As I was going through the latest conversations happening over on the WinExtra Community Forums I ran across this excellent bit of Q&A regarding the setting up of Xbox 360 Lobbies and how it can affect your internal network security as well as recommendations to deal with the issue.

The questions was posted by Nate:

My son has learned how to set up and run “lobbies” from home. My ex heard from someone that this practice exposes all the computers on the home LAN to threats, especially for online banking etc.

He will be wanting to run this from my house as well. We both have AT&T UVERSE which supplies a “box” that sorts out the phone, DSL, and “cable” signals and provides a router and wireless connection. My ex only has DSL, no phone or cable but I have all three.

The Xbox is a direct connection as is the computer I’m using now but we both use wireless with other machines.

I’ve not heard of this problem before and a short Google search showed nothing. Is this really a problem?

In short order PJ stepped up with a rather comprehensive reply

Some quick background.

Microsoft has a death-grip on the XBOX online market. The lobbies where folks meet up and chit-chat (like channels in irc) are all managed by Microsoft and access frequently costs money.

Some enterprising people figured out how to modify (mod) their XBOXs to allow different firmware to be loaded up. One of these firmware and software packages allows one to run their lobby software of choice. 10th Prestige seems to be the most popular at the moment. Once up and running, the address is provided to friend who then sign in and invite others. Sometimes small amounts of money are charged.

What does this do to your internal network? Nothing good I imagine. External ports will need to be opened in order for this to work correctly unless the XBOX is setup in a DMZ. Most kids, in their desire to get things up and running, will turn the firewall off entirely, leaving the entire network exposed, even if NAT is in use. It may be better to setup a router to partition the XBOX off from the rest of the network. Best bet, go with placing the XBOX in the DMZ. That way it’ll be the only device at risk.

A few other issues. 1) Don’t forget to review the TOS for the service provider. They may not permit such activities. 2) Your bandwidth usage is going to increase. Check to see if you have a monthly cap. 3) Your available bandwidth is going to decrease if enough people are logging into the XBOX lobbies. Make sure you’re prepared to have slower downloads/surfing speeds if you already have a slow line. 4) Kids are noisy. Buy ear plugs.

As a side note – the WinExtra Community Forums have been around for quite sometime and its members love nothing better than to help out other with their computer problems, both hardware and software, as well as good conversation. Registration is required but it is free so if this kind of community is up your alley take a moment and check it out.

Note: While the act of modding the Xbox console is consider to be against Microsoft’s Terms of Service (TOS) we will continue to run this post so that users know the dangers and if they insist on doing this how to best protect themselves. However if we do get a take-down notice from Microsoft we will comply.

[Editor’s Not: Security and Xbox 360 Lobbies is a post from: winextra. –mrh]