[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Network Security: Adding xbox360 live and opening up ports

Posted on 2011-02-21
4
Medium Priority
?
385 Views
Last Modified: 2012-06-27
I have small home office network in a domain controlled by a windows 2003 SBS server. It is protected by a Hotbrick LB2 firewall/router. So far, we have not had any real problems. I believe this is due in part to the fact most ports are turned off, The important ones like port 80 are open. upnp is turned off.

I bought my son an Xbox 360, and naturally he wants to use xbox live. He cannot presently as xbox recognizes that our "NAT" setting is set to "strict." I've researched this problem and MS says that in order to hear conversations and join games, I need to open up certain UPD and UCD? ports.

I can do this several ways, generally opening these ports or do port forwarding to the IP of the xbox unit.

My question is should I. Are there any risks to opening up these ports just to the IP of the xbox or to the whole network generally.

To interested experts, I am also going to post a question about the best settings for the hotbrick LB-2 to provide maximum usability while simultaneously providing maximum security.
0
Comment
Question by:montana4me
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 9

Accepted Solution

by:
rawinnlnx9 earned 2000 total points
ID: 34947797
What you are doing in essence is opening ports and then entrusting the xBox to enforce security properly. Generally speaking this is a safe bet. You could also isolate the xBox on it's own WAN IP and push it outside of your home network with an optional port (essentially you are putting it on it's own local domain that is totally isolated from the other domains. You could also do nothing and just forward the ports. If you do this see if you can change your subnet mask from /24 (255.255.255.0) to a more restrictive subnet mask. If you lock it down to a single IP then that's all they can get to on that port. This wouldn't hurt. You can also get into funky setups where you route xBox traffic to another security device and then put the xBox behind it. All of these are pretty heavy handed approaches.

If you have the ability to set up an optional port as an isolated LAN then do so.

If not trust the xBox to handle attempts to breach it's security. Install a good firewall on the server and your other devices on the network (you should anyway) and then apply strict rules to each device.
0
 

Author Comment

by:montana4me
ID: 34954223
Thanks for your answer. Here is a complete list of what the xbox requires to be open for it to function as it was designed to:

TCP 80, UDP 88, UDP 3074, TCP 3074, UDP 53, TCP 53

Obviously TCP 80 is open now but we have done just fine with security. I guess what I am struggling with because I don't really understand what ports do is can an intruder use these ports to compromise our security in a way that they could not use TCP 80?
0
 
LVL 33

Expert Comment

by:digitap
ID: 35187536
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Anti-virus software today is fairly sophisticated, but virus writers are often a step ahead of the software, and new viruses are constantly being released that current anti-virus software cannot recognize. The key to anti-virus software is detect…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question