Opened 9 years ago

Closed 7 years ago

#2257 closed defect (user disappeared)

Firefox listens on UDP *:35035

Reported by: cypherpunks Owned by: erinn
Priority: Medium Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords: tbb linux
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When using TBB (tor-browser-gnu-linux-x86_64-1.0.17-dev-en-US.tar.gz) on Ubuntu Maverick, I find that my computer is now listening on a number of TCP and UDP ports. I am running as a bridge and so I expect Tor to listen - it does. However, I was surprised to see the following entries for Firefox when I ran 'lsof -ni' as root:

firefox 2851 anon 34u IPv4 24118 0t0 UDP *:35035
run-mozil 2856 anon 34u IPv4 24118 0t0 UDP *:35035
firefox-b 2860 anon 34u IPv4 24118 0t0 UDP *:35035

My normal Ubuntu Firefox does not do this - why does the TBB Firefox bind to those UDP sockets?

I appear to be able send data with netcat over the network to those UDP ports. Additionally, the port numbers appear to be static as they appear to be the same when I re-launch TBB.

Why does the TBB Firefox do this? Why does it bind to all interfaces? What is the purpose and what is the risk?

Is it safe to use the TBB?

Child Tickets

Change History (5)

comment:1 Changed 9 years ago by erinn

Status: newaccepted

I'm unable to reproduce this on Debian (unstable) or Ubuntu (Maverick) -- I see an open TCP connection with firefox-bin, which eventually goes away entirely, although firefox-bin continues to listen on a random port (netstat -nlp, and see also http://kb.mozillazine.org/Connections_established_on_startup_(Firefox) for why it's expected behavior)

Do the open UDP ports persist after five or ten minutes? Does any behavior, besides closing TBB, shut them down?

comment:2 Changed 8 years ago by erinn

Status: acceptedneeds_information

comment:3 Changed 8 years ago by keb

The only listening i see firefox doing in [current version https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.2.32-2-dev-en-US.tar.gz] on Ubuntu Natty is on a UNIX socket:

unix  2      [ ACC ]     STREAM     LISTENING     988749   20922/firefox-bin   /tmp/orbit-keb/linc-51ba-0-6c8ceccc4ae2a

comment:4 Changed 8 years ago by karsten

Keywords: tbb linux added
Milestone: Tor Browser Bundle for Linux

comment:5 Changed 7 years ago by Sebastian

Resolution: user disappeared
Status: needs_informationclosed

please reopen if more info becomes available

Note: See TracTickets for help on using tickets.