Jump to content

Can an IP really be private in P2P?


georgebushout

Recommended Posts

I have read hours and hours of utorrent forums over the last couple of days and it seems that when this topic is discussed, 70% of people say there is no way to hide your IP when file sharing P2P. Then somewhere around 30% say that you can. Most of the 70% don't give a reason why your IP can not be private but all of the 30% give a reason why it can be private. Some of the 70% have an argument something like this; You need to use DDNS to resolve to your true IP to connect to other peers properly and so other peers have to see your true IP.

I researched all the ways to hide my IP and the one that seemed to be the best was an open VPN. It does not reveal the real IP when the connection is dropped and it creates a secure tunnel to a server that does not keep logs that would reveal the connection to their IP and mine. So basically I'm hiding behind a server like a proxy but with a trace not being able to reveal my IP. So I really don't understand the reason why my true IP needs to be revealed so that I can connect to peers. All connections to me are through the server and that servers IP. As far as the outside world is concerned, that server(proxy) IP is my IP and is technically me.

No offense to anyone. I'm just trying to resolve a mystery here. What is the truth? Is it just that 70% of the people on this forum just don't know what they are talking about on this subject or is it that all the people that are trying to hide their IPs through VPNs and other means are just foolishly misinformed and are wasting their time?

Link to comment
Share on other sites

"IP leakage" can also occur due to program bugs...such as hypothetically if uTorrent "foolishly" uses the regular internet gateway instead of the VPN -- such as when the VPN goes offline.

Another problem is if everyone uses VPNs then quite likely most or all will be firewalled and therefore unable to connect to each other.

Link to comment
Share on other sites

I use a VPN. I'm not sure if many people on this forum know what a VPN is or how it works. But I am basically networked through the internet to another computer a distance away. I do not access the internet through my computer other than going directly to that server computer via my VPN through an encrypted private connection. That server computer than goes to the internet on my behave using its IP. So I understand why people need to see the server's IP so that there can be peer to peer communication back to me. But why do they need to see my IP and not that of the servers?

Link to comment
Share on other sites

"Another problem is if everyone uses VPNs then quite likely most or all will be firewalled and therefore unable to connect to each other."

I haven't seen any evidence that firewalls can be more of a problem with VPNs. The internet and all its bad and good is just forwarded to me and it is up to me to protect my machine once it gets to me. I don't think I have any protection other than my IP is not seen which is the only protection I want.

"It doesn't in your case, because your ip for all practical purposes IS the VPN's ip from other peers/seeds point of view."

Than you believe that those who state that a person can not p2p without revealing their own IP are incorrect? So in other words, a person can p2p and stay completely anonymous other than the VPN server will know the person's IP in logs. And if those logs are not retained, there is nothing. Right?

Link to comment
Share on other sites

There is a large assumption here... that the REASON for not having a published IP is for prosecution purposes. P2P by nature requires the sharing of endpoints, i.e. your IP and the other person's IP. This is basic information. Whether or not you're bouncing your data off another client is irrelevant to the question at hand.

If you don't want others to know what you download, use another form of sharing like direct downloading. One common one would be newsgroups, with SSL.

Link to comment
Share on other sites

"P2P by nature requires the sharing of endpoints, i.e. your IP and the other person's IP. This is basic information. Whether or not you're bouncing your data off another client is irrelevant to the question at hand."

I'm trying to speak in technical terms here not in philosophy. Technically, how could someone see my IP when I'm using a VPN? Everyone that says that VPNs will not work at hiding an IP with P2P never can give a technical reason as to how a person can see the original IP. How?

Link to comment
Share on other sites

"I haven't seen any evidence that firewalls can be more of a problem with VPNs. The internet and all its bad and good is just forwarded to me and it is up to me to protect my machine once it gets to me."

A VPN which forwards all traffic...that allows a traceroute all the way back to your computer along the same port that uTorrent uses...would seem little value to you, right?

"Than you believe that those who state that a person can not p2p without revealing their own IP are incorrect?"

It is possible to use a VPN with uTorrent and hide your real internet ip BUT...

It is extremely hard to absolutely guarantee no ip leakage, because of uTorrent's aggressive nature to make connections and update trackers even when the VPN is down...thus possibly making DIRECT connections.

"So in other words, a person can p2p and stay completely anonymous other than the VPN server will know the person's IP in logs. And if those logs are not retained, there is nothing. Right?"

Potentially any VPN server company might be taken over by legal authorities, if given enough incentive. (Such as having lots of child pornography go through that server's ip.) They WILL have your name on record and probably where you live, and investigators may continue running the VPN as a man-in-the-middle listening node.

Link to comment
Share on other sites

I monitored utorrent's behaviour while using a VPN. The only time that I noticed utorrent not using the assigned VPN proxy is if DHT is enabled. As long as I kept the DHT disabled, I never saw any connections that didn't use the assigned proxy, except for direct connections to this site for version update checks.

Link to comment
Share on other sites

"I monitored utorrent's behaviour while using a VPN. The only time that I noticed utorrent not using the assigned VPN proxy is if DHT is enabled. As long as I kept the DHT disabled, I never saw any connections that didn't use the assigned proxy, except for direct connections to this site for version update checks."

That's good to know. I wonder why that is though. So you unchecked both "Enable DHT Network" and "Enable DHT for new torrents"?

But I keep hearing people say on this forum that if someone knows their stuff that there are many ways to find out a persons IP when someone is using P2P whether they are using a VPN, SSH, etc. or not but they never say how. What am I missing because I still can't see how anyone can know my IP. Of course everything is linked in the internet and therefore I have to reveal my IP to the server at the end of the VPN but my IP doesn't go out to the WWW. If this server kept logs, someone could get it through a court order. But the server basically doesn't keep logs. It isn't that I'm intentionally doing anything illegal but when I download torrents I only know their titles and don't really know what is in the torrents for sure until I download them. Try to explain "I didn't know" to an American court. They will just be insulted and throw the book at you. So I just don't want my IP to be caught up into some kind of government sweep one day or be sued by a company. But we all have our reasons to be anonymous and that is off topic.

Link to comment
Share on other sites

"So you unchecked both "Enable DHT Network" and "Enable DHT for new torrents"?"

Yes, that is how I had it set. I once had the DHT network enabled, but was not using with the only torrent that was currently in utorrent, and I still noticed a few outgoing connections from my local IP. Apparently, the DHT is still active in some way, even if you aren't directly using it for anything. Once I disabled it globally, I never witnessed any more outgoing connections from my local IP.

Link to comment
Share on other sites

  • 1 month later...

I have been reading about P2P anonymity for a while but never was too interested.

I have 2 email addresses that I read almost every day or every-other day.

This last week I was kind of busy putting-together a computer that I bought by parts.

So it was like a week that I didn't read my emails.

So yesterday I stared to read the accumulated email and surprisingly I stumble with this email from Verizon with the "From = Copyright Notification" and the "Subject-title = Notice of Claim of Copyright Infringement"

So the 'from' nor the 'title' would tell me it was from Verizon, so I started reading it and this was its contents:

-------------------------------------------------------------------------------------------------

Dear Verizon Online Customer:

We are writing to advise you that Verizon recently received a notification from a copyright owner of a possible copyright violation that appears to involve your Verizon Online account (the "Complainant"). The work(s) identified by the copyright owner in its Complaint are listed below.

We are contacting you because our records indicate that the Internet protocol (IP) address provided to us by the copyright owner was assigned to your service on the date and time identified by the copyright owner. While this activity may have occurred without your permission or knowledge by an unauthorized user, or perhaps by a minor who may not fully understand the copyright laws, as the primary account holder, you are legally responsible for all activity originating from your account.

Copyright work(s) identified in the Complaint:

Copyright infringement level: 1

Notice ID: xxxxxxxx

Title: "TITLE OF THE MOVIE I DOWNLOADED"

Protocol: BitTorrent

IP Address: 123.123.123.123

DNS: pool-123-123-123-123.MA.east.verizon.net

File Name: "FILE NAME OF THE MOVIE"

File Size: 702173396 BYTES

Timestamp: 02-08-2009 18:42:50 UTC

Copyright infringement is a serious matter that violates U.S. copyright law and subjects infringers to criminal and civil liability. It also violates our Acceptable Use Policy (http://www2.verizon.net/policies/acceptable_use.asp) and Terms of Service (http://www2.verizon.net/policies/tos.asp). If you, or someone using your Internet connection, are engaged in the conduct alleged by the copyright owner, we urge you to stop (and ensure that anyone else who might have access to your Internet connection also stops).

Protecting Your Privacy: The copyright owner has not asked Verizon to identify you, and Verizon will NOT provide your identity without a lawful subpoena or other lawful process. However, if the copyright owner does issue a lawful subpoena or other lawful process that seeks information about your identity or account, Verizon will be legally required to provide the requested information to the copyright owner.

.

If you have questions regarding this notice or would like to view Frequently Asked Questions about copyrights and piracy please visit us at www.verizon.net/copyrightfaq.

We appreciate your cooperation on this matter.

Sincerely,

Verizon Online

-------------------------------------------------------------------------------------------------

At the beginning I thought it was a joke, but after some scrutiny I looked for the sender's email address and found this one: notification@copyright.verizon.net

Then I got Very interested on finding some 'protection' as I felt someone has been spying on what I have been downloaded from some torrents sites. I download a lot of stuff for some IT knowledge that I'm doing and to not get bored I download movies but I didn't know someone from a Movie Company or my ISP was looking over my shoulders.

I don't know much about VPN's but basically you need an external server (at work or a paid service) to let you connect to it, because I know how to setup a VPN server at home but that doesn't help me much as I can not be a VPN client and VPN server on the same computer.

I have been reading on Tor Network and I2P Network, and how to setup Azureus (Vuze) and so far I have configured some but not sure how to test it.

Anyone has any info on how to test Azureus or another torrent client for anonymity ?

Regards.

Link to comment
Share on other sites

Your ISP's email department is merely forwarding an email THEY got from copyright torrent-monitoring company/s.

The VPN destination server will still be revealed as downloading/uploading the torrents you're on, and may be subject to legal action...including revealing their clients/customers/members if demanded by a court order. With your ISP, it's a "John Doe" request until a court directly demands the ISP reveal your personal details.

Tor is TOTALLY UNSUITED for running uTorrent through it. Tor is low-bandwidth by nature, uTorrent is the exact opposite. uTorrent can easily overload parts of the Tor network when running even with conservative (56k dial-up!) settings. Hurts your download/upload speeds immensely because of it too.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...