BitTorrent Protection
<a href="http://www.bittorrent.com/">BitTorrent</a> users, a free, open source peer-to-peer file-sharing application, might be wondering how to protect themselves. It's quite difficult to know when a download is masquerading as something it isn't. And while some might associate the tool with those who download illegal music, movie and software files, it's also used in legal ways. For example, users quite frequently download Linux distributions, some of which exist in DVD, a form that can only be obtained via BitTorrent.
BitTorrent users, a free, open source peer-to-peer file-sharing application, might be wondering how to protect themselves. It's quite difficult to know when a download is masquerading as something it isn't. And while some might associate the tool with those who download illegal music, movie and software files, it's also used in legal ways. For example, users quite frequently download Linux distributions, some of which exist in DVD, a form that can only be obtained via BitTorrent.
The hard part is how do you distinguish between good and bad BitTorrents. Unfortunately there is no simple filter at this point. According to the SANS Internet Storm Center you can do some URL filtering, but then a lot of BitTorrent traffic can be encrypted and sneak past some of the proxy servers.
Your best way to control BitTorrent is a proxy that intercepts traffic and blocks all direct connections. This approach works well for http users, which is what most people are using anyway. A proxy typically gives you the best insight into traffic.
Adam Ross is managing editor at the SANS Institute and wrote, edited, and Web produced for The Washington Post's opinions and politics sections, online and in print. You can reach him at aross@nextgov.com.