BitTorrent curiosity

Quote from wiki (Filesharing and Torrenting): “Whonix will keep your IP address hidden while you use BitTorrent and other file sharing and P2P programs.”

But Tor doesn’t support UDP (which is the main protocol used by BitTorrent). Whonix also stops non-Tor traffic from leaving the VM, so in theory torrents (and other programs that don’t use TCP) shouldn’t even work at all, but according to the wiki they do.

Am I missing something obvious here? How does Whonix handle torrents?

You can Tunnel UDP over Tor using VPN, SSH or proxy.

1 Like
  • There are file sharing programs that don’t use UDP by default.
  • There are file sharing programs that keep up well with network limitations such as blocked UDP and fall back to TCP-only.
  • There are file sharing programs that offer TCP-only options.

Quote BitTorrent (not too thoroughly vetted if true):

  • TCP: Typically, BitTorrent uses TCP as its transport protocol. The well known TCP port for BitTorrent traffic is 6881-6889 (and 6969 for the tracker port). The DHT extension (peer2peer tracker) uses various UDP ports negotiated by the peers.

So while DHT may not work (perhaps not at all or not out of the box without additional configuration tweaks), torrent download using centralized torrent trackers is still possible.

See also:

1 Like

Or, you can tunnel the traffic with a service that always uses TCP (e.g. VPN)

Ooops just saw the 0brand already mentioned that.

This is bad advice. VPN are a honeypot, they “work” by trust only. They are promoted by VPN companies everywhere because they make profit on it.
It is also bad idea to send some whonix traffic with Tor, some with VPN.
Torrent over Whonix, just add many HTTP trackers, since you can’t use DHT.

This wasn’t advice. The users specifically asked how is was possible to use apps that use UDP if Tor only supports TCP.

Perhaps a warning is in order, but I believe such already exist in the appropriate sections of the wiki.

In addition, you can also set up your own VPN / SSH server if you have a reliable (again… who do you trust) host. So this procedure is valid without trusting any particular VPN provider.