Nintendo is known for its shoddy online features, but its latest piece of advice has some on Twitter up in arms about the security risks posed. Nintendo recommends players open ports one through 65,535 on their routers – something which can leave your network vulnerable to DDOS attacks and more.
This security flaw was pointed out by Twitter user TarZangief, a help desk supervisor for several US internet service providers and a former member of the US Navy with three years of experience working in the network security department of an aircraft carrier. He spoke to TheGamer to explain what port forwarding is and why opening all of them at once is a security issue.
"Port Forwarding is a way to allow remote devices to connect to a specific device on a network," he explains. "Most games/services only require one or two specific ports. Doom is known for using port 666.
"You want to restrict your port forwarding to as few ports as possible to limit the number of ways people can access your network. Why unlock all your doors and windows in your home when [a] delivery guy just needs the garage open to leave a package?"
TarZangief discovered this advice when a customer requested he open all ports on his router so he could play Splatoon 3, as a quick search online led them to Nintendo's page.
It turns out, you don't even need to open all 65,000 ports to play Switch games online, Nintendo just isn't providing people with the specific information and is rather suggesting they open the floodgates.
"I do not recommend under any circumstances to open all 65,000 ports," TarZangief warns. "Even if you are doing so for just the Nintendo Switch, it is a huge security risk for your whole network."
As well as that, following Nintendo's instructions would send all UDP traffic on your network to your Switch, potentially blocking other services. "If you [play] Doom on your computer, by forwarding all Port 666 requests to your Nintendo Switch you could no longer host a private Doom server on your computer."
He says that it's possible to search which ports are required by which online service, so you only need to open the necessary ones. "Also, most modern routers have UPNP (Universal Plug and Play) options that would forgo the need to forward ports at all, so verify that those services are enabled," he continues. "If your router doesn’t have this feature I highly recommend buying one that does instead of following the instructions on Nintendo’s website to open all ports."
There is a disclaimer at the top of the Nintendo page that reads, "While Nintendo provides this information for our consumers' use, it is up to each consumer to determine what security needs they have for their own networks, and to decide how best to configure their network settings to meet those needs."
There's a web archive link that shows this is the advice Nintendo has been dishing out since 2019 – it might be time for the company to update that with something that leaves people less vulnerable to getting hacked. Given Splatoon 3 leaked before its launch date, Nintendo could definitely do with some new security measures.
Source: Read Full Article