Security Issue .... maybe

[Rob8UrChips]

Hi,

I still use uTorrent 1.7.7 on Vista Home Premium x32 and this morning I noticed a disturbing anomaly in the Peer list of a torrent using public trackers.

As you will know uTorrent allows you to show either the IP address or to "Resolve IP's" in the list of Peers.

Because I like the little flags I have mine set to Resolve IP's. However, one of the peers had no flag (which isn't unusual) but instead of the usual Resolved IP it had my Computer Name only and exactly as I have it typed (eg aLLcaPs) in my computer.

This peer was apparently using uTorrent 1.8.1 but what I'm concerned about is

1. how they got my exact Computer Name

2. how they got my exact Computer Name to show in the Resolved IP list

3. do I have anything to worry about?

4. how in blazes did they manage to do that?

and,

5. The torrent was seeding after being 100% d/l, so I immediately stopped it and removed it from uTorrent, but should I maybe delete the .torrent too?

I'm all scared now, should I be?

Thanks guys,

Rob

[DreadWingKnight]

Before we begin, you're using a version with known security holes. Upgrade.

1, 2, 4 - reverse dns games

3 - no

5> no.

[Rob8UrChips]

I dunno what reverse dns games are, but thanks for the reassurance my friend - much appreciated.

Will maybe try the upgrade to 1.8.1 later, but 1.8.0 caused all sorts of problems and scared me off.

[Switeck]

You seem to be using BT Central ADSL ISP in the UK. They throttle and/or disrupt BitTorrent traffic, but they don't spoof your connection in BitTorrent swarms.

You should've found out if that ip address you saw that had your computer name...was actually YOUR ip address.

[Rob8UrChips]

Yep, British Telecom do indeed throttle for 8 to 12 hours daytime so that speeds reduce to around 5kB/sec up and down globally. It's terribly annoying too.

Within a few minutes of removing the torrent it also occurred to me that I should've checked the actual IP address of this apparent imposter, But I got such a fright, I didn't and merely pounced on stopping and removal. Sorry about that.

[Switeck]

2nd link in my signature...you have to treat your connection as slower than it appears in speed tests due to the throttling.

Disabling Resolve IPs (in peers window of an active torrent, right-click to get menu) will free up a tiny amount of bandwidth.

Especially if you're doing mostly private torrents OR if the public torrents you're on come from trackers that seldom go down and/or have lots of peers+seeds, you can disable DHT (both kinds) and free up about 1-5 KB/sec down and up. This can possibly go directly to increasing download+upload speeds during peak hours.

Local Peer Discovery likely will do no good either, due to BT Central's local network configuration...also modems that contain mini-routers/firewalls would almost certainly be blocking the LPD requests by default anyway.

Outgoing Encryption needs to be set on Enabled or FORCED.

Hard to say if Incoming legacy connections will work better enabled or disabled, ESPECIALLY during peak hours -- so test both.

[Rob8UrChips]

Have checked and made some of the changes you suggest (despite my fetish for the lovely little flags for each peer). Thank you.

All I need now is a decent legal argument to convince British Telecom (or a Court) that their contract stating "Unlimited" is misleading and against the interests of the torrent Community.

Care to fund my project, or contribute to the cause by providing accurate tech details to encourage them to show publicly that limitations should be clearly stated more visibly in the sales advertising than their claims that we buy their "Unlimited" service?

If so, that would be cool

[Switeck]

During peak hours, your ISP can't meet the demands of all its customers. The lines themselves would drop packets even if they otherwise did nothing. However they are picking and choosing WHICH packets to lose...based on their own criteria. Naturally, you feel otherwise.

However, the oversubscribed design is a very common one. The issue is the degree of oversubscribing. It's often 50:1, meaning the ISP only has 1/50th the real bandwidth of all the customers trying to download/upload at 100% at the same time. The 50:1 value is called the contention ratio. Even businesses often have to make do with a 20:1 contention ratio.

I am not interested in being contacted by a court from overseas, especially on a subject that I am only a layman of.

Many "ISPs" contend that the "unlimited" they speak of is "unlimited" minutes use/always-on. We know better. But false advertising sells really well when consumers don't know otherwise.

...Or when they don't have a choice. (Such as only 1 broadband ISP in an area.)