Google has been blocking ports in Chrome for months. Doing so has a multitude of security enhancements, but can also introduce problems for users using those ports. Therefore, we are going to see why this new port has been blocked, and what is the list of all those that have already been blocked.
Until now, Google Chrome blocked access via FTP, HTTP, and HTTPS to ports 69, 137, 161, 554, 1719, 1720, 1723, 5060, 5061, and 6566 . Now port 10080 is added , which has been blocking Firefox for half a year in order to prevent NAT Slipstreaming 2.0 attacks.
11 ports blocked by Google Chrome
It all started at the beginning of the year, when researchers Sammy Kamkar, Ben Seri and Gregory Vishnipolsky discovered a new version of the NAT Slipstreaming attacks. These types of failures allow malicious websites to execute scripts in the browser that allow them to bypass the NAT firewall by sending a series of modified data packets that allow them to access any TCP and UDP port on the user’s local network. With this, an attacker can carry out various types of attack, including modifying the router’s configuration and accessing services that should only be accessible locally.
This port is quite a sweet tooth because it is used as an alternative to port 80 and does not require root privileges to use it. Google has had discussions with other web browsers about whether or not to block the port, and they have only detected that software such as Amanda or VMWare vCenter uses those ports, and would not be affected by the blocking. Google knows which ports are scanned most frequently and are susceptible to receiving this type of attack, hence they have decided to block it.
ERR_UNSAFE_PORT: the error that will appear when entering those websites
Developers will be able to continue using this port, for which they will add a policy that will allow them to bypass the block. With this, when the port begins to be blocked in the next versions of Chrome, and we try to access a website that uses it, we will see the ERR_UNSAFE_PORT error when trying to access it. To check if we have it blocked, we can access the URL that we want, and add a colon and the specific port that we want to test, as shown in the following image.
Thanks to this action by Google and other web browsers, it is not necessary to have to manually block ports on the firewall to prevent this type of unwanted access. It is likely that in the future they will continue to block ports while they cannot solve the origin of this vulnerability.