From owner-freebsd-questions@FreeBSD.ORG Thu Nov 27 00:52:38 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1B95E1065672 for ; Thu, 27 Nov 2008 00:52:38 +0000 (UTC) (envelope-from numardbsd@gmail.com) Received: from ti-out-0910.google.com (ti-out-0910.google.com [209.85.142.184]) by mx1.freebsd.org (Postfix) with ESMTP id 938698FC23 for ; Thu, 27 Nov 2008 00:52:37 +0000 (UTC) (envelope-from numardbsd@gmail.com) Received: by ti-out-0910.google.com with SMTP id a1so443585tib.3 for ; Wed, 26 Nov 2008 16:52:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:face:mime-version :content-type:content-transfer-encoding; bh=fRatX7qflMJpUDu8fugILYDOC0WZYSbNtVSlct1ETHA=; b=mzFRyfbPUd0Eamk7mpcFPPvk3kC3cF86feRiJu4ZilTs1LQQjRZBQvTkSFEOazP+m2 LALwmgJo1DEzAqhkesims9IE6i7E9pei2B6drNxynTeWtXTFNICUI2ixSXVnxARJvZ3G xezZNddE8LWu6jFRhAZEfvNvjr5xxlkEV2QI0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :face:mime-version:content-type:content-transfer-encoding; b=SlmVm4zoKWtkz7h8MpnQczR7ZKg9Nkb5FLJa+Bp4RUcvHXoLIpywjo4DQPeVN7HFvE qPRCNdnjTGQP58SxXqUm2f9XoNQ09TP3jGzE3AGvEsZrkBCrU6uL+qUUr4pZfRtzLlrP 03TTLo6gMuzfn1ehPWuQotFuQTcz9zglxfe7w= Received: by 10.110.20.15 with SMTP id 15mr9294895tit.8.1227747156903; Wed, 26 Nov 2008 16:52:36 -0800 (PST) Received: from ayiin (124-170-24-179.dyn.iinet.net.au [124.170.24.179]) by mx.google.com with ESMTPS id 2sm2083164tif.0.2008.11.26.16.52.33 (version=SSLv3 cipher=RC4-MD5); Wed, 26 Nov 2008 16:52:35 -0800 (PST) Date: Thu, 27 Nov 2008 11:52:25 +1100 From: Norberto Meijome To: freebsd-questions@freebsd.org Message-ID: <20081127115225.64d3e32f@ayiin> In-Reply-To: <20081126185216.7ab011ac@gumby.homeunix.com> References: <492D51CB.9000201@a1poweruser.com> <20081126081306.17qwm4xcthtwcgw0o@intranet.casasponti.net> <20081126174157.C66781@wojtek.tensor.gdynia.pl> <20081126185216.7ab011ac@gumby.homeunix.com> X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.1) Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEX+/v7++v6YOTrq8PCcuIX989UvOSj++v0BNCbpAAAAB3RJTUUHsQwfFzs7RBhzUQAAAhJJREFUOI1dU8GOqzAMNKIoV1bvwD1i0ysqrHplIdBrVSX7ATSbd03VVvn9tQNtQy0hjAdn7LED4AAcPtWm9RV+MPSfxhBLx9ajd6X/ngB6/mTwnRSZua7i7Ca+0ctZKo4Qmz+JY13X6I3nFZBxIYW1PbgfQ5RP8g0XlltEWGf3cV03joYpRnFbvYDKbXjZlXyyhEZA4lI+cN3NaVXE4VKjSwTExO10eTEkkJVqIAD5z0nUBQJluQDRSQjcrBiHAJxZlAH5CUMBMC7OcJ4LMQNnxhZ1HYPscMc6J4UlWRMNwzOpCcAHKSICd1EDn83abdREIbXsHkD1OinP1aCUCOEVRaa1lMcvywUWdYgk13JQUpYNKmvXQ8Kw5ML9YI5h8SakctBc7E/IYuLhYd/zZIk+1gM1vNweQBvHE0j+oYah3sMqAytQYlZk6+ANaaawJdu3OFzYGMZ3iGpa3qMlq9ZH0VZTgrCtw/ngdYkEIIpSbP1bWQAdFdX9vocBdkH2qVjVmuMu3gI5rjs814EUdrCZgWlPaxZZ3RiLFUtr+ud0PXwp2dnQSNXgePt6AZpBj6UMJ7VQkzN4utVeaSW1Dhn/kblGrKeMvNGnzwX4zuEDarYz1KdPtR60Gul0Gued+515SJXhCsl+Tx/3kY/UDvicPll9mfu50t3tvQ/thZpJYgeuwdSKNJ6tCD98MCgoxLDaPxbwqqwPWaWiAAAAAElFTkSuQmCC Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: firewall rules for bitlord, yahoo, limewire X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Nov 2008 00:52:38 -0000 On Wed, 26 Nov 2008 18:52:16 +0000 RW wrote: [..] > > > It is one of the > > fastest, most effective ways to spread viruses, trojans, spyware, etc. > > > > The program does not use fixed ports, so the services are hard to > > block. In essence, the program gets the user to bypass security > > measures from the inside. > > There's nothing remarkable about that, no p2p filesharing application > uses fixed ports. Some have default ports, but they are widely ignored > because historically ISPs used those ports for throttling. +1 . skype does the same thing. and it's "p2p" too , although a lot less so than limewire. > > > When people ask my advice about computers, I always include: "Never > > use Limewire, or anything like it." > > They are as dangerous as you want to make them, I've been using > bittorrent and eD2k for years and have never seem a single virus, > trojan etc. I've seen a few on USENET but they've always been laughably > obvious. People that end-up with that kind of thing are normally > actively seeking executables. +1 - just the usual job of keeping an ear out for security holes ( including those in your users' behaviour :P ) _________________________ {Beto|Norberto|Numard} Meijome "Always do right. This will gratify some and astonish the rest." Mark Twain I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.