Firewall Tutorial for Utorrent with Comodo Internet Security

[Guest]

[soyabeaner]

μTorrent

Wow! I did it 

Josh

Define "did"

[ganda]

Ganda, you might want to check out Google.  It's the best search engine in the world.  I'll lend you a hand while we're at it in case you start asking the rest of the Greek alphabet.

There is obviously more than one way to set up rules for µTorrent, or anything program for that mater, even beyond Pan & Rag's rules.  Just look at mine: I got rid of Global Rules a while ago.

Of course anyone can treat µTorrent as trusted with no problems.  It's when you pick the opposite on the spectrum like Isolated Application that you can't use it at all .  This is refering to Defense+, not the Firewall setup here.  Pretty much all default Defense+ rules are untouched, while the rest of my programs are set as Custom.  Now what is Custom?  My particular setup is set to allow each specific action surrounding a program like uTorrent (as I receive the Defense+ alerts, which I haven't since the beginning when I launched uTorrent).  If you set uTorrent as Trusted, you're granting it to do almost anything --> this is for those who really trust uTorrent not to have any malicious code or activity and/or for the average Joe to not receive as many Defense+ alerts.

Why should CFP3 make a default Predefined Rule for torrent programs?  It wouldn't be realistic and it would be incomplete.  Now we're in the Firewall aspect here.  uTorrent or other p2p require the user to manually pick a listening port within its own application.  Let's say I pick port 12345, but how would CFP3 know?  I can either manually create these rules (like following the first post in this thread) or automatically creating them using the Stealth Ports Wizard to toggle Alert me to incoming connections (basically for P2P programs or ones you want to receive an alerting to incoming connection requests).  I think the option names in CFP3 are self-explanatory.  Even too long for me .  Predefined Rules are meant as basis so that they can used over and over again for more than one program.  I only have 1 P2P program and that's uTorrent.  Why would I need a Predefined Rule for it?  It's a waste of time for me.  One the other hand, as an example, I use the default Predefined Rule for Web Browser that CFP3 has created because I have multiple browsers.  Simple as that.

I see the same questions over and over again about the difference between Pan & Rag rules.  Let's put it this way: Rag is the standard one that most of us have been using since CFP v2.  Nothing wrong with that.  Pan is more secure in the sense that you and the other seeds or leechers cannot connect to each other on the Privileged Ports (# 0 to 1023 --> See Firewall > Common Tasks > My Ports Sets), which are supposed to be reserved for the common Windows services/processes like port 80 is for HTTP (browsers use this).  The reason why I use Rag rules is not just because it's easier and less steps, but because I found my download speeds dropped.  For tweakers, better go with Rag rules (and mine if you like to further tweak on ICMP rules).

Edit: Too late.  Kail summed it up better

OKay, so here's to conclude things up
1) there's no exact way to create rules
2) we're actually secured enough with trusted app rule
3) errr uuuh, Soya is a geek
4) never use thunder base attack on Raijin
5) Draw siren from Elvoret
6) some ppl have plenty of time to copy 1 letter and use it in forum

oh sorry, i'm reading Final fantasy 8 walkthrough as i type this .
  thx Soya.
everyone worship Soya, all hail soya. 

μTorrent

Wow! I did it 

Josh

excellent, what an accomplishment 

[kail]

1) there's no exact way to create rules

No, there is no "exact" way.. only the "correct" way.

2) we're actually secured enough with trusted app rule

If you trust all other uTorrent users (eg. RIAA, FBI, hackers, script-kiddies, etc..), then yes.. you're secure.

[ganda]

No, there is no "exact" way.. only the "correct" way.

yeah, then there are a lot of correct way to create rules, not just one, right?

If you trust all other uTorrent users (eg. RIAA, FBI, hackers, script-kiddies, etc..), then yes.. you're secure.

but but but

There is obviously more than one way to set up rules for µTorrent, or anything program for that mater, even beyond Pan & Rag's rules.  Just look at mine: I got rid of Global Rules a while ago.

Of course anyone can treat µTorrent as trusted with no problems.......................................
If you set uTorrent as Trusted, you're granting it to do almost anything --> this is for those who really trust uTorrent not to have any malicious code or activity and/or for the average Joe to not receive as many Defense+ alerts.

ah well, i'm not using uttorent

[soyabeaner]

ah well, i'm not using uttorent

Then why are you posting here, traitor!

[kail]

uTorrent trust: See my above posts (not just the last) for my take on that.

Then why are you posting here, traitor!

No, not a traitor.. a TROLL!!

[ganda]

uTorrent trust: See my above posts (not just the last) for my take on that.
No, not a traitor.. a TROLL!!

coz i love & care every human being in this cruel world (miss world wannabe answer )

my passion in exploring technology & knowledge (runner up miss universe answer)
.
.
.
nah, i'm just curious <== TBH

[soyabeaner]

any more  and I'll move them to Rednose's thread.

[comode]

Well I have a different problem now.

I tried Pan's rules again. The same thing is still happening as in my last post, but I just wasn't concentrating hard enough, so I missed that it's not totally unconnectable, it just seems like it.

Here's the problem.  the little tick turns green, but as I was first only testing private trackers, I thought it was unconnectable, and that the rules weren't working.
But, private trackers, it uploads fine, at full speed, but it doesn't download anything, plus when it uploads, the up arrow is red, and the tracker status is "host name not found" and eventually "offline", which means my uploads, although working, will not count for ratio.
With public torrents, the upload and download work fine, at good speeds, but again the up/down arrows are red, and the tracker status is as above.

What do I have to do to make sure the tracker works fine, and that my uploads/downloads are counted properly with private trackers(again, download doesn't work though, only upload).

Thanks!

[kail]

As you've already noticed, I think, despite what uTorrent may say or think.. this doesn't seem to actually impact your speed or connectivity. So, I suspect that it's a uTorrent problem (the application) rather than the users.. obviously CFP (with the deployed rules) is preventing uTorrent's ability to track the user properly. Personally, I don't consider this a bad thing at all.. the opposite, in fact. Actually, in my case, I'm not even 100% sure it's anything to do with uTorrent or CFP, my ISP sticks me behind a transparent proxy & that could easily cause that. I guess a router (or hardware firewall) could easily impact this also.

Public Trackers: They go off-line, disappear, actively refuse connections, error, time-out, never exist in the first place & generate almost any response you can think of.. all the time. AND, although rare (depending on where you picked up the torrent), they can also be malicious.. or a RIAA (or whoever) tracker. You should also be cautious of Private Trackers that require some sort of free sign-up on the Net. Check them out first.

edit: typo's

[comode]

Not sure I follow, sorry   

Just incase I didn't explain it properly, when I use rags method, with my private torrents(that I've been using long time, and trust), the tick goes green, when I download, the arrow is green, the tracker status is "working" and my ratio is fine, my stats are recorded with the website and my ratio is always updated, and show me as connected.
public torrents work fine (green arrows, tracker status "working").

When I use pan's method, for the very same private torrents, the tick goes green, but the downloads don't start, the uploads start but the arrow remains red, the tracker status is "host name not found", my stats and ratio aren't updated with the torrent site.
Public torrents are the same, except they download and upload.

hope that explains it better. I actually need for the tracker status to be "working" and for my stats to be updated.

[kail]

Sorry, probably my fault. 

Trackers use a varying number of ports & protocols (HTTP & UDP). Under pand's rules, I think anything under port number 1024 (unless it's Port 80) will be blocked as it is consider a "privileged port". Where I believe Rag's rules do not block privileged ports. Maybe some of the trackers were using the privileged ports, other than port 80? Do you know the Port Numbers & Protocols of the trackers, in question?

[comode]

how would I find out, in the firewall logs?

Doesn't anyone use Pan's rules with private trackers?! 

[seaniesean]

After further trials, i got pandalouk's rules to work.  Really well, in fact, with a few changes. 

I get them to work with private trackers, too, again with some alterations.  I don't really know what i'm doing, though.

Am i right in thinking that the "ask"  rule for TCP out is, like, for the tracker? So, if "shivermetimberssoftware.com" has an ip address of 77.77.77.77, and uses port 80 for, uh, HTTP requests,   the resultant rule will be something like, "allow tcp out from my ip to 77.77.77.77 where source port is (1025-65535) and destination port is 80".

But some trackers use other ports, like 8080, or others, am i right?  So pandalouk's rules need to be changed to account for this, am i right?  Or completely wrong?

What i think would be useful, if this is right, would be a list of trustworthy trackers, and the ports they use.  Then, they could be added to the utorrent predefined policy. 

 

[comode]

So how did you get it to work with private trackers?
Did you find them out or ask them directly what they use?

Also about the http rule, what difference would putting the source address as your own and destination ip as the tracker, when they're already set to any/any, wouldn't having 'any' for both ip's encompass both the tracker and your own ip anyway...?

[Tags:]