Does this look like it could be torrent/p2p traffic on my network?

burnface

Honorable
Mar 17, 2014
18
0
10,510
Have someone staying with us, and seems a little questionable sometimes...have started wondering if he is downloading illegally via some form of bittorrent or something.. from my D-Link, I can look at ip addresses visited, and this is a screenshot of the last 5 minutes.
His ip being the one on the left ending in 104, and the right column being the addresses 'visited'.

If I copy any to the address bar, nothing loads, which could mean they aren't just websites right?

From iptrackeronline.com, they seem to be from all parts of the world, which is what worries me. Any help would be great!! Thanks!

Please do not post personal information such as IP addresses. We cannot do anything with these and it's a public forum, and by posting these here it only further makes your network vulnerable to attack from hackers or identity thieves. - G
 
Torrent traffic generally runs on random ports to random ip addresses. The largest clue would be if the ip do not reverse lookup in dns.

Although most torrent traffic is for illegal purposes many of the gaming sites use torrent to distribute their software as well as linux distributions. You would have to actually get inside the torrent streams and try to figure out what files are trying to be obtained.

This tends to be why I never share internet with someone else who I can not trust 100%. You must trust they are not using tools for invalid purposes since usually there is no way to tell until you get letters in the mail claim you are doing illegal stuff.
 

burnface

Honorable
Mar 17, 2014
18
0
10,510


Well let me also add that I had gotten an email from charter regarding copyright infringement, which is what made me start looking into it some. Would the isp be able to provide the mac address so I can check further generally? And thanks for the reply!
 
Nope the router makes everyone look the same to the ISP. They all look like they come from the router. You would need a logging machine and a router that can export session data. Most people would stop if you tell them you received the email but some that have nothing to lose...ie kids will keep doing it anyway.
Torrent is the hardest of any to block since it is designed to get around most router settings designed to block it. Most ways to prevent it tend to be painful to other users. The best way is to try to get a list of the seed sites and block those it will slow them down a bit. You should be able to use opendns as your dns server and maybe block the p2p sites but it is pretty easy to bypass opendns if you know what you are doing