Without getting into the ethics of P2P...
On Firestarter I'm seeing an expected connection from IP x.x.x.1 on port 6697.
I sometimes also see a connection that I don't understand, a persistent connection from my PC (192.168.123.151) to the other computer (x.x.x.1) on a random port, in this case port 1120. That outbound connection doesn't go away, according to Firestarter, even if I shut down the P2P client. Firestarter continues to identify it as an active connection.
I'm no kind of expert at checking out this sort of thing, but I did scan the port with nmap:
Code:
# nmap -T Aggressive -A -v -p 1120 192.168.123.151
Scanning 192.168.123.151 [1 port]
Completed SYN Stealth Scan at 20:13, 0.01s elapsed (1 total ports)
Initiating Service scan at 20:13
Initiating OS detection (try #1) against 192.168.123.151
Retrying OS detection (try #2) against 192.168.123.151
SCRIPT ENGINE: Initiating script scanning.
Host 192.168.123.151 appears to be up ... good.
Interesting ports on 192.168.123.151:
PORT STATE SERVICE VERSION
1120/tcp closed unknown
Does that look like anything I should be worried about. As I said, the sympthom only shows up occasionally, and only when an uploader is
apparently having a troublesome connection.