Welcome! Log In Create A New Profile

Advanced

Question About Ports Feature

Posted by Anonymous User 
Anonymous User
Question About Ports Feature
December 10, 2013 07:39PM
Hello. So I had a question about the newly added ports feature in Peerblock. Doesn't this actually defeat the whole purpose of the software? If I understand it correctly, adding a port in Peerblock will whitelist all connections going to that port. If you whitelist all connections what is the point? I'll give an example. I run a torrent client. Let’s say I use port 12345. If I add 12345 to my port list in Peerblock, all connections to my client will be completely unrestricted, but that includes all the connections that I am purposely protecting myself against by installing Peerblock and paying for iBlocklist updates. Isn't the point here, you are blocking connections purposely and lists are what determines what is "good" or "bad," not ports? I can't think of any software I use where I want to whitelist a port completely from everything, not even HTTP. Perhaps I am missing something here.



Edited 1 time(s). Last edit at 12/10/2013 08:06PM by JohnMan.
Re: Question About Ports Feature
December 11, 2013 07:29AM
avatar
You are absolutely correct - allowing ports in this manner is intentionally opening up a hole in the layer of security PeerBlock otherwise provides for you.  I myself do not use this feature, but there are many people out there who had been requesting it. 

I think of it the same way I do gun control - feel free to use it, but if you shoot yourself in the foot it's your own damn fault.

        ---  Mark  ---




Lead developer of PeerBlock
Anonymous User
Re: Question About Ports Feature
December 11, 2013 06:20PM
Okay, thanks, that is what I thought. I wonder if Peerblock could use a popup warning specifying that the first time you open the ports tab or whitelist a port. I know when I first saw it I was happy because I could more easily use Skype, but realized this was an issue. I think what would make it more secure is if you could add two levels of optional security to it. One would be that Peerblock would automatically open the port when a selected program was running, so it is not open all the time. The other one would be allowing the port only on certain lists. So for example, I could whitelist a port for Skype only while it is running, and only exempt addresses from a Microsoft list or custom list that are using that port. Of course, I have no idea how easy that would be to implement.

Oh, also isn't the "Allow HTTP" button on the main screen and the "80,443 (HTTP, HTTPS - web traffic)" in port tab redundant? They seem to do the exact same thing. Maybe this is just that way for the beta.
Anonymous User
Re: Question About Ports Feature
August 31, 2014 10:48PM
I'd also like to whitelist DNS traffic since my DNS uses authoritative servers first but I can't seem to get UDP whitelisting, only TCP. I've tried modifying PB but I'm not that familiar with PB source code.
Re: Question About Ports Feature
September 01, 2014 06:32AM
avatar
Yuji Saeki Wrote:
-------------------------------------------------------

i cant help you with your inquiry but one of the other more knowledgable mods/devs will respond shortly.

btw, i like the name lol, i know where it's from, good show one of my favs




Life is like a box of chocolates................................umm chocolate, yummy grinning smiley
Sorry, only registered users may post in this forum.

Click here to login