Guide | How To How to secure uTorrent downloading

[OneDay]

This is a collection of tips and tricks I've gathered from different sources.
I am absolutely against downloading illegal and copyrighted material, and I certainly discourage you to do so.
So, let's start.

- Download an earlier version of uTorrent which is adware/spyware free during installation (2.2.1 and before)
- Use an ipfilter.dat file (from tbg.iblocklist.com)
- In Preferences>Connection, tick the following options: "Randomize Port Each Start," "Enable UPnP Port Mapping," "Enable NAT-PMP Port Mapping" and "Add Windows Firewall Exception"
- In Preferences>BitTorrent>Outgoing>Protocol Encryption, choose 'Forced'
- Enter a fake IP address or hostname in the "IP/Hostname to report to tracker" field (i.e. dont.track.me)
- Limit the download speed

The above measures have nothing to do with privacy per se, although you may gain some advantages. They are solemly security measures. If you're looking for privacy, use a VPN.
You still should know, though, that by torrenting you're opening yourself up to everyone on the internet. There is no foolproof solution.

Sources:
http://smallbusiness.chron.com/make-utorrent-secure-57623.html
http://wiki.hidemyass.com/UTorrent

 

[الشمس]

- Download an earlier version of uTorrent which is adware/spyware free during installation (2.2.1 and before)

would the newer version not be more feature rich so to speak ?

 

[OneDay]

would the newer version not be more feature rich so to speak ?

Probably, yes.
But here I'm talking only as far as security is concerned.

 

[الشمس]

- Download an earlier version of uTorrent which is adware/spyware free during installation (2.2.1 and before)

i think i will do just that.

i can compromise on some features in the name of security.

can you confirm if µ torrent version 2.2.1 is the last adware / spyware free version ?

 

[OneDay]

i think i will do just that.

i can compromise on some features in the name of security.

can you confirm if µ torrent version 2.2.1 is the last adware / spyware free version ?

If I remember correctly, it comes with Google Chrome.
It's not spyware actually, but you definitely think it is, don't you?
You could also try 1.8.3.

 

[dowN1]

nothing about private trackers?

 

[OneDay]

nothing about private trackers?

Thanks for mentioning it..
It also has nothing to do with privacy (at least, as far as RIAA etc. is concerned), but usually with private trackers we have to do with 'healthier' torrents.

 

[dowN1]

Thanks for mentioning it..
It also has nothing to do with privacy (at least, as far as RIAA etc. is concerned), but usually with private trackers we have to do with 'healthier' torrents.

can't comment on that. In my country I can download/upload what I want and when I want. Nobody cares.
but as far as I know from some american friends, it not just "healthier" torrents they are looking for on private trackers, it's also privacy/security from their ISPs/laws

 

[WeAreTheBorg]

i know this is a very old post but i just saw this "guide" in a google search and there was so many misleading informations, i couldnt believe it. so to make things right:

"Randomize Port Each Start" doesnt add any security at all, in fact, to keep a good connectivity with other peer, this will force you to enable "UPnP" / "NAT-PMP". both of them are huge securty risks and should not be enabled.

short version:
UPnP: UPnP also allows malware to punch holes in your firewall making access for criminals far easier.

even if this security risk is not new, by the way its working, its still vulnerable and people should avoid using this.
( UPnP should be turned off directly in the router ASAP and disable this options in utorrent too )

NAT-PMP: intruders can access otherwise firewalled local network services by abusing malicious "holes" punched through the firewall.

conclusion: DISABLE "Randomize Port Each Start" / "UPnP" and "NAT-PMP".
to keep a good connectivity, choose a high port number ( between 30 000 and 50 000 ) and setup your router to forward that port to your computer local IP. this is much more secure ( but more difficult for most people ).

"Protocol Encryption" set to 'Forced': should only be the case if your ISP is sniffing your traffic to apply limitation.
( be warned, this was mostly used 10 years ago when ISP was trying to stop/limit torrent, not sure if some ISP still enforce this )
if you blindly force this option, your connectivity with other peer may be limited ( client wont connect to other that use no encryption )

"fake IP/host in the "IP/Hostname": on some tracker/situation, this may get you banned and force you to go back to unreliable tracker.

"Limit the download speed" doesnt add security but it might help to a smoother experience with internet while you're torrenting.
which mean, if you apply no limit, and your torrent use all the speed, you'll get slow browsing and poor online gaming experience.
you should limit upload and download for torrent, around 70 or 80% for slower internet, 90% for big connection )

source:
"UPnP Port Mapping" = UPnP flaws turn millions of firewalls into doorstops
"NAT-PMP Port Mapping" = NAT Port Mapping Protocol - Wikipedia, the free encyclopedia
"Protocol Encryption" = How To Encrypt BitTorrent Traffic - TorrentFreak

 

[WeAreTheBorg]

of course its working without it but the connectivity with other peer is limited if you dont setup a port forward.

if you leave it that way, you cannot send/receive to other peer that didnt open a port, like you.
so you can send/receive only from people that have a port forwarded.
that's why i said: "to keep a good connectivity", you should do it ( but its not a absolute need )

 

[Stas]

You can enable UPnP when using torrents and then disable UPnP when not using torrents.

 

[WeAreTheBorg]

You can enable UPnP when using torrents and then disable UPnP when not using torrents.

that wont protect you at all
UPnP have to be disabled inside router setting so no other application can use it without ur knowledge...
w/e if utorrent is using it or not, if its enabled in the router, the whole network is vulnerable

follow the link "UPnP flaws turn millions of firewalls into doorstops" in my original message

 

[Stas]

that wont protect you at all
UPnP have to be disabled inside router setting so no other application can use it without ur knowledge...
w/e if utorrent is using it or not, if its enabled in the router, the whole network is vulnerable

follow the link "UPnP flaws turn millions of firewalls into doorstops" in my original message

That's what I meant enabling UPnP inside router when using torrents and then disable UPnP when not using torrents but if you using torrents all the time then you'll be better off setting up a port forward.

 

[N8WARE]

This is a collection of tips and tricks I've gathered from
Hide My Ass! Support

are torrent addons on firefox/chrome more/less secure than torrent.exe?
what can you recommande for those addons?
thank you

 

[WeAreTheBorg]

a addons use the broswer itself to run. so if there's a security hole in the browser, or if a malicious addon enter the browser,
your torrent addon could be compromise. we all know, browser arent the safest thing on the internet .

a real client, for any kind of services, is always the best.
His own process, without dependency, make it more stable and secure.
anyway, a real client have all the options you need, and addon are more basic most of the time...

 

[GMOOT]

I use
AirVPN - The air to breathe the real Internet

Best there is ,,, But you have to pay

Saves you all the trouble

But again I Live in Europe It is Not a Big Deal for us Here

I think we here are a little more Spoiled then the USA or other Countries

 

[kristmitchelle]

In the modern scenario where ISP's are monitoring the internet traffic particularly when you download files from sites like Utorrent and Bittorrent. Many users have been caught by ISP over illegal downloading from P2P file sharing sites. People who know the benefits of torrenting VPN are utilizing it smartly for their entertainment.

 

[Svoll]

Use an ipfilter.dat file (from tbg.iblocklist.com)

I went to the site, now sure what to do there. I went to the list directory, please advise what i should download? Can't find the ipfilter.dat but i do see a list of subscriptions. Any suggestions?

 

[Stas]

Use an ipfilter.dat file (from tbg.iblocklist.com)

I went to the site, now sure what to do there. I went to the list directory, please advise what i should download? Can't find the ipfilter.dat but i do see a list of subscriptions. Any suggestions?

You need to download PeerBlock first and then add any filters you want to PeerBlock list manager. For P2P/Torrent downloads you can add free list like Primary Threats, badpeers, level1 and in PeerBlock select and update default P2P list.

 

[shmu26]

You need to download PeerBlock first and then add any filters you want to PeerBlock list manager. For P2P/Torrent downloads you can add free list like Primary Threats, badpeers, level1 and in PeerBlock select and update default P2P list.

what can happen to you, if you don't use filters?
and why not use a different torrent client, such as Tixati?