Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Desktop port proliferation a security risk?
Robert Lemos, SecurityFocus 2005-07-13

Software maker Opera's decision to support BitTorrent has added to some security experts' worries that applications which require open connections through firewalls are becoming increasingly popular.

Comments Mode:
Desktop port proliferation a security risk? 2005-07-14
EvilPacket
Desktop port proliferation a security risk? 2005-07-14
Anonymous
Desktop port proliferation a security risk? 2005-07-14
Anonymous
Well, sure opening ports with applications listening adds some risk, depending on application popularity, developers security awareness and patching support.

Lets take Azureus (BitTorrent client) as an example. It is pro-actively checking for updates and applies them on the go. This is included in the app and a default configuration. So I would say it is much more secure than a XP SP1 user that did not setup auto-update.

And having a new port opened is not much worse than many browser plugins that handle media streams. Vulnerabilities in RealPlayer anyone? Sure you need to connect to the attacking/compromised server, but hey, this is just another zombie.

I would say file sharing risk does not come from extra opened ports, but from users downloading and running executables without realizing what they do...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11248/32108#32108
Desktop port proliferation a security risk? 2005-07-14
Anonymous
Security by being encased in concrete... 2005-07-18
Roger
Desktop port proliferation a security risk? 2005-07-19
linux2linux







 

Privacy Statement
Copyright 2009, SecurityFocus