firefox opens a UDP listening port a.k.a backdoor on all network interfaces
On ubuntu oracular 24.10, when firefox is launched, it tries to open a UDP listening port on all network interfaces which is not acceptable on many levels:
/usr/bin/netstat -tunpevaW|grep firefox udp 0 0 0.0.0.0:48654 0.0.0.0:* 1000 881247 178766/firefox
Is this behavior specific to Ubuntu or is it implemented by design? This must be a no go by design: if it needs a UDP port for some reason, it has to open it on the **loopback interface (127.0.0.1)** only.
jean-christophe manciot மூலமாக திருத்தப்பட்டது
All Replies (3)
Hi Jean-Christophe!
I found this post about this: https://unix.stackexchange.com/a/769645 According to this and others I found, these are most likely used by HTTP/3, which is partially UDP-based. So this isn't Ubuntu-specific at all.
Regards, Balázs
Balázs Meskó மூலமாக திருத்தப்பட்டது
Chrome supports HTTP/3 out of the box (which can be checked at https://quic.nginx.org for instance) and does not open UDP or TCP listening ports on all network interfaces:
# /usr/bin/netstat -tunpevaW|grep chrome | grep -P "^(udp|tcp)[[:blank:]]+0[[:blank:]]+0[[:blank:]]+0\.0\.0\.0:" #
The HTTP/3 argument does not stand.
Balázs Meskó மூலமாக திருத்தப்பட்டது
I can't find any authoritative source, so you can disagree, but it is indeed HTTP/3. If you disable it in about:config no new ports are in netstat's output.
My guess is Chromium's implementation of QUIC is slightly different.
Balázs Meskó மூலமாக திருத்தப்பட்டது
You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.