[LINK] technical question: security alert
andrew clarke
mail at ozzmosis.com
Thu Mar 5 22:17:19 AEDT 2009
On Wed 2009-03-04 18:05:31 UTC+0100, Kim Holburn (kim at holburn.net) wrote:
> wikipedia has a list of common port numbers :
>
> http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
>
> and says 6882 is bittorrent.
Just to clarify this...
In the same way as you can set up a http server to listen on another
port than the standard port 80, BitTorrent can use any TCP port
number, and during a torrent download it's quite common to see
connections to ports well outside the range of ports listed on the
Wikipedia page above. IIRC, when installing uTorrent (one of the
popular BitTorrent clients) the installer will choose a quasi-random
port to listen on.
> If your ISP dynamically allocates you an IP address and it changes
> every so often then it could be someone trying a reach a bittorrent
> client that was previously at your IP address. Alternatively it could
> be someone scanning for a bittorrent client that has an exploitable
> vulnerability.
Much more likely to be the former. But ultimately it's just "noise"
that can be ignored, assuming there is no software listening on that
port.
More information about the Link
mailing list