Photo by Benjamin Gustafsson
Anytime you’re making connections to anything outside of your network, security should be a concern, and this is doubly true for users of BitTorrent, who are getting data from all sorts of unknown sources. Here’s how to protect yourself.
Note: This is the third part in our series explaining BitTorrent—be sure and read the first part of the series, where we explained what BitTorrent is and how it works, and then the second part, where we explained how to create your own torrents.
It’s important to understand what types of threats are out there in order to effectively block them, so let’s take a look.
Viruses and other forms of malware are the most basic of threats. The files you download are foreign and you should treat them as such; scan them promptly after downloading them. Most major anti-virus programs have the ability to add folders for auto-scanning, which is probably the ideal solution if you either don’t have time or don’t want to waste effort doing things manually.
Photo by fitbloggersguide
On the more serious side, it shouldn’t be any surprise that your IP address is very easy to trace. While many people have never had problems, that doesn’t mean you shouldn’t worry about things. In addition to people just eavesdropping on your connections, your downloads can also suffer. There are increasing incidents of “bad traffic,” peers who send corrupt data in response to BitTorrent calls, forcing users to have to re-download those sections of their files. Users who transfer copyright-infringing material also have to worry about getting caught via these same methods. We at How-To Geek don’t condone piracy, of course, but we do support security, and the best way to stay secure is to stay informed.
One way to help alleviate these problems is to enable encryption for your connections. This prevents the data sent between two peers from being understood by onlookers, although it doesn’t prevent them from seeing their IP addresses or certain details from the tracker, such as amount of data transferred.
This is not a perfect solution, however. Encryption has to be supported by your peers as well, and they may not have their clients set to use it. Some trackers don’t even allow encryption, but if yours does, it’s not a bad idea to enable preferring encrypted connections, but allowing unencrypted transfers if none are present.
Enable Encryption in uTorrent
Open uTorrent, go to Options > Preferences, and then click where it says BitTorrent on the left.
Under where it says “Protocol Encryption,” choose Enabled and click on Allow incoming legacy connections. This will allow outbound encryption but still accept non-encrypted connections when there are no encrypted connections available.
Enable Encryption in Transmission
Open Transmission and click on Edit > Preferences (Linux) or Transmission > Preferences (Mac OS). Then click on the Privacy tab (Linux) or the Peers tab (Mac OS).
Under the “Encryption mode” dropdown box, select Prefer encryption. This will still accept unencrypted connections when there is a lack of encrypted connections available.
Another thing you can do is use an IP blocker. These programs run alongside an existing firewall (you DO have a firewall, don’t you?) and your BitTorrent client and they filter out IP addresses based on blocklists. Blocklists compound ranges of IPs that contain known problems, such as monitoring and bad packet transfer. How well they work is up for debate, and there is no consensus on whether they do anything at all. Websites and trackers that are fine sometimes get blocked, and you have to manually allow them.
If you’re a cautious person, however, it’s not a bad idea to run an IP blocker just in case. The most well-known ones are PeerBlock for Windows and Moblock for Linux, and Transmission for both Mac and Linux has the ability to use a blocklist. PeerBlock, once installed, allows you to download and update blocklists and automatically starts to block IP addresses.
Install and Configure PeerBlock on Windows
Download PeerBlock from their website. The beta is pretty stable and provides the most useful features, and is compatible with Windows XP, Vista, and 7 (all versions).
Installation is a breeze, and once it’s finished and you open up PeerBlock, it will start the configuration wizard. Hit Next.
On this screen, you can choose which types of blocklists to subscribe to. You can see here that we chose P2P, and threw in Spyware for good measure as well. If you’re new to this sort of thing, it’s probably best to choose Always Allow HTTP as well, since it allows all traffic through that port. If you don’t choose this option, your browsing may be affected, and you’ll find yourself having to manually allow certain websites. Click Next when you’re done.0
Next, you can choose to schedule what and how often to update. The default are perfectly fine here, so click Next.
You’ll see a pop-up and your selected blocklists will automatically update. Once they’ve finished, the Close button won’t be grayed out and you can click it.
You’ll be greeted with the main PeerBlock screen, where you can view the history of blocked attempts to access your computer, manage your lists, check for updates manually, and so on. You can exit via the icon in your system tray.
Blocking IPs on Linux and Mac OS
Moblock is a little more powerful and complicated, and although there is a GUI by the name of Mobloquer available, it’s not a walk in the park to set up. Furthermore, it only works on Linux, and there aren’t a wide variety of comparable tools available on Mac OS that work as well. Serendipitously for us, however, Transmission can download and utilize blocklists very easily!
Open Transmission and click on Edit > Preferences (Linux) or Transmission > Preferences (Mac OS). Then click on the Privacy tab (Linux) or Peers tab (Mac OS) once again.
Click the checkmarks next to the Enable blocklist and Enable automatic updates boxes, and then click the Update button. Transmission will automatically download and utilize the P2P blocklist and will display the total number of rules being followed. That’s it!
Staying safe is important because you don’t know who (or what) is out there. But, what if you had a reliable source? Private trackers serve as an ideal long-term solution because of a few key reasons:
- A closed, trusted community: The tracker requires registration and there is a screening process. Breaking rules can lead to being banned, and in many cases, if people you invite into the community do something to get banned, you also get banned. While this may seem like a looming storm-cloud, as long as you’re careful you’ll be safe from most threats and so will everyone else.
- Strict connection rules: Only approved clients and methods are allowed. This cuts down on users faking ratios, leeching, etc. and simultaneously dictates how connections should be made to maximize speed and safety.
- Standards for torrents: Uploaded files have standards as to quality and format, as well as being virus and malware free. Most trackers require previews for disambiguation of similar torrents.
- Ratios: Each user is required to maintain a certain ratio of uploads to downloads. This is often judged via total amount in MB, although add new torrents can give you a bonus, or there may be donation-based perks. This ensures that files have a high availability and helps with speed, although this admittedly varies based on the individual torrents themselves.
As you can see, this forms a pretty good long-term solution to a lot of issues you could potentially encounter while using BitTorrent. You get a lot of perks when you join a private tracker, and there are many out there. The main downside is that you have to wait for registration or else find someone who can send you an invite, which can take some time.
If you’re the cautious type, it wouldn’t hurt to combine these strategies to mitigate security and privacy threats. With cybercrime a very real danger, it’s a good idea to take control of your computer’s security through tools like these, without compromising your internet activity too much. The most important thing you can do, however, is make smart decisions, both in what you download and where you go, and stay informed of what’s out there. Doing your research is the best way to stay safe.
Edit: The tab under Preferences for Transmission on Mac OS was fixed. It now correctly refers to the Peers tab.
Yatri Trivedi is a monk-like geek. When he's not overdosing on meditation and geek news of all kinds, he's hacking and tweaking something, often while mumbling in 4 or 5 other languages.
- Published 10/27/10