AfterDawn Forums

...:::::*rav009's Bit Torrent Safety & Privacy Guide*:::::...(NEW!!)

This discussion thread has 97 messages.

#1
…:::::::::::::::::Rav009’s Bit Torrent Privacy And Safety Guide:::::::::::::::::…




Hi, all.

This is a guide explaining basic means of Bit Torrent safety and obfuscation methods, making it harder for snoopy people on the internet of even nosey ISP’s to interpret BT Traffic and throttle it, or even catch you doing something you shouldn’t! :-p

First of all, I have written this guide solely for BT as I believe it is the only way to file share, considering Bit Torrent potentially consumes at least 60% of all available ISP bandwidth, a lot of people agree with me!

File sharing is making data available for transfer from point A to point B, usually this is done my a P2P means (peer-to-peer), files are stored on and served by personal computers of the users
Let me just make this one point clear, file sharing itself is NOT illegal, when copyrighted material is shared, it is, but when its not, its as legal as going to church, so don’t frown upon BT, all it is, is a data transfer protocol, for getting data from point A to point B.

I am not responsible for what you do with this guide, all I am writing this for is to keep you SAFE!

I believe it is my right to have my privacy, if your neighbour started spying on what you chuck in your wheelie bin, or watching you while you put your clothes on the washing line, you’d be concerned, you may even want to give them a firm smack in the face with the front of a shovel, its not your fault, blame human nature.

So, why is it any different for the world of the internet?, well, its not!

When people start watching what you do, bad things happen, you know…

That’s why it’s your job to stop this happening, I have written this simple guide to help you keep yourself safe when using Bit Torrent, its your choice what you do with it, be it acquire licensed or copy right protected material or whatever, if you do not secure yourself, you will face the consequences of your actions, you can greatly decrease this risk by simply following what is written in this guide, so with all this said, enjoy my friends.

...::::::::::Bit Torrent Protocol Encryption::::::::::...

Protocol encryption (PE) & Message stream encryption (MSE)

PE and MSE are implemented in the BT clients Azureus, µTorrent, BitComet, KTorrent and Mainline.

PE and MSE are protocol obfuscation methods, they use a D-H key exchange combined with the info hash of the torrent to establish the key, then it uses RC4 to encrypt the data.

The D-H key exchange helps to minimize the risk of passive listeners, and the info hash helps avoid man-in-the-middle attacks. RC4 is chosen for its speed. The first kilobyte of the RC4 output is discarded to prevent a particular attack.

The specification allows the users to choose between encrypting the headers only or the full connection. Encrypting the full connection provides more obfuscation but uses more CPU time.

However, only Azureus and µTorrent beta 1.4.1 build 413 or older lets the user choose. All other clients default to full encryption.
To ensure compatibility with other clients that don't support this specification, users may also choose whether unencrypted incoming or outgoing connections are still allowed.

All supported clients will enable encryption automatically if they receive an encrypted incoming connection even if outgoing encryption is disabled.

Now, how to do all of this:

If you are using Azureus:




1 .Go to: Tools > Options > Connection > Transport Encryption

2. Check the ‘require encrypted transport’ box.

3. Choose RC4 in the ‘minimum encryption’ dropdown box

(***RC4 uses more CPU time than the plain encryption or no encryption, but it’s a lot more effective**)

4. You can choose to tick the ‘Allow non-encrypted outgoing connections if encrypted connection attempt fails’ box.
This will ensure compatibility with clients that are not using encryption.

However, it makes it easier for your ISP to detect Bit Torrent traffic. Its recommend that you try to tick this box first. If you are still not getting proper speeds untick it.

5. Tick the ‘Allow non-encrypted incoming connections’ box




Done.

If you are using BitComet:




1. Go to: Options > Preferences > Advanced > Connection

2 .Go to: ‘Protocol encryption’ You can choose between ‘auto detect’ and ‘always’. Auto detect will give you more connections but offers less protection against traffic shapers.
Its recommend to try auto detect first, if that doesn’t increase your speeds you need to switch to always.




Done.

If you are using µTorrent:




1. Go to: Options > Preferences > Bittorrent

2. Go to ‘Protocol encryption’, you can choose between ‘enabled’ and ‘forced’. ‘Enabled’ will give you more connections but offers less protection against traffic shapers.
Its recommend to try ‘enabled’ first, if that doesn’t increase your speeds you need to swich to ‘forced’.

3. Ticking ‘Allow legacy incoming connections’ allows non ecrypted clients to connect to you. This improves compatibility between clients but makes you more vulnerable to traffic shapers.

I would recommend to tick this box, but if that doesn’t increase your speeds, untick it!




Done.

You have now achieved a superior level of anomnity whilst using Bit Torrent, but we aren’t finished there, theres still a little left, the hardest part is done though, I ensure you.

...::::::::::P2P “Firewall’s::::::::::...

What these do is simple, they block out the Ip’s of known anti p2p companys and the like to stop them from connecting to us and see us transferring data, keep the lists updated and you’ll be fine.

PeerGaurdian 2:

http://phoenixlabs.org/pg2/

Protowall

http://www.softpedia.com/get/Network-Too...ProtoWall.shtml
======================================================

So, if you have followed my guide, you have now achieved a high level of privacy, you may have also saved youself from a nasty e-mail or two from your ISP, or maybe even the RIAA or MPAA :-x

Enjoy this guide and torrent safely, your questions and complements are welcome, use this information to your benefit.

-Rav

======================================================

**Warning**: This is about the closest you can get to max privacy, however it is not 100%, I think its important you know this (cheers The_Fiend for mentioning this).

======================================================
This message has been edited since its posting. Latest edit was made on 17 Sep 2006 @ 10:02

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
▼▼ This topic has 96 answers - they are below this advertisement ▼▼
AfterDawn Advertisement
#2
excellent post.
#3
Thanks.
This message has been edited since its posting. Latest edit was made on 02 Feb 2008 @ 6:54

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#4
heres another helpful hint. when you go to the phoenix labs website, go to the forums and download the blacklists they have posted there, they are always up to date and made by experts ;)

#5
Hey DVDBack23 :-)

Just asking, but why is it better to manually download them than just clicking the "update" button in PG2's interface automatically downloading them, isn't that a lot easier?, I'd imagine they would be the same black lists to.

I haven't manually downloaded any black lists's yet, so I wouldn't know.

Cheers buddy.

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#6
the experts on the forums have different more tweaked blacklists, ones that dont come with the regular updates from phoenix ;)

#7
Hey DVDBack,

Oh, Ok then, cool :-)

Cheers.

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#8
However, if you get the beta downloads, everyones who have been posted anywhere on the site are included, so make your like easyier and just download the BETA versions!!!
#9
Good guide Rav!



Schooling n00bs since Mar 2005
#10
Hey Rav another excellent Guide from you ;)

Love it :D


#11
If you use Kerio firewall, you can get custom blocklists at http://www.geocities.com/yosponge. Netpeeker firewall also automatically uses these. There is also a self-updating linux firewall blocklist and some network firewalls support these, but nothing for ZoneAlarm or Nortons or the like. But they are all more anti-spyware than for filtering RIA Asites.
This message has been edited since its posting. Latest edit was made on 20 Sep 2006 @ 17:05

-Do you believe you own your computer and shouldn't be told what you can run and do? Then say *NO* to Microsoft Vista!
-Since half the questions here involve media problems, here ya go: Only use Verbatim or Taiyo-Yuden discs (get your TYs from Rima.com, not Supermediastore or meritline). Forget the rest, no matter what "brand" they sell under. Always burn at 4x speed regardless of the speed rating of this discs or your drive. If you have burn problems with these then you have to update your drive's firmware. For double-layer discs, only use Verbatim DVD+R DL and burn them at 2.4x speed.
#12
Hey guys,

First I'd like to thank you all very much for your kind words, stuff like that makes putting in work for the benifit of aD users worth all the time and effor I put into this, so a big thanks to everyone for liking it! :-D

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#13
ABC, not a good client then for BT?
#14
No, stick with Utorrent (my personal fave) or Azareus ;)
This message has been edited since its posting. Latest edit was made on 22 Sep 2006 @ 6:44

#15
Hi aspire180 :-)

Yes, ABC is a good client.

The majority of us prefere uTorrent/Azureus/BitComet, you can use whatever you like, but your qeustion has nothing to do with my thread....please, no thread "hijacking".

Cheers.



Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#16
Great thread, deffinately needed :) I already use encpytion and PG2 as you mentioned but this is very easy to read, follow and understand! Well done :)

:O
#17
should i use both PeerGuadian 2 and Protowall or just one of them?
if just one of them which one?
#18
@ofolion,

Thanks buddy, appriciate it very much :-D

@IM1,

Use only one, I reccomend Peergaurdian 2.

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#19
thanks.
#20
Your welcome.

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#21
tbiggs Suspended due non-functional email address
i have been running with pg and bitcomet configed just the way you explained it and ive been sent two letters in the last mounth from my isp charter cable regarding dling copy protected movies .

companies that are hired by the RIAA and the MPAA jump on the popular dls and then snap pics of everybody dling/seeding the file then they are calling your isp and telling on you .

i called the mpa hotline that was in the letter my isp sent me and they told me to delete all traces of the two movies and to not dload anymore protected movies as i was breaking many laws and could face criminal penaltys .

both films were newer films not released yet on dvd , i was dling them with bitcomet and had peer gardian running , everything was up to date , they are dling torrents right along with everybody else to be able to peek at all the peer ip's and theres no way to encrypt your ip , i tried proxing software and no joy as it doesnt work with p2p , only internet browsing .

i no longer dl anything via bittorrent as they are everywhere , so to all be very carefull because there really isnt any protection for you with useing p2p , especially bitorrent as it exposes your ip to the world and you are forced to upload as your dling , so do yourself a favor and learn from me .

i was once a firm believer in the torrent scene , i uploaded files and helped seed a many a files to keep the torrents healthy and to do my part helping fight the battle against these companies from destroying lives with there awfull lawsuits , but after the two threatening letters and talking with the MPAA i have retired completely from the p2p scene in fear of prosecution .

this is just the begining of a nasty brutal atack there going to wage against torrent/movie/music dlers , so be carefull what you do out there !!
#22
@TBiggs,

Thanks, your right, unfornatly stuff like that does happen and yes, it is a bitch..

By following this guide you can avoid things like what happend to you from taking place, I guess you where pretty unlucky.

I'd imagine jumping on the new public releases tends to result in things like that, you also could've downloaded a .torrent that was tracked via a public tracker or was externally through a public tracker, you are one of the tiny minority fo file sharers who was tagged.
My advice would be to keep your head down for a while.

**Remember kids, always enable encryption and have Peergaurdian up!**



Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
#23
Is it possible to run Peerguardian and Protowall without messing with your computer?
#24
Well there is no need to run both.


#25
Hi,

What ripper said, even if you did run both they'd conflict, meaning its useless.

Yours Truly; Rav
BitTorrent Safety Guide: http://forums.afterdawn.com/thread_view.cfm/395674
Free Security Software: http://forums.afterdawn.com/thread_view.cfm/292257
The cleverest of all, in my opinion, is the man who calls himself a fool at least once a month. - Fyodor Dostoevsky
This discussion thread has been automatically closed, as it hasn't received any new posts during the last 180 days. This means that you can't post replies or new questions to this discussion thread.

If you have something to add to this topic, use this page to post your question or comments to a new discussion thread.