
admin-c:        KAK101-RIPE
abuse-c:        AC42799-RIPE
tech-c:         KAK101-RIPE
status:         ASSIGNED PA
mnt-by:         NETRACK-MNT
created:        2023-10-10T12:12:12Z
last-modified:  2023-10-10T12:12:12Z
source:         RIPE

person:        
address:        
phone:          
nic-hdl:        KAK101-RIPE
mnt-by:         NETRACK-MNT
created:        2023-10-10T08:06:55Z
last-modified:  2023-10-10T08:06:55Z
source:         RIPE

route:          31.200.249.0/24
origin:         AS216158
mnt-by:         NETRACK-MNT
created:        2023-11-14T11:05:00Z
last-modified:  2023-11-14T11:05:00Z
source:         RIPE

by Guest on 2025/07/12 10:51:22 AM    
Those are pretty obvious because they appear on most public torrents no matter what the content is. Obviously, it is highly unlikely that some real peer downloads the exact same set of torrents you've chosen (if you have a lot of different ones). Authors seem to have zero worries about sending and receiving a lot of useless traffic just to check data availability for some pirate streaming application(s).

They sometimes switch to using proxies at popular hosting providers, so keep an eye on other IP addresses with similar behaviour.




This web site is powered by Super Simple Server