Novice Questions: Non-Standard Service Listening on Port/Firewalls

Novice Questions: Non-Standard Service Listening on Port/Firewalls
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Novice Questions: Non-Standard Service Listening on Port/Firewalls sammy 08-18-2004
Posted by sammy on August 18, 2004, 2:12 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Hi,

I'm just getting into this network security stuff and have a few basic
questions:

1.) If ALL ports are closed except ONE, and...

on that one port I have listening a custom service that I wrote in C, and...

the server is directly connected to the Internet for all to see, ...

am I right in assuming the only way someone can get in from the Internet is
through exploiting a buffer overflow in my code after making a basic socket
connection?



2.) How effective/useful is Windows 2003 Server's ICF? Does it do at least
part of some job well?


3.) I know you get what you pay for, but what budget firewall appliances are
worth their salt if the only aspect of it that I'm willing to pay the extra
penny for is performance? Just to start-out and upgrade later.

Thanks!
Sammy




Posted by Ant on August 19, 2004, 1:54 am
If you were  Registered and logged in, you could reply and use other advanced thread options
"sammy" wrote...
> Hi,
>
> I'm just getting into this network security stuff and have a few basic
> questions:
>
> 1.) If ALL ports are closed except ONE, and...
>
> on that one port I have listening a custom service that I wrote in C, and...
>
> the server is directly connected to the Internet for all to see, ...
>
> am I right in assuming the only way someone can get in from the Internet is
> through exploiting a buffer overflow in my code after making a basic socket
> connection?

In general, yes, but it would depend on what your custom prog is doing.

Consider also the Windows socket library you are using. Can you be sure
the functions you use in that dll are free of such bugs?




Posted by Thor Kottelin on August 19, 2004, 6:07 am
If you were  Registered and logged in, you could reply and use other advanced thread options


sammy wrote:

> If ALL ports are closed except ONE, and...
>
> on that one port I have listening a custom service that I wrote in C, and...
>
> the server is directly connected to the Internet for all to see, ...
>
> am I right in assuming the only way someone can get in from the Internet is
> through exploiting a buffer overflow in my code after making a basic socket
> connection?

Not necessarily. Your code might have other vulnerabilities, or you might
connect to somewhere unsafe yourself. Also, not all protocols are
port-oriented (think e.g. ICMP).

Thor

--
http://www.anta.net/


Similar ThreadsPosted
OTP over SSL questions June 17, 2006, 8:07 am
x.509 questions June 7, 2007, 9:50 pm
security questions July 4, 2004, 9:25 am
Some virus questions May 2, 2005, 6:57 am
IPSEC ESP questions May 10, 2005, 10:55 am
security questions September 13, 2007, 10:10 am
Starting a Consultant Firm - Questions August 4, 2006, 3:53 pm
Security Questions- A graduate student needs help February 27, 2007, 3:39 am
Resurrecting a Win98SE machine; security questions. June 20, 2004, 2:18 am
REVIEW: "CISSP Practice Questions Exam Cram 2", Michael C. Gregg August 22, 2005, 5:19 pm

The site map in XML format XML site map

Contact Us | Privacy Policy