On Saturday 26 April 2008 02:43, Jim Cook wrote: > As far as I know, I don't know anyone running Freenet, so I'm running > in insecure/promiscuous mode. Freenet kindly warns me that others > can therefore identify my node and attack it. However, although I've > read the FAQ and googled some, I'm not clear what sorts of attacks > are possible, other than knowing which sites I've visited.
Lots. Read the wiki, start with the security page: http://wiki.freenetproject.org/FreenetZeroPointSevenSecurity > > Freenet also reminds me to forward UDP ports XXXXX and XXXX because > I'm behind a NAT, and so other nodes behind symmetrical NATs can't > connect to my node. However, Freenet seems to be working OK in that > I'm connected to ca. 13 nodes. I currently don't forward any ports > through my hardware firewall, and I hesitate to do so without > understanding the security implications. The result of forwarding the UDP ports is that Freenet can accept incoming connections from nodes which it isn't already sending a packet to. This is necessary for: - Connecting to any node on a dynamic IP address. (You may still be able to connect, but only if the node manages to connect to one of its other peers and ARKs are working). - Connecting to any node behind a symmetric firewall/NAT. - Being a seednode. > > I'd appreciate suggestions for further reading re both issues. > > Thanks again. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/support/attachments/20080428/d04f09d6/attachment.pgp>
