Security concerning Tor, BitTorrent and Firewall

coderman coderman at gmail.com
Mon Feb 19 21:55:51 UTC 2007


On 2/19/07, a a <werner12345 at hotmail.com> wrote:
> ...
> A more accurate question on my behalf would therefore be: Can Tor (if
> you use it without (or with, for that matter) port forwarding the
> firewall, create "holes" in the firewall by allowing incoming
> connections through the Tor proxy. The µTorrent case kinda implies this
> (riiight...?) as the other peers seemed to be able to connect to me at a
> higher rate...

Tor will not punch holes (as of yet).  however, it is common for the
official bittorrent client and utorrent (iirc) to use UPnP to speak to
the router and open ports.  if this is going on, it's likely that your
Tor'ification left this hole open, so to speak.

this class of problem (applications bypassing proxy settings and/or or
using non-TCP protocols to communicate) is one reason i am fond of a
transparent proxy approach to Tor rather than cumbersome and
potentially error prone application specific configurations for all
desired tasks.

ditto the previous comments about torrents on Tor; it's not really
useful and is detrimental to performance as a whole.



More information about the tor-talk mailing list