Router setup: ports used by spyware

Discussion in 'other firewalls' started by bartvh, Dec 28, 2006.

Thread Status:
Not open for further replies.
  1. bartvh

    bartvh Registered Member

    Joined:
    Dec 28, 2006
    Posts:
    1
    I provide internet to my brother using a linux router, i have him using my Squid proxy for http/ftp, anything else he really needs i forward manually. He uses Windows XP, and plays lots of online games.

    The many games and chat apps he uses require many different high ports, opening new ones reguarly is getting cumbersome. I've even opened the entire 20000:30000 range (tcp+udp) for the many game servers he frequents.

    If i were to open all ports >1024, should i be worried about malware using them? This was the initial reason for closing them all, for example I thought spyware used high ports for transmitting back info. But maybe closing port 80 and most of the <1024 ports already does the trick, and I shouldn't be worried?

    Good information would save me lots of work, thanks in advance!
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    yes, most spyware hijack/use IE so they use port 80. Perhaps blended malware could have a backdoor component that uses specific ports.
     
Loading...
Thread Status:
Not open for further replies.