Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)

To: debian-user@lists.debian.org
Subject: Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
From: Brian <ad44@cityscape.co.uk>
Date: Fri, 31 Mar 2017 14:17:35 +0100
Message-id: <[🔎] 31032017141204.fc6bce367b7a@desktop.copernicus.org.uk>
In-reply-to: <[🔎] 20170331121804.GA18992@tuxteam.de>
References: <[🔎] ef34df2b-20d7-e2ed-f9a4-875cc09c9b68@cloud85.net> <[🔎] 1da38dbd-57cc-816a-b108-9b1a54159701@holgerdanske.com> <[🔎] slrnocd4r9.8pl.dan@xps-linux.djph.net> <[🔎] b996cffe-6f59-38df-8aa4-35e62a92c150@holgerdanske.com> <[🔎] 20170331120044.GU8896@localhost.localdomain> <[🔎] 20170331121804.GA18992@tuxteam.de>

On Fri 31 Mar 2017 at 14:18:04 +0200, tomas@tuxteam.de wrote:

> On Sat, Apr 01, 2017 at 01:00:45AM +1300, cbannister@slingshot.co.nz wrote:
> 
> [...]
> 
> > My understanding is that if there are no services listening on a port then
> > it cannot be accessed.
> > 
> > e.g.
> > 
> > http://serverfault.com/questions/733633/if-no-service-is-listening-on-a-port-can-a-system-still-be-accessed-using-that-p
> > 
> > An I missing something? 

I rather thought cbannister had the correct idea: nothing listening;
therefore no access.
 
> As Dominik said: it's "defense in depth". If your PHP^H^H^H web application
> has some code injection issue, your adversary might well install a C&C
> server listening on that port, and work from there on (exfiltrate data,
> try some privelege escalation, whatever).
> 
> Now there might be other avenues for that, but security is about closing
> the avenue your adversary is going to use next ;-)

If someone unauthorised is on your machine can they not just as well
remove firewall rules?

-- 
Brian.

Reply to:

Follow-Ups:
- Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
  - From: <tomas@tuxteam.de>
- Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
  - From: Dominik George <nik@naturalnet.de>

References:
- Guide(s?) to backup philosophies
  - From: Richard Owlett <rowlett@cloud85.net>
- Re: Guide(s?) to backup philosophies
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: Guide(s?) to backup philosophies
  - From: Dan Purgert <dan@djph.net>
- Re: Guide(s?) to backup philosophies
  - From: David Christensen <dpchrist@holgerdanske.com>
- should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
  - From: cbannister@slingshot.co.nz
- Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
  - From: <tomas@tuxteam.de>

Prev by Date: OT: speaking of days (weeks, months, years, etc.) (was: Re: Movie 'n Book recommendations by Curt)
Next by Date: Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
Previous by thread: Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
Next by thread: Re: should I firewall an open port which isn't used? (was ... Re: Guide(s?) to backup philosophies)
Index(es):
- Date
- Thread