bittoorrent - another strange question.
Pedro Fernandes Macedo
webmaster at margo.bijoux.nom.br
Fri Dec 17 17:37:36 UTC 2004
akonstam at trinity.edu wrote:
>I have a tangential Bittorrent question. Why would a installation like
>ours who have taken great trouble to beef up security with a tight
>firewall suddenly open ports 6881-6889 through the firewall? We are
>not interested in serve other people with software so what is the
>purpose of using Bittorrent?
>
>
Openning the ports doesnt create a major security hole (IMHO) , as long
as you can control every single application that uses those ports... If
you're gonna open the ports for everyone to use, then I suggest to not
do it.. Being a ex-sysadmin , I'd say: "never" to openning those
ports... any person inside your domain can notice that the ports are
open and will be able to open any kind of server , which is then your
security hole. (and I know that this will happen... people like to abuse
fast connections....)
But if you're openning the ports for a single person , then it's not a
big deal , as long as you know for sure what app is using that port...
So far , I havent heard about any bittorrent exploit , so it's safe for
now...
Btw , you dont need to open all those ports... You can tell the
interested parties to use the newer clients. Most of them (for windows,
all of them. For linux , i know azureus and maybe the original
bittorrent client) currently use just one port...
--
Pedro Macedo
More information about the fedora-list
mailing list