4

My Asus RT-N56U router (latest firmware 3.0.0.4.374_979) opens port UDP 3659 for a Playstation 3 which is already in DMZ. The DMZ was set up properly with a static IP assigned to the PS3 and the system log shows that "ALL" protocols (ports) are forwarded to the PS3's IP. This UDP 3659 port start appearing on the system log when PS3 is running Battlefield 4 multiplayer. The system log shows that the port stays open even after the PS3 is turned off. The port only go away on log after I reapply the DMZ setting.

Here is what the system log shows (192.168.1.214 is the PS3): 

Destination     Proto. Port range  Redirect to     Local port   
ALL             ALL                192.168.1.214              
ALL             UDP    3659        192.168.1.214   3659

Technically, the DMZ-ed PS3 is already in front of the firewall, how come the router still opens ports to it?

I'm guessing the cause could be:
1: router's DMZ implementation did not fully open all ports;
2: router's UPnP function ignored the device's DMZ status and proceeded to open the port it thought necessary;
3: incorrect logging.

Hennes
  • 65,804
  • 7
  • 115
  • 169
Z.Zen
  • 101

2 Answers2

1

The game is probably using Dynamic port forwarding to dynamically open port 3659.
It has of course no way of knowing that this port is already open.

From the Asus RT-N56U manual, section "Using your router as a UPnP Media Server":

To use your router as a UPnP Server:

  1. Click UPnP Media Server from the navigation menu at the left side of your screen.
  2. Select Enabled. Your wireless router is now ready to share the media files stored in the USB disk.

You can disable this setting, but this might not be such a good idea.

The good idea would be to delete the DMZ rule from your router and let Dynamic port forwarding do its job. This is much safer than exposing your PS3 to all of the Internet's malware scans. The PS3 wouldn't need then a static IP address.

harrymc
  • 498,455
1

Asus router RT-N56U opens extra ports for a DMZ device when all ports are supposedly opened already

If a system is in the DMZ, then the router is not actually opening anything because as you said, the whole system (and all of its ports) are already exposed. So, it’s just a matter of potentially unnecessary work being done by the router, and/or incorrect logging.

My Asus RT-N56U router opens port UDP 3659 for the Playstation 3 which is already in DMZ. The DMZ was set up properly with a static IP assigned to the PS3 [yet] the system log shows that "ALL" protocols (ports) are forwarded to the PS3's IP. This UDP 3659 port only shows up on the system log when PS3 is running Battlefield 4 multiplayer.

So you have set the PS3 to be DMZ’d huh? Assuming that you know putting a system in the DMZ is generally inadvisable (the warnings on that page would have told you if you didn’t), then it can be also assumed that you did so only as a last resort while trying to get your PS3 games to connect properly.

In this case, what has likely happened is that at some point before that, you had created one or more port-forwarding and/or port-triggering rules in an attempt to get it to work, but forgot to delete them when you decide to just DMZ the PS3.

It could be that the router actually applies the rules even to the DMZ system, or perhaps it is simply an oversight in the logging code. Either way, you should be able to clear it up by removing any extraneous rules from the Port Triggering and/or Virtual Server tabs.

This UDP 3659 port only shows up on the system log when PS3 is running Battlefield 4 multiplayer.

You don’t have to resort to putting the PS3 in the DMZ, you can indeed configure it so that you can play BattleField 4 multiplayer without exposing the whole system (it looks like you may need to open several ports for some reason).

a PS3 is a less opened system than a PC, I don't think there's anything that malware can do to such system, or I could be very wrong about this. Please enlighten me!

Well the PS3 is ultimately just a computer, so it is potentially at risk. Granted, most people don’t think of it as a computer and it isn’t, or more accurately, hasn’t been much of a target compared to regular PCs, but there’s no reason that there aren’t hackers looking for vulnerabilities to exploit.

Others have wondered about PS3s getting infected, but be careful when reading random posts by people who don’t back up anything they say with some sort of references or documentation because there are some people in that thread who clearly don’t know what the heck they are talking about. For example, one dolt confidently claimed that PS3s are immune to viruses like Macs and Linux and only Windows can get a virus, even though that is patently false and Sony themselves even warn about getting infected.

Synetech
  • 69,547