jerome Posted October 29, 2008 Report Share Posted October 29, 2008 My firewall Kerio PF 4.2.3 shows a great number of UDP connection attempts to uT, out from local port 5000 to 9999 and in to my ingoing TCP port I don't understand why ! UDP connections are generally considered as "at risk of hacking"I don't have DHT enabled on uT nor RSS Link to comment Share on other sites More sharing options...
thelittlefire Posted October 29, 2008 Report Share Posted October 29, 2008 ... Clients can attempt to contact you over UDP. I am aware BitComet does this as may Azureus when NAT Transversal is enabled.I'm confused. If uTorrent is launching them it's not TO uT, it's FROM uT. You can't connect OUT to IN. >< Get TCPView from http://sysinternals.com set the refresh rate to 1 second and see which process is attempting to use UDP. Link to comment Share on other sites More sharing options...
jerome Posted October 29, 2008 Author Report Share Posted October 29, 2008 Yes I corrected my mistake before reading your postKerio and Seem give me already the list of the connection by processKerio gives a list of more than 100 connections I don't know if it's worth to install TCP View : ?I accepted outgoing connections one hour ago and I notice an UDP connection established to a port 6771 as allready reported by a forumer on here and with no IP address (strange)http://forum.utorrent.com/viewtopic.php?pid=370623#p370623TCP View shows me that it's an UDP uT connection between my PC:6771 to no "address" and with no "state" mentionned Link to comment Share on other sites More sharing options...
thelittlefire Posted October 29, 2008 Report Share Posted October 29, 2008 I'd hardly call anything from sysinternals "install". Though I will admit process explorer is pretty hefty at 3 MiB unpacked. TCPView is a graphical representation of the netstat and nbtstat utilities.Btw, it's rude and silly to expand your theory of your problem outside your thread. Posting in other threads ... especially without reading them, doesn't help you. Link to comment Share on other sites More sharing options...
jerome Posted October 29, 2008 Author Report Share Posted October 29, 2008 But it is another problem allready exposed in this other thread http://forum.utorrent.com/viewtopic.php?pid=370623#p370623 by "Press start", member, with no answerMy principal question is about "Why UDP connections with uT ?"and the second is why port 6771 sometimes ? in this other threadtwo different subjects ! ! on one hand a question of general features of uT and on the other hand a particular problem with a suspicious connection on a particular port Link to comment Share on other sites More sharing options...
Ultima Posted October 30, 2008 Report Share Posted October 30, 2008 If you're so worried about "suspicious connections," then Wireshark the packets on port 6771. We've told you plenty of times already that it's LPD multicast packets. If you don't want to believe us, there's nothing else we can do to explain it to you. Link to comment Share on other sites More sharing options...
jerome Posted October 30, 2008 Author Report Share Posted October 30, 2008 Ok but for this subject of why to let UDP connections establishing in uT ? Link to comment Share on other sites More sharing options...
Ultima Posted October 30, 2008 Report Share Posted October 30, 2008 DHT also generates a ton of UDP packets. Resolving peer IP addresses also generates UDP packets. DNS requests generate UDP packets. Link to comment Share on other sites More sharing options...
jerome Posted October 30, 2008 Author Report Share Posted October 30, 2008 Yes but > I don't have DHT enabled> I know DNS requests I put a spécial rule for that !> IP adress resolving is only we display the window of peers Link to comment Share on other sites More sharing options...
moogly Posted October 30, 2008 Report Share Posted October 30, 2008 IP resolving is in peers tab and works only if you enable it. If you don't want it, right click on peer list and uncheck IP resolving. Link to comment Share on other sites More sharing options...
Firon Posted October 31, 2008 Report Share Posted October 31, 2008 UDP is not a "hacking risk." At all. Link to comment Share on other sites More sharing options...
jerome Posted October 31, 2008 Author Report Share Posted October 31, 2008 Are you sure ? are you a specialist of the firewalls and protection against attacks ?It is well known that the best way to be hacked is to let an open port for UDP protocole Link to comment Share on other sites More sharing options...
Ultima Posted October 31, 2008 Report Share Posted October 31, 2008 No, there is nothing inherently insecure about UDP. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.