When you get your new online game, you really just want to install it and play. Some, actually look at the instructions and notice you are asked to open a slew of ports. Others just try to connect and find that it fails. Each may lead to the step of searching how you open these ports or why you need to.

The newer type of online games want to provide rich features to the user base. They like to push automatic updates to you, provide news through a game management client, in-game advertisement, monitor your PC while playing and report this information back, etc… Still, all of these should be outbound connections and shouldn’t require you to open a single port inbound (unless you are hosting a game or running a server).

I believe the following are possible problems when a game asks you to open up several inbound ports:

• You are only as secure as the application listening on that port. (But hey! you want to play that game right? Me too!)
• User’s tend to put themselves in the DMZ or turn off their software firewall because it’s easier.
• User’s will open up more ports than necessary because it’s easier to open 5000-5699 than 5000, 5128-5255, 5600-5699 (just an example).
  • Many games overlap ports. This would also be a cause to open up more ports than necessary, just for the sake of convenience.
• Some game ports are also ports used for trojans and malware. Then again, trojans are very configurable these days and can use any port they wish.

I am sure there are some other security related implication that are missing. If so, please let us know.

Anyway, not all games require you to open several inbound ports. Many games don’t require any changes to your router or firewall.

Let’s take Battlefield 2142 as an example of how crazy games can be when asking you to open up ports. Here is the port list from their support page:
TCP Ports:
* 80
* 443
* 4711
* 9960-9969
* 1024-1124
* 17475
* 17567
* 18000
* 18060
* 18120
* 18300
* 18510
* 27900
* 28910
* 29900
UDP Ports:
* 9964
* 16567
* 1024-1124
* 1500-4999
* 18000
* 18300
* 18510
* 27900
* 27901
* 28910
* 29900
* 55123-55125

So, which of these are inbound and which are outbound? Good question, because they don’t tell you. There is an old post on PortForward.com where a user called EA support and was told to forward (open as inbound) all ports. That’s crazy. How many users are going to go through that trouble, or have the knowledge, or have router software that makes this easy? Battlefield 2142 doesn’t support UPNP either, which is another security issue all together.

What is a user likely to do? DMZ the PC or shut down the software firewall. This opens it up for security issues unrelated to the game itself.

I am not a gaming security expert. It would be nice to hear from someone knowledgeable on why games open up so many ports. I understand for proxies that each port can only handle so many sessions, but that can be load-balanced.

Maybe I am just being ignorant, but I have never understood why games require so many open ports, and I have always felt that it opens me up to other possible security problems. Still, it has not stopped me from playing games yet. I just try to be as careful as possible.