Firewalls: Just what does BOINC want to talk to me?

Message boards : Questions and problems : Firewalls: Just what does BOINC want to talk to me?
Message board moderation

To post messages, you must log in.

AuthorMessage
Winston
Avatar

Send message
Joined: 28 Jan 15
Posts: 2
United States
Message 62105 - Posted: 10 May 2015, 18:19:28 UTC

CRISIS: After tightening security, or at least trying to, with the AVAST firewall, I tried to get BOINCMGR back up - wouldn't run, in fact wouldn't run without pings, desktop access, and a whole lotta other controls left wide open.

In frustration, I turned off the firewall just so I could communicate work my BOINC system had been doing while disconnected, forgot and discovered in the morning I'd been pinged by 3/4 the population of Nigeria, or at least pirates operating under a Nigerian flag of convenience. with luck, the outage will just get me a plate of amusing spam,spam,spam,spam, a lobster thermador and spam.

So, WHAT does BOINC want (and why? I thought that work was sent to my machine as a file, machine performed tasks needed and uploaded the results. This should NOT require pinging, and all sorts of other system rights to access)

(I should know better, I started doing good positive hacking before the word developed a single negative connotation, can still do hardware on DEC PDP-1s,4s,5,s,6,s,7s,8s(all of em), 9s, 10,s 12s, 15s, and 20s, really good hardware, and get you the parts for the PC you need or the PC you want. But, somewhere along the line, I think when the basic x86/amd+ instruction set went from a booklet to 3 huge overpriced manuals, and I discovered that life required work, I became a USER, though I haven't yet fallen to the level of "knows as much about computing as about his 'fridge, and he doesn't know a thing about WHY a compressor makes it cold in the box.", and believes an EFF-developed course on "how your computers and the Internet works" then pass a test before issued a license to use one.)
Still looking for the real Emmanuel and the Resistance, but someone sent a chopper to cut off my head. RSVP here, I'll get it mailed to me at home.
Winston Smith, Room 101, MiniLove
ID: 62105 · Report as offensive
Profile Jord
Volunteer tester
Help desk expert
Avatar

Send message
Joined: 29 Aug 05
Posts: 15477
Netherlands
Message 62110 - Posted: 11 May 2015, 12:41:53 UTC - in response to Message 62105.  
Last modified: 11 May 2015, 12:45:40 UTC

So, WHAT does BOINC want (and why? I thought that work was sent to my machine as a file, machine performed tasks needed and uploaded the results. This should NOT require pinging, and all sorts of other system rights to access)

BOINC its parts talk to each other via remote procedure call, on localhost (127.0.0.1) only. They do this to be able to show in real time in BOINC Manager (the GUI) what the client is doing. To do so, you have to allow the BOINC binary (boinc.exe) and the BOINC Manager binary (boincmgr.exe) through your firewall on TCP port 31416.
To be able to contact the projects, the BOINC binary needs separate permission to access TCP ports 80 (HTTP) and 443 (HTTPS).

No other ports or addresses are needed.
ID: 62110 · Report as offensive
whynot

Send message
Joined: 8 May 10
Posts: 89
Ukraine
Message 62193 - Posted: 16 May 2015, 15:05:25 UTC - in response to Message 62110.  


BOINC its parts talk to each other via remote procedure call, on localhost (127.0.0.1) only. They do this to be able to show in real time in BOINC Manager (the GUI) what the client is doing.


Correction. BOINC client *listens* on any network interface available on port 31416. That makes it possible to control/monitor BOINC *clients* with one BOINC *manager* over network. However, for standalone computer with alone client it's OK to allow listening/opening port 31416 on localhost (127.0.0.1) and forbidding on any other interface.
I'm counting for science,
points just make me sick.
ID: 62193 · Report as offensive

Message boards : Questions and problems : Firewalls: Just what does BOINC want to talk to me?

Copyright © 2024 University of California.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.