Tutorial for Utorrent with Comodo Firewall 3

[Guest]

[seaniesean]

OK.  After trying this out for months, i have concluded that pandalouk's guide doesn't work, and ragwing's guide is not very secure.  Any suggestions?

[Josh123]

OK.  After trying this out for months, i have concluded that pandalouk's guide doesn't work, and ragwing's guide is not very secure.  Any suggestions?

It doesn't?

As in what way?

Josh

[ganda]

OK.  After trying this out for months, i have concluded that pandalouk's guide doesn't work, and ragwing's guide is not very secure.  Any suggestions?

ehm 
from my experience (oh yes, i'm experienced  )
pandlouk's rules are doing good, but don't forget to change your LAST block global rule to
Block ICMP in from Ip any to ip any where ICMP message is ECHO REQUEST
simply use CFP stealth port wizard to create that rule:
Firewall/common tasks/stealth port wizard==> alert me to incoming connection-stealth my ports on per case basis

i've not tried ragwing's rules, but a self proclaimed Ninja & vette the supercop  said that you'll be fine even if you treat utorrent as "trusted application".

I would try the global rules but reading thru the forums I see that some people say it is unnecessary to use them, and that it is potentially unsafe.

who said that?  cursed him  how about trying this to create your global rules:
Firewall/common tasks/stealth port wizard==> alert me to incoming connection-stealth my ports on per case basis

then remove all your utorrent application rules & choose treat uttorrent as "trusted application" next time you have firewall alert. (some ppl here are too paranoid & create such complicated rules    )
if you still have problem connecting uttorrent, then it's not CFP3 issue, maybe your router configuration.

have a nice weekend 

[Comofo]

 
Oh goodness, that's refreshing!

  to you shin.

[seaniesean]

Hmm.  Well, with pandolouk's rules i get about 20kb a second download speeds, except on private tracker sites, where i get 0kb a second. Have tried pandalouks rules with all suggestions i've seen, except for the scary "treat as trusted application" (are you sure about that?!) and my firewall is always "stealth on a per case basis",

Ragwing's rules...well, they work, like reasonable speeds, but people seem to think they are not that safe, though you say this is not the case (i wouldn't really know myself, but peer guardian goes crazy when i use these rules.  So i bet trusted app. would be more of the same.)

Ah well, cheers for replying anyway.  I'm sure i'll get the hang of this computer one day.

[Ragwing]

Ragwing's rules...well, they work, like reasonable speeds, but people seem to think they are not that safe, though you say this is not the case (i wouldn't really know myself, but peer guardian goes crazy when i use these rules.

pandlouk's rules might be a bit safter, since he limits the port numbers used. And as for PeerGuardian, both rule should make it go crazy, as most of the time, the connections are incoming to your port. But as long as PeerGuardian blocks them, there's nothing to worry about. Also, the risk of actually going to court if you download something is almost 0%. They usually go after people that upload lots of stuff.
Anyways, no matter what firewall or rules you use, they'll always be able to track you down. Not even PeerGuardian offers 100% protection.

So you have a choice. Either use pandlouk's rule that offers bit more security, at the cost of lower download speed, or use mine with higher download speed, but maybe a bit less security.

So i bet trusted app. would be more of the same.)

Not really. Trusted application is more like Allow IP In/Out.

Cheers,
Ragwing

[ganda]

Hmm.  Well, with pandolouk's rules i get about 20kb a second download speeds, except on private tracker sites, where i get 0kb a second. Have tried pandalouks rules with all suggestions i've seen, except for the scary "treat as trusted application" (are you sure about that?!)

you don't trust a ninja? 
i dunno (what do i know?  ), like i said, Soya (the vegetarian ninja) & vette (the supercop who use cracked software) once said it  .
hey, what's the worst that could happen i think it's normal to "trust" utorrent. it's not malware.

[Comofo]

I think the idea here is to create an ideal traffic thoroughfare -  just like any highway - and allowing infinite lanes from anywhere to anywhere is chaotic at best, even dangerous.

Myself, I want several designated lanes moving in opposite directions [actually to be honest, it's the inbound traffic I'm most concerned with] at high rates of speed to determined destinations.

The now infamous pandlouk 5  along with Ragwings (my rules are borrowed from both, then tweaked over time) do this well. I'm able to easily monitor everything on both sides of the road while PG and PW act as the Highway Patrol; pulling over the dangerous drivers.

To give Utorrent (or any variation thereof) an Allow All In/Out policy, frankly flies in the face of what I spend most of my time trying to accomplish: securing and guarding the boundaries of my private network.

oh, and:
Trust a ninja?

What do you mean you mean you don't trust faceless stalkers, hidden in black, moving silently through the night, climbing walls, able to garrote you in your sleep without a whisper? What, are you paranoid?

[kail]

I use uTorrent with PeerGuardian2 (you just gotta block those pesky Uni students ). I use pand's rules with some extra bits (which are probably useless.. but, I can't help but fiddle with things like that). As per pand's set-up, I do not allow uT to use privileged ports (although there are some exceptions) & I don't allow nutta's to connect to me using privileged ports either (unclean!). One thing I have discovered.. is that when uT says my connection is red (poor) it is lying like a dog with no legs. It thinks it's poor and I'm DLing at 300KB/s on a HSDPA USB dongle-thingy (which is almost maxed out for where I am).

[seaniesean]

This forums great, you always get a response with useful information.

"Also, the risk of actually going to court if you download something is almost 0%. They usually go after people that upload lots of stuff."

Ahem...  not much danger of that then. (I'm looking for an emoticon for "hit" and "run", to no avail)

"Anyways, no matter what firewall or rules you use, they'll always be able to track you down. Not even PeerGuardian offers 100% protection."

Sage Advice indeed.

"So you have a choice. Either use pandlouk's rule that offers bit more security, at the cost of lower download speed, or use mine with higher download speed, but maybe a bit less security."

Hmm.  So what rules does comofo use, i am interested in knowing?

[Comofo]

Me? Well, ehem  first I always run PG and PW with fresh lists...an addition I've taken the time to include some of the blocked ranges (I double check these) to My Blocked Network Zones.

Allow tcp/udp In from ip any to my ip 1025-65535 to Utorrent Port
Allow tcp Out from my ip to ip any 1025-65535 to 1025-65535
Allow udp Out from my ip to ip any Utorrent Port to 1025-65535
Allow (& log) tcp (http) Out from my ip 1000-5000 to 80
Allow (& log) udp (dns) Out to my ip 1000-5000 to 53 
Block and  Log everything else

On my 1.5M Adsl I usually hover at 175-195k down and 35-50k up.

[draceena]

Awsome Guide!

I went with just Ragwinds rules, though I had to make a slight change, where he has:

Allow TCP OR UDP In From IP Any To [Your MAC/IP] Where Source Port Is Any And Destination Port is In [uTorrent port]

I had to use ANY in place of [Your MAC/IP] since my IP changes. This won't cause me any loss in security will it?

Otherwise, it works as it should. I ran Utorrent, went to Shield Up and probed the Utorrent port, which said it was open like it should. Once I stopped Utorrent, Shields Up stated the port was Stealthed.

The only odd thing is I went to another Port probing site and it said my ports 135 and 1080 were open, yet at the same time Shield Up satated these ports were stealth, who should I trust?

[Ragwing]

I had to use ANY in place of [Your MAC/IP] since my IP changes. This won't cause me any loss in security will it?

No, it won't. I just like my MAC-adress

The only odd thing is I went to another Port probing site and it said my ports 135 and 1080 were open, yet at the same time Shield Up satated these ports were stealth, who should I trust?

I'd trust Shields Up!, I've never had a problem with it.

Cheers,
Ragwing

[kail]

Hang on.. without checking the context of the rule (or the implications).. MAC/IP for Any? That's not right.. granted the IP can change, but the MAC shouldn't change since it's device orientated (unless this is a virtual system?). MAC should be OK. Shouldn't it?

[Ragwing]

granted the IP can change, but the MAC shouldn't change since it's device orientated (unless this is a virtual system?). MAC should be OK. Shouldn't it?

Yes, MAC doesn't change unless you do it yourself (easy way to bypass routers MAC filter...). Was a bit tired, so didn't think of it. You can obtain the MAC adress (physical adress) by running the built-in ipconfig utility with the parameter '/all'.

Cheers,
Ragwing

[Tags:]