Opening Router Ports ?

[str86diesel]

coolwazabi, i don't recommend you open your ports manually. you may be opening certain back doors to your computer. you don't want that. what you CAN do, however, is enable UpnP on your router. This will allow ports to be temporarily opened by software for use and then they will be CLOSED after use.

100% agree. Don't open any ports unless people from the outside need to get into your computers on this port. Just use NAT to get out. If you need to open a port though, on a linksys, go to "Gaming & Application" and then assign port forwarding. Also, before you do anything, I'd go out to linksys.com and upload the new firmware, they have a lot of bug fixes finally resolved.

[Dovienya]

100% agree. Don't open any ports unless people from the outside need to get into your computers on this port. Just use NAT to get out. If you need to open a port though, on a linksys, go to "Gaming & Application" and then assign port forwarding. Also, before you do anything, I'd go out to linksys.com and upload the new firmware, they have a lot of bug fixes finally resolved.

What I'm fairly certain Dale is talking about is usign the IGD Protocol in UPnP to dynamically map ports as they are in use. Really though, your only at risk if you are running the particular program that is utilizing that port (just having it open is useless by itself, if there's nothing to respond to it). Also, that program has to have an exploit worth attacking (overflow, execution, yadda yadda). Your more in danger from being part of a botnet, as your standard run of the mill firewall is not looking to block connections going out. I'm not overly familiar with running UPnP, though Cisco routers have had this (dynamic port opening) functionality for years, it's a good practice, but a bear to get working correctly in my experience.

[str86diesel]

What I'm fairly certain Dale is talking about is usign the IGD Protocol in UPnP to dynamically map ports as they are in use. Really though, your only at risk if you are running the particular program that is utilizing that port (just having it open is useless by itself, if there's nothing to respond to it). Also, that program has to have an exploit worth attacking (overflow, execution, yadda yadda). Your more in danger from being part of a botnet, as your standard run of the mill firewall is not looking to block connections going out. I'm not overly familiar with running UPnP, though Cisco routers have had this (dynamic port opening) functionality for years, it's a good practice, but a bear to get working correctly in my experience.

I agree with what dale was saying, I was just giving another option to look at if the port really had to be opened. I actually work on firewalls for a living, so I totally understand good practice for what should and should not be opened and why

As far as the Cisco dynamic port opening. I actually use this on a pair of ASA5510's and as long as you stick to CLI and stay away from the GUI its pretty simple, you just have to understand the concept of what is happening.

[BassJunkie]

www.portforward.com has step by step instructions for almost all routers on how to open ports