Tracker Communication via SSH
-
Hey Fellas,
So this is a pretty tech-ky question which might be a little too advanced for this forum, but I honestly didn't know where else to turn…
I own a small business that builds computational clusters for small businesses and academic departments. I have a great internet connection and manage it myself, along with some of my employees. I want to use my connection to upload and seed the hundreds of videos I've downloaded from this site, but I'd feel weird if my employees picked up on a tracker communication between our server and the gaytorrent tracker.
So to work around this I had an idea. Could I just send all of the tracker communications (which doesn't require a ton of bandwidth) through my home computer via an SSH tunnel, but have the peers communicate directly with my work server? The tracker would be talking to my home computer at one IP address (which would forward all the packets to work) but the peers would be talking to my work sever at its IP....
Is that possible? (I think yes...) and if so, does the peer to peer communication reveal anything about the tracker? Or is it just peer to peer communication. (Which I could encrypt using RC4...)
Thanks guys!
-
Are you aware, that your employees, who might have access to server logs ( if they control the servers with you ), might still see all the connections, which you are planning to forward? Even if you use a proxy or socks ( as well over ssh ), the traffic, the packets and all the connections are logged.
And apart from that, are you really planning to host "hundreds" of illegal downloaded videos on your buisiness servers? You can't seed encrypted files, so all your files have to be untouched, before you seed them to the peers. Your bittorrent-client wouldn't recognize encrypted files, that the peers are asking for, so that you wouldn't be able to seed. If you immediatly auto-encrypt the files on your buisiness servers, after downloading, the forwarded requests won't be found on your servers and would be leeched again and again. And on the other way round, the peers can't find the requested files, because they are encrypted at the time their requests take place - result is: all your files on the buisiness servers have to be untouched.
If you find any solution to hide the logs from your employees, as well as you may hide all the untouched files, they still will recognize a great amount of traffic, which results from your seeds ( let's guess 1-3 tb per month ). How will you explain that to them? Lost in space?
My advice is:
Install a webgui for your bittorrent - client @ home and access this with a browser from your work pc. Even if your home pc is connected via dynamic IPs, you might access the webgui with a dynamic dns service ( example: dyn.com ) and I'm pretty sure, that your browser cache on your work pc isn't controlled by anyone at your company, or you delete the cache, every time you are closing the browser. You might as well secure this webgui with a ssh-connection. -
Thanks for the reply! Great information regarding encryption. I didn't know it worked that way for seeding.
I'm not sure I understand, though, the rest of your comment. I run a RHEL distribution on the server that I'd host the client on. I've tried looking but can't seem to find any logs which detail file names. There are destinations (IP of the incoming and outgoing connections of which none say gaytorrent.ru), dates and times but there's nothing in any of the logs that I can find which detail the file names or details about the contents. Do you know where I can find that because it's exactly the issue I'm worried about.
The only thing I want to know is: Disregarding tracker communications… what sort of information can be seen when peers talk to one another?
I can't really dedicate my home connection, either. I have a combined cap of 200GB per month for all traffic, outbound and inbound. It's $1 per gig after that, which really adds up. I already have a web front end for that purpose, anyway.
Also, for various liability reasons, the legal aspects are of no concern.
Thanks again!
-
Hi.
I'm not sure if this will work (I haven't tested it myself) but I think that in some clients (maybe Azureus?) you can set up a proxy just for the trackers, and another proxy for the peer to peer connections. You could open a SSH tunnel from your server to your home to redirect the tracker traffic to your home's proxy. The setup would be something like:
At the server: SSH tunneling from localhost:12000 to home:8080. Torrent using proxy at localhost:12000 only for trackers. Disable UDP trackers, only TCP.
At home: Proxy server running at port 8080.However, even if this may work (I did time ago something similar, but redirecting torrent traffic through the TOR network), your torrent client at the server still may leak some information, in particular DNS lookups to tracket.gaytorrent.ru (some clients can be forced to make dns queries through the server), and the actual data contained in the P2P connections. You could force encryption for P2P connections in the Torrent client, I suppose most clients will support it.
Hope this helps!
-
Hey Pedo30,
That's exactly what I wanted to know. I hadn't thought about the DNS lookups, which is a great caveat… thanks. I think that I'll try this in a test setting and use Wireshark or something of that nature to see what I can find in the packets.
Gracias!
-
@breezthru: The logs on a standard operating system won't log more than you actually found. This is the good news. ^^ But there are several tools to log or just to show all activities which take place in the whole network. Depending on the configurations of the tools, you may not only log or show the transmitted packets or IPs, but all other informations referring to them as well. It's up to the admins, what sort of informations are logged or showed and normally, they would store any informations in the folder "/var/log". But a user with root privileges don't necessarily has to store his additional logs in this particular folder, most of the admins have their own way, where they put specific network analysing logs, as well because they have the possiblity to read un-encrypted passwords and don't want to store them in the system log folder. I'm sorry that I can't help you with more informations about it, but if you do system wides researches for files with ".txt" or ".log" you should have a good chance of finding them, because most admins use this endings.
The proposed solution from pedro30 won't help you very much, because every server-admin who recognize tunnelings on his monitored systems, is curious why the encryptions take place and will intensify its efforts to get to know the reasons and with the above mentioned tools, he is able to get all informations he wants.
I don't want to scare you with my posts and it's by far not my intention to argue about any legal or illegal usage of filesharing on a buisiness server, but please be aware, that "private" and "buisiness" usage is a complete different chase, if there would be a dispute.
-
I would suggest tunneling (ssh/openvpn) all traffic through a (virtual) server hosted somewhere else, or even just seed/leech from there. Makes it a lot simpler and on the network side, you can be sure there's nothing interesting beside a lot of bandwith.
-
Hey Fellas,
So this is a pretty tech-ky question which might be a little too advanced for this forum, but I honestly didn't know where else to turn…
I own a small business that builds computational clusters for small businesses and academic departments. I have a great internet connection and manage it myself, along with some of my employees. I want to use my connection to upload and seed the hundreds of videos I've downloaded from this site, but I'd feel weird if my employees picked up on a tracker communication between our server and the gaytorrent tracker.
So to work around this I had an idea. Could I just send all of the tracker communications (which doesn't require a ton of bandwidth) through my home computer via an SSH tunnel, but have the peers communicate directly with my work server? The tracker would be talking to my home computer at one IP address (which would forward all the packets to work) but the peers would be talking to my work sever at its IP....
Is that possible? (I think yes...) and if so, does the peer to peer communication reveal anything about the tracker? Or is it just peer to peer communication. (Which I could encrypt using RC4...)
Thanks guys!
i think the problem is that you have the videos stored in your company.
but if you can manage to mount your filesystem from your homecomputer through the ssh tunnel, you could run utorrent and with remote desktop you could control it. just a thought -
I really don't think illegal filesharing using your business internet is a very good idea at all … much better to just take out a better home internet tariff instead.