Gateway Server

How dangerous is it for details (ip address and open port number) of one of our internal gateway servers to be leaked outside the organisation? Is this information relatively easy to get hold of by hackers anyway if they wanted? Or have we been exposed to major security concerns?
LVL 3
pma111Asked:
Who is Participating?
 
nttranbaoCommented:
You have simple question, but very hard to answer fully.

You may want to try Nessus (www.nessus.org), and scan your system. For each open port, there is a explanation how hacker can exploit.
0
 
nttranbaoCommented:
Also notice that it is the port opened on your firewall/gateway, so scan against your public IP of your gateway first. You may want to scan internal servers from your LAN to learn more.
0
 
pma111Author Commented:
can you go into a bit more detail on nessus and how it will help in this situation?
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
pma111Author Commented:
for info port 8443
0
 
nttranbaoCommented:
You can see detailed explantion:
http://blog.tenablesecurity.com/2006/08/using_nessus_to.html

This software will scan your firewall for port 8443, then if it it is opened, Nessus will try to detect which software are listening on that port, and how to exploit ( if any).

Notice: in order to scan your system against your public IP from outside, you should run Nessus scan from the internet ( outside world to your internal  LAN)
0
 
pma111Author Commented:
Many Thanks, I've found lots of potential vulnerabilities surrounding cross site scripting on port 8443
0
 
bbaoIT ConsultantCommented:
generally speaking, port number itself has nothing to do with vulnerabilities as it is just a number used to determine the communication channel between two network nodes. potential vulnerabilities are from (caused) by the application behind (working/listening on) the port number.

therefore, we need to talk about the application or service serving on the port, as well the network topology related to the port exposed on LAN even WAN. could you please let us know more specific information about it?

> How dangerous is it for details (ip address and open port number) of one of our internal gateway servers to be leaked outside the organisation?

commonly, just leaking information of IP address and port number should not be a big issue, as network protection should be based on making the relevant services robust, not just to keep IP and port number in secure. just like web access, you have to tell other people your web server's IP address, and keep its port 80 open for incoming web traffic. the key is to keep your web server (service, such as IIS) working safely by filtering malicious URL and unauthorised data access.

hope it helps,
bbao
0
 
pma111Author Commented:
> application or service serving on the port

This is remote support software done by our external IT vendor
0
 
pma111Author Commented:
Feel free to add any further comments
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.