Port Forwarding- What is bad about having open ports?

Today I fixed my network and was able to successfully set up a static IP address. Before , there was a bridge that upon deletion, or being disabled, would disable me from connecting to the internet. Turned out my ethernet was set up for a static ip not dynamic.

I am using a SBG900 and now that i have a static ip i can forward ports necessary for steam and the multiplayer games. My question is this, if i have ports forwarded for these games, does that leave me vulnerable having open ports? I have a newer cable modem from linksys that hasnt been connected yet due to the fact that it lacks wireless capabilities.

Also, is there a difference between having an open port and forwarding a port, or are they both the same thing?

Ok some definitions for you.

"Ports" are a 16-bit number that acts like a mailbox / communication channel for your network interface. Every packet received by your system must have a destination port number, and based on this the network stack will know which application to send the packet to.

An "Open Port" is a port that your network device accepts packets on, it may have absolutely nothing to do with the packets and thus the packets may be deleted, but the port still accepted the packet and read its header. A "Closed Port" is a port where your device will either actively refuse (send a response) or completely ignore (no response) packets on. Open Ports can be bad / good depending on your security posture.

Example, Application A is expecting to receive packets on port 3030, your FW / computer is blocking port 3030 and thus Application A will never receive any packets. Conversely malicious code can be hidden inside packets and accepting them on arbitrary ports can cause your system to be hacked and infected. Rule of thumb is to close any ports you don't expect traffic on, only open the ones you know you'll need.

"Port Forwarding" is router speak for NAT Masquerading. What happens is Application A wants to receive packets on 3030 but it's IP address is 192.168.1.10, a private IP address. You Gateway device needs to have an entry put in its table stating that all packets received on port 3030 need to be forwarded to 192.168.1.10 so that Application A can receive them.

Most of this is automatic, but not always.

Depends on the game. You shouldn't have to enable any of that, any decent router / gateway device will have NAPT detection and tracking enabled by default. At least not if you plan on just being a client.

Now are you trying to "host" games on your PC or run your own dedicated server? Firewall rules will prevent unsolicited traffic from reaching inside your network, even if that traffic would otherwise be a valid incoming connection.

BTW the game is COD MW2