What does postage opening mean

Internet Port release in the FritzBox - this is how it works


Did you know you have a firewall in your house? If you do not send your PC directly to the network via DSL or cable modem, but use a router such as AVM's FritzBox, that is exactly the case: The router encapsulates the local LAN and WLAN from the Internet, but at the same time ensures that all computers can go to the internet. However, only in one direction, namely from the inside to the outside. If requests come from outside - for example from a service or an attacker - these are initially blocked. Sometimes, however, it is necessary to open a device such as a NAS, an FTP server, smart home services or certain software applications such as BitTorrent or some telephony programs for inquiries from the Internet. This is where the so-called port releases come into play. They enable specific services to be passed through the router's internal firewall.

What exactly is such a port?

Let's start with a little excursion: A port enables different network protocols to be differentiated. For example, an HTTP web server runs on port 80, an FTP server uses port 21, and other services use other ports. Depending on the application, it can be useful to pass these ports through to the outside world. If, for example, an FTP server is running in your network, it is initially not accessible from the outside: If you or someone else try to access the server in the network using an IP address or dynamic DNS, the firewall of the Router - and automatically blocks the connection for security reasons. So that the FTP server can be reached from outside, you have to tell the router that the FTP server - and thus port 21 - is OK and that you want to allow this. This is exactly what port sharing is.

Set up port sharing on the FritzBox

Attention, safety!

If you now want to release several services, you can proceed with these according to the same scheme. However, you should always keep an eye on the open ports, as they mean a gain in convenience, but also a security risk: If you set up an FTP server incorrectly, an attacker can, for example, access your computer via FTP and steal data. And if malware is on your computer, it can be controlled via an open port if necessary. The risk is small, but you should regularly delete port shares and devices that you no longer need from the FritzBox. Also important: For the sake of simplicity, people tend to open many ports straight away or even switch the computer to the so-called exposed host mode. However, this is not a good idea, as attackers can use port scanners to find it easy.

Use UPnP

Incidentally, there is also an automatic port release, which not all applications and devices can handle: the UPnP protocol. This is a more modern form of port forwarding that takes place automatically. If a device needs a specific and possibly changing port for communication with the outside world - this often happens with BitTorrent applications or services such as Skype, smart home devices and online games - they can open ports on the router using UPnP if necessary and close again. This is very convenient, as the software independently handles port sharing on the router. At the same time, UPnP can pose a security risk if, for example, malicious programs such as viruses and Trojans use this technology. By default, UPnP is therefore deactivated on the FritzBox. However, you can select the option under "Home network" > "network" > "Network settings"by checking the box next to"Transfer status information via UPnP" put.

You may also have to go to "Home network" > "network" > "Network connections" > "(Device)" the option "Allow independent port forwarding for this device"Activate. Only then can the PC, smartphone or NAS independently open ports via UPnP. Even with automatic port sharing via UPnP, you should occasionally take a look at the open ports. If a device is particularly active at this point for no reason, you should deactivate this function for this device and search the affected computer for malware.