Solved

Gateway Server

Posted on 2007-11-28
9
211 Views
Last Modified: 2010-04-21
How dangerous is it for details (ip address and open port number) of one of our internal gateway servers to be leaked outside the organisation? Is this information relatively easy to get hold of by hackers anyway if they wanted? Or have we been exposed to major security concerns?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
9 Comments
 
LVL 7

Accepted Solution

by:
nttranbao earned 250 total points
ID: 20364281
You have simple question, but very hard to answer fully.

You may want to try Nessus (www.nessus.org), and scan your system. For each open port, there is a explanation how hacker can exploit.
0
 
LVL 7

Expert Comment

by:nttranbao
ID: 20364304
Also notice that it is the port opened on your firewall/gateway, so scan against your public IP of your gateway first. You may want to scan internal servers from your LAN to learn more.
0
 
LVL 3

Author Comment

by:pma111
ID: 20364590
can you go into a bit more detail on nessus and how it will help in this situation?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 3

Author Comment

by:pma111
ID: 20364643
for info port 8443
0
 
LVL 7

Assisted Solution

by:nttranbao
nttranbao earned 250 total points
ID: 20364790
You can see detailed explantion:
http://blog.tenablesecurity.com/2006/08/using_nessus_to.html

This software will scan your firewall for port 8443, then if it it is opened, Nessus will try to detect which software are listening on that port, and how to exploit ( if any).

Notice: in order to scan your system against your public IP from outside, you should run Nessus scan from the internet ( outside world to your internal  LAN)
0
 
LVL 3

Author Comment

by:pma111
ID: 20364841
Many Thanks, I've found lots of potential vulnerabilities surrounding cross site scripting on port 8443
0
 
LVL 37

Expert Comment

by:bbao
ID: 20380741
generally speaking, port number itself has nothing to do with vulnerabilities as it is just a number used to determine the communication channel between two network nodes. potential vulnerabilities are from (caused) by the application behind (working/listening on) the port number.

therefore, we need to talk about the application or service serving on the port, as well the network topology related to the port exposed on LAN even WAN. could you please let us know more specific information about it?

> How dangerous is it for details (ip address and open port number) of one of our internal gateway servers to be leaked outside the organisation?

commonly, just leaking information of IP address and port number should not be a big issue, as network protection should be based on making the relevant services robust, not just to keep IP and port number in secure. just like web access, you have to tell other people your web server's IP address, and keep its port 80 open for incoming web traffic. the key is to keep your web server (service, such as IIS) working safely by filtering malicious URL and unauthorised data access.

hope it helps,
bbao
0
 
LVL 3

Author Comment

by:pma111
ID: 20418263
> application or service serving on the port

This is remote support software done by our external IT vendor
0
 
LVL 3

Author Closing Comment

by:pma111
ID: 31411378
Feel free to add any further comments
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month5 days, 9 hours left to enroll

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question