akonstam@xxxxxxxxxxx wrote:
I have a tangential Bittorrent question. Why would a installation like
ours who have taken great trouble to beef up security with a tight
firewall suddenly open ports 6881-6889 through the firewall? We are
not interested in serve other people with software so what is the
purpose of using Bittorrent?
Openning the ports doesnt create a major security hole (IMHO) , as long as you can control every single application that uses those ports... If you're gonna open the ports for everyone to use, then I suggest to not do it.. Being a ex-sysadmin , I'd say: "never" to openning those ports... any person inside your domain can notice that the ports are open and will be able to open any kind of server , which is then your security hole. (and I know that this will happen... people like to abuse fast connections....)
But if you're openning the ports for a single person , then it's not a big deal , as long as you know for sure what app is using that port... So far , I havent heard about any bittorrent exploit , so it's safe for now...
Btw , you dont need to open all those ports... You can tell the interested parties to use the newer clients. Most of them (for windows, all of them. For linux , i know azureus and maybe the original bittorrent client) currently use just one port...
-- Pedro Macedo
