Arbitrary TCP port

Hi,

In my opinion Ethereum communication should be restricted only to TCP ports >= 1024 (http://www.w3.org/Daemon/User/Installation/PrivilegedPorts.html).
The reason of this is to minimize the risk of abusing p2p network to interfere with other Internet protocols.

Especially, passive TCP port scanning by broadcasting false node addresses should be avoided. In the current implementation (I was looking at C++ version) malicious node is able to conduct such a port scanning. Moreover, at least RFC1918 address checks are missing, so malicious node can broadcast peer list containing private network based addresses (look at CNetAddr::IsRoutable() in Bitcoin official client). I realize that the code is very alpha, but it is important to be careful right from the beginning.

--
Mariusz Welna




Sign In or Register to comment.