Fighting Back at Crack Sites

For the small software developer few things are so disheartening as discovering that people are illegally obtaining your software for free. If your software is in any way interesting there will surely be patches (cracks, crackz, crax), key generators (keygens), serial numbers (serialz) and even full downloads of your software (warez) readily available on the Net.

There are some things you can do:

Make it harder for crackers to crack your software
Try to shut down crack related web sites
Block downloads from pirate sites

Making it harder for crackers to crack your software

Here are some sites that can help you with preventing cracks:

Shutting down crack related web sites

Finding sites

The first step is to find sites that are hosting or linking to cracks, serials or warez for your software. There are several crack search engines out there, probably the best known is Astalavista. Engines like this will provide you with direct links to your software's cracks, keygens and serials.

Lamer sites

Note that there are thousands of small crack sites hosted on free web site providers. Professional crackers refer to these as "lamer" sites. These sites are usually trivial to shut down.

To get an idea of the extent of this problem go to the GeoCities search page and do a search on these terms: crackz, crax, serials, serialz, warez. If you want to try your hand at killing GeoCities pirate sites gather up all the sites you find and send them to geo-abuse@yahoo-inc.com. Or use their Content Violation Reporting Form.

Tracking down the responsible parties

All respectable ISP's (Internet Service Providers) have rules against their customers violating software copyrights. This is because in most civilized countries software piracy is illegal. So the idea behind shutting down crack sites is to inform the ISP about the illegal activity. Even if the site content is not illegal most reputable ISPs have AUPs (Acceptable Use Policy) or TOSs (Terms of Service) that forbid copyright violating material. The first thing you'll need is a tool to track down web site admins. Probably the best tool for this is Sam Spade, www.samspade.org.

Domains vs. User Sites

There are basically two kinds of crack sites: domains and user sites. User sites are usually free web sites from a large company like Geocities. A user crack site will look something like: http://www.nicesite.com/~miscreant32/cracks.html.

So to get the contact here just plug in the domain www.nicesite.com into Sam Spade. Most larger sites have an abuse address so try that first. If there's no abuse address do a whois to find the admin contact. Once you have the e-mail contact inform them of the illegal site.

A domain crack site will look like this: http://www.cracksisus.com/. Usually these sites are not hosted by the crackers themselves but by an ISP. So use Sam Spade to get the whois information for www.cracksisus.com.

Usually the cracker will be the Administrative Contact and Billing Contact but the ISP will be the Technical contact. Sometimes though the cracker will also be the Technical contact so beware. Even in this case the site may have domain servers from an ISP. So you can try to find an abuse address from them. Note that sometimes crackers manage to put bogus name servers in the whois listing. Before you contact the ISP hosting the site's DNS verify the DNS listings with Sam Spade's Dig utility.

Finding the Upstream Provider

If all these methods fail try contacting the upstream provider. Finding the upstream provider can be a bit tricky. To find the upstream provider run the domain through Sam Spade's TraceRoute. At the very bottom of the trace you'll see the crack sites IP address. (An IP address is the Internet location of a web site. It will look something like 192.168.0.8) Just above that usually will be the site's upstream provider. Check that site for contacts. This line can also indicate the ISP's upstream provider. In this case you'll have to decipher who the ISP is. The ISP name is often included along with it's upstream provider name. Note that occasionally the last line with the IP address also mentions the name of the upstream provider. If the upstream address is identified as bogus try the IP Block on the upstream IP.

IP Blocks

If you have difficulty finding the direct upstream provider you can find out who controls the IP block for the site. Run the domain though Sam Spade's IPBlock to try to find the company that manages the crack domain's IP. Be careful though, sometimes the wrong IP block is displayed. Send your complaint to the IP admin.

Note that some doing an IP block check on some domains will not give the right information when using Sam Spade's Magic whois. Asian sites for example will usually simply show a general all-encompassing ARIN IP block. For these sites you'll need to paste the IP into the address box and do a whois using whois.arin.net.

Redirectors

A lot of crack sites make use of site redirectors. A redirector allows the cracker a way to have a fairly stable site name even if the free sites they are using are killed. If the domain name of the url ends in cjb.net or .to there's a good chance its using a redirector service. You'll know a site is redirected if you click a link and the link in the browser address field does not change.

To kill these sites first contact the redirector service (though usually it doesn't help much, cjb.net is an exception) and then view the HTML source for the page. Usually there will be a small amount of text including the real url to the page. You can verify the url by pasting it into your browser. You'll need to complain to the ISP of this page.

Siding with Larger Companies

Another thing you can do is to side with larger companies. For example, if you find a site containing cracks for your software look to see if there are any warez, cracks or serials for Microsoft products. If so send a note to piracy@microsoft.com about the site and let them do all the work.

Asian Sites

Note that sites in Asia, China in particular, are virtually impossible to shut down. Maybe if thousands of people start pestering them they'll start to come around. For any sites in China find every email contact within China all along the traceroute and keep e-mailing them every month. ISP's don't like getting spam complaints and if enough of us complain they'll feel the same way about copyright violations.

Eastern Europe

Software piracy is also quite bad in eastern Europe. Many ISP's in Russia though are now very responsive to piracy complaints. For the tough sites use the same tactic as for Chinese sites.

DMCA

After contacting some US-based ISP's they might respond back asking you to properly submit a DMCA notice. This is a pain but it will almost assure the site gets shut down. Here is an example DMCA notice you can use for your own software.

Rot Their Links

If you have trouble shutting down a site that links to other sites hosting pirated material, try killing the links. People won't bother with sites experiencing too much link rot.

Blocking Downloads from Pirate Sites

Another thing you can do with hard crack sites is to deny access from pirate sites that are linking to your site for the trial download.

If your web host uses Apache this is simply a matter of editing your .htaccess file. For example:

order allow,deny
allow from all

deny from ttdown.com
deny from soft.cpatch.org
deny from 0daycn.net

This will prevent any sites ending with ttdown.com, soft.cpatch.org and 0daycn.net from accessing your site from their pages.

You can even deny from entire countries:

deny from cn
deny from ru
deny from tw
deny from ee

The .htaccess file is simply a text file that you put in every directory you want to deny referrals from. If you only want to block downloads just put the .htaccess file in your downloads directory. If you want to block referrals on everything edit the .htaccess file in each folder of your site.

Software piracy isn't going away any time soon. But by banding together and sharing information we can help make a big dent in it.