bittorrent port hits without UPnP enabled
So I do not understand the nature of bittorrent and how it interacts with the internet. I have seen concerning connections related to an unused bittorrent client (which may always be running).
I am unsure if my NAS and its data was exposed. I will be trying to review the gobs of firewall logs I have, but that will take some time. I do see that MOST hits say Deny. But I need to confirm they are 100% Deny.
Is there a security issue with merlin firmware at the level I mention?
Or does anyone know if this is all normal bittorrent behavior, and my data was not at risk? Ultimately, the fact my firewall had no explicit access open for this is very concerning, but that just means the app is the likely cause of internet access I think.
1. I am running Merlin 376.48_1 on my AC68U.
2. I disabled the UPNP feature in the firewall. (does this truly prevent any UPNP usage thru the firewall?)
3. I have a NAS device, which has a bittorrent client on it. I have never used it.
4. In the System Log - Active Connections of the router, I saw lots of entries for UDP port 6881. Below is an example.
So I do not understand the nature of bittorrent and how it interacts with the internet. I have seen concerning connections related to an unused bittorrent client (which may always be running).
I am unsure if my NAS and its data was exposed. I will be trying to review the gobs of firewall logs I have, but that will take some time. I do see that MOST hits say Deny. But I need to confirm they are 100% Deny.
Is there a security issue with merlin firmware at the level I mention?
Or does anyone know if this is all normal bittorrent behavior, and my data was not at risk? Ultimately, the fact my firewall had no explicit access open for this is very concerning, but that just means the app is the likely cause of internet access I think.
1. I am running Merlin 376.48_1 on my AC68U.
2. I disabled the UPNP feature in the firewall. (does this truly prevent any UPNP usage thru the firewall?)
3. I have a NAS device, which has a bittorrent client on it. I have never used it.
4. In the System Log - Active Connections of the router, I saw lots of entries for UDP port 6881. Below is an example.
Code:
udp 192.168.32.123:6881 188.x.x.243:61163 ASSURED
udp 192.168.32.123:6881 2.x.x.137:35085 ASSURED
udp 192.168.32.123:6881 190.1.15.101:38697 ASSURED
udp 192.168.32.123:6881 112.x.x.178:28947 ASSURED
udp 192.168.32.123:6881 14.x.x.182:28417 ASSURED
udp 192.168.32.123:6881 178.x.x.153:39086 ASSURED
udp 192.168.32.123:6881 2.x.x.247:26215 ASSURED
udp 192.168.32.123:6881 68.x.x.129:51933 UNREPLIED
udp 192.168.32.123:6881 14.x.x.189:58260 UNREPLIED
udp 192.168.32.123:6881 92.x.x.110:54197 UNREPLIED
udp 192.168.32.123:6881 110.x.x.13:63048 UNREPLIED
udp 192.168.32.123:6881 185.x.x.232:41419 UNREPLIED
udp 192.168.32.123:6881 190.x.x.185:10588 UNREPLIED
Last edited: