How does port forwarding reduce security?

cdysthecdysthe
edited April 2014 in P2P Support
Hi,

I see that using port forwarding reduces security, but it doesn't say in what way it does. My main concern is to keep my ISP from snooping on my activity on BitTorrent. Will using port forwarding make it easier for my ISP to see what I am doing as far as bittorrent downloads are concerned?

Comments

  • whoiskamrynwhoiskamryn
    All your data transmission while on the VPN are still encrypted. Your ISP shouldn't be able to see your activity.
  • VPNVPN
    Another one for the FAQ.

    Port forwarding has two implications:

    Using a specific port could make you more recognizable in torrent swarms. That doesn't mean you can be deanonymized, but someone observing torrent swarms might profile what you download. They still don't know who you are, but they could know you like cars and travel.
    I don't know if anyone actually does this, but you can combat this by changing the port often.

    Having an open port, a way for someone to send data packets to you without your knowledge/initiation, could make it easier to run a deanonymization attack by packet correlation against you. This attack has some heavy prerequisites, which only few can meet. Most that can do it can also do it without port forwarding, including your ISP.

    If you think it's unlikely that you will be actively attacked, port forwarding won't matter. If you think it likely you'll be attacked, PIA alone will probably not protect you.

    Port forwarding is a nice feature and I recommend to use it, because it's good for the health of torrent swarms.
  • cdysthecdysthe
    edited April 2014
    Thanks! This is great information! And yes, it should be included with the FAQ. 

    I really like using port forwarding in my current setup. I have set up the Deluge bittorrent client and use it's execute plugin to run a script updating forwarded port when a torrent is added so it's completely automated and works regardless of which gateway I am connected to as long as it supports port forwarding.  


  • lrr100lrr100
    edited January 2015
    ISP don't see you downloading. The only way they will know you are torrenting is if you get caught by a watchdog group and they report it back to the ISP. Under the VPN, your data is encrypted. When the VPN disconnects, then your real ip address is exposed because PIA does not have an option to cover your ass in the torrent client program if their server goes down. Just be careful.
  • szimatszimat
    VPN said:
    Another one for the FAQ. Port forwarding has two implications: Using a specific port could make you more recognizable in torrent swarms. That doesn't mean you can be deanonymized, but someone observing torrent swarms might profile what you download. They still don't know who you are, but they could know you like cars and travel. I don't know if anyone actually does this, but you can combat this by changing the port often. Having an open port, a way for someone to send data packets to you without your knowledge/initiation, could make it easier to run a deanonymization attack by packet correlation against you. This attack has some heavy prerequisites, which only few can meet. Most that can do it can also do it without port forwarding, including your ISP. If you think it's unlikely that you will be actively attacked, port forwarding won't matter. If you think it likely you'll be attacked, PIA alone will probably not protect you. Port forwarding is a nice feature and I recommend to use it, because it's good for the health of torrent swarms.
    This actually means that using open port (port forwarding) doesn't really reduces security? The data is still encrypted all the way between the torrent client and the peers connected to?

    I have iptables rules configured to not leak ip address. The question is, am I more subject to leaking my real IP with port forwarding? How I understand your post, it is safe to use port forwarding, as everything is encrypted and tunneled over the vpn connection the same way as it would without port opened? 

    Could you please explain the deanonymization attack by packet correlation in little more details, or provide a link what foes it actually mean and how it works? I imagine it is not an easy task to do, therefore not likely anybody (regular torrent user) would be subject to this, or I'm wrong?
  • blehbleh
    szimat said:
    VPN said:
    Another one for the FAQ. Port forwarding has two implications: Using a specific port could make you more recognizable in torrent swarms. That doesn't mean you can be deanonymized, but someone observing torrent swarms might profile what you download. They still don't know who you are, but they could know you like cars and travel. I don't know if anyone actually does this, but you can combat this by changing the port often. Having an open port, a way for someone to send data packets to you without your knowledge/initiation, could make it easier to run a deanonymization attack by packet correlation against you. This attack has some heavy prerequisites, which only few can meet. Most that can do it can also do it without port forwarding, including your ISP. If you think it's unlikely that you will be actively attacked, port forwarding won't matter. If you think it likely you'll be attacked, PIA alone will probably not protect you. Port forwarding is a nice feature and I recommend to use it, because it's good for the health of torrent swarms.
    This actually means that using open port (port forwarding) doesn't really reduces security? The data is still encrypted all the way between the torrent client and the peers connected to?

    I have iptables rules configured to not leak ip address. The question is, am I more subject to leaking my real IP with port forwarding? How I understand your post, it is safe to use port forwarding, as everything is encrypted and tunneled over the vpn connection the same way as it would without port opened? 

    Could you please explain the deanonymization attack by packet correlation in little more details, or provide a link what foes it actually mean and how it works? I imagine it is not an easy task to do, therefore not likely anybody (regular torrent user) would be subject to this, or I'm wrong?

    Does anybody have an answer to this^ ??
  • kevrichardskevrichards
    bleh said:
    Does anybody have an answer to this^ ??
    That made me more confused at the end.
Sign In or Register to comment.