Re: Security concerning Tor, BitTorrent and Firewall

[a a <werner12345@xxxxxxxxxxx>]

Oh, excuses. I do not (at least not after the distinct replies) intend 
to use this either to leech torrents or to leech Tor. Anyways, after 
testing this for approximately three minutes, my ol' pa went totally 
nutters on the realisation that this might circumvent the firewall (and 
yes, he's usually nutters for a reason).

A more accurate question on my behalf would therefore be: Can Tor (if 
you use it without (or with, for that matter) port forwarding the 
firewall, create "holes" in the firewall by allowing incoming 
connections through the Tor proxy. The µTorrent case kinda implies this 
(riiight...?) as the other peers seemed to be able to connect to me at a 
higher rate...

Or am I completely off the rails?
Or should this be put to rest because it is simply exploration of 
exploitation ?

Anyways, thanks for your replies so far, I am not particulary 
experienced in this so I'm sorry for any treaded toes.

Arrakis wrote:
> Arand,
>
> I doubt you will find anyone who wants to help you steal bandwidth
> from tor so you can abuse it by downloading torrents. You would be
> better to stick to a commercial service.
>
> Regards,
> Arrakis
>
> > USING:
>
> > Tor & Privoxy & Vidalia bundle 0.1.1.26
> > Windows XP Home
> > µTorrent
> > 3com firewall
>
> > HAPPENINGS:
>
> > I am using Tor behind a 3com firewall, in connection with µTorrent.
> > Before using Tor I -naturally, having not opened any ports on the
> > firewall- experienced low connection (up&down) rates in µTorrent. However,
> > after installing the Tor bundle and configuring µTorrent for use with the
> > Tor proxy server (as described at
> > http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO#head-0d047b05e9b
> > 93c23cec9198550816a114012bde0), I suddenly experienced connection speeds
> > which would equal those, had I used a normal port forward on my firewall.
>
> > QUESTIONS:
>
> > Firstly, how does this work?
>
> > Secondly -on account of a port forward always being a security risk- Is
> > this a similar security risk?
>
> > And lastly, if it is indeed a security risk (no matter how small), does
> > this apply to other programs than BitTorrent clients, using the Tor proxy
> > server?
> > __________
>
> > I first inquired with the Privoxy about this issue (presuming that it 
> > was related to Privoxy) and I recieved the following response: 
> > > --- Date: 2007-02-19 13:17 Sender: fabiankeil </users/fabiankeil/> --- 
> > > Are you sure that your provider doesn't throttle BitTorrent traffic? 
> > > By using Tor you prevent your ISP from knowing which services (other 
> > > than Tor itself) you're using and this could explain why using Tor 
> > > speeds up your BitTorrent traffic (it's no longer rate limited by your 
> > > ISP). Privoxy itself is unlikely to have anything to do with it and I 
> > > don't think port forwarding has anything to do with it either, but I'm 
> > > not familiar with BitTorrent. The short answer to your last questions 
> > > is "No", but as it has nothing to do with Privoxy you should checkout 
> > > the Tor documentation for details and ask again on the or-talk mailing 
> > > list if you have further questions.
> > I am fairly certain that my ISP is not the issue here, so I remain 
> > puzzled... And I've so far not found any answers in the Tor documentation.
>
> > Anybody got something on this?
>
> > - Arand