Re: Azureus open ports - security problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gene Heskett wrote:
On Saturday 08 April 2006 13:49, Laurence Vanek wrote:
Gene Heskett wrote:
On Saturday 08 April 2006 01:18, Laurence Vanek wrote:
Have in the past used (with FC4) Bittorrent with my firewall which
tests as "stealth" when tested with shieldsup on
https://www.grc.com. I did not need to do anything special with
regard to opening up my firewall to expose a certain port.  Perhaps
Bittorrent has a way around this.

Azureus is a different matter.  Apparently I need to open the
firewall to expose certain ports for it to work.  Otherwise, I get
the infamous "NAT problem" when configuring it.  If that is the
case,  isnt this a security problem with port(s) open when Azureus
is not in use.  Surely not many are going go thru an open & close
port cycle after every use of Azureus.
Strange as it may seem, thats exactly what I do when I run azureus,
port forward those ports in the router, and an extra set of rules on
the firewall box then allows the port forwarding to this box. Once
you've got them configured, the change can be done, either
direction, without any rebooting, in maybe 2 minutes.
Thanks Gene. That seems (to me) like it should not be necessary in an
ideal world. Do you have any idea how Bittorrent gets around this?

BitTorrent, at least 4.10 or some such version, also requires exactly the same bit of nvram exersize to work, both in my router, and on my firewall box. Thats the trackerless version of BT. I haven't tried BT-4.4 yet, azureus seemed to fit my needs a whole lot better cause I was never able to get the ncurses based gui to work here.
Looking at the "Settings" tab it seems to have a feature checked on my
setup called "Enable automatic port mapping (UPnP)". Wonder if that is
the difference.

As an experiment I opened port 49155 in my firewall (use Shorewall to config the iptables) & got Azureus to run thru it. While running & afterward I probed this port from outside using ShieldsUp (https://www.grc.com) & found it "stealthed". It would appear my concerns were unwarranted. Perhaps this is because that port no. belongs to the range of dynamic or private ports.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux