Top deals on CNET here
|
|
Pirated movies now playing on a server near you
It's Hollywood's worst nightmare. Illegal copies of new releases are showing up on university servers, where anyone can download them.
|
By Robert Vamosi
Associate editor, CNET Software
(5/8/02)
Associate editor, CNET Software
(5/8/02)
Want to see the latest motion picture? You don't have to pay $8 at your local movie theater. An illegal, 2GB DVD version of Spider-Man or another recent Hollywood feature may already be stored on a college or university server, just waiting to be downloaded to your hard drive.
This is Hollywood's biggest fear and a wake-up call to the motion picture industry that's comparable to the scare Napster gave the music industry two years ago.
Big Spider-Man on campus
The movies reached the academic networks through Internet Relay Chat (IRC), a free, distributed chat service that is now a favorite of hackers, script kiddies, and other malicious users. Unlike instant-messaging clients such as MSN Messenger, ICQ, and AIM, IRC is run entirely by volunteers.
Bots, robots that execute remote commands, distribute files on IRC servers all over the world. These bots, which date back to the beginning of the service in 1988, can be automated and networked together. Some file-sharing IRC bot networks have 300 to 400 bots working off the same IRC channel.
| Hackers exploit high-bandwidth college servers by taking over a machine and installing their own FTP servers on the system. |  |
|
"Hackers are now trading network bandwidth around like currency," says Dan Ingevaldson, lead for Internet Security Systems' (ISS) X-Force Research and Development team. His company warned last Friday that universities may be unknowingly storing pirated motion pictures and commercial software. "Hackers are penetrating these campus machines not just to read e-mail or files, but for the bandwidth."
How they do it
Hackers exploit high-bandwidth college servers by taking over a machine and installing their own FTP servers on the system. Then they can upload, download, and even transfer large files to other networks. The pirate FTP servers are often hard to detect and run on high ports such as 6666 and 7000. ISS identified Raidenftpd, Bulletproof FTP Server, and Glftpd as popular FTP servers used by pirates in its May 3 security alert. ISS urges system administrators to watch out for and kill IRC/DCC requests.
Ingevaldson says that many servers on college networks are wide open to pirates. With thousands of short-term user accounts, many of which use peer-to-peer file-sharing networks such as Audiogalaxy and Morpheus, university networks typically do not perform packet filtering on all of their Internet connections. Even before Napster, university servers had been secret havens for warez files, illegal copies of copyrighted software.
| With Iroffer IRC bots, hackers broadcast advertisements for the latest software, games, or motion pictures that appear on IRC channels. | |
|
What tipped off Ingevaldson and others to the presence of large files on college networks was server performance complaints from students and faculty at the University of Washington. Dan Dittrich, senior security engineer at the University of Washington, started investigating periods when the university's network slowed down. He discovered a distributed database of motion pictures and pirated software present on the university's server. Together, he and Ingevaldson began researching how widespread the problem was.
Who's to blame?
It seems hackers originally get hold of the latest movies by making copies of DVDs with a standard DVD burner. Another person who discovers the movie on a server can easily download the file and rip it to a disc in no time. One program identified by Ingevaldson as a favorite with malicious users is Iroffer, a file-server program that also has legitimate uses. With Iroffer IRC bots, hackers broadcast advertisements for the latest software, games, or motion pictures that appear on IRC channels. The ads include instructions on where to find and how to download the pirated files.
There is a whole culture that believes providing free copies of Windows XP or Attack of the Clones to others is a legitimate service. However, rightful owners of the intellectual property, including movie studios, do not agree.
Since it's impossible to tell who's legally responsible for these shadowy IRC botnets, copyright owners may have no option but to sue the hosting servers. A lot of companies have policies that ban peer-to-peer connections like IRC on their servers. The threat of legal action may be enough to convince those responsible for college networks to rethink their positions as well.
Should universities be held responsible for pirated content on their networks? Why or why not? TalkBack to me!
| Security Watch archive | Read product reviews  |
