TorrentFreak has an interesting read on the techniques anti-piracy firms use to catch pirates on p2p networks:
The cleverly named “File Sharing Monitor” is the system being used by Logistep to gather evidence against file-sharers. It is actually just a modified version of the Shareaza P2P application that is configured to search for infringing files, and collect the information from the hosts that share these files.
The “File Sharing Monitor” only targets Gnutella and eDonkey users, so it is still unclear how they track down BitTorrent users. Here is how it works:
1. The client connects to the P2P network, searches for sources of the infringing file, and collects the IP addresses that were gathered through the search.
2. The client requests to download (a piece of) the file from the host that was found through the search.
3. The filename, file size, IP-address, P2P protocol, P2P application, time, and the username are automatically inserted into a database, if the host permits the download.
4. This is the “best” part. The application does a WHOIS search for the ISP information and automatically sends an infringement letter to the ISP if needed.
The claim is that the “File Sharing Monitor” is totally foolproof and that it can provide forensic-quality information to a court in order that file-sharers be punished.