Security precautions to take before gaming online?

Discussion in 'Networking & Security' started by oblongpolygon, Mar 17, 2018.

  1. oblongpolygon

    oblongpolygon [H]Lite

    Messages:
    77
    Joined:
    Sep 4, 2017
    Simple question...

    What security precautions should a user be taking before they play games online?

    Let's assume that the user is playing multiplayer games on Steam, for example, and that they run Windows 10 too.

    With that locked in... what precautions should the user take, if any at all, before jumping on Steam to play games?

    So that we don't get bogged down in too many basics, assume also that the user has recently run Windows Update - that they have checked for and installed the given updates.

    What else should a user do?

    Feel free to answer in any way you like:
    • software that should be installed,
    • changes to settings,
    • router / modem changes,
    • hardware,
    • and so on.
    I ask because, surely, the world wide web is one of the single biggest "threats" for an average user / computer... and maybe gaming is one way for the user to expose themselves to those threats.
     
    Last edited: Mar 17, 2018
  2. k1pp3r

    k1pp3r [H]ardness Supreme

    Messages:
    7,844
    Joined:
    Jun 16, 2004
    1) Make sure your feelings are not easily hurt,
    2) Game on!

    Point me to one article about someone having their PC hacked while using a MP game on steam and we can discuss further, if not, follow above instructions.
     
  3. MikeTrike

    MikeTrike [H]ardness Supreme

    Messages:
    7,971
    Joined:
    Nov 16, 2005
    rma, MrGuvernment and ZeqOBpf6 like this.
  4. k1pp3r

    k1pp3r [H]ardness Supreme

    Messages:
    7,844
    Joined:
    Jun 16, 2004
    Play off your neighbors wifi so they get swatted and not you.
     
  5. oblongpolygon

    oblongpolygon [H]Lite

    Messages:
    77
    Joined:
    Sep 4, 2017
    That made me laugh. Thanks for the answer!

    By the way, I wasn't intending to suggest that there had been a case of the above. And certainly wasn't meaning to stoke fear or anything.

    It was purely wondering if precautions (software, firewalls, router settings, etc) need to be made, in order to take on less risk. Or mitigate risk. But, you're saying there is no risk. Thanks!

    Like, two parents I know, both running businesses from home, merely wondered about the security of their network, with a bunch of kids in each house doing the gaming thing. (Neither are "against" their kids gaming at all.) And of course, neither parent wanted the PC their kids had bought / built "put to waste" by some incident. Anyway...

    Good point!

    Funny. But sadly, that could even be good advice.
     
  6. oblongpolygon

    oblongpolygon [H]Lite

    Messages:
    77
    Joined:
    Sep 4, 2017
    I actually anticipated that there would be some legitimate issues or security concerns (and so precautions to be taken) but... clearly not!
     
  7. thebufenator

    thebufenator Gawd

    Messages:
    976
    Joined:
    Dec 8, 2004
    Well there is a difference between gaming, and kids accessing the internet from home on the same network as a parents business. While the games are not likely to cause a security issue, if the kids are downloading stuff, torrenting etc, an intrusion could then propagate on the internal home network onto the business side computers (if there are any).

    really should have work and play networks segregated.
     
    rma likes this.
  8. heman22union

    heman22union n00bie

    Messages:
    42
    Joined:
    Nov 6, 2013
    I do think it's possible to be hacked through a game. I have seen my friend get a virus through one.
     
  9. oblongpolygon

    oblongpolygon [H]Lite

    Messages:
    77
    Joined:
    Sep 4, 2017
    Are you able to provide more information? Like, the game? Or maybe the virus?
     
    rma likes this.
  10. MikeTrike

    MikeTrike [H]ardness Supreme

    Messages:
    7,971
    Joined:
    Nov 16, 2005
    Maybe he was just looking for porn and blamed it on a game...
     
    rma likes this.
  11. heman22union

    heman22union n00bie

    Messages:
    42
    Joined:
    Nov 6, 2013
    I think the name was no more room in hell. There are ads that displayed when you were connected to a particular server. I think one of the and ads were malicious. Basically similar to getting a virus or a trojan while browsing websites with compromised ads.
     
  12. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,362
    Joined:
    Nov 29, 2009
    If you want to be really safe setup a separate vlan for games to isolate the rest of your network, especially if you host. Anything that acts as a server can be compromised by a worm or other such thing and potentially have a remote code execution vulnerability, and then access the rest of your network. I'm not aware of any specific instances of this though but it happens all the time with all sorts of software so it's definitely a possibility.

    I'd be more worried about all the spy stuff built into windows 10 though, that is probably a bigger threat to your network than most games.
     
  13. Dead Parrot

    Dead Parrot [H]ard|Gawd

    Messages:
    1,882
    Joined:
    Mar 4, 2013
    A proper edge firewall with default rules to block all traffic, both in bound and out bound. Then add just the needed rules to allow just the game traffic to/from the game servers. This can be a PITA as a lot of game companies seem to treat the ports/services and addresses needed to play their games as corporate secrets. You will also need to include the rules for the Steam system itself.

    Many games companies will assume your edge device allows all outbound traffic to talk to everywhere but this is exactly the setup a lot of malware is counting on.

    You will also need rules for normal web traffic and whatever contact you want your Win 10 system to have with the Microsoft network.

    As others have said, the way Microsoft has taken control of Win 10 is at least as great a risk as you are likely to face from Steam.
     
  14. cheap50

    cheap50 n00bie

    Messages:
    44
    Joined:
    Feb 27, 2018
  15. Mega6

    Mega6 Gawd

    Messages:
    957
    Joined:
    Aug 13, 2017
    Steam is hackable as hell.

    I use dd-wrt on my router.. here is the iptables steam part, old games but you get the idea, windows box ip:
    you can multiport them, havent gotten around to it yet. apparently, I may never.



    # COD - WAW ports for win7box
    iptables -I FORWARD 21 -p tcp -s 192.168.x.x--dport 28960 -j logaccept
    iptables -I FORWARD 22 -p udp -s 192.168.x.x --dport 28960 -j logaccept
    # new cod waw rule
    iptables -I FORWARD 23 -p tcp -d 192.168.x.x --sport 28960 -j logaccept
    iptables -I FORWARD 24 -p udp -d 192.168.x.x --sport 28960 -j logaccept
    iptables -I FORWARD 25 -p tcp -s 192.168.x.x --dport 3074 -j logaccept
    iptables -I FORWARD 26 -p udp -s 1192.168.x.x --dport 3074 -j logaccept
    iptables -I FORWARD 27 -p tcp -d 192.168.x.x --sport 3074 -j logaccept
    iptables -I FORWARD 28 -p udp -d 192.168.x.x --sport 3074 -j logaccept
    # COD MOdern Warefare 2 in steam tcp 27014-27050; udp 1500, 3005, 3101, 3478-4380, 27000-27030, 28960
    iptables -I FORWARD 29 -p tcp -s 192.168.x.x --dport 27014:27050 -j logaccept
    # COD Modern Warefare 2 udp udp 1500, 3005, 3101, 3478-4380, 27000-27030, 28960
    iptables -I FORWARD 30 -p udp -m multiport -s 192.168.2.94 --dport 1500,3005,3074,3075,3101 -j logaccept
    iptables -I FORWARD 31 -p udp -s 192.168.x.x --dport 3478:4380 -j logaccept
    iptables -I FORWARD 32 -p udp -s 192.168.x.x --dport 27000:27030 -j logaccept
     
    Last edited: Apr 15, 2018
  16. cheap50

    cheap50 n00bie

    Messages:
    44
    Joined:
    Feb 27, 2018
    Real talk, do games still need uncommon ports opened to work (fully)?
     
  17. Mega6

    Mega6 Gawd

    Messages:
    957
    Joined:
    Aug 13, 2017
    The whole idea of port assignment is to give each app (think game) a unique port (or 2) . No, all games do not use a standard game port. There is no such thing. Steam is about a cookie cutter it gets and it's all over the place. Sometimes it is easiest for some people to set plug and play and be done with it. Cutting firewall holes is not what most people want to do before they play a new game.
     
  18. cheap50

    cheap50 n00bie

    Messages:
    44
    Joined:
    Feb 27, 2018
    Being that dedicated ports are typically set on the server side or receiving side I don't understand why developers would force game traffic out on a specific (odd) port. I figured they stopped doing that a decade ago....

    For the record I block everything BUT TCP 80 & 443. The firewall does NTP and DNS. A few speed tests won't work, but GTA5, Minecraft, Gmod, Roblox, and a few other random games work fine.
     
  19. Mega6

    Mega6 Gawd

    Messages:
    957
    Joined:
    Aug 13, 2017
    Each game needs its own port, not sure why that's difficult to understand, every app needs its own port too. Your 80 tcp is HTTP protocol and you are surfing the web. My port is 28960 and Im playing COD - waw. Your router is either using PNP, a Statefull Linux firewall or open.

    And for the record - u dont block everything except 80 and 443, otherwise the only two protocols that would work are http and https and your games wouldn't work at all.
     
  20. cheap50

    cheap50 n00bie

    Messages:
    44
    Joined:
    Feb 27, 2018
    Respectfully, you don't understand what your saying.

    Each app does need it's own port, but on the client side that port is going to be a random uncommon port. Server side will be 80 or 443 or whatever port the devs of a game willy nilly decide to use. There is no good reason why a COD server can't receive game traffic on 443. Your pcs traffic will originate from a random port like 51234.

    edit: For reference. DNS and NTP come from the same firewall this configured on. This works, but breaks some speed testing sites, image upload sites (ctrlq.org for example) and others....but closes a bunch of security holes.

    ipv4_pol.jpg
     
    Last edited: Apr 16, 2018
  21. mwarps

    mwarps [H]ardForum Junkie

    Messages:
    8,204
    Joined:
    Oct 6, 2002
    The biggest danger here is the parents assuming that the only thing the kids are doing is gaming.

    Either way, Steam is not the problem.
     
    dvsman and Brian_B like this.
  22. Mega6

    Mega6 Gawd

    Messages:
    957
    Joined:
    Aug 13, 2017
    I was talking server side for "own port". Maybe I should have qualified that for you. I thought it was clear. In a stateful firewall, the client side port is "RELATED" to the source port to ensure it's valid.
     
  23. Red Squirrel

    Red Squirrel [H]ardForum Junkie

    Messages:
    9,362
    Joined:
    Nov 29, 2009
    What I hate is games that require a multitude of ports, some even require ridiculous ranges. Like I recall trying to get Mario Kart on the Wii U to work for online play and you practically have to forward the entire UDP range to the Nintendo. WTF is that shit? What if I need those ports for other things on the network like if I'm hosting something else? I'm not going to dedicate such large ranges for one device. Most ISPs only let you have 1 external IP.
     
  24. cheap50

    cheap50 n00bie

    Messages:
    44
    Joined:
    Feb 27, 2018
    Im not looking forward to my kid (and his Switch) after his bday in a few weeks. Ill probably just put all that on his own segment lol.
     
  25. dvsman

    dvsman [H]ard|Gawd

    Messages:
    1,870
    Joined:
    Dec 2, 2009
    I'm with mwarps - the kids might say gaming, but unless its an illegal copy from a torrent or they are using game hacks (which might be from shady websites) or let's be honest - they are looking at porn - running a legit copy of a game really shouldn't be that "web-dangerous" at all.
     
    rma likes this.