help security, routers,firewalls and rules

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: winterlove.6834

winterlove.6834

ok im about to buy a network firewall and router and am wondering if there are any extra steps i should take or will need to take in order to play this game without compromising security

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: The Warder.6352

The Warder.6352

Forward inbound/outbound TCP ports 80, 443, 6112 and port 6600. Make sure ICMP is on or the router is set to be pingable. Read below for more recommendations.

My recommendation is to first make sure you are running a software firewall/malware program like Windows Defender if you are using Win 8 or Security Essentials if you are using Win Vista/7. If you are still on Win XP, might be time to think about upgrading. If you use OS X, then follow the Mac OS X Security Configuration Guide.
My second recommendation is to buy a router capable of running the latest firmwares available from the open source communities. If you have a higher budget, then buy a Check Point, Juniper Networks, or Cisco router designed for remote office/branch settings.

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: Nitro.4732

Nitro.4732

Ports 80 and 443 should not be required to be port forwarded however ports 6112 and 6600 may need to be depending on how you configure your new router. I personally would also use port triggering rather than port forwarding. ICMP protocol can be prevented and the game will still operate just fine.

Unless you have a serious need to protect your computer for reasons more than gaming and day to day essentials then you do not require “Check Point, Juniper Networks, or Cisco” dedicated hardware. These will also be far more advanced than required and offer very little extra in regards to protecting computers behind a home internet connection.

Any router (like the Asus RT-N16 or Linksys E3200) that supports open source firmwares such as DD-WRT/Tomato can be advantageous as they are usually easier to stay up-to-date. These firmwares tend offer the same features and more than some highly price premium routers, and there for can be value for money.

Also browse the forums and you may also see some router models that have known issue with GW2 support, for example the Netgear D6300 requires disabling of its SPI Firewall/DoS Prevention in order to allow GW2 players to play the game without getting the black screen problem. This will also require an update from Netgear in order to resolve the issue which may take time to release an update (if they ever do).

CoolerMaster Masterbox 5 | H110i | AMD Ryzen R7 1800x 4.0GHz | 32GB DDR4
512GB Samsung 950pro | 2TB SATA-3 | AMD Radeon RX 580 8GB

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: winterlove.6834

winterlove.6834

so i should use port forward or port trigger instead of that udnp or undp thing or is port trigger more secure

(edited by winterlove.6834)

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: The Warder.6352

The Warder.6352

I think you might be referring to UPnP. I don’t recommend using it. Universal Plug-n-Play is problematic from a security standpoint. You can use either port forwarding or triggering. Just use the method that you understand how to use.

Port 80/443 are needed for game patch updates and BLTP purchasing. Yes, normally they are open by default on a typical consumer router. The point is they still need to be open.

Disabling or turning off ICMP nerfs network stack capabilities that really aren’t worth losing the functionality they offer. It’s not necessary to disable ICMP for security reasons. Please don’t turn it off. If your ISP is is using IPv6 by now, you need to leave ICMP enabled, otherwise you break IPv6.

(edited by The Warder.6352)

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: Nitro.4732

Nitro.4732

so i should use port forward or port trigger instead of that udnp or undp thing

Universal Plug ‘N’ Play or UPNP from a security stand point is safer disabled whilst manually handling forwarding through the use of port triggering/forwarding rather than to have UPNP enabled as it has seen its fair share of exploits in its time.

So yes from a security view this should be disabled (or as some people call it UnPlug ‘n’ Pray).

CoolerMaster Masterbox 5 | H110i | AMD Ryzen R7 1800x 4.0GHz | 32GB DDR4
512GB Samsung 950pro | 2TB SATA-3 | AMD Radeon RX 580 8GB

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: chris.9142

chris.9142

just a mid range consumer router will work fine an be safe enough upnp is better enabled of you use a few games and differt bits of software unless you want to forward ports for everthing manually it’s not rearly a big security risk for home setup not many people will bother trying to hack through a router firewall for a home computer it’s not worth the time

I5-4670k @4.2Ghz – 8Gb 2133mhz Gskill
Msi Z87 Gaming Board AMD R9 270x
-crucial 256 M500 SSD -Samsung 500Gb HDD

help security, routers,firewalls and rules

in Account & Technical Support

Posted by: Nitro.4732

Nitro.4732

just a mid range consumer router will work fine an be safe enough upnp is better enabled of you use a few games and differt bits of software unless you want to forward ports for everthing manually it’s not rearly a big security risk for home setup not many people will bother trying to hack through a router firewall for a home computer it’s not worth the time

In my opinion this is extremely bad advice, UPNP is a serious security risk and the reasons may not be as fine cut as gaining access to a single computer behind a home router.

Weaknesses in UPNP can allow viruses and malware to spread quickly, or even allow the multiple devices like smart phones, tvs, printers, ipads, laptops, desktops, PDA’s on a single network all be easily used as part of a botnet.

however don’t take my word for it:

" Tens of millions of the devices were susceptible to cyberattack as a result of any one of several vulnerabilities "
NetworkWorld

" The US CERT has advised users to disable UPnP on routers following the discovery of a serious security flaw in the easy-access technology. "
Bit-Tech

" All told, we were able to identify over 6,900 product versions that were vulnerable through UPnP. This list encompasses over 1,500 vendors and only took into account devices that exposed the UPnP SOAP service to the internet, a serious vulnerability in of itself. "
Rapid7

CoolerMaster Masterbox 5 | H110i | AMD Ryzen R7 1800x 4.0GHz | 32GB DDR4
512GB Samsung 950pro | 2TB SATA-3 | AMD Radeon RX 580 8GB

(edited by Nitro.4732)