|
Virginia Tech DShield |
|
Port of the Day
This page will cover trends that stick out in recent submissions to DShield. It won't necessarily be updated daily, but whenever something new comes up that's worth while covering.
Port 53 - DNS Server
New! Serious new
vulnerabilities were announced in BIND, a popular DNS package.
More about port 53
Port 1080 - Proxy Servers
Web proxy server,
which will help secure local networks and speed up access to frequently
requested pages can be abused by hackers to hide their identity if
not configured correctly.
More about port 1080
Port 21 - FTP
New! Port 21 is used for FTP
servers (File Transfer Protocol). FTP is one of the 'old' protocols on the
Internet which gained popularity before there ever was a "Web." However, FTP
is also one of the more complex protocols, particularly as far as firewalls
are concerned.
More about port 21
Port 137 - NETBIOS
Every computer connected to the Internet is identified by a so called "IP
address". This ip address is a number, very much like a telephone number.
Usually, these numbers are written as a group of four number, separated by a
"." (e.g. 192.168.2.1).
More about port 137
Port 111 (rpc.statd)
One of the 'hot ports' over the last couple of days is 111. I counted 3257 reports, against 265 targets from 14 different sources. 3 different authenticated users reported these attacks, with the bulk of the reports being submitted anonymously.More about port 111
Port 80 - HTTP
Port 80 (TCP) is probably the most 'famous' port, as web servers listen to it by default. Connections to port 80 should always be open and you should allow return packets from port 80. If you see however a connection to port 80, someone is looking for a web server on your machine.More about port 80
[ Home | Login | What's New | Intro | Submit | Clients | Web Submission | All Reports | Links | About | Privacy ]