Finding Torrent Downloader

Posted on 2011-02-11
Last Modified: 2012-05-11
Our company received a letter from legal firm representing a medial compnay which was forwaed to us by out ISP. It seems someone in out LAN has been downloading copyright protected materials and has exposed our business to copyright infringment liability. Management is very interested in finding the computer/user responsible. What is the best way to do this without having to inspecte more than 70 computers.We use a Netgear RVS318 Router/Firewall
Question by:biztekadmin
  • 3
  • 2
LVL 35

Expert Comment

by:Ernie Beek
ID: 34871145
You could use wireshark and see who is torrenting. You are sure they used torrents for that?

Author Comment

ID: 34871836
I'm assuming a torrent downloader was used becasue I've had previous expiereince in a smaller environment, where someone left a Vuze instance downloading/seeding all weekend, by Friday of the next week we recieved a warning letter from out ISP. What other services / applications should Ibe looking for? As far as Wireshark, any suggestions on how to configure which network traffic to capture to determine who is downloading. Also will wireshark impact network performance? Thank You.
LVL 35

Accepted Solution

Ernie Beek earned 500 total points
ID: 34871908
This should help you with wireshark:

Wireshark shouldn't have an impact on performance, it just listens (to everything on the network).

Though torrent are widely used, you might also want to look at (for example) usenet traffic. That uses port 119 by default or port 563 for SSL connections.

Author Closing Comment

ID: 34871979
Thank you really apreciate the help.
LVL 35

Expert Comment

by:Ernie Beek
ID: 34872082
No problem, always glad to help :)

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now