firefox opens a UDP listening port a.k.a backdoor on all network interfaces
On ubuntu oracular 24.10, when firefox is launched, it tries to open a UDP listening port on all network interfaces which is not acceptable on many levels:
/usr/bin/netstat -tunpevaW|grep firefox udp 0 0 0.0.0.0:48654 0.0.0.0:* 1000 881247 178766/firefox
Is this behavior specific to Ubuntu or is it implemented by design? This must be a no go by design: if it needs a UDP port for some reason, it has to open it on the **loopback interface (127.0.0.1)** only.
Ændret af jean-christophe manciot den
Alle svar (3)
Hi Jean-Christophe!
I found this post about this: https://unix.stackexchange.com/a/769645 According to this and others I found, these are most likely used by HTTP/3, which is partially UDP-based. So this isn't Ubuntu-specific at all.
Regards, Balázs
Ændret af Balázs Meskó den
Chrome supports HTTP/3 out of the box (which can be checked at https://quic.nginx.org for instance) and does not open UDP or TCP listening ports on all network interfaces:
# /usr/bin/netstat -tunpevaW|grep chrome | grep -P "^(udp|tcp)[[:blank:]]+0[[:blank:]]+0[[:blank:]]+0\.0\.0\.0:" #
The HTTP/3 argument does not stand.
Ændret af Balázs Meskó den
I can't find any authoritative source, so you can disagree, but it is indeed HTTP/3. If you disable it in about:config no new ports are in netstat's output.
My guess is Chromium's implementation of QUIC is slightly different.
Ændret af Balázs Meskó den
Du skal logge ind på din konto for at svare på et indlæg. Start et nyt spørgsmål, hvis du ikke har en konto endnu.