Is it OK to leave ports forwarded?

Posted on 2004-11-04
Medium Priority
Last Modified: 2010-04-09
>>>A few weeks ago I asked the following question:

Typical setup is a small office peer network with XP Pro computers, all of them using Norton Internet Security.  All PCs are set with static IP addresses, such as, ...20, ...30, etc.  They will have a DSL router connected to their hub, and we set router port forwarding for pcAnywhere, so that ports 5631 and 5632 might forward to ...10, and 5641 and 5642 might forward to ...20, etc.  The only time we effectively utilize this forwarding setup is if the user runs their pcAnywhere Host software, so we can connect.  After we are finished, we/they exit the pcAnywhere Host.

We understand very little about the technical details of ports, so in layman terms, please tell me if this setup is safe or not.  Is there a risk to leaving this port forwarding setup in place, as long as the pcAnywhere Host software is not left running?

If it is NOT safe, is there a simple way to accomplish our goals without a lot of hassles?  Right now, it's easy--we permanently setup the forwarding, and we can connect anytime the user bring up his host software.

>>>And I got this one answer:

It's all relative. If there is no information on the client's PC's that can cause damage/money loss, or release information that should not be, then you are relatively safe. If, on the other hand, there is anything like financial information or health care information - things that if not fully protected CEO's can go to jail for - then I certainly would not leave them open.
Depending on the router that you use for the port forwarding, you can turn it on/off with a web page checkbox, that would be an additional layer of protection, but an additional layer of complexity for the users. What happens if someone forgets to close the client?

Safest thing would be to use a VPN to access their network, and that is what I recommend. No ports are left open, and only authorized users can even establish the VPN.

>>>The problem is that I should have pursued this further, because I'm still not clear on the answer.  The answer I got talks about 'what is someone forgets to close the client?'  What does that mean?  Are we talking about what happens if the user forgets to shut down the pcAnywhere host?

Looking at it another way: what if the user didn't even have pcAnywhere loaded on his computer, but the port forwarding were still set to point to his computer through his router.  Would an outsider still be able to access his computer somehow and do damage, simply because the ports were forwarded?
Question by:sasllc
1 Comment
LVL 32

Accepted Solution

LucF earned 2000 total points
ID: 12497775
Hi sasllc,

Correct me if I'm wrong, but it looks like you're very basic into networking.
Those ports are forwarded and some program will has to listen... so if the program isn't listening the "attacker" won't get any responce or ability to abuse it. If some program behind that port is listening (like PC-anywhere in your case) then every "attacker" could get full access IF they know the loginname and password to do so, or if they exploid a hole in PC-anywhere (I don't know of any holes at the moment, just make sure to keep the program up-to-date) Therefor, make sure to use strong passwords.
The only thing you are vulnerable of are "Man in the middle" attacks, so if someone is actively monitoring the connection in between and is able to crack the encryption used by PC-anywhere.
One thing you should always do if possible is to let PC-anywhere only accept connections from the IP-range you're logging in from (if it's static only one IP-address is needed, otherwise, the range your ISP uses)



Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Screencast - Getting to Know the Pipeline
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question