security issues

[jig]

just wondering if anyone has done any security testing on the web interface.

also, has anyone gotten the stunnel stuff up and working?

right now, the "easy" way for me to ensure no-one can fiddle with my webui login is to just limit it to vpn access (my router can act as an endpoint). but both that and an ssh tunnel are problematic with the restrictions on my school wireless system. http and https are allowed, and i could always limit access to the ip range of the school, but i'd rather just have a way to bullet proof any possible issues with utorrent itself AND keep the interface private (i don't really want arbitrary people knowing i run utorrent).

the other way is to just use a secured remote desktop, but then the streamlined utorrent interface is kinda moot, ya?

[Ultima]

What kind of security testing do you speak of? And yah, people have gotten stunnel working.

Anyone connected to you would know you run µTorrent anyway, so I'd still consider that to be "arbitrary people knowing [you] run" µTorrent.

[boo]

well, a function that only allow people with certain IPs/IP-Ranges to use the webui could be added,

that would limit the nr of people who could gain access to your µTorrent webui.

[ICleolion]

Thats already implemented. Wud be nice if u actually used the thing before commenting on it.

[boo]

sorry, long time since I checked the webui settings, last time I checked there was no such function.

[Ultima]

Heh it's actually been in there for quite a long time already, IIRC.