What's wrong with opening a port on the firewall?

From: Sander Smith (sander_smith_at_hotmail.com)
Date: 02/18/05 

Date: Fri, 18 Feb 2005 07:26:25 -0600

I have a bit of a not-so-naive question I hope I can get answered. In
general, I think there's a lot of fear from users to opening a port on
their router/firewall because of security concerns. I'd like to
understand the exact reason for this.

Now I can understand that if some clueless person installs some
questionable application on his Windows machine and opens up a port on
his router so that it can work, he's opening himself up to a lot of
trouble. But what is the real problem of doing this? I understand that a
buggy app or an unpatched (or even patched!) Windows environment probably
has loads of exploitable problems that hackers can find and do damage
with.

But what if the thing listening on the other end of the open port was
some hardware device based on Linux and running some Java app. Assuming
that all of that were relatively safe, would I still need to worry about
the open port boogeyman?

What about DOS attacks? If I have a relatively strong and locked down app
that will turn away everyone that I can't authenticate, how much more
susceptable to DOS attacks am I vs. if I simply keep my router closed?

Finally, I know that opening ports is hard because most people don't know
how to configure their router. Can't you use something like UPnP to do
this automatically? But then again, how automatically can it be? Can apps
just open router ports by themselves, or do they need to prompt the user
for a password first?

Sander Smith

Relevant Pages