Whats this sound like to you ?

kinggeorge1987

My professor posted a question on the discussion board this week, and apparently I'm seeing it different then the rest of the class.

Many computer security problems are directly attributable to the hijacking of ports on a system. Do some research and discuss how a port might be hijacked, how it might be used maliciously, and what could be done to deter the attack.

Now, 3 people have posted ways to password protect the drives and what I thought were called the sockets(USB, ethernet, etc..). Well I've emailed my professor with no reply, I suppose she's only available on Tuesdays, Thursdays, and Fridays, but Im ready to post. Surely she means the actual ports that our systems use to transfer data over your home network, or the internet, etc. Like port 80 for HTTP or 20,21,22 for FTP. BTW this is my Network Tools and Techniques class, this week is covering protocols. So surely these three posters are incorrect.

Wouldn't ya think ?

Find more posts tagged with

Comments

tpatt100

Kind of a goofy way to word it but she means imo hijacking of services with an application that uses a specific port?

ehnde

This is a very badly phrased discussion board post.

My first guess would have been ports associated with networking, as you assumed as well.

apena7

ehnde wrote: »

My first guess would have been ports associated with networking, as you assumed as well.

I thought the same as well. Let's say you installed a Trojan Horse that sends emails via SMTP. Without using any AV software, running NETSTAT in the Command Prompt might reveal the culprit.

varelg

Yeah, I'd say your professor meant TCP/UDP ports. But... hijacking them...?

MentholMoose

Is there any context at all? Like a chapter the discussion covers, or the title of the sub-forum it's on?

If it's physical ports, it could be something like a hardware key logger that is in-line between the keyboard and PS/2 port. For logical tcp or udp ports then maybe something like this:
SMTP Port Hijacking

Chris:/*

He/She could be talking about port redirection but you would already own the system at that point. Where are you going to school?

Pash

Yeh the question isnt very clear. Maybe she means TCP/IP hijacking.

I mean first of all the question assumes you have done the very first thing you do when planning a successful hack right? Fingerprinting. You can't know much about a system and the various vulnerabilities before actually getting a grasp of what is running on there.

Then you have to decide your method of attack and the vulnerability you are targeting.

You are completely on the path I would of taken on this question, just go down that router.

it_consultant

Have you ever gotten around a web filter by porting your web traffic to a random port? This is what they are probably talking about. High end firewalls, like Palo Altos, actively scan each port to make sure that SMTP packets are only going over 25, and blocks SMTP packets that are going over say...122. An attacker can take a common port, like 80, and send malicious packets into your network. This is the idea behind inline NIPS devices.

demonfurbie

sounds liek a patch want applied and or a zombie on a botnet

brad-

Post what you think is the right answer. If its not what she was looking for, explain why you interpreted the question the way you did. She should see that it was incorrectly worded.