On Fri, 2003-04-11 at 10:31, Rodolfo J. Paiz wrote: > I should also note that you have only mentioned cost-related issues, which > are independent from "security consciousness". Given that the BitTorrent > code is Open Source, and can/has been freely audited by lots of people, > then I should expect that an RH-sponsored BitTorrent would not pose any > significant security risks to the consumer.
Opening any more ports than I hvae to is a security risk, regardless of whether or not that port is used by "audited" code.
An excellent and valid point which I neglected to mention, and a perfectly valid reason for you to choose not to use an RH/BT download channel if it is offered to you. Still doesn't make it a bad idea for other users, though. <grin>
By the way, what I've done for this kind of thing is leave a single P200/64MB box (ancient desktop) in my DMZ. This is the box which I use for BT-type stuff, and a couple of ports are forwarded to it from the firewall, and it is ENTIRELY blocked off from the rest of my network, with the exception that only I am allowed to SSH into it. So, AFAIAC, it's even lower-risk than my dns/smtp/http servers. <smile>
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx
