Hello,

I have boinc installed on my pc at work, and my network admin is concerned with the security risks of this program. I was wondering what port is boinc using to send its results back to the server? As well as how secure is this program in regards to getting viruses and hacking and such?

PS: Make a good argument so that I can keep this program on my work pc!!

Thanks

By default, TCP port 80 is used to communicate with the project servers. Some projects use secure connections, so at that time TCP port 443 is used.

For communication on the localhost only, TCP port 31416 is used between boinc.exe, boincmgr.exe and boinc.scr .. This port doesn't need to be open to the internet.

As for virusses and hacking and such, no data that is on your computer can be read by any of the projects, no data other than what you upload, of course.

Someone did make a P2P shared Windows Update that had BOINC as a Trojan hidden inside, which was installed on a lot of computers out there. That person has been dealt with. To be sure you don't get something like that done to you, download BOINC from the Berkeley site only or compile your own from Berkeley source code.

I haven't seen any hacking yet through BOINC.

---

I was wondering what port is boinc using to send its results back to the server?

It doesn't open any port on your computer, so it's safe with respect to that. Communication is always initiated from your computer, and happens by HTTP via port 80, just like your web browser does.

There are many security mechanisms server-side. For example, even if a hacker somehow manages to get access to a project server, he won't be able to send malicious programs to the clients attached to the project. Programs sent by the project are digitally signed, and the private key is kept away from the server.