Question about Firewall, P2P and security:

OK, So I did the ShieldsUp test and (Grc.com) my computer firewall security passed the tests. Most ports were stealth, etc etc.

We have a network that is protected by a firewall router. I have my own computer connected to the network. I personally use Zone Alarm.

Question #1: Assuming that all my programs are clean (No malware, trojans, viruses), am I relatively safe from "External attacks? (Hackers//ScriptKiddies//Etc)

Question #2: Would using a P2P program, such as Azureus//bittorrent, *Significantly increase my *external security vulnerabilities? (Assuming I don't ever download virus's or trojans)

(Some P2P programs (I use Azureus//bittorrent), require you to open ports for TCP & UDP (You can choose any number.)

For example, If I were to go into my network settings (Physical firewall) and allowed port 123456 to be open and set my ZoneAlarm port 123456 to be open: ALSO, the program requires that I allow Azureus.exe to act as a server.)


Question #3: What If I open ports for the P2P program? Would this make a difference?


Thanks, and I'd really appreciate any feedback as to I always had these questions run in the back of my mind but I had never had them answered.

 

#1. Yes. Just practice updating your software in order to stay safe from exploits. This includes stuff like OS, Java, Flash, Quicktime. Also using alternative browsers to IE would lessen your chances of getting infected (no ActiveX).

#2. No.

#3. No. Only difference is your P2P application works better when it has full connectivity to Internet.

Just remember to use antivirus software too

 

1) Your router protects you from outside threats.

2) using P2P greatly increases your computers risk. Lots of P2P software itself comes with ad/spyware. Even worse....people intentionally alter the content of downloads...they create poisoned downloads. You think you're getting an album for free, or a movie for free..or Windows Server or whatever for free..but it's been...well, it has a special little package in it which will help itself to your system when you try to run/play it.

3) older home grade broadband routers crumble under the heavy concurrent loads P2P traffic puts on them..newer higher performing ones do better....more CPU/RAM.

 

Stick to Scene material, and there is no risk for that. Scene releases never have malware.

 

Terrible things will happen to you and your family if you use p2p.

Plague, flood and hair loss will strike you.
You and your first born son will be cursed to eternity.

Seriously, just don't click happily to anything you might download. Opening ports is natural and that's how p2p programs are supposed to work (yes, they need server rights too). Don't bother in dreaming evil hackers trying to hack into your PC. Well, unless you are working for the Pentagon... Theoretically, if the p2p program you use has a vulnerability, it could allow someone from outside to send you malware in. But if you keep your client updated, it's like risking being hit by meteorite while walking on the street.

The only risk from p2p, is from the files you download. They may be malware in disguise. So, scan then with multiple antivirus (like jotti's) and if you are paranoid about it, use a HIPS or behaviour blocker.

 

Yeah screensaver kits have never been known to have NewDotNet.

 

The correlation between computers that run P2P...and being infested with malware...is easy to see when you're in the computer support field for many years. It's not worrying about someone trying to hack into your PC...it's the DNS/winsock injections that result from malware, crap like that.

 

And pray tell sir, was it the p2p's program fault (assuming he doesn't use spyware clients of course) or was it the user's fault who clicks on anything, be it an infected mail attachment or a game crack that happens to be a virus?

You can get killed driving at 60 km/h because you are a bad driver and you can drive at 130 km/h without an accident because you are a good driver. Don't blame the car, blame the driver.

I have been running p2p programs for over 10 years and have never been hacked or infected via the p2p program. And i suspect that most of the million users out there have the same experience, otherwise by now the internet fora would be full of panic by Torrent/emule users that get hacked through their clients. Thankfully, this is not the case.

As any other internet activity, p2p is perfectly safe, much safer than visiting with IE porn sites for example. So there is no need to terrorize people about the soul eating Azureus' frog.

I can correlate high infection rate with users that download "screensavers" (with extra gift it) from infected sites. Should i assume that using screensavers is dangerous?

 

Thanks for all the replies guys!

So what I'm getting is this:

Key Point #1:

*In terms of Firewall & Hacker Security:
*As long as you have a firewall (Hardware, Software), you don't really have to worry about external threats in the form of hacker attacks. (*Assuming your computer is clean of malware)


Key Point #2:

*The only "real" threat is FILES you download, whether from P2P or Website etc. (In the form of trojans, malware, worms etc) that CAN GIVE ACCESS to hackers etc.



Question #1: Are my key points correct?



Question #2: What if I leave my P2P program running 24/7, indefinately?
Is this also relatively safe?



ps.. i dont mean to do the capitalizing some of the words but I have a bad habit of doing that

 

IMO...hardware firewalls period. I will not support a clients computer without it behind behind a NAT router. Software firewalls can be (and have been) compromised..their services can break, fail to start, etc. There have been exploits out there which can knock down software firewalls. This is far far less likely to happen if you're behind a NAT box. Having a PC plugged directly into a broadband modem gives it a public IP address..it takes less than a minute for your PC to be under attack from <whatever>...worms/trojans, exploits, etc.

P2P software..if you do any sharing..you're basically opening up a folder on your hard drive. I wouldn't want to do that. Downloading purposes only..yes...whatever you download...can have the potential of being poisoned..it is happening out there...there are pranksters who poison files and offer them up to share on P2P services...it's grown into another avenue of infecting computers, turning them into bots, etc. Not to mention..some P2P programs themselves have ad/spyware in them.

 

Hello,

1. Yes, you're safe.
2. No, you're not increasing your exposure. Just don't download crap and execute every which file.
3. P2P must open ports, but this is nothing unusual. If any vulnerabilities are found, simply update the software.

Mrk

 

This is a joke, right? You do know that "scene material" refers to stuff released by established warez groups? Groups that do the ripping/cracking etc. naughty stuff?


And I agree with Mrkvonic's last post. With torrents you are not sharing any directories, just the files in that torrent. As long as the software is kept up-to-date, you are fine. When it comes to other major P2P apps, like eMule, just pay attention to what folders are shared. (And AFAIK eMule doesn't by default even sahre others than its partial/completed download folders.)

And like Fuzzfas, I've so far been able to keep myself safe. Just use common sense. And the advice given here. YeOldeStonecat represents the cautious side here, however in my opinion there is a very thin line between caution and paranoia

 

thanks for the replies everyone. very helpful information...

What if I were to leave my P2P on 24/7 indefinately?

Would this make a difference?

 

I have run bittorrents 24/7 for the last... at least three years. As I said previously, stay with Scene material, recognized groups, and preferrably private trackers, and there is no malware to be infected with. Download something random from Pirate Bay, then yes, perhaps there can be malware in it, but not if it's Scene.

And sure someone might theoretically hack your system when you have one out of 50,000+ ports open... but then again, lightning might hit your head next time you're out in the rain. About the same chance.

 

All the replies so far was excellent. Although this is one of the most stress relieving replies. THis analogy makes me understand more about how secure we really are. although, u never want to feel... too safe

Scene material, recognized groups, private trackers...

can you elaborate?

I think One of those items relates to established sites where you need to register. But I'm unfamiliar with the other two.

 

A bit of reading:

http://en.wikipedia.org/wiki/The_Scene

http://en.wikipedia.org/wiki/Warez

Not condoning copyright crime here, but just an example:

The movie Meet.The.Spartans.UNRATED.DVDR-Counterfeit or the game Donkey.Xote-RELOADED are released by the Scene groups Counterfeit and RELOADED, respectively. Those releases conform to the very strict rules enforced by the Scene, and there is a lot of prestige and competition in between release groups, so they do their best to follow them, and malware is not allowed in any such releases. If you get things released by Scene groups, malware will not be found in it.

On the other hand, if you Google around randomly and find meetthespartans.avi somewhere, without any more information, who knows what it can really be?

Most private trackers allow only Scene material, and are therefore malware-free.

Examples of private trackers:

Invite only (harder to get into):

http://torrentfreak.com/most-coveted-private-torrent-sites-2008-080330/

Open trackers:

http://btracs.com/

 

Very interesting stuff and good information. It reminds me of IRC back in the day when I first got the internet. I think it was Efnet that me and my cousin were really into... Bots, OP status, networking etc etc... it was fun stuff.

I guess that was like PRE- The Scene. Its always interesting how things evolve over time..

What about established open trackers like http://btracs.com/,

Are these open trackers mostly Scene material // malware-free?
(VS piratebay or random google torrents)

 

BTRACS isnt a tracker. Its just a page that shows which other bittorrent sites are open for signup.

 

Sorry, what I meant were if those open sites from http://btracs.com/ were as clean of malware as invite only private trackers were. (The Scene Rules)


VS Piratebay, Mininova.org, or googled random torrents (We already know these are DEFINATELY not clean

 

Hello,
I've been running P2P 24/7 since about 2000 or 2001.
Didn't make a difference so far.
Mrk

 

"Scene" releases can be available on private or public trackers (torrents), other p2p networks (edonkey), and even file hosting sites (rapidshare).

They will usually have a .nfo file and they may mention that certain files should be included to know if its a genuine release.

 

Yes, and the Scene hates P2P - it makes them visible, and they would rather see P2P dead and gone. The torrents are uploaded on the fastest trackers by "traitors" of the Scene, who have Scene access and then upload Scene stuff on P2P trackers. If the Scene finds out who those are, they are banned from the Scene for life, and possibly harrassed on the net.

 

Sorry, sometimes I don't elaborate my statements clearly.

I know that there are Scene releases everywhere. From P2P (Edonkey etc) to Private Torrent tracker sites. And that there are tons of viruses/trojans on P2p networks and unorganized torrent sites like piratebay, etc. And, that leaves the possibility of someone releasing a "Fake Scene release loaded with malware".


However, there are some torrent sites that are more carefully monitored and organized and ARE TOTALLY CLEAN (99%) of the torrents / files are clean.

As King Grub mentioned, it is these private invite only tracker / torrent sites that host*ONLY clean, mal-ware free torrents/files because of The Scene Rules: (http://torrentfreak.com/most-coveted...s-2008-080330/)


He also mentioned more open tracker sites that are organized, just not invite only: (http://btracs.com/)


My question was refering to those files in those open tracker sites. I was wondering if *those files were ALSO clean and free of mal-ware just as the Invite Only sites are...

so, King Grub, would it be relatively safe downloading from torrents from one of the open sites at http://btracs.com ? (VS piratebay or random google torrent etc etc)

 

Yes, membership trackers are very strict with that is being uploaded. Not anyone can upload stuff, like on Pirate Bay, but you have to apply for uploader status, and that requires Scene access. A tracker with Scene material only has genuine Scene material; anything uploaded that does not conform to the rules is forbidden (and the rules are very strict; honor amongst thieves? ).

Nothing is 100%, but I have never ever heard of anyone faking Scene material on a private tracker.

 

Not paranoia. But when I read a blanket statement that talks about P2P...it leaves things open like use whatever P2P software there is out there. Now I'm sure many of us who work in supporting computers for a living...can testify that they see a correlation between computers that run various P2P software...and being infested with trojans/adware/malware, etc.

Poisoning and spoofing files is on the increase. You can Google RIAA and supports poisoning.

I choose not to run P2P stuff because of a personal decision not to support piracy...that's a whole different reason...nothing related to "paranoia" at all.