blocked port

ciscoholicciscoholic Member Posts: 2 ■□□□□□□□□□
i would like to know how would an intruder bypass a blocked port.
or what would he do if all ports are blocked except port 80(http). i am new to network security i managed to do that but i still get trojan and tracking cookies on my lil network. can anyone explain?

Comments

  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    Quite often you will find that you have more than port 80 open. There are many that set up firewalls and allow certain programmes run from inside the network to speak to the outside world. What happens there is that if a trojan is send to a node inside the network it can then talk back to home base.
    Mostly I find that the firewall is badly configured and has all sorts of ports open - quite often backdoors left by the programmer to allow remote configuration.
    You will also usually find more than port 80 open - things like 22 for SSH - 23 for Telnet - 25/110/143 for email .. SMTP/POP/IMAP - 3389 for RDP.

    If it is a network I am administering I check with their ISP and then run some serious port scans to see what is open and what is happening.
    After that I fix it. My rule when I build a firewall is - all closed except port 80 until someone screams. Then I ask what port they need open and why. Then if I am in a mind to I will open it, but usually I will sort out a little port mapping if it is only one user.
    www.supercross.com
    FIM website of the year 2007
  • Chivalry1Chivalry1 Member Posts: 569
    I agree. Do a external port scan on your network to find out what ports are open. Often Firewalls indicate that all ports are close when actually it keeps some ports running. You can virtually get a port scanner from anywhere over the internet. Run that scan to determine what ports are open, and then begin blocking those services.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
  • qsubqsub Member Posts: 303
    Tracking cookies usually come from people on the internal network going to pretty much "malacious" websites. Not saying they're going to **** or anything. But in general some places do have tracking cookies, even if it's a good website.

    For an example, a community website similar to Xanga that I goto has tracking cookies.

    I wish a law or something was put in place about this.

    If you want to stop tracking cookies, you gotta disable them from the nodes that have access to the internet. But you will find half the internet not working if you do that.

    I just run spybot search and destroy every night at 5:00AM.

    Hope this helps.
    World Cup 2006 - Zidane - Never Forget.
  • ciscoholicciscoholic Member Posts: 2 ■□□□□□□□□□
    thanx for all your reply, very helpfull
  • johnnynodoughjohnnynodough Member Posts: 634
    ^^
    Oh the irony icon_lol.gif

    spfdz, your signature has that hyperlink to musikcube.com, which leaves a tracking cookie on systems everytime someone looks at your posts.
    Go Hawks - 7 and 2

    2 games againts San Fran coming up, oh yeah baby, why even play? just put then in the win category and call it good :p
  • johnnynodoughjohnnynodough Member Posts: 634
    A great defense against getting tracking cookies is to use Firefox/Opera/Netscape, and configure it to ask you before setting/modifying a cookie, and configure trusted domains to always allow cookies so its not constantly battering you with requests when you are going to frequently accessed trusted sites. Latest version of IE claims to have it, but it doesnt really work to well. Just like when you tell windows to delete your temporary internet files, and it doesnt. There still there, you just cant see them.
    Go Hawks - 7 and 2

    2 games againts San Fran coming up, oh yeah baby, why even play? just put then in the win category and call it good :p
  • qsubqsub Member Posts: 303
    ^^
    Oh the irony icon_lol.gif

    spfdz, your signature has that hyperlink to musikcube.com, which leaves a tracking cookie on systems everytime someone looks at your posts.

    Oh wow, I never realized that. I set my Spybot S&D to auto-delete everything. So I usualy don't get to see what comes up unless I do a manual scan.

    Either way, tracking cookies aren't very harmful. I know of some websites that do have them but I still want to use the website so, I'm kinda stuck there.
    World Cup 2006 - Zidane - Never Forget.
Sign In or Register to comment.