Brain on Fire » Blog feed Tim McCormack says words

Download a torrent from behind a firewall

Automated disclaimer: This post was written more than 15 years ago and I may not have looked at it since.

Older posts may not align with who I am today and how I would think or write, and may have been written in reaction to a cultural context that no longer applies. Some of my high school or college posts are just embarrassing. However, I have left them public because I believe in keeping old web pages aliveā€”and it's interesting to see how I've changed.

Problem
Is your ISP practicing traffic shaping so restrictively that you can't use torrents?
Solution
Use an encryption-enabled torrent client, such as Azureus.
  1. Get Azureus from azureus.sourceforge.net. (You need to have Java installed on your machine first.)
  2. Run and configure Azureus:
    • Skip any updates, because they rely on torrents.
    • Set your proficiency level to Intermediate, so you can change the encryption settings later.
  3. Go to Tools -> Options -> Connections -> Transport Encryption, and require encryption.
  4. Under Mode, set your proficiency to Beginner. (Beginner has all the options you'll ever need as a downloader.)
  5. Restart Azureus, and let it do any updates it deems necessary.
Explanation
Encrypting the transport layer prevents your ISP from determining what kind of traffic is passing through. If it can't tell it's a torrent, it can't slow or restrict it.
Notes
If you are only trying to avoid traffic shapers, set the minimum encryption level to Plain, which only obfuscates the packet headers. If plain encryption fails, Azureus will automatically escalate to RC4, which encrypts the entire packet. If you are also trying to avoid being caught downloading commercial music or software, you should probably use RC4 as the minimum. Actually, the best way to avoid being caught pirating is to use an extension like SafePeer. Encryption won't do anything, because your IP address is still visible.
Resources

Responses: 15 so far Feed icon

  1. #755 | Thursday, August 31st, 2006 at 19:03 (EDT)

    Muzufx says:

    Thanks a lot for this mate.....

    hails AZUREUS ... and not to forget: YOU

  2. #757 | Thursday, August 31st, 2006 at 20:04 (EDT)

    Tim McCormack says:

    Sure thing!

    Oh, and if your ISP prevents you from downloading the .torrent files themselves, you might install tor + privoxy + vidalia and then the torbutton extension for firefox. I should write a blog post about that, too.

  3. #26447 | Saturday, July 25th, 2009 at 22:47 (EDT)

    Michael says:

    Even if this is 3 years old, it's still very relevant. I go to boarding school, and they won't let us download torrents. This is VERY helpful!

  4. #26448 | Saturday, July 25th, 2009 at 22:53 (EDT)

    Tim McCormack says:

    Glad to hear it, Michael!

  5. #27318 | Tuesday, August 18th, 2009 at 02:45 (EDT)

    Thomas says:

    This dosen't work for me, i'm still not getting any dl speed, any suggestions?

  6. #27332 | Tuesday, August 18th, 2009 at 09:37 (EDT)

    Tim McCormack says:

    Thomas: This post is over 3 years old, and traffic shaping/blocking technologies have changed. I don't think I can help you.

  7. #27397 | Thursday, August 20th, 2009 at 02:24 (EDT)

    Thomas says:

    oh okay, just thougt it still would help, when it helped Michael.

  8. #27754 | Monday, August 31st, 2009 at 22:55 (EDT)

    Stephen says:

    so I'm attending Northeastern and I was wondering how easy it is to torrent, they told me I have to register my mac address with resnet and all that. any words of advice?

  9. #27755 | Monday, August 31st, 2009 at 23:26 (EDT)

    Tim McCormack says:

    @Stephen: Northeastern does not block downloading of .torrent files or bittorrent traffic in general, though they may throttle the traffic to reduce network load.

    Registration is a common practice now at universities. I don't like it one bit, but I understand why they do it. If you don't want them snooping on your traffic (since they claim a right to do so), get a server slice elsewhere in the world and SSH tunnel your traffic through that box.

  10. #27831 | Wednesday, September 2nd, 2009 at 23:31 (EDT)

    Stephen says:

    Alright, thanks.

  11. #29251 | Thursday, October 15th, 2009 at 20:04 (EDT)

    Will Pk says:

    "get a server slice elsewhere in the world and SSH tunnel your traffic through that box."

    How do you go about doing that? can you write a quick guide on it?

    Thanks in advance

    Will.

  12. #29253 | Thursday, October 15th, 2009 at 21:12 (EDT)

    Tim McCormack says:

    @Will Pk: It's not something I have a whole lot of experience with, but here's what you'll need to find out in order to do it yourself:

    How to do port forwarding with your SSH (probably dynamic forwarding, maybe also reverse forwarding), most likely either PuTTY or OpenSSH Whether you want a full server, a remote terminal, or just a proxy (and how much it will cost you) What the bandwidth and traffic policies of the service are

    If you just want tunneling for a specific protocol, you may want to investigate more specialized services. For instance, I've heard of a bit torrent traffic anonymizer service that seemed pretty reputable. (I don't recall the name.)

    And hey, if you manage to set something up... blog about it!

  13. #42104 | Wednesday, September 22nd, 2010 at 11:38 (EDT)

    MauroChSS says:

    Still working.......... :)

  14. #45667 | Tuesday, December 21st, 2010 at 05:27 (EST)

    Manish says:

    @Will Pk You can do that you require a Hardware outside your organisation not to mention Public IP reachability on it. Then depending upon the hardware you will have different procedures to set them up, e.g. If are using a CISCO ASA firewall(at remote end) you need to install Easy VPN(Search Youtube for how to) if you have a Server with Windows server running on it You can use PPTP or SSTP VPN on it. Once you have set up and connected ur Client machine to remote VPN, u can change SOCKS proxy in your browser to 127.0.0.1 and port no to VPN Tunnel no(u will get this from ur VPN client software) and thts it.

  15. #87821 | Wednesday, April 17th, 2013 at 16:27 (EDT)

    ace_berry says:

    This solution still works....

    Thanks for posting this!!!!!

Self-service commenting is not yet reimplemented after the Wordpress migration, sorry! For now, you can respond by email; please indicate whether you're OK with having your response posted publicly (and if so, under what name).