Gnutella Forums - Confused about firewalls and ports

Gnutella Forums (https://www.gnutellaforums.com/)

- General Mac OSX Support (https://www.gnutellaforums.com/general-mac-osx-support/)

- - Confused about firewalls and ports (https://www.gnutellaforums.com/general-mac-osx-support/72344-confused-about-firewalls-ports.html)

Confused about firewalls and ports

Been reading a lot of stuff about Limewire and firewalls, in the user guide, tips of the day, these forums, etc. and I still don't get it completely. I'm hoping somebody can wrap it up such that an experienced, yet non-technical, LW user can understand. As far as I can tell I am able to connect and dl regardless of whether I'm behind a firewall or not. I have no obvious problems, except that search results are wayyyyyyyyy worse than they used to be in earlier times.

First, a summary of my questions:
1. If I can operate behind a firewall, do I still need to open a Gnutella/Limewire port?
2. Are my crappy search results due to being behind a firewall?
3. Does opening a port weaken the general security of my computer?

1. I read somewhere that Limewire sometimes can operate from behind a firewall, and it *seemed* to imply that as long as you can connect and download then it's cool, you don't have to worry about messing around w/ your firewalls. That is the case w/ me. I have the brick wall/globe icon but I can connect and dl.

I have tried working with all services and ports closed as per the OSX Tiger default, and also with the Gnu/LW port opened. I haven't done any serious comparisons of LW's performance in these two scenarios, but it seems to work pretty much the same, both ways. Dl's are pretty fast. Should I open the Gnutella/Limewire port anyway?

2. I have not experimented enough to tell whether my LW search results are any better with the Gnu/LW port open, but I can tell you that either way the search results are much worse than they used to be several months, or maybe even a few years ago (I'm pretty vague remembering the time scale--don't use LW much any more because of the crappy search results). Can working from behind the firewall hurt search results?

Sorry, I'm not sure how many things have changed in my setup since my search results used to be so much better, but some things I'm sure of are:
- Changed from Earthlink dialup to AT&T DSL, with Siemens Speedstream 4100 modem.
- Occasional OS updates over time. Currently up to OSX 10.4.9
- Upgraded LW when I moved from Classic to OSX. This may be when things started to go south, *IF* I remember right. That's a big IF though. Currently using LW 4.12.3.
- Music record industry began cracking down, flooding with bogus files, and other tactics. But my poor search results seem to be across the board, not limited to searches that the music industry is trying to block.
- Bogus commercial search results have increased dramatically, to where they dominate many of my searches. But maybe I'm digressing here--sorry.

3. In general, security experts tell lay people "you should always use firewalls". Security concerns are very important to me, but I'm ignorant about the architecture of firewalls and ports. Does opening the Gnu/LW port lessen the security of my computer in any way? Does opening this port mean that as far as Gnutella is concerned I don't have a firewall, and/or does it make me more vulnerable to any bad things, either via Gnutella or via any other pathways?

G4
OSX 10.4.9
Firewalls: standard OSX firewall on, all services and ports stopped, closed.
Limewire 4.12.3
Java 1.4.2 with J2SE 5.0 Release 1 update, and Java Prefs Runtime Settings set with J2SE 5.0 on top. However I just installed the J2SE 5.0 update today so I don't know yet if anything has improved because of it.
DSL from AT&T, with Siemens Speedstream 4100 modem
I'm only a leaf node but I get a lot of incoming searches for things totally unrelated to anything on my computer.

You definitely sound like you come from a Windows background. Many OSX users don't even bother with their firewall being on.

You can download, good! Can you upload? Gnutella is a p2p (peer to peer) "sharing" network. So people who download are expected to share back. If nobody shared, you'd have nothing to download. Get the circle? The more who share, the easier it is to download the same & new items ... makes downloading faster.

1. Being behind a firewall can make a difference. I know when I upgraded from dial up to adsl, my initial results were not as good as they should have been. After port forwarding my router & getting rid of the firewall issue, my results improved greatly. Also, uploading helps connect to more sources & thus improves searches. Siemens Speedstream 4100 does have an internal NAT firewall. The question is whether your device supports UPnP or supports it reliably. Oh ... looking at Port Forwarding for the Siemens 4100 it seems it does support UPnP. What you need to do is enable UPnP. If UPnP doesn't work well, then port forwarding is the way to go. Port forwarding & UPnP are safe. The port is only being used whilst the program is open. And you already have other ports open so you can browse the internet. ;)

2. I have found the Junk filter doesn't seem to work as well as it did. For that reason I now choose to show junk results at bottom of search results. In that way I can check them & junk or unjunk various results incorrectly determined by the filter. Move the junk filter slider further to left. ;)

3. Same as you were when using dial up, except with added security with the NAT router. Other points already answered. Configuring your firewall be it OSX or NAT firewall is not totally opening the port ... it is specifically only allowing LW access.

Wha??? Windows, me??? No reason to get nasty! :)
But really, thanks LOTR, that helps some. I've been a good LW sharer, Mac only, for years. Yes I can upload, though apparently it's pretty rare that anybody actually wants any of my stuff.

I see that I do have UPnP enabled.

I'm already using my junk filter same way as you describe. Seems to work OK. It's not very smart but I wouldn't call it a dumb-*** either. BTW I'm hesitant to block hosts; I don't suppose you know any way to tell the difference between hosts that are spammers only, and hosts who are legit citizens who happen to have dl'd a spam file and are inadvertantly sharing it?

I didn't know "many OSX users don't even bother with their firewall being on", though I am familiar w/ the conventional wisdom that Macs are safe from bad guys. I just tend to play it safe when swimming in unclear waters; you know what happens when one assumes...

Re your point that configuring firewall only allows LW access: are you saying bad guys--if there were any out there preying on macs--would not be able to use that access for their nefarious schemes?

What is NAT? Can you recommend a post or page that 'splains this stuff a little further--NAT, ports, forwarding, etc.--for dummies?

Hmm, I found out a little more info. My ISP's connection analyzer tells me my modem, while NAT-capable, is in a mode that uses "IP passthrough", which I interpret to mean it is not using NAT [right?:blink:]. Does that mean the modem's firewall is not in the chain? My ISP's tech support lady says my modem doesn't even have a firewall but she doesn't sound very expert. In my Mac I have the Gnu/LW port open. In LW I have UPnP enabled and my listening port is in the recommended range. But I still have the brick wall icon in LW. I have not tried port forwarding yet. My IP address is dynamic, and they tell me it'd cost me $ to get a static IP. :nono:

Could my modem's firewall be what LW is sensing despite NAT being bypassed?

I can search and find, and can upload and download at good speed. As mentioned before my only complaint is poorer search results than I remember in days of yore. Is there any sense among the Gnutella community that there might be fewer folks on the network these days compared to, say, a few years ago?