Help and Support
Ask a question, report a problem, request a feature...
<<  Back To Forum

Feature Request: Separate DHT port

by Guest on 2016/11/10 11:27:29 PM    
To assist in connection obfuscation techniques: it would be advisable to open a completely different port number, within the same range of ports set in the connections settings (or provide a completely independent range), for DHT than the torrent connection itself.  Taking Tor as an easy obfuscation example, DHT operates on UDP which is not forwarded over Tor (without a transparent proxy setup) or other SOCKS/TCP-only proxies.

What happens is, anyone monitoring the swarm and lucky enough to get DHT get hosts requests would immediately have the identity/IP of the DHT user and can then confirm presence in the swarm by matching port numbers.  There are far more port numbers available than members in most swarms, making port numbers an adequate key-space for identifying Torrent users based on same-port number DHT requests.  A few ports can be excluded (51413) from this analysis due to being popular, but otherwise users setting a wide port range effectively self-assign an ID number.

Because trackers are not as rich of a source of peers as the DHT system, disabling DHT is a drastic reduction in functionality.  While this does not solve the problem of being able to identify *potential* participants based on DHT nodes making simple get peers requests all on its own, allowing DHT port to be different from Torrent connection port at least disconnects an item of correlation.  

While perfect is better than good, good is more than adequate when perfection is impossible.  Thank you.
by Guest on 2016/11/12 11:24:54 PM    
Im not disagreeing with this but your ISP can do quite a bit these days based solely on heuristics of packet analysis.
An extreme example I can cite is spectrum (USA telco, merger between comcast and charter creating a monopoly for over 12 states who can't get fiber) WILL redirect your DNS forcibly (i have a router set to external ISP DNS) to
This was after a burst of activity on my IP related to udp transmission of fragmented packets (DNSR flood currently employed by mirai). I asked if my connection was flagged due to "3rd party streaming", they said it was network congestion. I still had to call in to clear this (it happened sometime in the morning I called afternoon my time so presume 8-12 hours affected), they cleared my DNS but UDP didn't work right until about 24 hours had passed. I went from UNconnectable -> to unconfirmed -> confirmed accepting connections after 24 hours.

Just giving a real world example of the necessity to use some POP which allows tunneled connections for everything. I'm currently checking to see if I can openwrt my router and just make everything over a VPN I need to buy service for.
by Guest on 2016/11/13 08:22:33 PM    
The port is the same because it makes settings easier. What benefit is there to a different (2x as many port setups) port for just DHT traffic??
Tixati settings allow you to rotate the port setup. It's what I do.
by Guest on 2016/11/15 06:21:24 PM    
I agree with the OP.  Older versions used to have this ability.
by Guest on 2016/11/20 04:53:37 PM    
Second poster: unrelated.  I don't fear my ISP so much as I fear others.  Also, I run my own Microsoft DNS server for my domain at home, and it's configured with its own list of forwarders.  If my ISP gave me shit I could go elsewhere (competitor available case) or just cut them off and just steal the internet from someone with a dish.

Third poster: You either did not read, or did not understand the OP.  Tor hides my real IP.  DHT (UDP) does not route over Tor.  DHT uses the same port as the torrenting port.  Now, my enemy can sit on a particular torrent, get lucky having my DHT request peers from them on a particular port (which happens to match my torrent port, in a keyspace 65,536 keys big), and can then see that same exact port number show up as a peer.  Usually people are busted at the file-transfer stage (i.e. they bust the actual torrenting), but if they get smart and detect one of those nodes is a Tor exit node, they can then go to the DHT connections record and see if anyone was requesting, from one of their decoys, peer lists for that particular torrent and what the port numbers were.  BAM instant identification.
by Guest on 2016/11/26 08:35:03 PM    
Nice feature request, up for that! Lets be the control of the protocol; these are things that do not break the torrent and gives complexity, which helps for privacy and other cases.
No one has to select the ports individually, but "Advanced Users Mode".
by Guest on 2021/08/23 12:39:10 AM    
Very interesting concern for Tor users. Although in 2.74 the following was added it's not actually for Tor proxies:
added support for UDP peers, DHT, and UDP trackers over SOCKS 5 proxy that supports UDP associate command

This web site is powered by Super Simple Server