jochen Posted August 14, 2013 Report Share Posted August 14, 2013 I installed btsync server on my webserver, disabled relay, tracker, dht and all the other settings on that page. I configured it to use a fixed port of 22222 and tested with nmap from a remote client that this port is open.Next I installed btsync desktop on my notebook, disabled relay, tracker and the other settings. The only thing I activated was my webserver as a predefined host, with port 22222. But the client cannot find the server until I activate tracker on both sides.What am I doing wrong?I don't want to use a tracker because I think this is a security issue. Everyone who has the secrets for my folders can access them. And at least the tracker has all my secrets. How can I trust the tracker? Quote Link to comment Share on other sites More sharing options...
capi Posted August 14, 2013 Report Share Posted August 14, 2013 And at least the tracker has all my secrets. How can I trust the tracker?As stated very often, the tracker has the SHA2(secret):IP:port, not the secret itself. So an attacker would need to brute-force a SHA2-hash in order to get the real secret. That's actually more unlikely than most username/password combos (which most of the time store also the password as hash, hopefully). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.