shortboarder Posted June 28, 2013 Report Share Posted June 28, 2013 Been using BTSync for over a month now. Today, Little Snitch starting lighting up with attempted connections (see attached image for reference)The IPs are different in other warnings. Whois searches reveals them as servers in Russia and Bulgaria.We're only using this between three computers in the office - two OSX and a Windows machine.Anyone else seeing this? Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted June 28, 2013 Report Share Posted June 28, 2013 Do you still see this behavior in Sync with Relay, Tracker, and DHT options disabled? Quote Link to comment Share on other sites More sharing options...
shortboarder Posted June 29, 2013 Author Report Share Posted June 29, 2013 Yes. I reset the folders that were being synced, and re-synced with Relay, Tracker and DHT off, and I'm still getting attempted connections to other servers.I've read the post on router entries and these servers/ports don't seem related to what is listed there.It raised a red flag for us since we've been using the same settings for a while, yet today we're seeing these connection attempts for the first time.Attached is a screen shot from Little Snitch's rules for BTSync. The denied connections are the ones that have been popping up today. This isn't all of them; other attempted connections were to servers in China, Israel... Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted June 29, 2013 Report Share Posted June 29, 2013 Hmm.. what version of Sync are you currently running? (The latest build is 1.1.22) ...Did you notice these connections after updating to a new build, or did they just start appearing without any changes/updates to your Sync?Some other thoughts; Did you download Sync from an official source (i.e. here or here)? ...and are you running up-to-date virus protection on the device(s) in question? Quote Link to comment Share on other sites More sharing options...
shortboarder Posted June 29, 2013 Author Report Share Posted June 29, 2013 Was running 1.0.134 (OSX). Updating now.I've been away for the last week, and we haven't changed a thing in terms of the config, synced folders or versions at all. These attempted connections just started today.I originally downloaded it from BitTorrent's site. There is no virus protection on the Macs.I've removed it entirely from the one Windows machine it was running on for the moment.---Just updated, reset the folders to be synced, turning off tracker etc. (Just syncing over a LAN right now). The update seems to have fixed it - no connections other than expected. On the earlier version(1.0.134), it was trying to connect to these other servers almost immediately. So far, the new version is quiet. I'll let it run overnight and see if anything pops up by morning. Thanks for all your help. Quote Link to comment Share on other sites More sharing options...
Yversa Posted June 29, 2013 Report Share Posted June 29, 2013 Hello OP,You are not alone with the observed behavior of BTsync.I'm running a Mac mini (OS X 10.8.4) on my LAN with Little Snitch, BTsync (tracker & relay server enabled) & µtorrent as bittorrent client. Every version of BTsync I downloaded from this forum (1.0.134 till current one) starts connecting to random machines once I start a download via µtorrent.Depending on the swarm size of the torrent my machine usually connects to other hosts every 2 - 7 secs. The locations of these remote machines range from same city to the other side of the planet.It seems there is some kind of "connection spill-over" from BTsync's tracker. However according to the debug logs none of those machines were ever connecting to my shared folders or directly exchanging data with the Mac mini.Neither my MacBooks nor my Linux machines show any of these random connections. None of them runs a bittorrent-client though. A complete scan with ClamXav reports my Mac mini as clean.Yv Quote Link to comment Share on other sites More sharing options...
Harold Feit Posted June 29, 2013 Report Share Posted June 29, 2013 Did no one think that this might be the DHT functionality at work? Quote Link to comment Share on other sites More sharing options...
Yversa Posted June 29, 2013 Report Share Posted June 29, 2013 DHT is active while "Search DHT network" is un-checked? Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted June 29, 2013 Report Share Posted June 29, 2013 Did no one think that this might be the DHT functionality at work?That was my first question ...and as the OP subsequently confirmed, he still saw this behavior even with the Relay, Tracker, and DHT options disabled, with the issue seemingly only going away after an update to the latest version of Sync. Quote Link to comment Share on other sites More sharing options...
preciousroy Posted June 29, 2013 Report Share Posted June 29, 2013 Same sort of thing happening since 1.0.134 on two Mac's and a surface tablet. If I'm running Transmission along side sync, sync seems to crosstalk with the other torrent traffic. It would be nice to be able to tell sync to ONLY use local lan addresses for security purposes. Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted June 30, 2013 Report Share Posted June 30, 2013 It would be nice to be able to tell sync to ONLY use local lan addresses for security purposes.You can, just disable the Relay, Tracker, and DHT options, and also use the predefined hosts to specify local addresses Quote Link to comment Share on other sites More sharing options...
preciousroy Posted June 30, 2013 Report Share Posted June 30, 2013 That's how I have the folder I'm syncing set up, it does however continue to chatter with the internet. DHT, Tracker and Relay off, host's not specified since I have a "live" network and a "test" network here. Quote Link to comment Share on other sites More sharing options...
BtbN Posted July 1, 2013 Report Share Posted July 1, 2013 Most likely DHT will still populate its tables and will connect to dozens of semi-random machines around the world. As long as there's not a sigificant amount of data transfered to these IPs, it's absolutely no problem. Quote Link to comment Share on other sites More sharing options...
Disappointed Cat Posted July 1, 2013 Report Share Posted July 1, 2013 It is a problem on low quality internet services.Opening like a hundred connections for DHT can drop the internet connection or render it unusable for the time being.It also disturbing that my PC connects to random people all over the world. Quote Link to comment Share on other sites More sharing options...
shortboarder Posted July 1, 2013 Author Report Share Posted July 1, 2013 So, after the weekend, this is what I found:BTSync is on only two OSX boxes, running the latest version. Syncing only one folder with relay, tracker and DHT off.My machine was relatively quiet, with only one attempted connection to an IP that resolved to Brazil.The other machine, which happens to be running uTorrent, attempted nearly 5300 connections.This might just be DHT tables, but it's curious that the machine running uTorrent has attempted so many connections as opposed to the other machine (1).I'll take a look at setting up pre-designated hosts and see how that goes. Quote Link to comment Share on other sites More sharing options...
Xanza Posted July 2, 2013 Report Share Posted July 2, 2013 Was running 1.0.134 (OSX). Updating now.I've been away for the last week, and we haven't changed a thing in terms of the config, synced folders or versions at all. These attempted connections just started today.I originally downloaded it from BitTorrent's site. There is no virus protection on the Macs.Who the hell ever told you that lie? There are literally tons of AV programs for Mac.If you need one, use this: http://www.avast.com/free-antivirus-macBut here are more: http://download.cnet.com/mac/antivirus-software/ (~37 of them)Most likely DHT will still populate its tables and will connect to dozens of semi-random machines around the world. As long as there's not a sigificant amount of data transfered to these IPs, it's absolutely no problem.Good answer.So, after the weekend, this is what I found:BTSync is on only two OSX boxes, running the latest version. Syncing only one folder with relay, tracker and DHT off.My machine was relatively quiet, with only one attempted connection to an IP that resolved to Brazil.The other machine, which happens to be running uTorrent, attempted nearly 5300 connections.This might just be DHT tables, but it's curious that the machine running uTorrent has attempted so many connections as opposed to the other machine (1).I'll take a look at setting up pre-designated hosts and see how that goes.5300 connections is a bit more than suspicious, but I really think it's just network interference within the bittorrent network. Quote Link to comment Share on other sites More sharing options...
rdebath Posted July 2, 2013 Report Share Posted July 2, 2013 Before about 1.1.12 the DHT module was not turned off when the flag was turned off on all the shares. It would still respond to external DHT requests but would not initiate a connection to DHT. This has changed.There are plenty of AV solutions that run on MAC and Linux.They have 99.999% Windows signatures.There are maybe six Mac signatures, half of them are variants, none of them are real viruses, just trojans. From what I can tell the last time the Mac signatures were updated was in May 2011, that extra signature was described as a "bumper crop" by Intego.BUT "phishing" is any-platform, some AV traps this stuff as well and calls it a virus to inflate the stats; most people call it spam. Quote Link to comment Share on other sites More sharing options...
capi Posted July 2, 2013 Report Share Posted July 2, 2013 Who the hell ever told you that lie? There are literally tons of AV programs for Mac.Before things get out of control, I've read the answer as "there is no AV running on the Macs [in question]", i.e. on HIS/HER Macs, not that there are none available in general. Quote Link to comment Share on other sites More sharing options...
shortboarder Posted July 2, 2013 Author Report Share Posted July 2, 2013 Who the hell ever told you that lie? There are literally tons of AV programs for Mac.If you need one, use this: http://www.avast.com...e-antivirus-macBut here are more: http://download.cnet...virus-software/ (~37 of You misread me. There aren't AV progs running on _our_ Macs. Quote Link to comment Share on other sites More sharing options...
patoka Posted July 3, 2013 Report Share Posted July 3, 2013 >>just disable the Relay, Tracker, and DHT optionsI'm new to BT sync, can these be set globally? So far it looks like I need to do this on each of my 15 folders individually.I did see a netstat entry for coxhn.net:1038 right after installing the client which went away after I blocked sync in my firewall.Process explorer shows sync using 114k / 297k of ram on an XP pro laptop but only 58k / 187k on a win 7 starter netbook that has the same number of folders being synched.I turned off all my syncs in Spideroak thinking BT sync could replace it but the memory use has me rethinking my plan. Quote Link to comment Share on other sites More sharing options...
GreatMarko Posted July 3, 2013 Report Share Posted July 3, 2013 I'm new to BT sync, can these be set globally? So far it looks like I need to do this on each of my 15 folders individually.These are per-folder settings, so you would need to do this for all your foldersI turned off all my syncs in Spideroak thinking BT sync could replace it but the memory use has me rethinking my plan.Are you using the latest Sync version (1.1.26)? The build before that (1.1.22) had some pretty big CPU/Memory issues, but these have been fixed for 1.1.26 Quote Link to comment Share on other sites More sharing options...
patoka Posted July 4, 2013 Report Share Posted July 4, 2013 I found out after I posted that I had 1.0.134.0, but when I clicked on the check for updates link it said it was the latest.The memory useage has not seemed to drop much with 1.1.26.Process explorer still shows a UDP connection to coxhn.net. Quote Link to comment Share on other sites More sharing options...
Harold Feit Posted July 4, 2013 Report Share Posted July 4, 2013 And did you sniff the traffic of it with wireshark? Quote Link to comment Share on other sites More sharing options...
kos13 Posted July 4, 2013 Report Share Posted July 4, 2013 To close the topic:- Sync contacts different ip addresses only if DHT is on;- There was a bug in early builds when this settings wasn't properly treated by app, please upgrade;- Please do not mix traffic from Sync with regular BitTorrent client.If you are on 1.1.26 build and later, DHT is off and you are sure that BitTorrent is not running there will be no any ip addresses besides machines with your secret.kos Quote Link to comment Share on other sites More sharing options...
kos13 Posted July 4, 2013 Report Share Posted July 4, 2013 Ok, we found degradation in latest builds. If you turned DHT at least once, this settings will be saved, and even if you turn it off - Sync will still use DHT.Will be fixed in next build after 1.1.26 Thanks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.