[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: risks of protocols list?


check out this website: http://isc.incidents.org/ I think this is exactly
what your looking for.


----- Original Message -----
From: <Erik.Hofmann@infineon.com>
To: <debian-firewall@lists.debian.org>
Sent: Tuesday, July 06, 2004 5:00 AM
Subject: risks of protocols list?

Hi all,

is there any resource (book, web, articles etc) with an overview of
risks associated with particular protocols?
The goal is to give assessment statements for firewall policies quickly
and explane shortly why which port is critical under certain boundary
conditions and why others are of low risk.

E.g. like this

syslog: spoofing, denial of service..., low risk of manipulation because
protocol is simple.

telnet: clear text password eaves dropping, authentication due to week

ntp: authentication, manipulating of systime for... perhaps kerberos
attacks etc

ftp: unauthorized file access, many vulnerabilities of ftp servers in
the past, active ftp, clear text pwd...

http: tunneling other ports

tcp 135-137, 445 <long list of risks> ;-)

ssh: reverse tunneling...

and so on and so on...



Reply to: