Project Network Survey Essay

Besides the elemental physical security of a site, the next most im bearingant aspect is controlling digital nettle into and out of the organizations network. In most cases this means controlling the points of connectivity to the outside world, typic exclusivelyy the Internet. dislocation the boundary between the outside Internet and the internal intranet is a critical security piece. Any go not actually needed should be turned off so that they will not wrench avenues of attack for security threats. Different systems will cause different services running by default.The firewall touch can tightly control what is allowed to traverse from one side to the other. As with most aspects of security, deciding what character of firewall to use will depend upon factors such as barter levels, services needing protective covering and the complexity of rules required. The bother for firewalls is distinguishing between legitimate and illegitimate traffic. Firewalls, if configured correctl y, can be a reasonable form of protection from external threats including some denial of service (DOS) attacks. If not configured correctly they can be major(ip) security holes in an organization. The most basic protection a firewall provides is the ability to block network traffic to certain destinations. This includes both IP addresses and particular network service larboards.Many network devices and data processor hosts inaugural network services by default, each of these services could represent an opembrasureunity for attackers, worms and Trojans. Very often all of these default services atomic number 18 not needed. Doing port lockdown by turning off services reduces this exposure. user interface 25 Is the virtual pathway that most e-mail traffic follows when it travels from your computer to a server. expression 25 can get clogged with spam e-mails when computers on a network become infected with a virus or other malicious softw be. Because of the potential threat our host computers sending spam e-mail appearance 25 will remain close. mien 80 This is the primary port utilise by the World Wide Web (www) system. Web servers open this port then listen for incoming connections from network browsers. Similarly, when a web browser is given a foreign address (like grc.com or amazon.com), it assumes that a outside(a) web server will be listening for connections on port 80 at that location. This port will generally be open only when a web server of some variety is running on the machine. Due to the popularity of this port for malicious exploitation, it should never be open unless it is being actively and deliberately utilise to serve web pages.Port 139 Is normally utilise for file/ impresser sharing, including directory repercussion with Active Directory, trusts, remote access of event logs, etc. This port should be open. If you block port 139 on a Domain Controller you will kill AD replication. If you block 139 in a typical business network, you w ill lose the ability to do much of anything on a remote computer such as remotely manage clients/servers, install softw ar, share scarers, or files. Since the NetBIOS vulnerability is quite long-familiar a long time ago and heavily popularized, patches yield been already released. The last remote exploits that targeted NetBIOS/139 were in the Windows NT/2000 era. Ports 1900 and Port 2869 These UDP port are opened and used by Universal Plug N make for (UPnP) devices to receive broadcasted messages from other UPnP devices. UPnP devices broadcast subnet-wide messages to simultaneously reach all other UPnP devices.UPnP Internet servers were found to have remotely exploitable unchecked buffers that would allow, in principle, remote malicious hackers. Microsoft Windows is vulnerable to a buffer overflow, caused by unbecoming bounds checking by the Universal Plug and Play (UPnP) service. By sending a specially-crafted HTTP request, a remote attacker could overflow a buffer and execute ar spellrary code on the system with imposing privileges when combined with another exploit. Unused Internet servers and services should not be left running if they are not actively needed, for this reason this port should be closed(a) until needed. Port 5357 This port is opened becauseyou have Network Discovery enabled in a Public Network profile. The port is vulnerable to info discover problems allowing it to be accessed remotely by malicious authors. This port should be closed if network discovery is not required. Port 6839 This port is not associated with any particular services and should be closed unless it is associated and used. Port 7435 This port is not associated with any particular services and should be closed unless it is associated and used.Port 9100 This transmission control protocol port is used for printing. Port numbers 9101 and 9102 are for parallel ports 2 and 3 on the three-port HP Jetdirect external print servers. It is used for network-connected print dev ices. This port should remain open to allow print services. Ports 9101 and 9102 Is the Bacula Director. This TCP port is used for printing. Port numbers 9101 and 9102 are for parallel ports 2 and 3 on the three-port HP Jetdirect external print servers. It is used for network-connected print devices. This port should remain open to allow print services. Port 9110 SSMP Message communications protocol This protocol is intended to be used to implement thread-to-thread messaging locally or over the Internet. Ports registered with IANA are shown as official ports. The same port number may be unofficially used by various services or applications.Unofficially or sometimes with conflict, the same port may be used by different applications. This port is not associated with any particular services and should be closed unless it is associated and used. Port 9220 This port is for raw scanning to peripherals with IEEE 1284.4 specifications. On three port HP Jetdirects, the scan ports are 9290, 9 291, and 9292. It is used for network-connected print devices. This port should remain open to allow print services. Port 9500 TCP Port 9500 may use a defined protocol to communicate depending on the application. In our case we are using port 9500 to access the ISM Server.The ISM Server is used for exchanging backup and recovery randomness between storage devices. This port should remain open while services are in use. Port 62078 This port is used by iPhone while syncing. The Port used by UPnP for multimedia files sharing, also used for synchronizing iTunes files between devices. Port 62078 has a known vulnerability in that a service named lockdownd sits and listens on the iPhone on port 62078. By connecting to this port and speaking the correct protocol, its possible to spawn a number of different services on an iPhone or iPad. This port should be blocked or closed when service is not requiredon the device.ReferencesGibson, S. (n.d.). GRC Port Authority, for Internet Port 139 . R etrieved October 10, 2014, from https//www.grc.com/port_139.htm Gibson, S. (n.d.). GRC Port Authority, for Internet Port 2869 . Retrieved October 10, 2014, from https//www.grc.com/port_2869.html Gibson, S. (n.d.). GRC Port Authority, for Internet Port 80 . Retrieved October 10, 2014, from https//www.grc.com/port_80.htm Gibson, S. (n.d.). GRC Port Authority, for Internet Port 9101 . Retrieved October 10, 2014, from https//www.grc.com/port_9101.html HP Support history HP Support Center. (n.d.). Retrieved October 10, 2014, from http//h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?sp4ts.oid=412144&spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c02480766-2%257CdocLocale%253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken HP Support document HP Support Center. (n.d.). Retrieved October 10, 2014, from http//h20566.www2.hp.com/portal/site/hpsc/templ ate.PAGE/public/kb/docDisplay?docId=bps53634&ac.admitted=1413144875821.876444892.199480143 Network Printer Ports. (2003, March 28). Retrieved October 10, 2014, from http//technet.microsoft.com/en-us/library/cc728404(v=ws.10).aspx networking Is port 139 still vulnerable? Server Fault. (2009, June 20). Retrieved October 10, 2014, from http//serverfault.com/questions/29065/is-port-139-still-vulnerable Port 5357 TCP on Windows 7 professional 64 bit? Super User. (2009, October 18). Retrieved October 10, 2014, from http//superuser.com/questions/56781/port-5357-tcp-on-windows-7-professional-64-bit Port 62078 (tcp/udp) SpeedGuide.net. (n.d.). Retrieved October 10, 2014, from http//www.speedguide.net/port.php?port=62078 Port 6839 (tcp/udp) Online TCP UDP port finder adminsub.net. (2014, August 26). Retrieved October 10, 2014, from http//www.adminsubnet.net/tcp-udp-port-finder/6839 Port 7435 (tcp/udp) Online TCP UDP port finder adminsub.net. (2014, August 26).