File-Sharing Security Programs

This article was published by ComputorEdge, issue #2849, , as a feature article, in both their PDF edition (on pages 11-18) and their website.

If email is considered the number one "killer app" of the Internet, then perhaps file sharing would be a contender for second place, because tens of millions of Internet users, at a bare minimum, are actively uploading and downloading files using a variety of file-sharing networks. According to research published in the Stanford Report of 17 March 2004, the number of participants worldwide was estimated at 70 million, and that was over six years ago, during which time the total figure has probably increased, given the continued proliferation of Internet access throughout the world, as well as more people becoming familiar with file sharing, and opting to use it as a source of music, movies, electronic books, and other resources.

The file-sharing networks are generally referred to as "peer-to-peer" (P2P). With the early P2P networks, when you download a file, it is copied to your computer from that of another individual. Consequently, if he turns off his computer halfway through the process, then you initially end up with only an incomplete file. (You may be able to complete that file if another source with the exact same file, logs onto the network, makes that file available to you, and allows you to download the rest of it without interruption.) BitTorrent is a more recent innovation, with the primary distinction that you download a file in pieces, usually from multiple sources, which reduces the risk of an incomplete file at the end.

All of these networks have been and continue to be used for sharing files that are fully in the public domain — such as electronic versions of books no longer under copyright, independent music made by artists who encourage its worldwide dissemination, freeware and shareware software, and much more. However, the owners of copyrighted material — such as popular recorded music and movies — point out that the bulk of the files being made available on these networks, are done so illegally, because those files are songs and movies, and the people uploading them to the networks have no right to distribute them in that manner, and the people downloading them are making copies of the protected material, and thus violating copyright laws. Industry groups in the United States, such as the RIAA and the MPAA, have for years been filing thousands of lawsuits against Internet users accused of sharing copyrighted music and movies (usually in the form of MP3 and AVI files, respectively). In most cases, these authorities are able to prove that the defendant was indeed making some files available on a P2P network, based upon the individual's IP address. But the process is not always foolproof, because some of the people receiving cease-and-desist letters, settlement offers, or lawsuits, don't even own computers!

For this and other reasons, many people wonder how they can protect themselves against unfair accusations, and yet still continue to enjoy the benefits of file sharing. In response to this need, programmers in both the commercial and academic worlds have developed a number of countermeasures.

Secret Addresses

One approach to avoiding trouble on P2P networks, is to somehow set your computer to ignore connection requests from IP addresses that are known to be used by industry organizations, the research firms they hire, governments, and law enforcement bodies. Perhaps the two best-known utilities that offer this capability are PeerBlock and PeerGuardian.

PeerBlock is billed as a tool that can control who can connect to your computer on the Internet — specifically, it keeps a list of IP address "ranges" that are known to be associated with anti-P2P monitoring companies, hacked computers ("zombies" that have been infected so as to spread malware), spyware servers, and advertising companies. Because PeerBlock is able to block some sources of malicious software, it thereby can serve as an additional weapon in your arsenal against malware.

PeerBlock home page
Figure 1. PeerBlock home page

Installing PeerBlock on your own computer and trying it out, is quite easy. Go to the PeerBlock downloads page, and choose either the current stable release (1.0, as of this writing) or the beta release, which has more up-to-date bug fixes, but may not be as reliable as the stable release. The former is recommended, and will be demonstrated here. Like most P2P security applications, PeerBlock runs on Windows 2000, XP, Vista, 7, and Windows Server — both the 32- and 64-bit versions, where applicable.

On that downloads page, look in the "Portable Packages " section for the download link appropriate for your version of Windows. All of them are Zip archive files, and not installation executables, so download the file to your computer, unzip it into a destination directory (such as C:\Program Files\PeerBlock), and then run the file peerblock.exe, which starts the program. The first time that you run it, it will detect that it needs to be configured, using some dialog screens, which should be understandable. You will be prompted to specify what types of ranges you want blocked, including anti-P2P organizations, advertisers and data trackers, spyware and adware servers, and educational organizations. You can optionally import or create your own list of ranges to block. By default, your list will be updated every other day, but you can change that.

As soon as the configuration process is finished, the program begins running, and tries to connect to the server update.peerblock.com, which you can allow using your firewall. The configuration does not make it possible for you to easily specify that you want the program to start every time you start Windows, but you can set that yourself by making a shortcut to the program (right-click on the file in Windows Explorer, and in the context menu that pops up, choose the menu item to create a shortcut), and copying newly-made shortcut into your Windows startup folder.

PeerBlock user interface
Figure 2. PeerBlock user interface

The six buttons on the Protection tab, and the Settings tab, will not be discussed here, because at this point the program is running properly. At first you will not see much active blocking, but that can change if and when you log into a P2P network.

Similarly named, PeerGuardian was developed and made available by Phoenix Labs.

Phoenix Labs home page
Figure 3. Phoenix Labs home page

The company describes it as the "premier IP blocker for Windows. PeerGuardian 2 integrates support for multiple lists, list editing, automatic updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc), making it the safest and easiest way to protect your privacy on P2P." PeerGuardian 2, the current version, supersedes the earlier one, which was one of the pioneers in this realm of software.

However, PeerGuardian 2 itself has, in a sense, been superseded by PeerBlock. Even though PeerGuardian served Internet users well for many years, it developed a reputation for crashing occasionally, for not being updated during the past few years, and often experiencing problems downloading the latest ranges from the SourceForge servers, which tend to be slow and unreliable. So PeerBlock switched over to using I-Blocklist, which is a big improvement.

Anonymous Sharing

Preventing connections from suspected anti-P2P addresses, is but one way of increasing the security of one's file sharing. Several other methods have been devised and tested over the years, and no doubt many more will be developed in the future.

BTGuard is a BitTorrent client program that anonymizes your computer's IP address, by directing all of the traffic through a proxy server — much like a middleman between you and all of the other participants in the sharing of a file. (Those participants are called "seeders" if you are obtaining the BitTorrent file from them, and "leechers" if they are obtaining the file from you.) Consequently, no one else who is connecting to your computer is able to identify your IP address. Instead, if a bad server is on the network, and sharing a file with you, it only sees the IP address of the BTGuard server, and not yours.

BTGuard home page
Figure 4. BTGuard home page

However, unlike the IP-blocking programs mentioned earlier, BTGuard is a commercial service, and currently charges $6.95 per month. Some people who insist upon obtaining all of their music and movies for free, may balk at paying a monthly service fee. But compared to the settlement amounts currently being collected by the RIAA and MPAA, the BTGuard service charge is an absolute bargain should one get caught by the industry groups.

Rodi is a free and lightweight P2P program that is supported on Windows and all major distributions of Linux.

Rodi home page
Figure 5. Rodi home page

Rodi possesses two advantages over the typical BitTorrent client: Firstly, you can search for torrents within the client program, without having to use torrent search sites, such as The Pirate Bay. Secondly, the program is designed to provide full anonymity for your IP address, using a process referred to as "bouncing". If you want a file from someone else, X, who may or may not be a malicious source, then a second person on the network, Y, is temporarily placed as a middleman between your computer and X's. As a result, X gets Y's IP address, but not yours. In fact, using IP spoofing, it can even be set up so that Y's address is hidden from X.

To download the installable program, and not the Java source code files, go to the Rodi SourceForge page, choose "View all files", and on that page click on the link for rodi_0.3.60.zip (or whatever the latest version is when you read this). Open up the Zip file and save its contents in a new Rodi directory. For Windows users, run the file runRodiWin32.bat, click the "Setup wizard" button, and follow the instructions. It performs a number of highly technical steps, and eventually asks you to restart the application. When you do so, it tries to connect to the server larytet.sourceforge.net, which can be allowed. Your Windows firewall, if enabled, may try to block the Java program from accepting connections from the Internet; simply choose "Unblock".

Rodi user interface
Figure 6. Rodi user interface

American universities are known as hotbeds of file sharing, so it is no surprise that research and development in file-sharing security has been done on US campuses. OneSwarm is a file-sharing program that was created by computer science researchers at the University of Washington to provide better privacy on P2P networks. It runs on Windows, Mac OS X, and Linux machines. The website offers a couple screencasts, consisting of an overview of the product and a demonstration of remote access.

OneSwarm home page
Figure 7. OneSwarm home page

OneSwarm uses what is often referred to as a "friend-to-friend" method, because instead of allowing direct connections between you and other file sharers, multiple intermediaries are used. In addition, the program uses multiple sources for downloading, rewrites the sources of IP addresses, and uses SSL-based point-to-point encryption.

Even though the OneSwarm installation file is much larger than any of the others mentioned here, the installation process is quite straightforward. Once again, the Windows firewall will try to block the connection. As soon as the program runs, it immediately starts Internet Explorer (for Windows users) and goes to the address http://127.0.0.1:29615/. The online help information can provide more details as to what to do from that point.

Whether you choose to employ only one of the security tools discussed here, or combination of them, do not make the mistake sharing files legally without some sort of protection. Practice safe hex!

Copyright © 2010 Michael J. Ross. All rights reserved.
bad bots block