Azureus open ports - security problem?
Dan
grinnz at gmail.com
Sun Apr 9 08:08:06 UTC 2006
Laurence Vanek wrote:
> Gene Heskett wrote:
>> On Saturday 08 April 2006 01:18, Laurence Vanek wrote:
>>
>>> Have in the past used (with FC4) Bittorrent with my firewall which
>>> tests as "stealth" when tested with shieldsup on https://www.grc.com.
>>> I did not need to do anything special with regard to opening up my
>>> firewall to expose a certain port. Perhaps Bittorrent has a way
>>> around this.
>>>
>>> Azureus is a different matter. Apparently I need to open the firewall
>>> to expose certain ports for it to work. Otherwise, I get the infamous
>>> "NAT problem" when configuring it. If that is the case, isnt this a
>>> security problem with port(s) open when Azureus is not in use. Surely
>>> not many are going go thru an open & close port cycle after every use
>>> of Azureus.
>>>
>>
>> Strange as it may seem, thats exactly what I do when I run azureus,
>> port forward those ports in the router, and an extra set of rules on
>> the firewall box then allows the port forwarding to this box. Once
>> you've got them configured, the change can be done, either direction,
>> without any rebooting, in maybe 2 minutes.
>>
>>
> Thanks Gene. That seems (to me) like it should not be necessary in an
> ideal world. Do you have any idea how Bittorrent gets around this?
> Looking at the "Settings" tab it seems to have a feature checked on my
> setup called "Enable automatic port mapping (UPnP)". Wonder if that is
> the difference.
>
You are correct, several Bittorrent softwares, Limewire, and other
programs needing specific ports open often make use of UPnP to try to
open them while they are in use, then close them when they are done.
I've heard it is a security risk, but I can't even get rid of my NAT
problems with it on. It's not perfect.
-Dan
More information about the fedora-list
mailing list