Lois & Clark Forums Forums General Discussion Technical Help and How To's Bittorrent and hardware firewalls

I've been using Bittorrent to download various shows, and was never very impressed with its speed; I have a 4mb cable connection, but I was still only getting 4-5k speeds most of the time.

Recently I thought I'd try a different program, and discovered that most of them wanted access to the controls of the hardware firewall in my router, and the documentation said that they'd be much slower without it.

So I eventually installed uTorrent which has some very good reviews and is by far the smallest of the bittorrent programs, and enabled UPnP compatibility of the router and its firewall. What this essentially means is that uTorrent can take control of the firewall, which speeds up file transfer immensely - I'm typically seeing 50k downloads now, a tenfold speed increase.

What I'm wondering about is the downside (apart from all other internet access being slow because file transfers hog the bandwidth) - does this increase the vulnerability of my network? They say not, but I'd appreciate feedback from anyone who knows this stuff.

And the answer to your vulnerability question is... maybe. LOL

I'm not familiar with the specific program but I am familiar with uPnP. What it does is to allow your program to request your router to open a port or ports in your firewall and forward any incoming traffic to your specific internal IP address of your machine. It is really no different than going into the port forwarding tab of your router's management site and opening them up yourself.

Opening any ports and enabling port forwarding does increase vulnerability, but for a random port, the risks are extremely low. Opening ports 21 (FTP), 25 (SMTP), 53 (DNS), 80 (HTTP), 110 (POP3), 143 (IMAP4), 3389 (Microsoft Remote Desktop/Terminal Services), 5900 (VNC), and some of the other well-defined services is far riskier than opening ports for undefined, random ports. Attackers looking to take over someone's system are usually scanning on the well-defined ports because it takes far too much time to scan upwards of 65,535 different ports.

Because I don't know much about Bittorrents and the apps used for them, having never once used one (I've used Limewire a few times and the old Napster), I don't know if the ports used for these applications are well-known. If they are, then the risk is higher as potential attackers may be looking for those ports. If the Bittorrent app is opening up random ports, then the risk is probably negligible.

Even if the ports are well-known, the risk would be the same no matter what Bittorrent app you use since any of them would be opening the same holes in your firewall.

Hopefully, this explanation isn't too technical.

Thanks, that's what I was hoping.

For the record, uTorrent allows you to choose which port you want to use (or to randomize which port is used every time you open the program). And they recommend choosing one over 10,000, specifically because they're lesser-used (and thus less likely to interfere with other apps).

My problem is that my router is a Linksys WRT54G. It tracks connections for five days, much longer than most routers. Torrent programs involve a lot of different connections (that's the whole idea). Too many, and the router can overload, requiring a complete reset (not just power cycling) before it'll work again. I could solve the problem with third party firmware, but there's a risk that installing it could brick the router... *sigh*

Thanks, Paul. That answers that remaining question. With randomized ports or user-selectable ones, the risk is near zero.