Encrypted Peers vs. Unencrypted Peers

Topsersem

Thanks for the responses, folks.
Sorry if I wasn't too clear
When I upload, I see that some peers/clients are encrypted and others are not. I can only presume that all connections are coming from other Gaytorrents members.
Seems reasonable for one to enforce the encryption feature in their client of choice.
The bottom line question was as to whether or not any traffic here might be visible to outside parties.
As for VPN, I have that option, but rarely use because it really slows things down and is often prone to DNS leaks.
BTW, I use the "Tixati" client which I find to be far superior to all the others (except maybe "Qbittorrent" and "rtorrent").

MrMazda

I had a solution for the potential for DNS leaks… I use my own DNS servers now, so that I can control what passes through them, and I can be sure that no information is being skimmed out of the results because I own the actual servers that handle the requests.

Topsersem

@MrMazda:

I use my own DNS servers
I own the actual servers that handle the requests.

Sounds like you're way ahead of the game, Mazda.

OK, I've used Opennic's servers in the past but, they're not my own - merely replacements for my provider's servers.

Can you please elaborate? I'm intrigued.

MrMazda

I have 4 of them in total, all in different geographical areas, but that's because I also host the DNS services for several different domains online. If I were just using them for regular internet traffic, I would only need one really. Simply put, take a Linux box and install a basic copy of Bind onto it…. It is also recommended to setup RNDC, as this will help with a few things down the line.

From there, just be sure to update the root zone from time to time, then configure your computer or network's DNS settings to point to that Linux box. The Linux box will actually do all the DNS resolving for you, pulling the information straight out of the Master DNS servers, which bypasses the need for a 3rd party DNS service, which can potentially lead to DNS inquiry information being leaked.

Topsersem

Thanks for the info, Mazda. Sounds perfectly logical when one is maintaining the services you are.

Alas, I'm just a lowly but, somewhat savvy end user with an outlook towards maximum achievable security.

Granted, no setup can be 100% secure, esp. when dealing with Windows.  :afr2:

Have been considering moving to a Linux flavor such as Debian. Better yet, FreeBSD or, even better, an RTOS such as QNX (which is, sadly, no longer offered to end users). And it goes on…

Any suggestions? Would love to continue the dialogue! 

MrMazda

I'm a BIG fan of Ubuntu, which is Debian based… Especially when you combine it with a useful little tool such as Webmin. It makes life WAY more straight forward

Topsersem

I've read that Ubuntu has supposedly been compromised, what with back doors and such like as it is the most popular Linux flavor.

As for "Webmin", I looked at it and will seriously keep it in mind when I move up to your level. 

MrMazda

It can be compromised if not properly configured, however if you configure your firewall and any server services you may be using properly, I actually recommend using it as a main firewall. If doing MLPPP though, it won't handle more than two DSL lines at the same time without choking horribly I've discovered.

Topsersem

What about "PFSense"? Can be implemented on Linux as either soft or hard firewall.

That's it! I'm getting myself a SPARC station and never mind the unencrypted peers! :cheers:

MrMazda

Yes… It  can be if you so desire... To me though it's a little redundant as Linux itself can manage just the same...

The ONLY thing that I've found that Ubuntu simply CANNOT do is MLPPP using more than 2 DSL lines. I used to use my Ubuntu server as the central be all and end all for the network, including running the MLPPP to make the internet work. Once I installed a THIRD line however, I began having a great deal of difficulty with getting it going on all 3 lines at the same time. So... I made the switch over to a Mikrotik router. The Mikrotik router now bonds what is currently THREE lines, but as of next week will be FOUR lines together, then shares them out as a single line across the basement to the central switch that everything connects through.

If you're not using MLPPP on more than two DSL lines though, I've found that Linux by itself seems to have everything it needs. It's just a matter of knowing how to set it all up.