Options
Whats this sound like to you ?
kinggeorge1987
Member Posts: 62 ■■□□□□□□□□
in Off-Topic
My professor posted a question on the discussion board this week, and apparently I'm seeing it different then the rest of the class.
Many computer security problems are directly attributable to the hijacking of ports on a system. Do some research and discuss how a port might be hijacked, how it might be used maliciously, and what could be done to deter the attack.
Now, 3 people have posted ways to password protect the drives and what I thought were called the sockets(USB, ethernet, etc..). Well I've emailed my professor with no reply, I suppose she's only available on Tuesdays, Thursdays, and Fridays, but Im ready to post. Surely she means the actual ports that our systems use to transfer data over your home network, or the internet, etc. Like port 80 for HTTP or 20,21,22 for FTP. BTW this is my Network Tools and Techniques class, this week is covering protocols. So surely these three posters are incorrect.
Wouldn't ya think ?
Many computer security problems are directly attributable to the hijacking of ports on a system. Do some research and discuss how a port might be hijacked, how it might be used maliciously, and what could be done to deter the attack.
Now, 3 people have posted ways to password protect the drives and what I thought were called the sockets(USB, ethernet, etc..). Well I've emailed my professor with no reply, I suppose she's only available on Tuesdays, Thursdays, and Fridays, but Im ready to post. Surely she means the actual ports that our systems use to transfer data over your home network, or the internet, etc. Like port 80 for HTTP or 20,21,22 for FTP. BTW this is my Network Tools and Techniques class, this week is covering protocols. So surely these three posters are incorrect.
Wouldn't ya think ?
Certification Goals
CompTIA A+ 701 & 702 - by December
CompTIA Network+ - by Feb 2011
CompTIA Server + - by May 2011 (At the latest)
Currently Studying
Mike Meyers - All In One Guide to A+ (60%)
Mike Meyers - All In One Guide to Network+(60%)
Network+ Guide to Networks Fifth Edition - Tamara Dean(2%)
The Complete Guide to Servers and Server+ - Micheal Graves(2%)
TestOut Labsim - Network +
TestOut Labsim - Server+
CompTIA A+ 701 & 702 - by December
CompTIA Network+ - by Feb 2011
CompTIA Server + - by May 2011 (At the latest)
Currently Studying
Mike Meyers - All In One Guide to A+ (60%)
Mike Meyers - All In One Guide to Network+(60%)
Network+ Guide to Networks Fifth Edition - Tamara Dean(2%)
The Complete Guide to Servers and Server+ - Micheal Graves(2%)
TestOut Labsim - Network +
TestOut Labsim - Server+
Comments
-
Options
tpatt100
Member Posts: 2,991 ■■■■■■■■■□
Kind of a goofy way to word it but she means imo hijacking of services with an application that uses a specific port? -
Options
ehnde
Member Posts: 1,103
This is a very badly phrased discussion board post.
My first guess would have been ports associated with networking, as you assumed as well.Climb a mountain, tell no one. -
Optionsapena7
Member Posts: 351
My first guess would have been ports associated with networking, as you assumed as well.
I thought the same as well. Let's say you installed a Trojan Horse that sends emails via SMTP. Without using any AV software, running NETSTAT in the Command Prompt might reveal the culprit.Usus magister est optimus -
Options
varelg
Banned Posts: 790
Yeah, I'd say your professor meant TCP/UDP ports. But... hijacking them...?
-
Options
MentholMoose
Member Posts: 1,525 ■■■■■■■■□□
Is there any context at all? Like a chapter the discussion covers, or the title of the sub-forum it's on?
If it's physical ports, it could be something like a hardware key logger that is in-line between the keyboard and PS/2 port. For logical tcp or udp ports then maybe something like this:
SMTP Port HijackingMentholMoose
MCSA 2003, LFCS, LFCE (expired), VCP6-DCV -
Options
Chris:/*
Member Posts: 658 ■■■■■■■■□□
He/She could be talking about port redirection but you would already own the system at that point. Where are you going to school?Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology -
Options
Pash
Member Posts: 1,600 ■■■■■□□□□□
Yeh the question isnt very clear. Maybe she means TCP/IP hijacking.
I mean first of all the question assumes you have done the very first thing you do when planning a successful hack right? Fingerprinting. You can't know much about a system and the various vulnerabilities before actually getting a grasp of what is running on there.
Then you have to decide your method of attack and the vulnerability you are targeting.
You are completely on the path I would of taken on this question, just go down that router.DevOps Engineer and Security Champion. https://blog.pash.by - I am trying to find my writing style, so please bear with me. -
Optionsit_consultant
Member Posts: 1,903
Have you ever gotten around a web filter by porting your web traffic to a random port? This is what they are probably talking about. High end firewalls, like Palo Altos, actively scan each port to make sure that SMTP packets are only going over 25, and blocks SMTP packets that are going over say...122. An attacker can take a common port, like 80, and send malicious packets into your network. This is the idea behind inline NIPS devices.
-
Options
demonfurbie
Member Posts: 1,819
sounds liek a patch want applied and or a zombie on a botnetwgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: -
Optionsbrad-
Member Posts: 1,218
Post what you think is the right answer. If its not what she was looking for, explain why you interpreted the question the way you did. She should see that it was incorrectly worded.
