Guide | How To How to secure uTorrent downloading

The associated guide may contain user-generated or external content.

OneDay

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 22, 2014
1,027
This is a collection of tips and tricks I've gathered from different sources.
I am absolutely against downloading illegal and copyrighted material, and I certainly discourage you to do so.
So, let's start.

- Download an earlier version of uTorrent which is adware/spyware free during installation (2.2.1 and before)
- Use an ipfilter.dat file (from tbg.iblocklist.com)
- In Preferences>Connection, tick the following options: "Randomize Port Each Start," "Enable UPnP Port Mapping," "Enable NAT-PMP Port Mapping" and "Add Windows Firewall Exception"
- In Preferences>BitTorrent>Outgoing>Protocol Encryption, choose 'Forced'
- Enter a fake IP address or hostname in the "IP/Hostname to report to tracker" field (i.e. dont.track.me)
- Limit the download speed

The above measures have nothing to do with privacy per se, although you may gain some advantages. They are solemly security measures. If you're looking for privacy, use a VPN.
You still should know, though, that by torrenting you're opening yourself up to everyone on the internet. There is no foolproof solution.

Sources:
http://smallbusiness.chron.com/make-utorrent-secure-57623.html
http://wiki.hidemyass.com/UTorrent
 
Last edited:
ا

الشمس

- Download an earlier version of uTorrent which is adware/spyware free during installation (2.2.1 and before)

i think i will do just that.

i can compromise on some features in the name of security.

can you confirm if µ torrent version 2.2.1 is the last adware / spyware free version ?
 
  • Like
Reactions: OneDay

OneDay

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 22, 2014
1,027
i think i will do just that.

i can compromise on some features in the name of security.

can you confirm if µ torrent version 2.2.1 is the last adware / spyware free version ?
If I remember correctly, it comes with Google Chrome.
It's not spyware actually, but you definitely think it is, don't you? :p:p
You could also try 1.8.3.
 

OneDay

Level 21
Thread author
Verified
Top Poster
Well-known
Aug 22, 2014
1,027
nothing about private trackers?
Thanks for mentioning it..
It also has nothing to do with privacy (at least, as far as RIAA etc. is concerned), but usually with private trackers we have to do with 'healthier' torrents.
 
  • Like
Reactions: dowN1

dowN1

Level 3
Verified
Well-known
Aug 11, 2014
124
Thanks for mentioning it..
It also has nothing to do with privacy (at least, as far as RIAA etc. is concerned), but usually with private trackers we have to do with 'healthier' torrents.

can't comment on that. In my country I can download/upload what I want and when I want. Nobody cares.
but as far as I know from some american friends, it not just "healthier" torrents they are looking for on private trackers, it's also privacy/security from their ISPs/laws
 
  • Like
Reactions: OneDay

WeAreTheBorg

New Member
Apr 29, 2016
4
i know this is a very old post but i just saw this "guide" in a google search and there was so many misleading informations, i couldnt believe it. so to make things right:

"Randomize Port Each Start" doesnt add any security at all, in fact, to keep a good connectivity with other peer, this will force you to enable "UPnP" / "NAT-PMP". both of them are huge securty risks and should not be enabled.

short version:
UPnP: UPnP also allows malware to punch holes in your firewall making access for criminals far easier.

even if this security risk is not new, by the way its working, its still vulnerable and people should avoid using this.
( UPnP should be turned off directly in the router ASAP and disable this options in utorrent too )

NAT-PMP: intruders can access otherwise firewalled local network services by abusing malicious "holes" punched through the firewall.

conclusion: DISABLE "Randomize Port Each Start" / "UPnP" and "NAT-PMP".
to keep a good connectivity, choose a high port number ( between 30 000 and 50 000 ) and setup your router to forward that port to your computer local IP. this is much more secure ( but more difficult for most people ).

"Protocol Encryption" set to 'Forced': should only be the case if your ISP is sniffing your traffic to apply limitation.
( be warned, this was mostly used 10 years ago when ISP was trying to stop/limit torrent, not sure if some ISP still enforce this )
if you blindly force this option, your connectivity with other peer may be limited ( client wont connect to other that use no encryption )

"fake IP/host in the "IP/Hostname": on some tracker/situation, this may get you banned and force you to go back to unreliable tracker.

"Limit the download speed" doesnt add security but it might help to a smoother experience with internet while you're torrenting.
which mean, if you apply no limit, and your torrent use all the speed, you'll get slow browsing and poor online gaming experience.
you should limit upload and download for torrent, around 70 or 80% for slower internet, 90% for big connection )

source:
"UPnP Port Mapping" = UPnP flaws turn millions of firewalls into doorstops
"NAT-PMP Port Mapping" = NAT Port Mapping Protocol - Wikipedia, the free encyclopedia
"Protocol Encryption" = How To Encrypt BitTorrent Traffic - TorrentFreak
 

WeAreTheBorg

New Member
Apr 29, 2016
4
of course its working without it ;) but the connectivity with other peer is limited if you dont setup a port forward.

if you leave it that way, you cannot send/receive to other peer that didnt open a port, like you.
so you can send/receive only from people that have a port forwarded.
that's why i said: "to keep a good connectivity", you should do it ( but its not a absolute need ) :D
 

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
You can enable UPnP when using torrents and then disable UPnP when not using torrents.
 

WeAreTheBorg

New Member
Apr 29, 2016
4
You can enable UPnP when using torrents and then disable UPnP when not using torrents.

that wont protect you at all
UPnP have to be disabled inside router setting so no other application can use it without ur knowledge...
w/e if utorrent is using it or not, if its enabled in the router, the whole network is vulnerable

follow the link "UPnP flaws turn millions of firewalls into doorstops" in my original message
 

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
that wont protect you at all
UPnP have to be disabled inside router setting so no other application can use it without ur knowledge...
w/e if utorrent is using it or not, if its enabled in the router, the whole network is vulnerable

follow the link "UPnP flaws turn millions of firewalls into doorstops" in my original message
That's what I meant enabling UPnP inside router when using torrents and then disable UPnP when not using torrents but if you using torrents all the time then you'll be better off setting up a port forward.
 
Last edited:

WeAreTheBorg

New Member
Apr 29, 2016
4
a addons use the broswer itself to run. so if there's a security hole in the browser, or if a malicious addon enter the browser,
your torrent addon could be compromise. we all know, browser arent the safest thing on the internet :rolleyes:.

a real client, for any kind of services, is always the best.
His own process, without dependency, make it more stable and secure.
anyway, a real client have all the options you need, and addon are more basic most of the time...
 
  • Like
Reactions: N8WARE

kristmitchelle

Level 1
Sep 6, 2016
6
In the modern scenario where ISP's are monitoring the internet traffic particularly when you download files from sites like Utorrent and Bittorrent. Many users have been caught by ISP over illegal downloading from P2P file sharing sites. People who know the benefits of torrenting VPN are utilizing it smartly for their entertainment.
 
Last edited:

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
Use an ipfilter.dat file (from tbg.iblocklist.com)

I went to the site, now sure what to do there. I went to the list directory, please advise what i should download? Can't find the ipfilter.dat but i do see a list of subscriptions. Any suggestions?
 

Stas

Level 10
Verified
Well-known
Feb 21, 2015
456
Use an ipfilter.dat file (from tbg.iblocklist.com)

I went to the site, now sure what to do there. I went to the list directory, please advise what i should download? Can't find the ipfilter.dat but i do see a list of subscriptions. Any suggestions?
You need to download PeerBlock first and then add any filters you want to PeerBlock list manager. For P2P/Torrent downloads you can add free list like Primary Threats, badpeers, level1 and in PeerBlock select and update default P2P list.
 
  • Like
Reactions: Svoll

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
You need to download PeerBlock first and then add any filters you want to PeerBlock list manager. For P2P/Torrent downloads you can add free list like Primary Threats, badpeers, level1 and in PeerBlock select and update default P2P list.
what can happen to you, if you don't use filters?
and why not use a different torrent client, such as Tixati?
 
  • Like
Reactions: Svoll

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top