When we connect to the Internet, all applications redirect their traffic through certain ports. While some ports are open by default (for example, 80 for Internet browsing), most ports remain closed . Judging by a new security report, at least 14 of them should still be that way.
These security vulnerabilities regarding 14 ports of your router have been discovered through a penetration test (pentest) , a form of ethical hacking that consists of performing authorized simulated cybersecurity attacks on websites, mobile applications, networks and systems to discover vulnerabilities them using cybersecurity strategies and tools.
Why is it necessary to open ports?
In many cases it is essential to open the router ports for our connection to work properly. Especially when we are going to use certain tools or programs, it may be necessary that we have certain ports open for it to work as well as possible.
security threats
These tools include online games, messaging or communication tools, download and torrent programs, or server setup. The two most common types of network protocols are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
Ports that should remain closed
Keeping in mind that not all open ports are vulnerable, although closed ports are a minor vulnerability in comparison, let’s see which ones are considered low-hanging fruit in penetration tests. That is, vulnerabilities that are easy to exploit.
FTP ports (20, 21)
FTP stands for File Transfer Protocol. Ports 20 and 21 are TCP-only ports used to allow users to send and receive files from a server to their personal computers.
The FTP port is insecure and outdated and can be exploited via anonymous authentication , cross-site scripting, password brute force, or directory traversal attacks.
SSH (22)
SSH stands for Secure Shell. It is a TCP port used to ensure secure remote access to servers. Exploits can be done by brute forcing SSH credentials or using a private key to gain access to the target system .
SMB(139, 137, 445)
SMB stands for Server Message Block. It is a communication protocol created by Microsoft to provide shared access to files and printers over a network. It could be exploited via the EternalBlue vulnerability , brute forcing SMB login credentials, exploiting the SMB port using NTLM Capture, and connecting to SMB using PSexec.
DNS (53)
DNS stands for Domain Name System. It is a TCP and UDP port used for transfers and queries respectively. A common exploit on DNS ports is a Distributed Denial of Service (DDoS) attack.
HTTP / HTTPS (443, 80, 8080, 8443)
HTTP stands for Hypertext Transfer Protocol, while HTTPS stands for Hypertext Transfer Protocol Secure, the two most common protocols when browsing the Internet.
They are vulnerable to SQL injections, cross-site scripting, cross-site request forgery, etc.
Phonenet (23)
The Telnet protocol is a TCP protocol that allows a user to connect to remote computers over the Internet. It has generally been superseded by SSH, but some websites still use it today. It is outdated, insecure, and vulnerable to malware , phishing, credential detection, and credential brute force.
SMTP (25)
SMTP stands for Simple Mail Transfer Protocol. It is a TCP port used to send and receive mail. You can be vulnerable to spam and phishing if you are not well protected.
TFTP (69)
TFTP or Trivial File Transfer Protocol, a simplified version of the File Transfer Protocol (FTP). It is a UDP port used to send and receive files between a user and a server over a network, so it can be compromised through password spraying and unauthorized access, and denial of service (DoS) attacks. ) .