Friday, May 17, 2013

How to recover Windows passwords

This tutorial explains what to do if you have forgotton your Windows user password. Windows versions after XP can't be accessed through safe mode or otherwise. External applications are needed to reset/change the user password so it's possible to login again.

Caution: This tutorial is for advanced users. If you completely don't understand it, get someone who does. Alternatively, you can try other tools for this purpose. For example PCLoginNow (http://www.pcloginnow.com/product.html) or Ophcrack (http://ophcrack.sourceforge.net/).
See this link for more password recovery tools
The following way has been successfully been tested with Windows NT, 2000, XP, Vista, and Windows 7.

Related links:

Official website: http://pogostick.net/~pnh/ntpasswd/
FAQ (Frequently asked questions)

Related downloads:

cd110511.zip (~3MB) - Bootable CD image.
usb110511.zip (~3MB) - Files for USB install

The files inside the USB zip are exactly the same as on the CD. See below for instructions on how to make USB disk bootable.

How to make the CD

Unzipped, there should be an ISO image file (cd??????.iso). This can be burned to CD using whatever burner program you like, most support writing ISO-images. Often double-clikcing on it in explorer will pop up the program offering to write the image to CD. Once written the CD should only contain some files like "initrd.gz", "vmlinuz" and some others. If it contains the image file "cd??????.iso" you didn't burn the image but instead added the file to a CD. I cannot help with this, please consult you CD-software manual or friends.
The CD will boot with most BIOSes, see your manual on how to set it to boot from CD. Some will auto-boot when a CD is in the drive, some others will show a boot-menu when you press ESC or F10/F12 when it probes the disks, some may need to have the boot order adjusted in setup.

How to make an bootable USB drive

Copy all the files that is inside the usbXXXXXX.zip or on the CD onto an usb drive, directly on the drive, not inside any directory/folder.
It is OK if there are other files on the USB drive from before, they will not be removed.
Install bootloader on the USB drive, from command prompt in windows (start the command line with "run as administrator" if possible)
- X:syslinux.exe -ma X:
Replace X: with the drive letter the USB drive shows up as (DO NOT USE C:)
If it seems like nothing happened, it is usually done.
However, a file named ldlinux.sys may appear on the USB drive, that is normal.
It should now in theory be bootable.
Please know that getting some computers to boot from USB is worse than from CD, you may have to change settings, or some will not simply work at all.
How to make the floppy
The unzipped image (bdxxxxxx.bin) is a block-to-block representation of the actual floppy, and the file cannot simply be copied to the floppy. Special tools must be used to write it block by block.
Unzip the bd zip file to a folder of your choice.
There should be 3 files: bdxxxxxx.bin (the floppy image) and rawrite2.exe (the image writing program), and install.batwhich uses rawrite2 to write the .bin file to floppy.
Insert a floppy in drive A: NOTE: It will lose all previous data!
Run (doubleclick) install.bat and follow the on-screen instructions.

Offline NT Password & Registry Editor, Walkthrough

The following is a walkthrough of using the CD to reset one user (admin) on a test Vista computer. Insert the CD and convince your BIOS that it should boot from it. How to boot from a CD varies from computer make to computer make, so it depends on your mainboard. Some BIOS shows a boot device select menu if you press ESC, F8, F11 or F12 or something like that during the self test. (some even tell you on the screen what to press) If it boots, you should see this -> Usually just press enter here. If you have linux knowledge, you can tweak kernel options if you need/like. Then it boots and outputs a lot of kernel messages about your hardware and such.. most if not all are nothing to worry about.	Click images to enlarge
Most of the generic linux boot now done, and we try to load the disk drivers. If you use the floppy version you will be asked to swap floppies at this point. Drivers are then tried based on PCI hardware indentification. Most of these messages are from the drivers themselves. Some talk a lot, some doesn't. But all give info on the brand and model and size of the disks found, if any.
Here you select one of the partitions listed above (in this case there is only one) or one of the letters from the menu. If there is a 100MB partition and a big one, select the big one. Floppy users may need to do 'f' to load in more drivers from another floppy. The 'd' option will re-run the PCI scan and start relevant drivers (they must already be loaded from floppy with 'f' option) The 'm' for manual load will present a list of all the drivers with short description if available, and allow you to specify which to load. (Dependecies are handled automatically) Here we only have one partition, so we just press enter to select it. The registry is usually system32/config under WINDOWS or WINNT directory, depending on the windows version (and it may be changed during installation). If the correct partition has been selected, the default prompt will be adjusted to match if it can find one of the usual variants. Press enter, then the program will tell if the correct directory has been selected.
Choice 1 is for password edit, most used. But if you wish, you can load any of the files (just enter it's name) and do manual registry edit on them. But here, we select 1 for password edit, some files are copied around into memory and the edit application is invoked.
This demo shows selection 1 for password edit, but you can also do other things. Note that 2, Syskey may be dangerous! AND NOT NEEDED TO RESET PASSWORDS! and does not work at all on Vista, but you get some info before you do any changes. Selection 3, RecoveryConsole is only relevant for Win2k, XP and 2003 and you must have selected to load the SOFTWARE part of the registry (selection 2) earlier. The manual registry editor is always available, it is not the most user-friendly thing, but anyway.. We continue our quest to change our "admin" users password..
This is a list of all local users on the machine. You may see more users here than in the overly user-friendly control panel, for example XP has some help and support built in users. The users marked "ADMIN" are members of the administrators group, which means they have admin rights, if you can login to one of them you can get control of the machine. The buildt in (at install time in all windows versions) administrator is always RID 01f4. This example is from Vista, and Vista by default has this locked down (the installer instead asks and makes another user the regular use administrator, in this case RID 03e8) The "lock?" collumn show if the user account is disabled or locked out (due to many logon attempts for example) or BLANK if the password seems to be blank. We select to edit the "admin" user (this was the user made administrator by the Vista installer)
Some status info, user is locked out if "Disabled" is set or "Failed login count" is larger than "max tries" policy setting. This user is not locked in any way. The lockout can be reset with option 4 below. UNIQ5cff702f5288ada4-pre-00000002-QINU Here we just reset/clear/blank the password. But you can also try to set a new password with option 2, but it will only work if the password is not blank already. Also, it often fails to work on XP and newer systems. Number 3 is to put a non-admin user into the administrators (220) group, thus making the user an administrator. IT IS STILL EXPERIMENTAL AND IT MAY sometimes RESULT IN STRANGE ERRORS WHEN LATER EDITING THE GROUP FROM WINDOWS! Also, usually pointless in promoting the Guest user, as it is most likely forbidden to log in by the security policy settings.
Exclamation point ! quits out (it's SHIFT 1 on the US keyboard layout used on the boot CD) Then we get back to the main menu, and select to quit..
You must answer y, or the changes will not be saved. This is the last chance to change your mind! Only changed files of the registry are actually written back. If you forgot something, you may run again, else press CTRL-ALT-DEL to reboot.
If you see an error message now, this does not mean that it isn't working. Reboot and test if Windows can be accessed again.

Wednesday, May 15, 2013

How to setup HideMyAss Pro VPN Client

If you don't have a HMA Pro VPN account yet and need help with registering, see: How to register for HMA Pro VPN Below find detailed information about how to install use the HMA Pro VPN client for Windows:
Installation of the HMA Pro VPN client
First you need to download the HMA Pro VPN client for Windows: HMA-Pro-VPN-2.8.0.7-install.exe The Microsoft NET framework is required for this. Get it here: NET Framework Now start the clients setup file. The installation will run as displayed in the animation on the right -> Please note: You need administrator privileges to install the HMA client. To ensure this, install the HMA client by rightclicking the setup file and select "Run as Administrator" Should you receive a warning that the TAP driver did not pass the driver signing check by Microsoft - this is nothing to worry about. Just confirm and let the installation finish. Should the installation get aborted because of this, or if you're unable to connect with the HMA client, you may need to disable the Windows Driver Signing check first and then install the client. See instructions for that here: Driver Signing Check
Using the HMA Pro VPN client
Important settings: When starting the HMA client, you'll see the "Dashboard". To get started, first things to do are: Entering username and password select a VPN protocol (OpenVPN/PPTP) select a VPN server See the image on the right; once done that, hit "Connect to VPN" and the client will start to connect. In the left menu, you can switch between the tabs of the HMA client, which are: Dashboard Index page, for controlling connection options and login details Country selection Shows a worldmap with all servers, so you have a better geographical overview IP address settings Set automatic IP changes, IP verifying options and see your IP history Secure IP bind Force applications to only work while VPN is connected (e.g. filesharing tools) Speed guide Compare speeds of all HMA servers with a single click (disconnect from VPN first!) Proxy settings Needed if you're online through a local network proxy (does not affect anonymity!) Billing & Packages Quicklinks and info about your billing cycle, payment plan, etc. Below you'll find descriptions of all features of the VPN client software.
Dashboard When starting the HMA client, you'll first see the "Dashboard". For connecting to the VPN, enter here your account username and password. Select a protocol (OpenVPN/PPTP) and a VPN server. It's best to choose a server, which is near your real location, to get the best speeds. Usually it doesn't matter which VPN protocol you choose. OpenVPN is more secure, but PPTP seems to be faster in most cases. If you should be unable to connect, the first thing to try would be changing protocol and VPN server.
Dashboard - Settings Here you can enable/disable "Load Balancing". Load balancing is a feature that allows you to switch to a less-loaded VPN server, should you try to connect to a VPN server that is heavily loaded. You can choose between a) Switch to a less-loaded server within the same location (City) b) Switch to a less-loaded server within a certain country or preselected server group By standard, you'll get asked and need to decide, if you want to switch to a less-loaded server. When unchecking the "Show warning before load balancing" checkbox, you'll automatically be switched to a less-loaded server, without confirmation. In addition, you can choose to only use load-balancing if a server is 20%, 30%, 50% or 60% more loaded than other servers from the same group.
Country selection In "Country selection", you'll find an overview of all available HMA Pro VPN servers, sorted for distance and countries.
Country selection - Map overview In the "Map overview" you'll see a worldmap with all server locations marked. It gives a better overview about how far away the servers are, and where the servers are located.
IP address settings In the "IP address settings" tab you can: 1) Change your IP with a single click 2) Setup automatic IP change after every X minutes/seconds 3) Choose a IP-verifying website, to make sure your IP really has changed on connection
IP address settings - IP History The IP History shows you all IPs you have used til now, including country, date+time, server name.
Secure IP bind With the Secure IP binding feature, you can prevent any application from making connections, when the VPN is inactive. This is especially useful if e.g. you let your BitTorrent client running through the night. With enabled IP binding, your torrent client won't leak your real IP when the VPN should get disconnected.
Speed Guide With the speed guide feature of our VPN client, you can always check which VPN server is the fastest for you. For that, select the servers you want to test. You can choose to Test both protocols test only OpenVPN protocol test only PPTP protocol only do a ping test (to check the latency) do an express test (faster than the full test) do an full test (most accuracy) There is also a history, so you can check the results of previous speed tets. Attention: You need to disconnect from the VPN first, otherwise you won't be able to do the tests.
Proxy settings The Proxy settings tab is important if you're connected to the internet through a local proxy, like at school or at work. If you have a direct connection (e.g. DSL, modem, etc.), leave it "Direct connection to Internet" (which is default)
Billing & packages The "Billing & packages" tab shows your VPN account username your billing cycle (1/6/12 months) your subscriptions expiring date current pricing That way you always know when you need to renew your subscription, and if the prices have changed.

Monday, May 13, 2013

Security risks: Netbios, port exposure & remote access removal

NetBIOS is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetBIOS is not a networking protocol. Older operating systems ran NetBIOS over IEEE 802.2 and IPX/SPX using the NetBIOS Frames (NBF) and NetBIOS over IPX/SPX (NBX) protocols, respectively. In modern networks, NetBIOS normally runs over TCP/IP via the NetBIOS over TCP/IP (NBT) protocol. This results in each computer in the network having both a NetBIOS name and an IP address corresponding to a (possibly different) host name.

The main reason for using NetBIOS if for two machines to communicate on a local network which rarely is needed except for file and printer sharing on a local network but leaves the door wide open for being hacked. You can remove this risk in two ways and I personally do it both ways Big Grin

Firewall: Block ports 135-139 plus 445 in and out. These are used by hackers to steal your info and take control of your pc and after doing so will use NetBIOS to then use your computer to take over another, etc, etc.. Port 137-139 is for Windows Printer and File Sharing but also creates a security risk if unblocked. But if you share a printer on your network you will have to allow this one but I recommend just go to the pc the printer is hooked up to and use. Port 135 is for RPC service on a remote machine. Port 136 is used for Profile Name Service which I don't even think is used any longer but opens a door for hackers.

Disable NetBIOS: Route depends on OS but go to the network connections and find your ethernet adapter which should be called local area connection, right click, click properties, double click TCP/IPv4 in the list, click advanced, click WINS, uncheck LMHosts lookup, choose disable NetBIOS near the bottom. Click ok, ok, ok to close all three windows. Also disable these the same way for the TAP Win32 adapter but LMHost lookup should already be unchecked.

Disable TCP/IP NetBIOS Helper service: From start type services, click services, go down to TCP/IP NetBIOS Helper and right click, click properties, click stop, switch automatically to disabled, click apply, close services.

Remote control ports: You should disable 5500, 5800 and 5900-5903 and 3389 (Windows uses for remote) in and out unless you need remote assistance on your pc which most people do not or do not use this. It's just an open doorway for hackers. This includes software such as VNC. If you ever notice VNC suddenly installed and you didn't then worry a lot and you have already been taken.

Note: If you disable Remote Access Connection Manager it will cause PPTP VPN to not work and connections disappear.

Disable UPnP port 5000: Universal Plug and Play allows your computer to automatically integrate with other network devices. There are known security vulnerabilities associated with this service and should be blocked as well but will eliminate sharing devices on the local network but the risk outways the use. Also it uses port 1900 for UPnP and should be blocked as well. Disable SSDP Discovery service.

You can also disable SMB (server message block) port 445 using regedit. Find HKLM/system/currentcontrolset/services/NetBS/parameters and find transportbindname, delete default value, reboot.

Other ports of interest: 8080 is used for HTTP proxy but also used by hackers to impersonate your pc and hack others. If you don't use a HTTP proxy you might want to block this one. Port 1080 is used for socks proxy and can be attacked and mine is every day by China. Port 500 is for IPSEC VPN use but also listed as a risk to Cisco systems and used mainly to carry the Isass trojan. Other ports known to be directly attacked by a long list of trojans is 21 FTP, 23 telnet dos, 1243, 3128, 3410, 6776, 7000, 12345, 12348, 20034, 27374, 31337. Technically any open port can be a risk but with a good firewall setup correctly you should be stealth for all of these ports. To test commonly attacked ports and check whether you are stealth go here.. https://www.securitymetrics.com/portscan.adp ..also can check here.. http://www.pcflank.com/scanner1.htm ..also.. https://www.grc.com/x/ne.dll?bh0bkyd2

Update: A new customizable port scanner I just found.. http://www.t1shopper.com/tools/port-scan/#

Messenger: Unless you use messenger it's best to uninstall because open up way too many ports and leaves to much at risk. Here are the ports used by MSN Messenger: 135 to get connection port, 1026, 1027, 1028, 1863, 5190, 6891-6900, 6901 voice pc to pc, 2001-2120 voice to phone. Yahoo ports: 80, 5000-5010, 5050, 5100. I'm still working on the different messenger service ports so will update as I go.

I personal recommend using Comodo Firewall and very easy to use and works perfectly. If using Comodo click firewall tab, advanced, network security policy, global rules click add and setup like illustrated below. It's 2 rules created but just showing the port settings of source and destination of each. To make simpler to understand.. the IN block rule is destination port you choose and source is ANY.. the OUT rule is the port you choose and the destination is ANY.

Update: You can download and install Comodo Firewall here.. http://personalfirewall.comodo.com/free-...ml?aid=350

and here with CNET review.. http://download.cnet.com/Comodo-Internet...tml?hhTest

Only difference for single port block rules is choose "single port" for each rule and 5900-5903 will be setup identical to this one above and make sure you do source and destination of these.

Setup should look like this. Notice some only block incoming attacks so only has one IN rule..

Here is the setup for blocking incoming attacks on a specific port this is only one rule but shows source and destination

This is because that is a port a hacker or trojan wants to enter but your pc is not going to be attacking out with the port, so only need the IN rule for these. The IN and OUT rule is best for one's where pc might be scanned for that port as entrance and your pc may also may try to communicate using such as with remote connections and especially the dangers of NetBIOS and LMHost lookup. Windows naturally loves for your pc to talk. I see 135-139 blocks all day long in my firewall events and it's not just other pc's but my pc as well until I stopped it with the steps listed in this tutorial. NetBIOS is the worst thing to have running and allowing to connect.

Here is what Comodo blocks but also with using my uTorrent VPN control rules (see.. http://forum.hidemyass.com/showthread.php?tid=1298 ) after cutting off VPN around 5pm you see uTorrent blocking my real IP in yellow (blurred IP) until I reconnected and then you can see in the green what has tried to scan my ports and is exactly what is on my list to block. Also notice the 1080 port scan bypassing VPN trying to scan my real IP. Looks shady to me. Also notice the 216 which is the VPN server IP other connected VPN users NetBIOS is trying to connect to my NetBIOS port 139. This is actually natural because it's their Windows OS that is doing it. Notice mine is not? Still wondering why people are using port 500 to my port 500 which is intended for IPSEC VPN connections like I'm the VPN server, keep in mind we are using openvpn protocol with HMA VPN and not IPSEC.

Update: Another example of port scans on commonly used attacked ports. Notice the three blurred IP's (that is my real IP) is still being attacked by the same Chinese IP and same 1080 port.

Update!!! It would be a good idea in Comodo to export your firewall settings after completing all of the blocked ports. To do this click the "more" tab in Comodo and then choose "manage my configurations" then click "export" and to a place you will remember. If you have multiple hard drives or a flash drive it's best to store on something besides the Windows active partition in case of OS failure.

***Warning: if running a server on your network this can effect communication with local peers.

Also set your DNS to use OpenDNS - https://store.opendns.com/get/basic ..I set this up for all adapters. This eliminates any communication with DNS lookup with your ISP.

Here is doing some port scans and the results..

If you disable NetBIOS properly, changed your DNS settings to OpenDNS properly you can check using CMD/ type ipconfig /all

How to Allow app installation from unidentified developers on Mac

When being unable to install the HMA! Pro VPN client for Mac or other software,
you might see the message
"This app can't be opened because it is from an unidentified developer"

You can easily fix this by navigating to:
System Preferences > Security & Privacy

In the "General" tab, click the little lock icon in the bottom left of the window to unlock making changes.
Now select "Anywhere" under "Allow applications downloaded from:"

Now try to install the software again.

How to Secure IP Binding for Mac using IPFW

There is an easy way to achieve IP binding on Mac, e.g. to prevent filesharing tools from down/upload in case the VPN connection is lost.

Note that this works with OpenVPN and PPTP protocol. See solutions 1 and 2 below.

Note: Disabling the IPFW firewall (flushing all firewall rules) is done by running "sudo ipfw -f f";
However, this is done by using our scripts, so you only should do this manually in a terminal window when experiencing any kind of connection problems.

Solution 1

First please download this scripts (e.g. rightclick and save as): EnableIPBinding + DisableIPBinding

Now you need to get the IP of the VPN servers you want to set IP binding for - get it e.g. from the bottom of the VPN config files
from http://hidemyass.com/vpn-config/ or from the PPTP server list page in the VPN control panel (it's the same servers)

Take a look at the 11th line from the script EnableIPBinding - it contains the IP of the Phoenix LOC1S1 server.
Now you can duplicate this 11th line and just switch the IP with the ones from your favorite servers, e.g. that the code looks like this:

sudo ipfw add 01002 allow ip from any to 184.171.165.2 dst-port 443,53,1723 out via en*
sudo ipfw add 01002 allow ip from any to 42.121.55.212 dst-port 443,53,1723 out via en*
sudo ipfw add 01002 allow ip from any to 69.242.95.11 dst-port 443,53,1723 out via en*
sudo ipfw add 01002 allow ip from any to 128.95.22.65 dst-port 443,53,1723 out via en*
Save the script after making your changes.
You might still need to make both scripts executable, e.g. by running "chmod u+x EnableIPBinding" and "chmod u+x DisableIPBinding" in terminal.
Of course you need to change into the directory where you saved those files, before you can do this.

Now you can easily enable IP binding by running the script EnableIPBinding,
and disable it by just running the script DisableIPBinding.

Solution 2

First please download this script (e.g. rightclick and save as): bind.sh
Save it into a specific folder where you can find it later, e.g. on the Desktop.

Now you need to get the IP of the VPN servers you want to set IP binding for - get it e.g. from the bottom of the VPN config files
from http://hidemyass.com/vpn-config/ or from the PPTP server list page in the VPN control panel (it's the same servers)

Take a look at the 8th line from the script - it contains the IP of the Phoenix LOC1S1 server. Open it with your favorite text editor.
Now you can duplicate this 8th line and just switch the IP with the ones from your favorite servers, e.g. that the code looks like this:

ipfw add 01002 allow ip from any to 184.171.165.2 dst-port 443,53,1723 out via en*
ipfw add 01002 allow ip from any to 42.121.55.212 dst-port 443,53,1723 out via en*
ipfw add 01002 allow ip from any to 69.242.95.11 dst-port 443,53,1723 out via en*
ipfw add 01002 allow ip from any to 128.95.22.65 dst-port 443,53,1723 out via en*

Now, open a terminal window. Change into the folder where you saved the script earlier (e.g. Desktop)
Then run the script with the parameter "enable" to enable IP binding, e.g.
sudo bash bind.sh enable

To disable it, run
sudo bash bind.sh

How UTorrent VPN works

This article shows several ways to optimize uTorrents performance, maximizing download speeds and improving connectivity. See also the article "Speed" for a lot of more tips, tools and hacks to improve your internet connection speed.

uTorrent advanced settings (Tab "Advanced")

bt.allow_same_ip
Meaning: Enabling this option allows multiple incoming connections from the same IP address. This option affects a single torrent job at a time, so you can still have the same IP address connect to you on different torrent swarms.
Recommendation: Enabling this option possibly increases download speeds because it allows multiple connections from one IP:
bt.connect_speed
Meaning: This option specifies the number of connections µTorrent should allow to be attempted and/or established each second, whether the connections use uTP or TCP.
Recommendation: Set this value higher speeds up connecting to seeds+peers. I've had good result with 22-77; of course it depends on your internet connection.
bt.enable_tracker
Meaning: Enabling this option enables the rudimentary tracker embedded in µTorrent. If you wish to use this tracker, the URL is located at http://IP:port/announce, where IP is your WAN IP address, and port is the port µTorrent is listening on (or the alternative listening port if set and enabled). If you use a dynamic DNS service, your domain may be used instead of your IP address. The embedded tracker allows tracking of external .torrent files, and provides no way to limit them. There is no interface for viewing the .torrent files that are tracked. It is imperative that µTorrent is able to listen for incoming connections for this feature to work properly, so you have to make sure you have completely forwarded your ports in order to use the embedded tracker.
Recommendation: May give you more peers to download from.
bt.multiscrape
Meaning: Enabling this option allows µTorrent to send multiple hashes each time it scrapes a tracker, which is more efficient than sending one hash at a time. In most circumstances, this option should not need to be disabled, as µTorrent will fall back to single scraping if it detects that the tracker does not support multi-scraping.
Recommendation: Should always be enabled to increase amount of peers.
bt.no_connect_to services
Meaning: This option tells µTorrent not to connect to peers using ports specified in bt.no_connect_to_services_list as their listening ports. This stops firewalls from complaining about µTorrent trying to send an e-mail.
Recommendation: Disabling this option possibly increases download speed if some peer uses the ports listed in bt.no_connect_to_services_list in his BitTorrent client.
bt.ratelimit_tcp_only
Meaning: Enabling this option tells µTorrent to limit the upload and download rates for TCP connections based on information received over the uTP transport rather than using static global rate limits. This option is ignored if bt.tcp_rate_control is disabled.
Recommendation: Should be disabled to achieve max speed.
bt.scrape_stopped
Meaning: Enabling this option allows µTorrent to get seed and peer counts for torrent jobs that are stopped.
Recommendation: Should be disabled, else it will reduce speed because of too much connections.
bt.send_have_to_seed
Meaning: Enabling this option tells µTorrent to send a message to other seeds indicating how many pieces you currently have.
Recommendation: Depends on how much percent of a torrent is already downloaded, it may improve speeds. If you just have a little part finished, it improves speeds. If you almost have a torrent finished, it will reduce speeds ("Endgame mode")
bt.set_sockbuf
Meaning: This debugging option allows µTorrent to automatically detect the TCP buffer size periodically (so_sndbuf) and adjust it based on your upload speed. It does not adjust based on latency.
Recommendation: The recommendation for this setting depends on your internet connection. I have good results with it set to "false".
bt.tcp_rate_control
Meaning: Enabling this option tells µTorrent to use information from the uTP transport as hints for limiting TCP transfer rates.
Recommendation: Should be disabled, or else speeds will be limited.
bt.transp_disposition
Meaning: This option controls µTorrent's level of bias towards using TCP or uTP for transporting data (assuming the peer at the other end of the connection supports both transport protocols).
Recommendation: Set this to 255 to allow all kinds of connections.
bt_use_ban_ratio
Meaning: This option tells µTorrent to use bt.ban_ratio to decide when a peer gets banned after it has exceeded bt.ban_threshold.
Recommendation: Setting this to false might increase speeds because it allows downloading from peers which otherwise you could not download from.
bt.use_rangeblock
Meaning: When enabled, µTorrent will automatically attempt to determine whether an entire range of IP addresses should be banned for sending hashfailed pieces rather than banning individual IPs one at a time. When µTorrent bans 4 IPs from the same /24 CIDR block, it will ban the entire /24 CIDR block. When µTorrent bans 4 CIDR blocks of size /24 from the same /16 CIDR block, it will ban the entire /16 CIDR block. When µTorrent bans 4 CIDR blocks of size /16 from the same /8 CIDR block, it will ban the entire /8 CIDR block.
Recommendation: Set this to false, or else you will ban good peers.
dht.rate
Meaning: This option specifies the amount of bandwidth that DHT will use. The default value, -1, tells µTorrent to manage the bandwidth usage automatically based on your maximum upload rate. The automatic value is obtained by dividing your maximum upload rate by 16. This value is interpreted in bytes per second, so please enter it as such.
Recommendation: This setting can be left to default ("-1"). If your upload bandwidth is high enough, you can set this to 4096, which may give more peers through DHT.
ipfilter.enable
Meaning: This option, when enabled, tells µTorrent to load ipfilter.dat and apply the rules on connections established after it is loaded. Note that disabling and re-enabling this option will force µTorrent to reload ipfilter.dat.
Recommendation: Disabling this can improve speeds because it allows connections to peers that otherwise would be blocked. For security reasons you should enable it, but only if you have a IPFILTER.DAT file installed.
isp.bep22
Meaning: This option enables Local Tracker Discovery, allowing µTorrent to attempt to discover ISP-local trackers via a series of reverse DNS lookups. The ISP-local tracker can return a list of peers and caches (most likely ISP-local). Note that if your ISP is known to interfere with BitTorrent traffic, careful consideration should be taken in deciding to enable this option. Announcing to a ISP-hosted tracker indicates to the ISP that you are using BitTorrent, and as such, can make it easier for the ISP to interfere. Private torrent jobs are not announced to local trackers.
Recommendation: Should be disabled. Can possibly get you more peers, but in reality that won't happen.
net.calc_overhead
Meaning: If enabled, this option tells µTorrent to include communication overhead between you and other peers in the transfer rate calculations.
Recommendation: Enable this to prevent uTorrent from using too much upload bandwidth. May improve download speed.
net.calc_tracker_overhead
Meaning: If enabled, this option tells µTorrent to include communication overhead between you and the tracker in the transfer rate calculations.
Recommendation: Enable this to prevent uTorrent from using too much upload bandwidth. May improve download speed.
net.disable_incoming_ipv6
Meaning: If enabled, this option tells µTorrent to not use IPv6.
Recommendation: Set this to false to allow downloads from IPv6 peers. Can improve speeds.
net.discoverable
Meaning: If enabled, this option tells µTorrent to listen on one of a sequence of well-known ports for incoming connections in addition to the standard and alternative listening ports. Because the sequence of ports is well-known to applications attempting to interface with µTorrent, it allows for such applications to connect to µTorrent with less effort on the user's part.
Recommendation: Set this to true to improve connectivity.
net.max_halfopen
Meaning: This option specifies how many connections µTorrent should attempt to establish simultaneously at any given time. On systems running Windows XP with Service Pack 2 (SP2) or newer, if your TCPIP.sys file is unpatched, you should leave this option at its default value.
Recommendation: Setting this to 255 often improves speeds.
net.utp_packet_size_interval + net.utp_receive_target_delay + net.utp_target_delay
Meaning:
Recommendation: This settings can get played around with, but won't affect speed noticeable.
net.wsaevents
Meaning: This option is used for tweaking if you are experiencing odd firewall issues. Decrease the value one by one to see if it helps.
Recommendation: Setting to 150 may improve speed.
peer.disconnect_inactive
Meaning: Enabling this option tells µTorrent to disconnect from a peer that is not transferring with you after peer.disconnect_inactive_interval seconds of inactivity. A peer gets disconnected by this option only if the connection limit has been reached.
Recommendation: Set this to true or else your uTorrent will be overloaded after a while.
peer.lazy_bitfield
Meaning: Some ISPs block seeding by looking for the complete bitfield and closing the connection. When enabled, µTorrent does not send the complete bitfield, but a sample of it, so as to prevent blocking of seeding.
Recommendation: Set this to true for avoiding ISP blockings. Improves seeding, so it also improves downloading.
peer.resolve_country
Meaning: Enabling this option tells µTorrent to use an Internet database of IP addresses (a DNSBL) to determine a peer's country. Even if the settings directory contains flags.conf and flags.bmp, this option will take precedence, and the internal flag images will be used instead.
Recommendation: Should be deactivated to save some traceroutes, possibly increasing speed.

For information about the other advanced settings that aren't listed here, see the uTorrent Help File (.zip).

Tab "Connection"

UPnP Port Mapping should be enabled - uTorrent then sets port forwarding for ports it needs automatically via Universal Plug&Play (if supported by your router).
NAT_PMP Port Mapping should be disabled - it mostly doesn't work right and is only an alternative for UPnP Port Mapping.
Windows Firewall exception should only be enabled if your windows firewall is active (which is NOT recommended).
Port for incoming connections - Port choice is important for your connectivity. You should choose a port higher than 50000 to prevent conflicts with other applications

Tab "Bandwidth"

Limit Transport overhead should be disabled if you only have a limited upload bandwidth. Play around with it and check the speed difference.
Limit uTP-connections usually should be disabled, except if you have deactivated your halfopen limit (see advanced setting "net.max_halfopen" and article Speed).
Use additional upload slots should be enabled to allow more people to download from you, allowing also you to download more from them.

Tab "BitTorrent"

Bandwidth Management [uTP] should only be enabled if you feel that other internet applications are working slowly.
Protocol encryption should be set to "enabled". If you're not using a VPN service, set this to "forced" for more security.
Everything else should be left to default or doesn't give any advantage.

uTorrent is not downloading while on VPN

If uTorrent is unable to down/upload while the VPN is connected, or you can't connect to any trackers, there are several things you should try:

Try again with VPN servers from a different area
Switch VPN protocols between OpenVPN / PPTP / L2TP / UDP
Enable UPnP and NAT-PMP port mapping in the uTorrent settings
Try different ports in the uTorrent settings
Disable all security related software on your computer, antivirus, firewall, especially the windows firewall, peerblocking tools, etc.
Disable Secure IP Binding feature in the HMA! Pro VPN client
Install a different uTorrent version (alpha/beta version, x64 version, etc.) -> http://forum.utorrent.com/viewforum.php?id=4

Additional

You should try out beta and alpha versions, new versions can be found here: uTorrent announcement forum
- µTorrent 3.0 (32-bit) Stable Release
- µTorrent 3.0 64-bit experimental 25422
Apps like "uTorrent Turbo Booster", "uTorrent Ultra Accelerator" and similiar apps you may find on the web are scamware; they don't change anything. Any advantage you may notice when using those tools are placebo-effects.
Using a too big IPFILTER.DAT or IP-Blocklist (PeerBlock) may also reduce your speed because they contain many tracker IPs and good users.
There are hacked versions of uTorrent that may increase speeds, but I won't help you finding them because it supports leeching and damages the BitTorrent-credit-system

How to Force Vuze to only load Torrents through VPN on Mac

Fortunately, on Mac this works exactly the same, just that the interfaces are named differently.
As you can see here, in this example PPTP/L2TP is "ppp0", and OpenVPN is "tun0".

Everything else just needs to be done as in the Windows instructions above.
As mentioned, if you can't find your interface in the list, first connect to the VPN and then check the options in Vuze.

HideMyAss VPN