I've been having a lot of break-in attempts reported by Norton Antivirus lately. Norton reports it blocks them and tell me they've been coming in through port 80 Is everybody having these problems lately? I've Port Forwarded some ports for Battlefield 2 and around the same time I first saw a break-in attempt. I looked into EA support and confirmed that BF2 needs tcp port 80 to be open. Can I delete this rule safely, I mean I know I can safely do so, but will it affect BF2? Thanks, Marcel
I can run my BF2 without any problems online, even w/o any ports opened for it in my (D-Link) router. But, if you don't have a router.. and have just allowed BF2 through a software firewall, if you delete it (the rule) this would mean you will be prompted next time you run BF2. Do some spyware, and malware scans. I recommend, Ewido, Spybot - S&D & Ad-Aware Personal.
Random scans will hit port 80 all the time since that is the port HTTP servers run on by default. For instance, today alone there have probably been a few hundred mindless 'zombies' attacking my web server looking for an insecure Microsoft Windows/IIS server to compromise. Since my web server runs Linux/Apache, the attacks are unsuccessful. Also, unless you're actually hosting the BF2 game, you do not need any ports open on your firewall.
Even though the game manual says which ports need to be open for clients and servers? I'm not hosting a game, I don't know what happends when I don't open up ports for BF2, I had problems with Valve's Steam in the past because I didn't open up the required ports (Small amout of servers / update problems / bad connection) I closed ports 80 to see what happends, I haven't had any break-in attempts since I did, that was yesterday. I noticed lag ingame, but that could be related to Nvidia's newly released drivers I installed.
If you want to allow unsolicited incoming connections, which would be the case if you were hosting a web server or a game server, you would need to effectively open the ports in question on the firewall. For outgoing connections, the port doesn't need to be open, the traffic simply needs to be allowed. The absolute best way to do it is to get rid of any software firewalls and place a real router between your PC(s) and the Internet. That way, you only have to do port-fowarding (read: open ports) for services which you will be hosting, not just for any service you want to use. Does this make sense?
I won't be hosting anything I guess, I only play the game on the internet. That means I can safely delete all ports I forwarded for the game. Many thanks.
