Jump to content

How to force uTorrent to use the VPN only?

netware5

By netware5
in General

Recommended Posts

netware5 Newbie

netware5

Posted
Posted

I have OpenVPN server running on my home router. I am using it when I or members of my family traveling in countries where the Internet is restricted. The OpenVPN clients are configured to route all traffic through the OpenVPN tunnel. My daughter is student now and is using the home OpenVPN server for downloading torrents as the usage of torrents is forbidden in the local LAN of her campus. Recently she had problems with local admins as they managed to detect that she uses torrents. The big question is how they discovered this activity? I thing that for some reasons the uTorrent makes some traffic through the real Ethernet adapter of her laptop instead through the virtual TAP adapter only.  Is it possible to restrict the uTorrent to use ONLY the OpenVPN tunnel, so the presence of the uTorrent to be totally hidden on her local LAN?

 

The configuration is the following:

 

OpenVPN server v. 2.3.2 TAP interface

OpenVPN client v.2.3.3 TAP interface

Client OS Windows 7

Torrent client uTorrent

 

Thank you in advance.

Link to comment
Share on other sites
davidc502 Member

davidc502

Posted
Posted

I think the first problem is assuming OpenVPN is tunneling.  If you want to know the truth, just download WireShark and monitor the main Ethernet adapter after connecting to OpenVPN. You'll find the payload is encrypted, but the ports and protocols are not. I found using OpenVPN wasn't any better than just running Obfuscated encryption on Utorrent (Worthless). The only difference being all the traffic is going through 1 point, just like a proxy.

 

See if your VPN service also offers Point to Point Tunneling Protocol, because that won't give away ports or protocols like UDP/TCP.

Link to comment
Share on other sites
netware5 Newbie

netware5

Posted
  • Author
Posted

I think the first problem is assuming OpenVPN is tunneling.  If you want to know the truth, just download WireShark and monitor the main Ethernet adapter after connecting to OpenVPN. You'll find the payload is encrypted, but the ports and protocols are not. I found using OpenVPN wasn't any better than just running Obfuscated encryption on Utorrent (Worthless). The only difference being all the traffic is going through 1 point, just like a proxy.

 

See if your VPN service also offers Point to Point Tunneling Protocol, because that won't give away ports or protocols like UDP/TCP.

Thank you for your reply. I am using TAP connection, so it is not possible any protocol ot port related information to be leaked. The payload are just Ethernet frames which destination is my home LAN. For anybody sniffing the traffic the tunnel is just a "blackbox" with source and destination address.

 

I do beleive that the reason of leakage is somewhere in Utorrent.exe. For some reason it sends some packets on local LAN, I don't know what and why, as I am not an expert in uTorrent I am an expert in networking. It should be possible to configure it and I try to find information about it, because this is easier way. The alternative is to apply the relevant firewall rules and block uTorrent to use local LAN.  I know how to do this, but it needs a lot of work in advance to investigate exactly what traffic is going and from where to where.

 

P.S. Concerning using PPTP - it is unacceptable because of security reasons. That the reason my choice is to run OpenVPN server.

Link to comment
Share on other sites
davidc502 Member

davidc502

Posted
Posted

I can tell you for a fact Utorrent has leaked whilst using OpenVPN, and has leaked when using the proxy set up. The way I was able to tell was when I checked the peer list, of a peer, my actual IP address as well as my proxy IP address were in that list. I've also detected leaking when checking using WireShark when proxied. The only way I've been able to control the leaking is using PPTP, and suppressing LAN discovery and UDP Tracking.

 

Anyhow, if you think it's leaking to the LAN, have you unchecked "local peer discovery" in Utorrent?

 

If you think it's leaking in other ways, I've read there are other torrent programs that do a better job of  "not leaking", so you may do some research to find the ones that are more secure. There is a  bit of webpages that discuss IP leakage of torrent programs (easy google).

 

I wouldn't thumb thy nose up at PPTP quite that fast :) Of course it's going to depend on what you're trying to do, but if you're just trying to get past the ISP or "Local Admins" PPTP is going to do the job. Maybe you could explain how you're using "TAP" because I'm unfamilliar of using it the context of security.

 

David

Link to comment
Share on other sites
netware5 Newbie

netware5

Posted
  • Author
Posted

I can tell you for a fact Utorrent has leaked whilst using OpenVPN, and has leaked when using the proxy set up. The way I was able to tell was when I checked the peer list, of a peer, my actual IP address as well as my proxy IP address were in that list. I've also detected leaking when checking using WireShark when proxied. The only way I've been able to control the leaking is using PPTP, and suppressing LAN discovery and UDP Tracking.

 

Anyhow, if you think it's leaking to the LAN, have you unchecked "local peer discovery" in Utorrent?

 

If you think it's leaking in other ways, I've read there are other torrent programs that do a better job of  "not leaking", so you may do some research to find the ones that are more secure. There is a  bit of webpages that discuss IP leakage of torrent programs (easy google).

 

I wouldn't thumb thy nose up at PPTP quite that fast :) Of course it's going to depend on what you're trying to do, but if you're just trying to get past the ISP or "Local Admins" PPTP is going to do the job. Maybe you could explain how you're using "TAP" because I'm unfamilliar of using it the context of security.

 

David

 

Thank you very much for your advice concerning "local peer discovery". I've missed this detail in the options. May be this is the reason for leaking on the LAN. I should use OpenVPN because my primary concern is privacy and ability to connect from anywhere. I am traveling a lot in countries where Internet acces is restricted and/or watched by the governments. When traveling I am also very often in insecure environment - public WiFi hotspots in hotels, airports, etc. So security and privacy is my primary concern and OpenVPN is the only way to keep me calm. PPTP has well known vulnerabilities and I do not reccommend to use it if confidentiality is important. That's the reason I am running OpenVPN server on my home router. My daughter is just using the same server only for downloading torrents and her primary concern is not to leak to the LAN any evidence that a torrent client is running on her computer. So you can see that my concerns are a little bit different than common - I don't care if my home router's IP address will leak in outside world.

 

Concerning TAP interface - in that case the OpenVPN tunnel is used to bridge two LANs. It is equivalent of hardware bridging (wiring) of client device to my home LAN. In TAP mode the OpenVPN encapsulates Ethernet packets, so any information about IP protocol, source and destination address, etc is encrypted in the payload. TAP mode is very easy to configure and is considered to be the best solution for road warriors like me. TAP mode also allows to use all Windows network services available on home LAN in the same way as if you are physicaly connected to it.

Link to comment
Share on other sites
davidc502 Member

davidc502

Posted
Posted

That's good news about the the "local peer discovery", and I hope that is what solves the problem. Be sure to post if that was the fix or not.

 

I appreciate the explaination about how you use TAP with OpenVPN. As the old saying goes, "you learn something new everyday".  Or at least I try to.

 

David

Link to comment
Share on other sites
davidc502 Member

davidc502

Posted
Posted

Just as a footnote.... I have the option to change to L2TP with IPSec, so it's kind of a no brainer to take adavantage of the better authentication process.  I knew MS-CHAP v2 had some weakness in that a man in the middle attack could provide a hacker with the password (to recreate the tunnel), but from what I understand the PPTP tunnel is still secure. However, one can't be too secure :), so I changed to IPSec with L2TP.

 

David

Link to comment
Share on other sites
netware5 Newbie

netware5

Posted
  • Author
Posted

Just as a footnote.... I have the option to change to L2TP with IPSec, so it's kind of a no brainer to take adavantage of the better authentication process.  I knew MS-CHAP v2 had some weakness in that a man in the middle attack could provide a hacker with the password (to recreate the tunnel), but from what I understand the PPTP tunnel is still secure. However, one can't be too secure :), so I changed to IPSec with L2TP.

 

David

IPSec is equvalent to OpenVPN in terms of security, so this is a good decision. I prefer OpenVPN just because it is more convenient for road warriors like me.

Link to comment
Share on other sites
davidc502 Member

davidc502

Posted
Posted

IPSec is equvalent to OpenVPN in terms of security, so this is a good decision. I prefer OpenVPN just because it is more convenient for road warriors like me.

 

Good deal .... I started to think about what you were saying, and decided it was time for a "upgrade". lol

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...