This topic contains 1 reply, has 2 voices, and was last updated by renegade_panda 1 month, 2 weeks ago.
- August 5, 2020 at 7:02 pm #291268
ive been told a lot that it’s dangerous to open a port up to the internet but never fully understood what kind of exploits are possible and what can be done to prevent them. i work in web dev and am looking to learn more about security like this. thanks!
- August 5, 2020 at 7:02 pm #291269
The ‘exploits’ used will all depend on what service you are exposing to the internet. For example – if you expose a web service to the world, expect programs to crawl the directories, and try web attacks such as SQLi.
If the underlying service is ‘secure’, then there isn’t too much to worry about until someone finds an exploit for it. (Bear in mind that even if a service is secure, misconfigurations could render it insecure).
There’s a lot of bot traffic on the internet; so if your opening up a port – expect it to be crawled, fingerprinted, brute-forced, etc.
There isn’t a real catch-all to securing everything, but you can minimise the attack surface by ensuring the service is up to date (no known exploits), using a firewall and only allowing known IP’s to connect, or deploying an IPS (intrusion Protection System) such as fail2ban to block IPs that attempt to brute force services such as SSH.
- August 5, 2020 at 7:02 pm #291270
The only open ports should be those that you need, only necessary ones.
The Owasp testing guide is a great place for you to look at securing your web applications and understand the risks. The Owasp top ten (refreshed about every 3 years) will also keep you pretty up to date with the top ten web app vulnerabilities.
You must be logged in to reply to this topic.