Encrypted Peers vs. Unencrypted Peers
-
When I seed, I've noticed a number of unencrypted peers.
OK, I've set my client to prefer encrypted peers, but unencrypted peers come through and leech.
Now, given the anonymous status of uploaders on Gaytorrents, what would be the best method to secure private torrent seeding?I avoid DHT, btw.
Thanks for an insight!
-
what would be the best method to secure private torrent seeding?
hard to tell what you really mean by the question: but here.
regardless of whether you have protocol encryption or not: the end peer knows your address and that you are seeding; of course a normal member can't really work out your username from your address.
encryption simply obfuscates the traffic from your isp/middleman to avoid "torrent detection/throttling" etc…
if you want to make sure all connections are encrypted it depends on your client how to do it: for example in utorrent you must set encryption to "forced" and untick "allow incoming legacy connections".
if you want to be actually anonymous, you must use VPN of some sort.
-
Not really… While we have a strict privacy policy, the downloads themselves are run directly from peer to peer. This means that your IP address is still shown in the list of peers for where to get the content. This is something that we cannot do anything about. If you're looking for a more secure or anonymous way of torrenting, I would be inclined to suggest a VPN service that does NOT log anything, such as PrivateVPN. As long as the server you are using supports port forwarding, you'll be all set.
Now, as for the difference between encrypted and unencrypted peers, the difference there is whether or not you are establishing a regular connection to the peer, or if you are using some method of securely scrambling the information while it's being transmitted from one peer to the next. The theoretical difference there being that an encrypted connection cannot be intercepted in the manner that a regular (or unencrypted) session potentially can be.
-
Thanks for the responses, folks.
Sorry if I wasn't too clear
When I upload, I see that some peers/clients are encrypted and others are not. I can only presume that all connections are coming from other Gaytorrents members.
Seems reasonable for one to enforce the encryption feature in their client of choice.
The bottom line question was as to whether or not any traffic here might be visible to outside parties.
As for VPN, I have that option, but rarely use because it really slows things down and is often prone to DNS leaks.
BTW, I use the "Tixati" client which I find to be far superior to all the others (except maybe "Qbittorrent" and "rtorrent"). -
I had a solution for the potential for DNS leaks… I use my own DNS servers now, so that I can control what passes through them, and I can be sure that no information is being skimmed out of the results because I own the actual servers that handle the requests.
-
I use my own DNS servers
I own the actual servers that handle the requests.Sounds like you're way ahead of the game, Mazda.
OK, I've used Opennic's servers in the past but, they're not my own - merely replacements for my provider's servers.
Can you please elaborate? I'm intrigued.
-
I have 4 of them in total, all in different geographical areas, but that's because I also host the DNS services for several different domains online. If I were just using them for regular internet traffic, I would only need one really. Simply put, take a Linux box and install a basic copy of Bind onto it…. It is also recommended to setup RNDC, as this will help with a few things down the line.
From there, just be sure to update the root zone from time to time, then configure your computer or network's DNS settings to point to that Linux box. The Linux box will actually do all the DNS resolving for you, pulling the information straight out of the Master DNS servers, which bypasses the need for a 3rd party DNS service, which can potentially lead to DNS inquiry information being leaked.
-
Thanks for the info, Mazda. Sounds perfectly logical when one is maintaining the services you are.
Alas, I'm just a lowly but, somewhat savvy end user with an outlook towards maximum achievable security.
Granted, no setup can be 100% secure, esp. when dealing with Windows. :afr2:
Have been considering moving to a Linux flavor such as Debian. Better yet, FreeBSD or, even better, an RTOS such as QNX (which is, sadly, no longer offered to end users). And it goes on…
Any suggestions? Would love to continue the dialogue!
-
-
I've read that Ubuntu has supposedly been compromised, what with back doors and such like as it is the most popular Linux flavor.
As for "Webmin", I looked at it and will seriously keep it in mind when I move up to your level.
-
It can be compromised if not properly configured, however if you configure your firewall and any server services you may be using properly, I actually recommend using it as a main firewall. If doing MLPPP though, it won't handle more than two DSL lines at the same time without choking horribly I've discovered.
-
What about "PFSense"? Can be implemented on Linux as either soft or hard firewall.
That's it! I'm getting myself a SPARC station and never mind the unencrypted peers! :cheers:
-
Yes… It can be if you so desire... To me though it's a little redundant as Linux itself can manage just the same...
The ONLY thing that I've found that Ubuntu simply CANNOT do is MLPPP using more than 2 DSL lines. I used to use my Ubuntu server as the central be all and end all for the network, including running the MLPPP to make the internet work. Once I installed a THIRD line however, I began having a great deal of difficulty with getting it going on all 3 lines at the same time. So... I made the switch over to a Mikrotik router. The Mikrotik router now bonds what is currently THREE lines, but as of next week will be FOUR lines together, then shares them out as a single line across the basement to the central switch that everything connects through.
If you're not using MLPPP on more than two DSL lines though, I've found that Linux by itself seems to have everything it needs. It's just a matter of knowing how to set it all up.
