Re: risks of protocols list?
check out this website: http://isc.incidents.org/ I think this is exactly
what your looking for.
----- Original Message -----
Sent: Tuesday, July 06, 2004 5:00 AM
Subject: risks of protocols list?
is there any resource (book, web, articles etc) with an overview of
risks associated with particular protocols?
The goal is to give assessment statements for firewall policies quickly
and explane shortly why which port is critical under certain boundary
conditions and why others are of low risk.
E.g. like this
syslog: spoofing, denial of service..., low risk of manipulation because
protocol is simple.
telnet: clear text password eaves dropping, authentication due to week
ntp: authentication, manipulating of systime for... perhaps kerberos
ftp: unauthorized file access, many vulnerabilities of ftp servers in
the past, active ftp, clear text pwd...
http: tunneling other ports
tcp 135-137, 445 <long list of risks> ;-)
ssh: reverse tunneling...
and so on and so on...