Re: What about closed ports?

To: Pedro Zorzenon Neto <pzn@terra.com.br>
Cc: debian-security@lists.debian.org
Subject: Re: What about closed ports?
From: Kalev Kadak <kalev@grupp.ee>
Date: Thu, 28 Jun 2001 15:36:00 +0200 (EET)
Message-id: <[🔎] Pine.LNX.4.21.0106281523050.24615-100000@lx.grupp.ee>
In-reply-to: <[🔎] 20010628092841.A475@mantis.autsens.localnet>

On Jun 28, 2001 09:28 -0300 Pedro Zorzenon Neto wrote to debian-security@li...:

|Is there any way of getting some exploit in a CLOSED port? Some kernel,
|ipchains or other bug that allows someone explore closed ports?
|What about ports that are opened to 192.168.1.x but are REJECTed by
|ipchains to  the internet. Are they explorable by internet?
|If the port is CLOSED, than it's safe?
|

There is always a way to exploit closed port by generating some clever
overflow in program which sits on port and listens. If one finds way to
crash your ipchains remotely, it will be possible to run illegal code on
your box. Other hand i guess, that crashing ipchains will be last thing a
hacker tries to do. Much easier is to find some daemon on opened port
(sendmail or bind i.e.) and exploit it.  If you have more than one NIC and
service runs only on local network adapter, there will be no way to
exploit it from internet side.

Kalev

Reply to:

References:
- What about closed ports?
  - From: Pedro Zorzenon Neto <pzn@terra.com.br>

Prev by Date: What about closed ports?
Next by Date: Re: How to route
Previous by thread: What about closed ports?
Next by thread: compile libc5 ...
Index(es):
- Date
- Thread