risks of protocols list?
Hi all,
is there any resource (book, web, articles etc) with an overview of
risks associated with particular protocols?
The goal is to give assessment statements for firewall policies quickly
and explane shortly why which port is critical under certain boundary
conditions and why others are of low risk.
E.g. like this
syslog: spoofing, denial of service..., low risk of manipulation because
protocol is simple.
telnet: clear text password eaves dropping, authentication due to week
pwd's...
ntp: authentication, manipulating of systime for... perhaps kerberos
attacks etc
ftp: unauthorized file access, many vulnerabilities of ftp servers in
the past, active ftp, clear text pwd...
http: tunneling other ports
tcp 135-137, 445 <long list of risks> ;-)
ssh: reverse tunneling...
and so on and so on...
regards
Erik
Reply to: