November 03, 2007 by sharky
How to Outwit the ISP by obfuscating your Internet traffic.
ISPs have been increasingly reducing the available bandwidth for P2P users, and more are joining the list all the time. In fact, most major Internet Service Providers now employ some form of technology to limit the file sharing traffic throughout their precious networks. Recently Comcast has been ‘caught’ doing this; others such as Sympatico (Canada) have blatantly admitted it. Could this be because one-third of all Internet traffic is created by P2P programs? Check out the list of bad ISPs here. Below are some solutions to ‘hide’ your P2P file sharing traffic so that it won’t come under the watchful eyes of Big Brother Cable, Co.
ISPs do this in two ways:
— They reduce or even refuse the bandwidth on standard file-sharing port ranges: (also known as “bandwidth throttling”)
You want to avoid the standard file-sharing port ranges between 6881-6999, as many trackers have blacklisted them because some ISPs are throttling them. (Read the AzureusWiki here for more information on ISPs and blacklisted ports.) P2P experts suggest using a port within the 49152 to 65534 range, as these are unassigned ports. In BitComet, this number can be found under the menu OPTIONS > PREFERENCES > CONNECTION. Look for the “Listen Port” number and enter a new one. Click OK to save. In Azureus, go to TOOLS > OPTIONS > CONNECTION and input a new “Incoming TCP listening port” number. Don’t forget to click SAVE. Be sure to stop and restart all torrents after making port number changes (or you can exit the program and restart it, it’s the same thing).
You may find that you have to change your Port number frequently if traffic begins to slow or even stop. Some P2P programs allow you to choose a ‘random’ port each time the program starts, thus keeping you away from one specific number.
NOTE: If you open BitComet or Azureuz and discover that the listening port is indeed between 6881-6999 (and the torrents aren’t connecting) you may have to wait up to 48 hours for the existing downloads to begin again after you’ve changed the port number. This is because your IP address has been banned from the tracker for using blacklisted ports. But this will not affect any NEW torrents (as long as you use a different tracker) that have been added after the port number change, so test this by adding new torrents from various websites to see if they connect. If they do, you’ve figured out the problem. Also, if you are running a firewall/router, don’t forget to change the port settings for any changes you make.
— More commonly, they incorporate techniques like traffic shaping:
Traffic shaping, simply put, is the delaying of data (packets) being sent to reduce the rate and volume of traffic on a network. This can be implemented to target specific users on a network (for example; domestic Internet subscribers who are using P2P software on an ISP’s network). ISPs can use sophisticated traffic shaping schemes to classify the type of traffic before actually shaping it, and it is easy to do. If traffic is deemed or classified to be “P2P” or “BitTorrent” traffic, it immediately falls into the shaping category and is delayed, reduced or treated as low-priority by means of bandwidth throttling/shaping, regardless of the port number.
Solutions to combat traffic shaping:
Every time I hear the term “Traffic Shapers”, I think of “The Matrix” with those squidy things coming to shut you down. If your traffic cannot be classified as bad and you remain fairly inconspicuous, you will be left alone by the traffic shapers.
— Avoid one-directional traffic
ISPs are on the lookout for one-way traffic, and are especially watchful of that one-way ‘upload’ traffic which is actually more problematic to the entire network - and bandwidth of other users. This is especially true for users who have an improperly configured (i.e. high) upload setting, and go to bed at night (or work in the morning) and leave BitTorrent running. By the middle of the night (or mid-day) the torrents finish downloading and all that remains are seeding torrents (or uploading), creating mostly one-way upload traffic that congests the pipes of other users - thus making you vulnerable to traffic shaping cops.
To hide this direction of traffic, both Azureus and µTorrent employ a technique called “Lazy Bitfield“. In short, when enabled, this feature allows finished torrents (or seeds) to appear to act like unfinished ones, thus mimicking two-way traffic. Look for this feature in the TOOLS/OPTIONS menu.
— Hide traffic through encrypted tunneling
Virtual Private Network (VPN) providers such as VPNTunnel and SecureIX offer commercial services for encrypting ALL outgoing and incoming Internet traffic. If you know for sure you’ve already been shaped, it might not be a bad idea to try. To quote the SecureIX website:
As soon as you connect to our VPN server your computer is assigned a new IP address, an IP address that is owned by US, not your ISP. Then all of your Internet traffic is encrypted and is tunneled to our VPN server. Once there, it is decrypted and allowed to travel to its intended destination. Your local ISP will only see a single encrypted data stream between you and our VPN server. Your ISP can no longer monitor, log or control your Internet usage.”
Looking for a free VPN solution? Check out our free VPN software article.
New technology is emerging all the time to join the fight against efforts employed by ISPs. I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. SSH (Secure Shell) and SSH-2 are encrypted protocols for file transfers (similar to FTP) and transferring data with the added benefit of tunneling other protocols.
— Use a proxy server within your P2P program.
This solution adds an extra layer of anonymity - directly through your P2P program. Your ISP will still see heavy data (packets) being sent and received, but won’t be able to tell what they are.
— Encrypt your traffic (in the BitTorrent client)
This technique will obfuscate your Internet traffic, thus making it more difficult for traffic shapers to classify what it is you’re using the Internet for. Note that this will not encrypt your traffic; it will only encrypt the type of traffic that it is.
Through BitComet, go to OPTIONS > PREFERENCES > ADVANCED > CONNECTION and click on “Protocol encryption (avoid BT protocol blocked)” and select the option ‘ALWAYS’.
With Azureus, go to TOOLS > OPTIONS > CONNECTION > Transport Encryption and select the 3 checkboxes, plus select ‘RC4′ level of minimum encryption. This will mask or hide the type of traffic that is going through your Internet connection.
In uTorrent go to OPTIONS > PREFERENCES > BitTorrent, then select “Protocol encryption”. You should choose “enabled”. If you choose “forced”, you will get less connections (and slower download speeds).