Online games, videos, and other applications often need an external internet connection. For these connections, ports are opened on the router for the PC in question.
Even so, port opening – also known as port forwarding – is not without risks, because it opens a gateway to your personal network that would otherwise be sealed off by the firewall installed in the router. In other words, it gives the internet access to your own network – and that attracts cybercriminals.
How to improve your network’s security
- There should always be a specific reason for opening a port. Check to see if you need to open a port and do not blindly follow online instructions to do it.
- Check regularly to see which ports have been opened and whether they still need to be. Forgotten openings always have inherent risks.
- If the application allows, enable an alternative port, and use that. If the game or program wants port 32400 open, for example, you can open port 32401. This will only work if the software in question also has a dialog for changing the port. Attackers favor using defaults because they use automated tools for their attacks. Even minor changes make this more difficult.
What are port openings?
Data is transmitted online in packets. These data packets can transmit a wide variety of content – for example, photo data, video data for broadcast, copy for an online shop, email, but also information necessary for an online game.
There are various services that ensure the data reaches the application it is intended for. A computer that is connected to the internet and acts as a server can deliver websites by this method and at the same time be used to transmit email. It therefore provides several services using the FTP protocol, such as sending email or transferring files.
The data being transferred from various services is organized into ports. The service in question waits for data to arrive at a preassigned port. This enables the data packets appropriate for an email to reach an email program, while a video is played back over the same connection and at the same time on another port.
The trick to securing the router is to allow outgoing data while protecting it from incoming data. Incoming connections from outside the network are generally rejected by an integrated firewall unless the port is opened.