Security with bittorrent client on LAN



  • Hi!

    We need to have at least one bittorrent client on our LAN. Most info I can find is either how to block and manage torrent traffic or how to configure it to work on a home network. What we want is to have a bittorrent client at least on one machine but setup in a secure way.

    As a test I've set up transmission as a client. I have no port forwards and disabled UPnP and NAT-PMP and also uTP.
    I have peer exchange and DHT enabled. Transmission works as it should but I'm not sure exactly how. I have opened outgoing tcp/udp from LAN to WAN for this particular IP address.

    In any case, my question is what is the most secure and still practical way of handling a bittorrent client?

    The files that are downloaded should end up on a samba server on the LAN.
    We would be satisfied with one bittorrent client that could be managed over the web client interface.

    Should I have a dedicated machine placed in a DMZ or something like that?

    Thanks for any suggestions,

    Pete