BitTorrent causing norton security alerts?

[DJFuji]

It seems like ever since i disabled windows XP firewall and started port forwarding 6881-6999 on my router, ive been getting tons of Norton Firewall alerts saying that there is a remote system attempting to access my computer on port 688x.

This seems perfectly logical because i have BT loaded, but what makes me paranoid is that i've already given the bt program full network access via norton's control panel. These alerts seem to imply that the access attempts are unrelated to BT. It would be really brilliant on a hacker's part if that was the case, because i can't tell if the attempts are rogue or benign.

If they are all safe, how do i prevent norton from alerting me every 2 seconds? There doesn't appear to be any way to universally open the 688x port range...

 

[onelin]

here's what I came up with after thinking about the issue for a little while (from a reply to your other post)...

I have a guess as to why norton gives the warnings, though. You authorized the application to send and receive as much as it wants. That's fine, however, with BT, the tracker tells random people 'hey, send this guy some pieces of the torrent...he looks like he's uploading to others so he deserves some more speed' and is not a direct 'request' by the application, rather, by the tracker itself. the application just accepts these unrequested transactions and adds it to the BT download pool towards your file's completion.


As for a solution, I find it to be a damn shame that a software fireawll won't let you open a port range with no restriction. You'd either want to lower your level of alert (not necessarily recommended), or, if it bothers you a lot, use a different firewall I took a little while to think of a reason since I don't want to just tell you 'norton internet security is teh suxx0r' since that's no help...however, I personally don't trust it.

In case you're curious, I'm also behind a router and run Trend Micro's Internet Security 2004. It doesn't have application-based trust, but you can control in and outbound with port exceptions.

 

[DJFuji]

hm...ok. Well i found a way to sort of turn off alerts. It's unfortuantely that i had to open every port up to do it, and norton will only block transmissions of known trojan activity. This kind of opens me up, but i'll see about configuring XP's firewall and my hardware firewall to kind of pick up the slack there. Thanks.