Hi,
I’m on my final year at BCU studying computer forensic.
For my final year project I’m looking into analysis of a bittorrent system which is split up into 3 areas.
Area One
I have already created a torrent tracker server which initially was on my own PC but changed to a company server for security reasons.
Area Two
The analysis of a torrent file. I have to use tools such as FTK,encase and RegViewe to investigate 5 different torrent files using 5 different torrent clients. (Bitcomet, BitTorrent etc…)
Area Three
Legal issues with torrent files and media sharing.
Any information you can supply me in these three areas would be helpful no matter how small.
Thanks, Alan
Hey,
When you say you wish to analyse the torrent files, do you have any expectations as to what you may find or is a project of discovery? ".torrent" files contain information about the file size, name, integrity data and it's related parts, they also keep information about the tracking servers.
Just to be sure, you shouldn't expect to find anything about peers in the actual files, the real meat is in the analysis of torrent network traffic - this will give evidence that the user has been downloading or sharing illegal content when coupled with the physical files on his/her machine.
Legally speaking, torrent trackers do not host any illegal content themselves, but as we have seen in a few cases, that doesn't seem to make a spot of difference.
Maybe something helpful would be what your aim is with the project. Is there any data in particular that you are wanting to retrieve or is it just a "I'll find anything I can" project? That may allow some of the experts (of which I am not one) on the site to give more tailored answers. )
~ Tom
Hi!
You may also want to use Dumptorrent tool, which does a good job on parsing .torrent files.
http//
Good luck,
Greg
I don't understand what you hope to gather from analysing a .torrent file, as has already been stated the .torrent file doesn't hold much information. You don't need a tracker to analyse the .torrent files all you need would be a torrent client to make your own files (plenty of tutorials online for this). Now something that most torrent clients do is to encrypt the traffic so you don't always see IP addresses. If you were to try and analyse this i would be very interested in your results for this which ever you end up doing.
Just bare in mind as well the cloud, people using seed boxes and dedi servers, so files not always being on the hosts computers
Hi Alan,
We recently added torrent file support to IEF. You can give it a try form for free at
Thanks
Adam
Belkasoft Evidence Center (