Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is it safe to portfoward when making a Minecraft server?


  • Please log in to reply
6 replies to this topic

#1 Deleted

Deleted

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 PM

Posted 26 July 2013 - 04:33 PM

I log in to my bank account on this computer so i was wondering if it is safe to use port forwarding.



BC AdBot (Login to Remove)

 


#2 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:06 PM

Posted 27 July 2013 - 01:05 AM

I log in to my bank account on this computer so i was wondering if it is safe to use port forwarding.


Safe is a relative thing.

Is it completely safe? No, as you are fully opening up a port that will essentially by pass the firewall type function of the router. And even if you have a software firewall running on the computer, you will have to "allow" that port for the server to work.

Is it completely unsafe? No, as most ports will be blocked, so most paths to your computer will be relatively well protected.

It is all a function then of how "paranoid" you want to be. Personally, I would not do it on a computer that I also use to log into a bank account. But, I am at least slightly more cautious than most.

#3 AdagioBoognish

AdagioBoognish

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:[ PDX ]
  • Local time:08:06 PM

Posted 27 July 2013 - 01:24 AM

@ smax013 Would some one have to be using the minecraft client or have access to the server you're playing on in order to compromise your computer, or does opening one port weaken your protection against threats from sources unrelated to what you've port forwarded? I'm very new to networking/routers so I'm not fully aware of the risks of port forwarding. 



#4 Deleted

Deleted
  • Topic Starter

  • Members
  • 102 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:06 PM

Posted 27 July 2013 - 11:03 AM

@ smax013 Would some one have to be using the minecraft client or have access to the server you're playing on in order to compromise your computer, or does opening one port weaken your protection against threats from sources unrelated to what you've port forwarded? I'm very new to networking/routers so I'm not fully aware of the risks of port forwarding. 

I think anyone can get in.



#5 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:06 PM

Posted 29 July 2013 - 07:04 AM

@ smax013 Would some one have to be using the minecraft client or have access to the server you're playing on in order to compromise your computer, or does opening one port weaken your protection against threats from sources unrelated to what you've port forwarded? I'm very new to networking/routers so I'm not fully aware of the risks of port forwarding.


We are getting a bit outside of my knowledge.

I can say that best case is that your system could be only compromised due to a weakness/bug in the Minecraft server while the worst case is that it opens up your computer to full attack through that one port. I really just don't know.

Potentially a software firewall might push it more towards the former as it might be able to block access to that port EXCEPT for the MineCraft server software. I honestly don't know if firewall software will work in that fashion in that direction (I know that you can set firewall software to only allow certain programs to access an outgoing connection...just not 100% sure if you can do the same for an incoming connection).

#6 AdagioBoognish

AdagioBoognish

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:[ PDX ]
  • Local time:08:06 PM

Posted 30 July 2013 - 08:17 PM

From what I've been reading it looks like it when you open a port for minecraft you're router and firewall allow traffic through that port while you are playing minecraft or using whichever program associated with you're port forwarding. When you close the program you're firewall and router close the opened ports. Some one would have to be trying to exploit the open port while you're running you're sever. They do not have to be running the same program in order to exploit the open port while you're using it though. 



#7 smax013

smax013

  • BC Advisor
  • 2,329 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:06 PM

Posted 30 July 2013 - 08:37 PM

From what I've been reading it looks like it when you open a port for minecraft you're router and firewall allow traffic through that port while you are playing minecraft or using whichever program associated with you're port forwarding. When you close the program you're firewall and router close the opened ports. Some one would have to be trying to exploit the open port while you're running you're sever. They do not have to be running the same program in order to exploit the open port while you're using it though.


That might be true with a software firewall, but not sure it would be true with a traditional NAT router. If there router is more than an NAT router (i.e. has some sort of "true" firewall), then it might also be true for the router. A NAT router just purely routes traffic. It will block all un-asked for incoming traffic UNLESS you have a port open/forwarded or a computer in a DMZ zone. And actually "block" is not the right term, it is more that there will be no response...the un-asked for incoming traffic just kind of gets "swallowed" into nothing...unless there is a port forwarded...in which case, then the NAT router would send that un-asked for incoming traffic to the private IP address the router is set to forward that port to...and then THAT device in essence "decides" what happens to that traffic over the port.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users