Insecure Systems: File Sharing Trackers Ingrid File Sharing is a type of insecure system. These systems are reaching out to abandoned torrent tracker domains for information about files to download via BitTorrent. This data is observed and verified through a sinkhole and tracker system. The unintended insecure system destination is a HTTP sinkhole, where an abandoned tracker is owned by Bitsight. The system actively searches for other peers that own BitTorrent files. If the client is retrying the connection with a Bitsight sinkhole domain and continues hitting the tracker sinkhole, it can be determined that it's a poorly implemented client and can't be a legitimate and well-behaved BitTorrent client. Review the finding details for remediation instructions. Risks Attackers can set up false trackers and inject false information. Trackers can instruct clients to fetch files from an arbitrary list of systems, with false or dangerous content. IP addresses that have a BitTorrent client that’s trying to reach a Bitsight tracker website and is asking for peers to download software are potentially worse than “legitimate” BitTorrents, since it may be a hidden app running in the background. October 30, 2018: Published. Related articles Ratings Tree Types of Insecure Systems Folder Management Glossary of Terms - File Sharing Understanding the SPF Domains Risk Vector Feedback 0 comments Please sign in to leave a comment.