TCSdisable Posted July 15, 2007 Report Share Posted July 15, 2007 Whats going on?My old 1.6.1 never open my Port 6771 , when I updated to 1.7.1 and start some download , my Norton Internet Security reported me the "DeepThroat" have knock my door very five minute with same IP (239.192.152.143:6771)I have no idea why this happening... is that , the new one got hijack ?now I using back 1.6.1 for my own safty. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 15, 2007 Report Share Posted July 15, 2007 Norton is being over paranoid.The heuristics it uses to detect this sort of activity are below basic. Link to comment Share on other sites More sharing options...
TCSdisable Posted July 15, 2007 Author Report Share Posted July 15, 2007 I know NIS like paranoid but when I using back 1.6.1 the 6771 problem haven't come again.Plus: I have checked is no any Peer using this IP at the download monent. Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 15, 2007 Report Share Posted July 15, 2007 What type of traffic is generating the port attempt?TCP or UDP? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 15, 2007 Report Share Posted July 15, 2007 Just did some research on the port.Local peer discovery.Your firewall is TOTALLY overparanoid.It's "scareware", pretending to do real work. Link to comment Share on other sites More sharing options...
5618 Posted July 15, 2007 Report Share Posted July 15, 2007 See stuff like:http://www.faqs.org/rfcs/rfc3171.htmlhttp://www.faqs.org/rfcs/rfc2365.htmlhttp://en.wikipedia.org/wiki/IP_MulticastetcAnd the reason why it thinks it's a trojan:http://www.symantec.com/security_response/writeup.jsp?docid=2000-121423-3801-99&tabid=2http://www.rising-global.com/rfwishelp/PortList.htmetc Link to comment Share on other sites More sharing options...
MarioGilera Posted July 15, 2007 Report Share Posted July 15, 2007 ok.i got the same situation.my fw block that packets. it's a problem to block them for utorrent??why utorrent tries to use that multicast ip?TIAMarioGilera Link to comment Share on other sites More sharing options...
5618 Posted July 15, 2007 Report Share Posted July 15, 2007 Because it's used for local peer discovery from the looks of it. Just allow the traffic or disable local peer discovery if you don't plan on using it, which should make it go away (after a possible µTorrent restart). Link to comment Share on other sites More sharing options...
MarioGilera Posted July 15, 2007 Report Share Posted July 15, 2007 Thx very much! Link to comment Share on other sites More sharing options...
Fuzzier Posted July 18, 2007 Report Share Posted July 18, 2007 Information sent on port 6771 has nothing to do with private info.But still you can filter the port by configuring your firewall. Link to comment Share on other sites More sharing options...
Switeck Posted July 18, 2007 Report Share Posted July 18, 2007 OR you can disable that feature in µTorrent and after a restart of µTorrent, there SHOULDN'T be any outgoing traffic on that port. (You can never really stop what others are trying to send to you, you can only block it at your router or firewall level.) Link to comment Share on other sites More sharing options...
Fuzzier Posted August 8, 2007 Report Share Posted August 8, 2007 If you want to disable the feature, uncheck Local peer discovery in the preference. Link to comment Share on other sites More sharing options...
Firon Posted August 9, 2007 Report Share Posted August 9, 2007 You should dump NIS anyway. It's worthless. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.