Port-Blocking Isn't Enough For Security

    Date21 Oct 2003
    CategoryFirewalls
    5910
    Posted ByAnthony Pell
    As a result of the recent onslaught of Internet-based virus attacks and their effect on many companies' operations, some organizations responded defensively by shutting down TCP ports that were vulnerable. Unfortunately, many quickly learned that other essential business applications relied on . . . As a result of the recent onslaught of Internet-based virus attacks and their effect on many companies' operations, some organizations responded defensively by shutting down TCP ports that were vulnerable. Unfortunately, many quickly learned that other essential business applications relied on these same ports and that they had, unknowingly, shut down critical business applications.

    The problem highlights the need for enterprises to understand the functional behavior of existing networked business applications and specifically to inventory their port usage. The Blaster worm took advantage of the underlying behavior of networked applications to enable its rapid spread. Many other viruses and worms rely on similar vectors of infection. This behavior is based on the underlying common protocol used by all Internet applications as well as those running on most modern corporate networks. This protocol, TCP/IP, transmits data by encapsulating it in an electronic envelope. The envelope bears an address that networks and computers use to route and process it. Just as regular mail addresses can be broken down into functional parts (e.g., street number, street, city and state) so can the TCP/IP address. One of these address components is known as the TCP port.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"8","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.