Azureus open ports - security problem?
Gene Heskett
gene.heskett at verizon.net
Sat Apr 8 23:59:23 UTC 2006
On Saturday 08 April 2006 13:49, Laurence Vanek wrote:
>Gene Heskett wrote:
>> On Saturday 08 April 2006 01:18, Laurence Vanek wrote:
>>> Have in the past used (with FC4) Bittorrent with my firewall which
>>> tests as "stealth" when tested with shieldsup on
>>> https://www.grc.com. I did not need to do anything special with
>>> regard to opening up my firewall to expose a certain port. Perhaps
>>> Bittorrent has a way around this.
>>>
>>> Azureus is a different matter. Apparently I need to open the
>>> firewall to expose certain ports for it to work. Otherwise, I get
>>> the infamous "NAT problem" when configuring it. If that is the
>>> case, isnt this a security problem with port(s) open when Azureus
>>> is not in use. Surely not many are going go thru an open & close
>>> port cycle after every use of Azureus.
>>
>> Strange as it may seem, thats exactly what I do when I run azureus,
>> port forward those ports in the router, and an extra set of rules on
>> the firewall box then allows the port forwarding to this box. Once
>> you've got them configured, the change can be done, either
>> direction, without any rebooting, in maybe 2 minutes.
>
>Thanks Gene. That seems (to me) like it should not be necessary in an
>ideal world. Do you have any idea how Bittorrent gets around this?
BitTorrent, at least 4.10 or some such version, also requires exactly
the same bit of nvram exersize to work, both in my router, and on my
firewall box. Thats the trackerless version of BT. I haven't tried
BT-4.4 yet, azureus seemed to fit my needs a whole lot better cause I
was never able to get the ncurses based gui to work here.
>Looking at the "Settings" tab it seems to have a feature checked on my
>setup called "Enable automatic port mapping (UPnP)". Wonder if that is
>the difference.
--
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
More information about the fedora-list
mailing list