ElDopa Posted January 20, 2011 Report Posted January 20, 2011 The latest beta build of the 2.2.1 (build 24217) has added port 80 (HTTP) and 443 (HTTPS) to the default blocklist (as stated in the changelog). Since using port 443 is almost the only port you can use on public, firewalled infrastructures (HotSpots, Hotel Wifi, etc.) I like to request removing port 443 from the default blocklist again. Port 80 isn't that big of a deal, since the more advanced firewalls still filter non-HTTP traffic on port 80; leaving port 443 the only viable option (until now) ...
Ultima Posted January 20, 2011 Report Posted January 20, 2011 So just remove it from bt.no_connect_to_services_list.The changes were made in part due to a protocol abuse. Just saying "I want it this way" doesn't seem all too convincing to me, given the other side of the argument.
Firon Posted January 20, 2011 Report Posted January 20, 2011 The port isn't going to actually be open anyway. It has to be forwarded to -your- machine, and it never will be.
ElDopa Posted January 20, 2011 Author Report Posted January 20, 2011 Well actually, it is. I'm typing this from a hotel room, with uTorrent successfully running on 443 and accepting incoming connections. Guess UPnP or NAT-PMP is still enabled on the router. And this might sound like the odd exception out, but in my experience it works pretty well with most hotel-connections.My argument being that port 443 is sometimes the only 'usable' port not being (effectively) filtered by a firewall, so blocking it by default will render it useless. It's not because I simply want it (I use SSL tunnels to get around any firewalling in case I need to, but not everybody has that luxury or knowledge), but because it restrict it's usability on public infrastructures.As an end-user I'm not about protocol-restrictions or -abuse, I'm about usability ... I understand your side, I'm just saying it might not be in the end-users interest. As I've never heard about BT traffic over 443 causing problems for routers/firewalls, I'd prefer the practicality over the theoretical correctness. I can imagine there could be some - for end-users unknown/invisible - downsides to it, but in that case please share them (if it's not too much work/tech detailed); it never hurts to learn ...PS: Removing 443 from the no_connect list in my uTorrent is kinda useless, it's about the peer's no_connect list (which is likely to be the default value(s)), hence the request.
Firon Posted January 20, 2011 Report Posted January 20, 2011 You can still make outgoing connections. Your incoming port has no real relevance on that. The security gains from doing this outweigh the few users that would be affected.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.