howtothings.co.uk
How to change your NAT, to open. - Printable Version

+- howtothings.co.uk (https://www.howtothings.co.uk)
+-- Forum: Computing (https://www.howtothings.co.uk/forumdisplay.php?fid=4)
+--- Forum: Gaming Talk, Mobile Phones, Tablets, Portable and Apple Devices (https://www.howtothings.co.uk/forumdisplay.php?fid=19)
+--- Thread: How to change your NAT, to open. (/showthread.php?tid=205)

Pages: 1 2 3


How to change your NAT, to open. - Mark - 08-07-2010

If your NAT is showing as moderate or strict, this may be a problem to you.

To set your NAT as open, you'll need to port forward.

The ports you need to open

TCP 80
UDP 88
UDP 3074
TCP 3074
UDP 53
TCP 53

Alternatively, you can place the xbox in a DMZ zone.


How do i log in to my router?
http://mcompute.co.uk/showthread.php?tid=49


RE: How to change your NAT, to open. - Special Chris - 08-07-2010

Yeh, I've seen this EVERYWHERE, but I have never been able to get mine to Open. -.-

Anyone wanna attempt to help me? :p


RE: How to change your NAT, to open. - Mark - 09-07-2010

I can help you, what steps have you taken so far?


RE: How to change your NAT, to open. - Pack3t SynAck3r - 09-07-2010

I would recommend the DMZ over opening the ports individually. There are several widely used home routers that are vulnerable to a buffer overflow attack that allows a remote computer to force code into the router's open port (specifically port 80). The result unfortunately is that it opens up remote administration for the router on the WAN (or internet) side. If remote administration is not already enabled then the login is the default username/password for that router. If someone who has a good understanding of TCP/IP has access to your router, well you are shit out of luck pretty much. Fortunately a simple factory reset(use a paperclip to hold down the recessed button on back of your router) will fix the problem. For best results you will also want to set your game console's IP address to static and make sure the IP address you assign to it is outside of the DHCP(automatic IP address distribution) range. If you set DMZ when your console is using a Dynamic IP address and your LAN IP addresses reset you could end up with one of your main computers wide open to the internet with no hardware firewall protection NOT GOOD!


RE: How to change your NAT, to open. - Special Chris - 09-07-2010

(09-07-2010, 12:29 AM)Mark Wrote: I can help you, what steps have you taken so far?

I really sorta just started over and put it to where it detects an IP automatically, because I think that could be where I messed up..

And isn't using the DMZ thing just as easy as typing in the IP and that's it?


RE: How to change your NAT, to open. - Pack3t SynAck3r - 09-07-2010

(09-07-2010, 04:51 AM)Christopha Wrote: I really sorta just started over and put it to where it detects an IP automatically, because I think that could be where I messed up..

And isn't using the DMZ thing just as easy as typing in the IP and that's it?

See my above post bud, I don't want you getting screwed by a bunch of script kiddie nubs. There are a lot of guys be it on Xbox Live or Playstation that sit there and play their games with Cain and Abel running monitoring the IP addresses of the people they are playing with. Running a simple port scan can give information on what you have going on. If your xbox360/ps3 is running as the DMZ then all they will see when they run the port scan is your console which is good. Again do not use DHCP on your machine running as the DMZ. I am sure either Mark or I can help you out. I know I am closer to your time zone than him, but it doesn't matter. Heed my warning please. PM me if you need to.


RE: How to change your NAT, to open. - Pack3t SynAck3r - 09-07-2010

I was looking into the Xbox port issue and I think perhaps there is a misunderstanding. Yes it is true that in the 360 support forums they recommend you port forward port 80(web server) and port 53(DNS), however those two DO NOT NEED to be forwarded. Microsoft has proprietary software on their XBL servers that communicates over port 80. I remember a few years back a buddy of mine was attempting to decipher what exactly the server was doing. His hypothesis was that your xbox sends data to some form of web interface which is not necessarily readable by human eye natively(not html or the like), and Microsoft can use this to check certain specs of your machine. This includes but is not limited to: your xbox serial number, all of your LAN information, voltage data from the circuit board(most likely to check for hardware mods) etc. It is not used for gameplay, and if you happen to be running a web server on your network it would take several static NAT[Network Address translation] rules to allow the port forwarding to both your web server and your xbox. Whether or not you have that port forwarded on your router your xbox is completely capable of talking out to port 80.
Same as the web browser on your computer you are reading this post with right now is talking out to port 80 on the MCompute web server. NAT (which in great detail is beyond the scope of the conversation) will actually use say TCP port 8345 locally on your machine to communicate with port 80 on the remote machine. When the remote machine(the web server) on port 80 responds back your NAT will know to forward the reply back to your local port of 8345 which is waiting for the response. The remote server has no idea what local port number your NAT has assigned and it doesn't care. In comes Microsoft who apparently think it is best for them to be able to connect to some kind of web server on your xbox from their end, even though their precious xbox will talk out whenever they want it to.(They did design it after all, and Microsoft believes that you may own that box but they own everything that runs it.)
Port 53 is for DNS communications.....the possibilities for why they would want to do this are quite vast and bring out the conspiracy theorist in me. I am a little tired and don't really feel like getting into that at this moment, perhaps some other time.

Bottom line it is not necessary to forward 80 or 53, all you really need is:

TCP 88(kerberos) & 3074(XboxLive Protocol)
UDP 3074

Or as Mark said DMZ it, which is really the easiest and best way and actually causes your 360 to act as a honeypot to boot!


RE: How to change your NAT, to open. - Mark - 09-07-2010

Believe it or not, i don't actually own an xbox so i don't really know the best way to go about this.

Although i can confirm that some people do have
Quote:Cain and Abel running monitoring the IP addresses of the people they are playing with.

So that they can D/DOS.

DMZing the machine is easier, it's just a few clicks - although port forwarding isn't much longer and they're both doable.

Firstly, you need to set a static LAN IP on your xbox though. You're probably on a class C network, i'm assuming either a 0.1 or 1.1 gateway? I set all my statics over 100. So i'd probably do it at 192.168.0.100 / 192.168.1.100 dependant on your DHCP pool.


RE: How to change your NAT, to open. - Special Chris - 09-07-2010

Me and ummm..^ that guy above you..I dunno his real name. -.-..tried it out last night, DMZing it, but it didn't work. I'm thinking about calling up MS, but all of their customer support are either foreigners or some guy named Andy who can't spell circle. :p


RE: How to change your NAT, to open. - Mark - 09-07-2010

You set a static IP? DMZ'ed it? Then restarted everything?