Do not open ports on your router that you do not need, you will be in danger

Whether for personal use or for business purposes, to perform some tasks, we are going to have to open ports. In some cases, such as Internet browsing, you do not need to do anything. However, in some situations we will have no choice but to open ports to create certain types of servers and use P2P programs. Also when opening ports, different strategies can be applied, such as using the DMZ. In relation to the procedure that we have chosen, then it is time to protect that equipment. In this article we are going to look at open ports as a source of attacks for cybercriminals.

The first thing we are going to do is comment on how a computer attack is carried out to see the influence of open ports. Then we will talk about how to open them correctly and also about the best way to protect ourselves.

Attack phases with open ports

A computer attack seeks to steal the data that is on a web server or encrypt the contents of a computer to make the victim pay a ransom. In the latter case we will refer to a ransomware attack.

As for a typical attack, it usually consists of the following phases:

  1. Recognition in which the attacker collects information about the target. In this aspect, he will seek information about the resources and workers of that company. Once you know the IPs of that organization, you can perform a scan looking for open ports. This way you can find out the services you have such as servers and their possible vulnerabilities.
  2. Preparation With the data obtained previously, it searches for the points of attack. One can be to try to access looking for some software vulnerability. It could also be sending an email impersonating a real person.
  3. Distributionthat worker could receive an email that is a Phishing attack in which the attacker would obtain the victim’s credentials.
  4. Exploitation, the cybercriminal begins working to gain remote access and the highest level of privilege possible. To do this, you can try to exploit a software vulnerability that has not been patched.
  5. Installationthe attacker is going to install malware.
  6. Take the controlthe cybercriminal begins to take confidential documentation, steal credentials, install other programs and begins to know what the user’s network is like.
  7. final actionsthen you will be able to ask for a ransom payment if you have carried out a ransomware attack, blackmail or sell the information to third parties.

As we have already seen, open ports can attack them and give cybercriminals clues about the best strategies to carry out an attack. Thus, if the service needs authentication, it could perform a brute force attack. Also, as we mentioned before, they can exploit a security vulnerability to access the service.

How to open ports safely

We have already commented that sometimes having open ports is mandatory and necessary. So what we have to do is find the best strategy to achieve the greatest possible security. What general norm we could say that it would suit us have the fewest number of open ports possible. In this way we manage to reduce the attack vector of cybercriminals and we will be safer.

Also when opening ports we have to assign a local IP to which we want the traffic to be directed. Then we will establish the port and sometimes, depending on the manufacturer of the router, we must indicate if it is going to be for the TCP or UDP protocol. On the other hand, we must be careful when choosing the open ports that we want to use. The reason is that there are a series of dangerous ports that can compromise our security because they will be the first to be scanned by cybercriminals.

On the other hand, another strategy that we have is the DMZ that refers to a demilitarized zone and comes from the acronym in English DeMilitarized Zone. In this case, all the ports will be opened towards the local IP that we assign with the exception of those that were previously established. This is more dangerous and can be useful when we are not sure which ports we need to open. In companies with network segmentation accompanied by a good firewall, it can be an interesting option for some servers.

Finally, when opening ports we must not neglect security and at least have a good software firewall.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *