Securing risky network ports

Is the issue with the port, the technology you use on it, or the technology attackers use on it?

Data packets travel to and from numbered network ports associated with particular IP addresses and endpoints, using the TCP or UDP transport layer protocols. All ports are potentially at risk of attack. No port is natively secure.

“Each port and underlying service has its risks. The risk comes from the version of the service, whether someone has configured it correctly, and, if there are passwords for the service, whether these are strong? There are many more factors that determine whether a port or service is safe,” explains Kurt Muhl, lead security consultant at RedTeam Security. Other factors include whether the port is simply one that attackers have selected to slip their attacks and malware through and whether you leave the port open.

CSO examines risky network ports based on related applications, vulnerabilities, and attacks, providing approaches to protect the enterprise from malicious hackers who misuse these openings.

What makes these ports risky?

There is a total of 65,535 TCP ports and another 65,535 UDP ports; we’ll look at some of the diciest ones. TCP port 21 connects FTP servers to the internet. FTP servers carry numerous vulnerabilities such as anonymous authentication capabilities, directory traversals, and cross-site scripting, making port 21 an ideal target.

While some vulnerable services have continuing utility, legacy services such as Telnet on TCP port 23 were fundamentally unsafe from the start. Though its bandwidth is tiny at a few bytes at a time, Telnet sends data completely unmasked in clear text. “Attackers can listen in, watch for credentials, inject commands via [man-in-the-middle] attacks, and ultimately perform Remote Code Executions (RCE),” says Austin Norby, computer scientist at the U.S. Department of Defense (comments are his own and don’t represent the views of any employer).

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!