Security precautions to take before gaming online?

oblongpolygon

Weaksauce
Joined
Sep 4, 2017
Messages
119
Simple question...

What security precautions should a user be taking before they play games online?

Let's assume that the user is playing multiplayer games on Steam, for example, and that they run Windows 10 too.

With that locked in... what precautions should the user take, if any at all, before jumping on Steam to play games?

So that we don't get bogged down in too many basics, assume also that the user has recently run Windows Update - that they have checked for and installed the given updates.

What else should a user do?

Feel free to answer in any way you like:
  • software that should be installed,
  • changes to settings,
  • router / modem changes,
  • hardware,
  • and so on.
I ask because, surely, the world wide web is one of the single biggest "threats" for an average user / computer... and maybe gaming is one way for the user to expose themselves to those threats.
 
Last edited:
1) Make sure your feelings are not easily hurt,
2) Game on!

Point me to one article about someone having their PC hacked while using a MP game on steam and we can discuss further, if not, follow above instructions.

That made me laugh. Thanks for the answer!

By the way, I wasn't intending to suggest that there had been a case of the above. And certainly wasn't meaning to stoke fear or anything.

It was purely wondering if precautions (software, firewalls, router settings, etc) need to be made, in order to take on less risk. Or mitigate risk. But, you're saying there is no risk. Thanks!

Like, two parents I know, both running businesses from home, merely wondered about the security of their network, with a bunch of kids in each house doing the gaming thing. (Neither are "against" their kids gaming at all.) And of course, neither parent wanted the PC their kids had bought / built "put to waste" by some incident. Anyway...

This is probably the most relevant thing you should be aware of when gaming online as a n00b...

https://en.wikipedia.org/wiki/Social_engineering_(security)

Good point!

Play off your neighbors wifi so they get swatted and not you.

Funny. But sadly, that could even be good advice.
 
I actually anticipated that there would be some legitimate issues or security concerns (and so precautions to be taken) but... clearly not!
 
Well there is a difference between gaming, and kids accessing the internet from home on the same network as a parents business. While the games are not likely to cause a security issue, if the kids are downloading stuff, torrenting etc, an intrusion could then propagate on the internal home network onto the business side computers (if there are any).

really should have work and play networks segregated.
 
  • Like
Reactions: rma
like this
I do think it's possible to be hacked through a game. I have seen my friend get a virus through one.
 
I think the name was no more room in hell. There are ads that displayed when you were connected to a particular server. I think one of the and ads were malicious. Basically similar to getting a virus or a trojan while browsing websites with compromised ads.
 
If you want to be really safe setup a separate vlan for games to isolate the rest of your network, especially if you host. Anything that acts as a server can be compromised by a worm or other such thing and potentially have a remote code execution vulnerability, and then access the rest of your network. I'm not aware of any specific instances of this though but it happens all the time with all sorts of software so it's definitely a possibility.

I'd be more worried about all the spy stuff built into windows 10 though, that is probably a bigger threat to your network than most games.
 
A proper edge firewall with default rules to block all traffic, both in bound and out bound. Then add just the needed rules to allow just the game traffic to/from the game servers. This can be a PITA as a lot of game companies seem to treat the ports/services and addresses needed to play their games as corporate secrets. You will also need to include the rules for the Steam system itself.

Many games companies will assume your edge device allows all outbound traffic to talk to everywhere but this is exactly the setup a lot of malware is counting on.

You will also need rules for normal web traffic and whatever contact you want your Win 10 system to have with the Microsoft network.

As others have said, the way Microsoft has taken control of Win 10 is at least as great a risk as you are likely to face from Steam.
 
Steam is hackable as hell.

I use dd-wrt on my router.. here is the iptables steam part, old games but you get the idea, windows box ip:
you can multiport them, havent gotten around to it yet. apparently, I may never.



# COD - WAW ports for win7box
iptables -I FORWARD 21 -p tcp -s 192.168.x.x--dport 28960 -j logaccept
iptables -I FORWARD 22 -p udp -s 192.168.x.x --dport 28960 -j logaccept
# new cod waw rule
iptables -I FORWARD 23 -p tcp -d 192.168.x.x --sport 28960 -j logaccept
iptables -I FORWARD 24 -p udp -d 192.168.x.x --sport 28960 -j logaccept
iptables -I FORWARD 25 -p tcp -s 192.168.x.x --dport 3074 -j logaccept
iptables -I FORWARD 26 -p udp -s 1192.168.x.x --dport 3074 -j logaccept
iptables -I FORWARD 27 -p tcp -d 192.168.x.x --sport 3074 -j logaccept
iptables -I FORWARD 28 -p udp -d 192.168.x.x --sport 3074 -j logaccept
# COD MOdern Warefare 2 in steam tcp 27014-27050; udp 1500, 3005, 3101, 3478-4380, 27000-27030, 28960
iptables -I FORWARD 29 -p tcp -s 192.168.x.x --dport 27014:27050 -j logaccept
# COD Modern Warefare 2 udp udp 1500, 3005, 3101, 3478-4380, 27000-27030, 28960
iptables -I FORWARD 30 -p udp -m multiport -s 192.168.2.94 --dport 1500,3005,3074,3075,3101 -j logaccept
iptables -I FORWARD 31 -p udp -s 192.168.x.x --dport 3478:4380 -j logaccept
iptables -I FORWARD 32 -p udp -s 192.168.x.x --dport 27000:27030 -j logaccept
 
Last edited:
Real talk, do games still need uncommon ports opened to work (fully)?
The whole idea of port assignment is to give each app (think game) a unique port (or 2) . No, all games do not use a standard game port. There is no such thing. Steam is about a cookie cutter it gets and it's all over the place. Sometimes it is easiest for some people to set plug and play and be done with it. Cutting firewall holes is not what most people want to do before they play a new game.
 
Being that dedicated ports are typically set on the server side or receiving side I don't understand why developers would force game traffic out on a specific (odd) port. I figured they stopped doing that a decade ago....

For the record I block everything BUT TCP 80 & 443. The firewall does NTP and DNS. A few speed tests won't work, but GTA5, Minecraft, Gmod, Roblox, and a few other random games work fine.
 
Being that dedicated ports are typically set on the server side or receiving side I don't understand why developers would force game traffic out on a specific (odd) port. I figured they stopped doing that a decade ago....
For the record I block everything BUT TCP 80 & 443. The firewall does NTP and DNS. A few speed tests won't work, but GTA5, Minecraft, Gmod, Roblox, and a few other random games work fine.
Each game needs its own port, not sure why that's difficult to understand, every app needs its own port too. Your 80 tcp is HTTP protocol and you are surfing the web. My port is 28960 and Im playing COD - waw. Your router is either using PNP, a Statefull Linux firewall or open.

And for the record - u dont block everything except 80 and 443, otherwise the only two protocols that would work are http and https and your games wouldn't work at all.
 
Each game needs its own port, not sure why that's difficult to understand, every app needs its own port too. Your 80 tcp is HTTP protocol and you are surfing the web. My port is 28960 and Im playing COD - waw. Your router is either using PNP, a Statefull Linux firewall or open.

And for the record - u dont block everything except 80 and 443, otherwise the only two protocols that would work are http and https and your games wouldn't work at all.

Respectfully, you don't understand what your saying.

Each app does need it's own port, but on the client side that port is going to be a random uncommon port. Server side will be 80 or 443 or whatever port the devs of a game willy nilly decide to use. There is no good reason why a COD server can't receive game traffic on 443. Your pcs traffic will originate from a random port like 51234.

edit: For reference. DNS and NTP come from the same firewall this configured on. This works, but breaks some speed testing sites, image upload sites (ctrlq.org for example) and others....but closes a bunch of security holes.

ipv4_pol.jpg
 
Last edited:
The biggest danger here is the parents assuming that the only thing the kids are doing is gaming.

Either way, Steam is not the problem.
 
Respectfully, you don't understand what your saying.

Each app does need it's own port, but on the client side that port is going to be a random uncommon port. Server side will be 80 or 443 or whatever port the devs of a game willy nilly decide to use. There is no good reason why a COD server can't receive game traffic on 443. Your pcs traffic will originate from a random port like 51234.

edit: For reference. DNS and NTP come from the same firewall this configured on. This works, but breaks some speed testing sites, image upload sites (ctrlq.org for example) and others....but closes a bunch of security holes.

View attachment 67157

I was talking server side for "own port". Maybe I should have qualified that for you. I thought it was clear. In a stateful firewall, the client side port is "RELATED" to the source port to ensure it's valid.
 
What I hate is games that require a multitude of ports, some even require ridiculous ranges. Like I recall trying to get Mario Kart on the Wii U to work for online play and you practically have to forward the entire UDP range to the Nintendo. WTF is that shit? What if I need those ports for other things on the network like if I'm hosting something else? I'm not going to dedicate such large ranges for one device. Most ISPs only let you have 1 external IP.
 
What I hate is games that require a multitude of ports, some even require ridiculous ranges. Like I recall trying to get Mario Kart on the Wii U to work for online play and you practically have to forward the entire UDP range to the Nintendo. WTF is that shit? What if I need those ports for other things on the network like if I'm hosting something else? I'm not going to dedicate such large ranges for one device. Most ISPs only let you have 1 external IP.

Im not looking forward to my kid (and his Switch) after his bday in a few weeks. Ill probably just put all that on his own segment lol.
 
I'm with mwarps - the kids might say gaming, but unless its an illegal copy from a torrent or they are using game hacks (which might be from shady websites) or let's be honest - they are looking at porn - running a legit copy of a game really shouldn't be that "web-dangerous" at all.
 
  • Like
Reactions: rma
like this
Back
Top