• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

ports, exploits

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions

View previous topic :: View next topic  
Author Message
isohseis
Just Arrived
Just Arrived


Joined: 25 Nov 2005
Posts: 0


Offline

PostPosted: Mon Nov 28, 2005 11:55 am    Post subject: ports, exploits Reply with quote

this is a newbie question but here it goes, how are ports exploited?Say there is an open port on a machine, how does that make it a weakness, and how is it exploited?
Back to top
View user's profile Send private message
Sh4d0w
Just Arrived
Just Arrived


Joined: 19 Jun 2005
Posts: 0


Offline

PostPosted: Mon Nov 28, 2005 3:13 pm    Post subject: Reply with quote

Ports are usually open to offer a specific service which is served by a certain application running on the server. Network reconnaissance(read port scanner and banner grabbing) tells you what service and application is being used on a specific port on a specific host. Then you must know what vulnerabilities are present in that application and exploit them somehow with either your own code or some prewritten code that can be found with diligent google searching. This is about the most simplest form of an answer I can provide for this question. I would suggest picking up a copy of one of the Hacking Exposed books or doing a lot of google reading. You should probably understand more tcp/ip theory before worrying about exploitation of services. Remember to always gain written authorization to exploit a box for testing purposes if it is not legally yours. Otherwise you might make some new friends with similiar names to bubba and jim bob.

-- Shadow
Back to top
View user's profile Send private message
isohseis
Just Arrived
Just Arrived


Joined: 25 Nov 2005
Posts: 0


Offline

PostPosted: Tue Nov 29, 2005 12:58 am    Post subject: Reply with quote

thanks
Back to top
View user's profile Send private message
acidrain
Just Arrived
Just Arrived


Joined: 27 Apr 2003
Posts: 0
Location: Yakima, Washington State, USA

Offline

PostPosted: Tue Nov 29, 2005 8:24 am    Post subject: Reply with quote

I try not to think of the ports themselves as being exploited, its the applications that are running on those ports (or listening) that are the problem.

Just as the reader stated above though, you still have to know the vulnerabilities of the actual application.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger
micro420
Just Arrived
Just Arrived


Joined: 08 Jul 2005
Posts: 0
Location: Berkeley, CA

Offline

PostPosted: Fri Dec 02, 2005 10:33 pm    Post subject: Reply with quote

So is it more safer to change the default ports so that it isn't obvious? Say move port:21 to some other random port. Will a hacker know that you moved port:21 to port:9999?
Back to top
View user's profile Send private message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Fri Dec 02, 2005 11:54 pm    Post subject: Reply with quote

You are now talking about security through obsurity ie: changing well known port to some other one. This will cut down on the amount of hits that your server may take, but it can still be found if someone is targetting you directly. There are some brutally fast scanners out there. Scanrand by Dan Kaminsky is one of the fastest I have ever seen. Back to your initial question though......You may gain a slight advantage by doing so, but only again if you are offering up a server to some friends, vice commerically as a corporate entity for the ftp protocol will automagically default to port 21 just like http with port 80. If your commerical ftp server is sitting on something other then 21 then you will have issues. Hope this clarifies.....
Back to top
View user's profile Send private message Visit poster's website
MattA
Trusted SF Member
Trusted SF Member


Joined: 13 Jun 2003
Posts: 16777193
Location: Eastbourne + London

Offline

PostPosted: Sat Dec 03, 2005 10:26 am    Post subject: Reply with quote

Just to add a quick note the above, nmap quite happily identifies services running on nonstandard ports, and if you can't identify it with that thre is also Amap and I always connect with telnet and a webbrowser just to see if i get anything else....there's often quite a lot to be seen connecting with a web browser ports other than 80.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Beginners // Misc. Computer Questions All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register