utorrent guide still up to date?

So since i have problems with my utorrent port (i have alot of blocks on my utorrent port while utorrent isnt even running… and with alot i mean 1000-2000 a day) i thought i would change my utorrent rule from “trusted application” to what is described in the guide. But which post should i go for now? The 1st post shows a different rule for utorrent than the 3rd post does (again frm a mod)… and are these settings even needed now? the topic is 3 years old.

thanks

@edit: okay i found this guide:
https://forums.comodo.com/install-setup-configuration-help-cis/how-to-stop-logging-blocked-torrent-port-when-client-is-closed-t51399.0.html

hope it fixes my blocking prob still intersted in the right utorrent settings… or is trusted apllication just fine?

Making utorrent a trusted app is not a good thing.

From that first “utorrent post” I used these rules and they worked.

How to configure Comodo firewall 3 for utorrent. I am using CIS 5, but this still works

Go to : Firewall → network security policy ->click Predifined Firewall Policies → click Add
see pic #1

Name the new policy UTORRENT

Click the add button and add the following rules…

Rule 1
Action = Allow
Protocol = TCP or UDP
Direction = In
Description = Rule for incoming TCP and UDP connections
Source Address = Any
Destination Address = Any
Source port=A port range=(start port = 1025 / end port = 65535)
Destination port = the port of utorrent …13653 << for me, this is the default port for utorrent

Rule 2
Action = Allow
Protocol = TCP
Direction = Out
Description = Rule for outgoing TCP connections
Source Address = Any
Destination Address = Any
Source port = A port range=(start port=1025 / end port = 65535)
Destinati port=A port range=(start port = 1025/end port=65535)

Rule 3
Action = Allow
Protocol = UDP
Direction = Out
Description = Rule for outgoing UDP connections
Source Address = Any
Destination Address = Any
Source port = the port of utorrent …13653 << again this is the default port
Destina port=A port rang=(start port= 1025 / end port = 65535)

Rule 4
Action = Allow (enable Log as a firewall event if this rule is fired)
Protocol = TCP
Direction = Out
Description = Rule for HTTP requests
Source Address = Any
Destination Address = Any
Source port=A port range=(start port=1025 / end port = 65535)
Destination port = 80

The only change I made was to remove ‘ask’ from rule 4,
making it an allow rule, but keeping the logging on.
Works very good.

Rule 5
Action = Block (enable Log as a firewall event if this rule is fired)
Protocol = IP
Direction = In/OUT
Description = Block and Log All Unmatching Requests
Source Address = Any
Destination Address = Any
IP Details = Any

see pic 2

Start utorrent.
When Comodo asks you with a popup, choose >> Treat this application as >>select utorrent
and enable Remember my answer.
And once utorrent is running go to Firewall → Stealth Ports wizard → and click "alert me to incoming connections (assuming you have it set to Stealth while not torrenting

This worked for me, and keep in mind that I am a complete noob with this stuff.
8)

[attachment deleted by admin]

Oh and you need to remove your old “trusted app” rule in → Firewall ->Network security policy
otherwise you may never get a pop up asking what to do with the utorrent app.
O0

okay and why do i have to do this?

And once utorrent is running go to Firewall -> Stealth Ports wizard -> and click "alert me to incoming connections (assuming you have it set to Stealth while not torrenting

why isnt it a good idea anyway to have utorrent as a “trusted application” ?

thanks

You can run utorrent with your ports ‘stealthed’ but it will limit the traffic drastically, and the little connection icon at the bottom of the utorrent window will be YELLOW. :-TD
If you are worried about CIS alerting you to EVERY incoming connection, it doesn’t.
I’ve run utorrent for hours with no pop ups. :-TU

If you make utorrent a trusted app, it allows ANY unsolicited Inbound traffic with ANY protocol access
to ANY port on your machine.
In other words, since you’re “trusting” utorrent, if a hacker attempts to connect to your machine,
it will be accepted, with no alert, and then you’re toast.
:-TD :-TD :-TD

One thing I didn’t mention — if you are behind a router then there’s a chance those rules won’t work,
I don’t know, I just have a modem.

i´m behind a router

and i use stealth mode but my traffic is fine (max download speed are 14000 kbits and upload 100kbits and i reach those limits).

Hmm how should a hacker attack me through that port ? that port only goes to utorrent and nothing else… so he would need an exploit for utorrent.

A few months ago, when I was trying to set up utorrent with Comodo, I read every thread I could find, and making utorrent trusted was always frowned upon. I can’t tell you why, I just remember the general consensus was that it was unsafe.

I don’t trust every utorrent user, including the RIAA, FBI, hackers, script-kiddies, >:-D etc. etc.
I’m paranoid, you’re not.
But by using those rules you are at least a little more secure, because you and other utorrent users cannot connect to each other on the ‘privileged ports’ which are supposed to be reserved for
Windows processes and network related functions.

From the utorrent website back in August…
“A vulnerability has been identified in uTorrent, which could be exploited by remote attackers to compromise a
vulnerable system. This issue is caused due to the application insecurely loading certain
librairies (e.g. “plugin_dll.dll”) from the current working directory, which could allow attackers
to execute arbitrary code by tricking a user into opening a Torrent file e.g. from a network share.”

They patched the program, but this just shows that it’s not ‘air tight’ – nothing is.
This is why I only connect to the internet via Sandboxie. If something nasty happens I just
delete Sandboxie - problem solved.

I also watch/listen to any torrents inside a sandboxed (Sandboxie) media player (on my PC).