Silk Road forums
Discussion => Off topic => Topic started by: Locutus of Borg on April 17, 2013, 05:53 pm
-
Hey, just wondering if it is possible using just 2 devices or even a VM player to show that using BitTorrent over Tor can reveal your IP address. I'm running very low on time to complete a research report on Tor and need some sort of practical. This is the only thing I can think of and I'd appreciate any advice or even recommendations for another simple practical regarding the Tor network. It's for a basic networking course if that helps.
Cheers
-
Here's some published research on the topic: http://hal.inria.fr/docs/00/47/15/56/PDF/TorBT.pdf
And if you don't trust that link, it's posted on the official Tor blog: https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea
I think you could run wireshark in a VM to show the leakage. One of the problems is the bittorrent client bypassing the proxy settings to connect to the tracker, because that is usually done via UDP while Tor only carries TCP streams.
-
Just stumbled across that there funnily enough, but I'm still a bit unsure as to how I set everything up so that I can provide screenshots, etc. showing that both the port and Ip address of the device using BitTorrent are visible. I'm not all that clued in on the workings of the likes of BitTorrent, how I can obtain the tracker of a torrent used by the 'victim' and so on. All in all I'm struggling to figure out how to put it into practice.
-
Seems to me that you don't even need a VM. Just setup your torrenting program, find a tracker that uses UDP (my brief searching reveals these torrents include lines such as : udp://tracker-url.com:port/announce ) , configure the torrent program to use Tor and take a screenshot of this configuration, now run wireshark , filter for UDP connections to the port from the torrent file, filter for connections to your Tor entry guards (and take a screenshot showing your entry guards and their IP addresses, or of you selecting to use strict guards in torrc), then when UDP connections are made to the tracker they will by pass Tor and you can see this in the Wireshark logs filtering for connections to the tracker, meanwhile you can see that some of the traffic goes over Tor as well from filtering for connections to the entry guards and taking a screenshot of vidalia with circuits open. It really isn't that hard at all and if you need to ask for help figuring this out it is a strong sign of not having done any real research into it yourself.
-
Good advice kmf. Another thing is that some bittorrent programs send the user's IP address in their data, even when it is sent over Tor. Not sure exactly how they do that, but you could filter for your own IP address to see if it shows up.
And of course, pick a FOSS torrent for your experiment. :)
-
Thanks a million for the replies. And you're right about that last part too, kmf. I've been under heaps of pressure lately as assignments and exams are just stacking up so I've found it difficult to make time to do much research (although I do concede that I could've managed my schedule much better than I had done). Also, it was only very recently that I decided to do my practical on BitTorrent as most of my other ideas either involved too much work for the time I have remaining or were just well beyond my level of expertise.
But anyway thanks for helping again.