Hi guys,

It seems that a game mod I want very badly may be released as a torrent (its almost 1 GB). I know very little about file sharing or the software used in it. How much risk am I taking by installing (and opening holes for) Bit Torrent or similar?

I have a DI 604 router, latest versions of LNS, NOD32, and AdAware.

Thanks for your time!

You will be perfectly fine. One good precaution to use is peerguardian, (http://phoenixlabs.org/pg2/) which blocks millions of ips which can include government ips, school ips, malicious computers ips, etc. you only need to use it when you are torrenting. I find torrenting to be an excellent filesharing protocol and use it to get many linux iso's, openoffice, and at late the new f.e.a.r online combat game which looks pretty cool if i may say so myself.

Cheers

Alphalutra1

bittorrent is a lot less risky than other p2p network/protocol.

like alphaultra suggested, just use peerguardian and load the p2p list as well as any other u want.

and if u need a suggest for bittorrent client, why not try utorrent (http://www.utorrent.com/)? its light on resources, has skins, good speed, and plenty of features.

-{ Quote: "Hi guys,

It seems that a game mod I want very badly may be released as a torrent (its almost 1 GB). I know very little about file sharing or the software used in it. How much risk am I taking by installing (and opening holes for) Bit Torrent or similar?

I have a DI 604 router, latest versions of LNS, NOD32, and AdAware.

Thanks for your time!" }-
The BitTorrent file sharing client and protocol can provide a way around bandwidth bottlenecks. I have to use torrents sometimes to get the files I want also but I use Azureus.
You may have to configure your system though depends what youve using or done to tie down your system.

As an alternative to PeerGuardian, I believe most torrent clients [Bitcomet, Utorrent, Ktorrent, etc.] allow dropping a .dat to filter ips. I have heard this was much more efficent than having PG scan every incoming packet. How exactly to set this up, I have no idea.

By blocking IPs, you also block many "innocent" people (dynamic IP) and it can affect speed.
A reliable torrent client will block bad IPs as well as firewall will block any attempts via torrent.

Maintaining true stealth while using torrents correctly is impossible. The only way torrent clients can connect is when one of them has an open port. If neither has an open port there can be no connection. If one of the two has an open port the connection will be limited to such situations.

The best way to implement the open port is to use a torrent client that allows for a random port. Any firewalls must then be configured to allow for such possibilities of port variations. Although this limits the restriction to the local torrent client, security is actually improved.

Hardware firewalls must also compensate for this. They can still be setup to block anonymous internet requests, but only if the machine running the torrent client is setup on a DMZ (Demilitarized Zone). If the machine is not setup through the router to be on the DMZ than anonymous pings must be allowed.

Thanks guys, I appreciate your insights!

if the file you are downloading is safe and you got the torrent file from somewhere you trust, then the torrent should be fine.

torrents work by downlaoding small peices of the file you want from others who already have the file. the original torrent file you use to launch the download has the checksum of the file you are downloading, and i suppose the individual pieces too?? so if you download something which isn't part of the file it is rejected.

some clients even show you how many pieces have been rejected. that's how i've always thought it works anyway. is that correct? i never block anything with programs like peerguardian.

btw, whenever i check to see who's downloading from me Bitcomet is always the fastest client. but, i think i've read some IPs, or maybe ISPs, block bitcomet, or something like that.

Some trackers block Bitcomet, because of a "broken DHT function" I believe it was.

Hi,

I always hated torrents since the speed is so slow but I decided to check them out again since so many people are very enthusiast about these tools, but I wonder, can I trust µTorrent?

I have noticed that when it´s downloading, website loading gets very slow (and yes I have enough bandwidth). Also, another very strange thing, it reported to me that it had downloaded only 10 MB of a file (MP3) but in fact it had already downloaded the full 98MB? How is this possible? :blink:

regarding what you might be downloading and installing \ playing with a torrent client


you can isolate whatever download your getting till completed and through a trial install
(your torrent ap of choice in sandboxie (http://www.sandboxie.com/) for instance)
after you test it pull it out for a real install

verify its actual extension (http://www.wilderssecurity.com/showthread.php?t=161206&highlight=LADS)

be aware of exploits of the day (http://www.pcadvisor.co.uk/news/index.cfm?newsid=8002) for some file extensions \ applications (doc pdf mov ect)

and if its an actual exe track what it does with a HIPS and or tracker (http://www.epsilonsquared.com/)
(but ultimately youll have to "trust" an exe and assume its going to be able to subvert any monitoring, the only recourse for absolute certainty is direct comparison (http://www.linklogger.com/vm_capture.htm) of before and after states and behavior)

I too employ µTorrent (http://www.utorrent.com/)

My bad, the download is half corrupted so it isn´t fully completed, but I think I will use BitPump, UTorrent is giving me problems. :thumbd: