Just a little proof and some convincing is all I need

Okay so I am posting this thread because I need help with portforwarding. Its not that I dont know how its just a matter of if its safe or if its going to somehow mess up the wifi system I'm using. I'm mostly afraid to do this because I'm afraid it will give people access to our router and somehow shut it down...
Weird imagination I have but I'm just really not skeptical about how good this "portforwarding" will work.
Please convince me that it is safe.
Thanks!
graphiic

 

Generally port forwarding will not affect anything in relation to internal or external network traffic in any way be it wifi or wired. All it does is routes an incoming external connection(the internet) from your router to the computer that should be handling that request.

The primary concern you should have is what port you are forwarding and what is currently running on that port. Say if your port forwarding 25565 they can reach Minecraft. So they user can only do as much as Minecraft enables them to(play an awesomely fun game). An alternative concept would be port forwarding the RDP port(3389), which is a bad idea unless you know what your doing. That port would allow people outside your home to try and gain access to your system(basically allow them to see the same stuff you do on a screen and interact with it). The primary point to make here though is that no matter what port you forward they can still only directly access the computer that you are forwarding the port for. Now in cases of forwarding the RDP port, they could access the rest of the computers on the network by using the computer they accessed to reach out to the others. Something like that cannot be done with say Minecraft port 25565 since the Minecraft server does not have the capability to allow such actions.

With routers the main thing you really need to be concerned with is making sure you do NOT have remote management enabled on your router. This setting would allow someone to try and log into your router from the external world and would enable them to make changes to it(you can still access the router from your internal home network with this disabled, and it is generally disabled by default).

 

You really know a lot about this kind of stuff don't you? Well thanks. So in other words its safe just don't use the RDP port thing? Is that technically the goal here is not to do RDP? So if I am portforwarding the"25565" that won't really give ad much access as the 3389 or RDP will?

 

No, they'll upload a malicious virus that'll cause your computers to become overloaded and transform into a Transformer, that'll eat you, and destroy humanity. And your cat.

 

Don't own a cat sorry

 

Or what @MysterManX said, but only if you have an AllSpark.

 

The goal is technically to only open ports you need.
The RDP (Remote Desktop Protocal) can be run on any port. All a port does is facilitate the transfer of data packets via tcp/ip communication.

You can run RDP on port 25565, but requires you to change the config and manage that server. Being that 3389 is the default, thats probably the only port someone would look at if they wanted to RDP into your computer.

Minecraft is the same, you can run it on any port, but 25565 is the default, and the one the minecraft software recognizes as the default.

The only thing unsafe is opening ports you do not know about. Example would be say you have no router and are directly connected to the internet. All your ports are open, but is anything running on them? if you don't have RDP started in windows, no one use/exploit the open port.

 

Note that this isn't the area to be posting this. This has nothing to do with bukkit.

Make sure you are also aware if you have changed to a static IP address that if you do get crashed or 'ddosed' you can't change the IP address like you normally would meaning that you either have to shut off the port or wait for the system ddos to end (failing to do this safely means your system may shut off forever. In this case you may sue).

 

I agree rustymetal Its difficult to cover all the details fully in one go and thanks for including an excellent clarification. And sorry I missed your questions after my post graphiic1 I had left work by that time and totally neglected to check the posts by the time I got home. After looking at the post location I agree with ThunderWaffeMC also, is it possible to have a moderator or admin move the thread to offtopic or elsewhere where it likely belongs otherwise? To some extent though I feel like this is a common topic related to hosting bukkit servers from home and could be useful to those new to port forwarding/servers in general. There may already be a thread covering it though and I just missed it, I have not had the opportunity to thumb through all the past posts/threads yet.

If there was enough interest I would not have any issues with attempting to write up a short tutorial, possibly even covering dynamic DNS configuration for use with a domain name. Though for most people that is probably a bit overkill(and most internet service providers frown on that activity due to the greater DDoS attack potential clogging up their networks).