Home Gaming hosting

Anonymouse · July 28, 2019

Hi all,

Myself and some friends would like to host a few public game servers from home e.g factorio, minecraft, fiveM. What risk are involved with doing this? Example Like is having my IP public a problem and if so is there anything I can do to protect myself?

conspiravision · July 28, 2019

Your IP is public, what you're concerned with is the port-forwarding. It depends how crazy you want to get. You can restrict firewall ingress to only allow your friends IP addresses if you would like. Or you can just allow anyone to connect to your IP on that specific port. If you're looking to further protect yourself I recommend making sure the system that is hosting the game server is patched (or power it off when not used), port forwarding is to a specific internal IP address (the machine you want to power off after usage or have patched), a firewall enabled, all other inbound ports that are not used are blocked, on the host machine block all inbound ports except the required ones, also block egress (outbound) traffic to only go across necessary ports.

If you decommission the gaming server be sure to remove the router port-forwarding settings.

If you really want to get savy, you could setup a separate network just for the game server and have a route just for that in addition to everything I said above.

Hope that helps!

Anonymouse · July 29, 2019

I have a few spare routers here, would you use bridging to give the second router internet and have the second router as the gaming network?

NoxOps · July 29, 2019

You will be fine, only forward the ports that are needed and just make sure you don't double NAT yourself by using a second router. You can use the windows firewall but you will be punching the same holes as the router but than you have the option to create a rule to deny the game server to access anything on the local subnet. If for whatever reason ur IP gets DDOS, do a hard reset on your modem or set the mac address in the router so your public ip changes (assumign ur ISP provides DHCP address.) Also don't put your computers IP address into the "DMZ" setting on your router, specifcally do portforwarding, enter the game server ip, call out if the port number is TCP, UDP or both, be very specfic about it.