Get the NEW Torrent Search NOW!!


Forum Talk

Encrypting BitTorrent Traffic with Azureus
posted by soulxtc in file sharing // 258 days 1 hour 22 minutes ago

Guide on how to overcome BitTorrent traffic shaping by Comcast and other ISPs.


With more and more BitTorrent users being negatively affected by overly aggressive traffic shaping on Comcast and other ISP networks it's become increasingly necessary for some to find a workaround for the problem in order to share data with others.


There's really only 4 things that a person can do to avoid the problem of Comcast BitTorrent throttling, and each are described below in detail.


1. Protocol Header Encryption


When Will It Work?


  • When you're being affected by P2P/BitTorrent traffic shaping or it is completely blocked.

  • When You're connected to a torrent tracker where a large fraction of OTHERS are having their traffic shaped or throttled.

  • When You want to hide what protocol you're using from passive surveillance (Note that it is not for those who seek anonymity)

How Do I Set it Up?


To enable the encryption you have to switch to intermediate user mode and go to Tools -> Options -> Connection -> Transport Encryption and enable the Require encrypted transport checkbox. Enabling this feature instructs Azureus to establish connections with the crypto handshake.


Further details are controlled by the following settings:

1. Minimum Encryption Level. Here specify the minimal encryption level you will choose when establish encrypted connections, currently available are:

  • Plain: This only uses the obfuscation header and transmits the entire payload unencrypted. It's still easy to identify but might be enough to confuse simple traffic shapers
  • RC4: This mode uses strong cryptography to obfuscate the traffic and is only attackable with very sophisticated and expensive attacks but it consumes more CPU time than the Plain method.

2. Allow non-encrypted outgoing connections if encrypted connection attempt fails
  • This option ensures compatibility with legacy clients that don't support the traffic obfuscation but makes it easier for the ISP to identify users that engage in BitTorrent activity.

3. Allow non-encrypted incoming connections
  • Disabling this option will prevent any peer from connecting to
    you unless he uses the obfuscation header. Thus it even prevent peers from connecting to you when they support encryption but don't know that you require it. But as stated in the implementation specs Azureus' PEX and Distributed tracker is obfuscation aware and thus tells other peers to use it even when they default encryption to off. Enabling this option may be necessary when the ISP limits ports instead of single connections.

Possible problems


  • For some of these settings to be available you will have to switch to intermediate or higher user mode
  • This might not work on torrents with very few peers because the shaping device may grab all necessary data with the first few tracker announces.
  • These settings will significantly increase the time it takes to join a swarm, regardless of downloading or uploading, so you have to be patient and/or perform a manual announce a few(!) times until you
    get your first few pex-capable peers. You should also consider that PEX takes at least a minute, if not longer to gather additional peers.
  • This will not work on private torrents, see below.
  • This solution may not work at all for you! We've had both reports of success and failure with the method described above.


2. Private torrents


If you are not the initial seed of a torrent and just want to do your fair share of uploading you can do that while you're still downloading by dynamically limiting the download speed to a multiple or fraction of the upload speed, you can do that by using autospeed classic under tools -> options -> transfer -> autospeed. All Comcast is doing is basically limiting the amount that one can share, so by limiting your download speed to a comparable rate should even out the two and thus protect your share-ratio from becoming unbalanced.


3. Disguising Tracker Traffic


Another option is to tunnel the tracker over TOR or an SSH-Tunnel via tracker communication proxying using SOCKS under tools -> options -> connection -> proxy options.


If you do this you won't have to set any of the above options (limiting peer requests etc.), but you will have to set your announce announce IP override to your external, public IP under tools -> options -> tracker -> client.


4. Find Another ISP to Use


Not always a possibility for people in some areas, but for others it may be the only solution.



Login to ZeroPaid.com
Username
 Password

* Be sure that you have cookies enabled in your browser, without them you will not be able to login correctly.

Register here if you are not a member of Zeropaid.com.

members that voted for this story
© 2000 - 2008 Zeropaid Inc, All rights reserved.
Company Info | Contact Us | Zeropaid Crew | Advertise | Cheap Cars 		Hosting Provided by:
San Diego Colocation - Complex Drive