Friday, February 22, 2019

Project Network Survey Essay

Besides the basic sensual security of a site, the next c sustain to im expressionant aspect is compulsive digital access into and out of the organizations mesh. In near cases this means controlling the points of connectivity to the outside world, typic each(prenominal)y the Internet. Partitioning the boundary mingled with the outside Internet and the internal intranet is a critical security piece. every portions not actually needed should be turned absent so that they will not arrive avenues of attack for security threats. polar systems will have contrary services running game by default.The firewall touch stack tightly control what is allowed to traverse from one side to the other. As with most aspects of security, deciding what type of firewall to use will depend upon factors such(prenominal) as traffic levels, services needing protection and the complexity of rules required. The difficulty for firewalls is distinguishing amid legitimate and illegitimate traffic. Fir ewalls, if configured correctly, can be a conceivable form of protection from external threats including some denial of service (DOS) attacks. If not configured correctly they can be major security holes in an organization. The most basic protection a firewall provides is the ability to block network traffic to certain destinations. This includes both IP addresses and particular network service sorts.Many network devices and computer hosts startup network services by default, each of these services could represent an op mienunity for attackers, worms and Trojans. Very often all of these default services argon not needed. Doing appearance lockdown by act off services reduces this exposure. larboard 25 Is the virtual pathway that most e-mail traffic follows when it travels from your computer to a server. expression 25 can get clogged with spam e-mails when computers on a network become infected with a virus or other malicious software. Because of the strength threat our host co mputers sending spam email expression 25 will hang on close. larboard 80 This is the primary fashion utilize by the World Wide Web (www) system. Web servers kick in up this carriage then listen for incoming connections from web web browsers. Similarly, when a web browser is given a contradictory address (like grc.com or amazon.com), it assumes that a removed web server will be listening for connections on porthole 80 at that location. This port will generally be open only when a web server of some sort is running on the machine. Due to the popularity of this port for malicious exploitation, it should never be open unless it is being actively and deliberately utilise to serve web pages. appearance 139 Is typically use for file/ soft toucher sharing, including directory replication with Active Directory, trusts, remote access of event logs, etc. This port should be open. If you block port 139 on a Domain Controller you will kill AD replication. If you block 139 in a typic al business network, you will lose the ability to do much of anything on a remote computer such as remotely manage clients/servers, install software, share releaseers, or files. Since the NetBIOS vulnerability is quite well-known a long time agone and heavily popularized, patches have been already released. The last remote exploits that targeted NetBIOS/139 were in the Windows NT/2000 era. larboards 1900 and larboard 2869 These UDP port are opened and utilize by Universal slut N Play (UPnP) devices to receive broadcasted messages from other UPnP devices. UPnP devices broadcast subnet-wide messages to simultaneously background all other UPnP devices.UPnP Internet servers were found to have remotely exploitable unbridled buffers that would allow, in principle, remote malicious hackers. Microsoft Windows is under fire(predicate) to a buffer overflow, caused by improper bounds checking by the Universal Plug and Play (UPnP) service. By sending a specially-crafted HTTP request, a remote attacker could overflow a buffer and execute ar crookrary code on the system with steep privileges when combined with another exploit. Unused Internet servers and services should not be left running if they are not actively needed, for this reason this port should be unappealing until needed. Port 5357 This port is opened becauseyou have internet Discovery enabled in a Public earnings profile. The port is vulnerable to info leak problems allowing it to be accessed remotely by malicious authors. This port should be closed if network discovery is not required. Port 6839 This port is not associated with any particular services and should be closed unless it is associated and used. Port 7435 This port is not associated with any particular services and should be closed unless it is associated and used.Port 9100 This TCP port is used for printing. Port numbers 9101 and 9102 are for fit ports 2 and 3 on the three-port HP Jetdirect external print servers. It is used for network- connected print devices. This port should remain open to allow print services. Ports 9101 and 9102 Is the Bacula Director. This TCP port is used for printing. Port numbers 9101 and 9102 are for parallel ports 2 and 3 on the three-port HP Jetdirect external print servers. It is used for network-connected print devices. This port should remain open to allow print services. Port 9110 SSMP Message protocol This protocol is intended to be used to down thread-to-thread messaging locally or over the Internet. Ports registered with IANA are shown as authorised ports. The same port number may be unofficially used by various services or applications.Unofficially or sometimes with conflict, the same port may be used by different applications. This port is not associated with any particular services and should be closed unless it is associated and used. Port 9220 This port is for raw scanning to peripherals with IEEE 1284.4 specifications. On three port HP Jetdirects, the scan ports are 929 0, 9291, and 9292. It is used for network-connected print devices. This port should remain open to allow print services. Port 9500 TCP Port 9500 may use a defined protocol to communicate depending on the application. In our case we are using port 9500 to access the philosophy server.The ISM Server is used for exchanging backup and recovery information between reposition devices. This port should remain open while services are in use. Port 62078 This port is used by iPhone while syncing. The Port used by UPnP for multimedia files sharing, also used for synchronizing iTunes files between devices. Port 62078 has a known vulnerability in that a service named lockdownd sits and listens on the iPhone on port 62078. By connecting to this port and speaking the correct protocol, its possible to spawn a number of different services on an iPhone or iPad. This port should be blocked or closed when service is not requiredon the device.ReferencesGibson, S. (n.d.). GRC Port Authority, for Inter net Port 139 . Retrieved October 10, 2014, from https//www.grc.com/port_139.htm Gibson, S. (n.d.). GRC Port Authority, for Internet Port 2869 . Retrieved October 10, 2014, from https//www.grc.com/port_2869.html Gibson, S. (n.d.). GRC Port Authority, for Internet Port 80 . Retrieved October 10, 2014, from https//www.grc.com/port_80.htm Gibson, S. (n.d.). GRC Port Authority, for Internet Port 9101 . Retrieved October 10, 2014, from https//www.grc.com/port_9101.html HP yield entry HP Support Center. (n.d.). Retrieved October 10, 2014, from http//h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?sp4ts.oid=412144&spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c02480766-2%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken HP Support document HP Support Center. (n.d.). Retrieved October 10, 2014, from http//h20566.www2.hp.com/portal/si te/hpsc/template.PAGE/public/kb/docDisplay?docId=bps53634&ac.admitted=1413144875821.876444892.199480143 Network Printer Ports. (2003, March 28). Retrieved October 10, 2014, from http//technet.microsoft.com/en-us/library/cc728404(v=ws.10).aspx networking Is port 139 still vulnerable? Server Fault. (2009, June 20). Retrieved October 10, 2014, from http//serverfault.com/questions/29065/is-port-139-still-vulnerable Port 5357 TCP on Windows 7 professional 64 bit? Super User. (2009, October 18). Retrieved October 10, 2014, from http//superuser.com/questions/56781/port-5357-tcp-on-windows-7-professional-64-bit Port 62078 (tcp/udp) SpeedGuide.net. (n.d.). Retrieved October 10, 2014, from http//www.speedguide.net/port.php?port=62078 Port 6839 (tcp/udp) Online TCP UDP port sentry adminsub.net. (2014, August 26). Retrieved October 10, 2014, from http//www.adminsubnet.net/tcp-udp-port-finder/6839 Port 7435 (tcp/udp) Online TCP UDP port finder adminsub.net. (2014, August 26).

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.