Monday, February 28, 2011

Does port forwarding create security risk?

Yes and no.

Yes, because if you forward the port to your PC and an application is sitting on your PC listening with that port then you have to trust that that application is written well and has no exploits. However, there are always software bugs and instances of such exploits is not uncommon.

No, because if you forward a port to your PC and the application isn’t open then the port is not open on your PC.
Or if the application is open on your PC and listening on that port and it’s a well written application then there’s nothing a hacker can do to abuse the port.

To clarify. If you open port 50000 on your router and tell it to go to your PC then any request from the internet to your router over 50000 gets forwarded to your PC. If you have no application or service listening on 50000 then the packet goes no further. If you have an application listening on that port (say uTorrent or Azureus) then the data gets passed to the application. If it’s valid uTorrent or Azureus traffic then the application works on the data. If it’s not valid, the application ignores it. In some cases hackers can write packets to go to your application that exploit a bug or security problem to cause the application to crash or do stuff you don’t want. In those cases you get patches or updated applications. Web servers suffer from this a lot because of the amount of features (and crappy programmers). I haven’t heard of torrent programs being exploited yet.
In business environments, because of this, generally if a PC has ports open to the internet then it’s in a DMZ (segregated network) as it’s never trusted.
In a home environment you’re not likely to have seperate PCs or networks for this security. The software firewall helps because if a hacker does manage to send traffic through to your PC and compromises your application then the software firewall may stop the PC from communicating back out to the internet if they’re doing it over a different port.
Looking at that, I see it’s a bit complicated. So short answer. You can forward a couple of ports to your PC for torrents reasonably safely. Use a software firewall too and a virus checker. And check for updates to your torrent application regularly as they may include security fixes.

0 comments: