the forums at degreez.net

It is currently Sat Nov 17, 2018 5:13 am

All times are UTC - 7 hours [ DST ]




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 
Author Message
PostPosted: Sat Nov 19, 2005 3:13 pm 
Hello, im relatively knew to the world of Torrents and their clients. Im also new the networking for that matter :). I have a slight problem with my comptuer configuration.

I have to computers, a HOST and a CLIENT. The HOST machine is connected to the internet via a broadband modem (motorola Surfboard). Host machine has XP SP2 and the CLIENT has Xp SP1. I finally managed to get ICS working on the CLIENT machine without zonealarm blocking the connection for some reason (I had to create a static IP address for the CLIENT machine and add it to the trusted zone of the HOST machine, read up on that on the Forum on Zonelabs main page..."Victory, ICS working with ZA6 on Host" is was called)

Anyway, thats my computer setup. I installed Bit Tornado on the CLIENT machine, and it ran really really really , NOT good. I was getting download speeds of 0-3kb (3 on a lucky day), and upload speeds of 7-13kb(......all the time). I ran the test posted on this forum, the one which takes the port of Bit Tornado, and the hash code. It failed need less to say. I realised that my HOST had a problem of not forwarding ports (I think thats that the correct lingo). So, erm, HELP!!

Could anyway please tell me how to configure ZA6 on the HOST machine so that it will forward the ports used by Bit tornado, and on the Client machine so that it will accept the connections (althought I dont think the latter is nessecary, since Ive given it full access on the CLIENT machine). Thank you in advance.


Top
  
 
PostPosted: Sat Nov 19, 2005 4:47 pm 
Anonymous wrote:
Could anyway please tell me how to configure ZA6 on the HOST machine so that it will forward the ports used by Bit tornado, and on the Client machine so that it will accept the connections (althought I dont think the latter is nessecary, since Ive given it full access on the CLIENT machine). Thank you in advance.
Zone Alarm as a firewall has the ability to block or allow packets reaching the computer, but it cannot forward those packets to another computer. It either blocks or it doesn't.

Forwarding is sending the packets onward through a route they're not specified to travel. Sort of like forwarding real/physical mail from your house to your vacation spot, even though the mail is only postmarked to go to your house.

In short, it's ICS that has to forward the packets in order for you to get the green light in BitTornado. It'd probably be easiest if you could just run a DMZ which forwards everything from the host computer to the 2nd computer. But that's the LEAST secure and the most CPU-hogging. Good luck in any regard, because I have never used ICS...so I can't help you there.


Top
  
 
 Post subject: Progress?
PostPosted: Sat Nov 19, 2005 5:44 pm 
Hey Switeck Thank you very much for the quick reply. You made it clear to me that the problem is with the ICS. Okay one thing need to understand, would id need to configure ZA on the HOST machine to keep open ports in the range Bit tornado uses them?

Also, learning from you that the ICS was the problem I clicked network connections in control panel, and right clicked on my internet gateway, then clicking properties. WHen I clicked setting, i could add TCP or UDP ports with an OP address. I assume if I configured this on the HOST machine, then Bit Tornado would be running okay. My theory is that I would type the ports open in Bit Tornado (10000-50000, is it bad if the range is too big?) for TCP and UDP, and put in my static IP address. This is just me guessing, can anyone who confirm or ammend. Again thank you in advance


Top
  
 
 Post subject: oooops
PostPosted: Sat Nov 19, 2005 5:46 pm 
and sorry, I meant IP address not OP :) its late and im tired lol


Top
  
 
 Post subject: Yes, maybe, no
PostPosted: Sat Nov 19, 2005 10:03 pm 
Yes, you will definitely need to configure ZA on the HOST machine to keep open the ip ports in the range BitTornado uses. Otherwise it will KILL ip packets on that port before the other computer even gets a chance to see them. Firewalls are dumb that way.

On ICS, you probably have the right idea for how to forward ip ports.
But for the same reason you don't want to use DMZ if you don't have to...you shouldn't forward 40,000 ip ports (10000-50000.) It works the CPU too much to forward nearly everything, plus it means that any security hole on those ip ports is open and vulnerable to direct connections from the internet. (Of course, with Windows, if it doesn't have a connection...some security holes make their own connections automatically, just to be safe.)

BitTornado only needs as many ip ports as you plan to open torrents at once. If you try to download 10 separate torrents at once, you need at least 10 ip ports. Beyond 20 torrents at once is "pointless" on anything short of a T-3 line, because either your upload bandwidth is split 20 ways or you're one hell of a leech on most/all of the torrents. I've got 20 ip ports open for torrents and seldom open more than 5 torrents at once.


Top
  
 
 Post subject: Finally :)
PostPosted: Sun Nov 20, 2005 12:30 pm 
Thanks again for the quick reply. Okay so opening a large range of ports is not a good idea. What range would be recommended? The reason Im asking is, im really paranoid about opening ports. Also I probably wont be ever downloading more than 3 files, so 3 ports?

Also, When I connect the CLIENT machine to the network, the Internet Gateway Connection appears in the network connections. It doesnt appear on the HOST machine. If I allow the ports to be opened on the Gateway, will it actually affect the CLIENT? Another question is about XP firewall, even though it is turned I read in another thread that it isnt actually completely off, would that pose as a problem? Thanks again, ill try this out today and get back with the results. Thanks


Top
  
 
 Post subject: Re: Finally :)
PostPosted: Sun Nov 20, 2005 10:40 pm 
Don't be too paranoid about opening ports -- there's numerous idiots even here that connect directly to the internet with no firewall, router, OR antivirus software. With a router or software firewall blocking all the stuff incoming on ports 0-500 that you're not actively requesting, you're safe from the vast majority of internet worms.

To avoid viruses, trojans, and the random ISP blocking default torrent ip ports of 6881-6899...choose ip port ranges for BitTornado in some high number range, such as 37345-37355. That'd be 11 ip ports -- because you count the 1st one as well as the last. Just remember what you used and keep it consistant. It's too easy to forward one set of ip ports then put the wrong values in BitTornado.

If you only ever use 3 torrents at once at most, sure you could just forward 3 ports -- but I think you really should forward 5 ip ports just to be safe.

Security risks only exist if you have a vulnerable application that listens in on those ports. BitTornado is not vulnerable as far as I know. At worst, it might crash -- but that's due to overloads or program bugs more than hostile attack.

A "Dumb Box" computer could be directly connected to the internet and wouldn't be vulnerable to viruses and trojans simply because it wouldn't run them. Problem is, Win XP has lots of special internet-using apps which have all sorts of potential backdoors in them. (Windows Media Player, Internet Explorer, MSN, built-in HTTP/FTP server, LAN messaging, Outlook, ...and the list goes on.) There's websites that tell how to remove, disable, or just reconfigure "core" components of Win XP to reduce the vulnerabilities and speed up the computer, but I don't know a good one to tell you to visit.

You have Zone Alarm, which although not the best software firewall is better than Win XP's. Win XP's firewall is essentially off when turned off, I too have read stuff that suggests it cannot be completely turned off but I've seen nothing that proves that definitely.


Top
  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 7 posts ] 

All times are UTC - 7 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 14 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group