IS3220 Project Network Survey
Chris Wiginton, Jose Rosado
ITT Technical Institute, Tampa FL
Instructor: Sherman Moody
10 October, 2014
Besides the basic physical security of a site, the next most important aspect is controlling digital access into and out of the organization’s network. In most cases this means controlling the points of connectivity to the outside world, typically the Internet. Partitioning the boundary between the outside Internet and the internal intranet is a critical security piece. Any services not actually needed should be turned off so that they will not become avenues of attack for security threats. Different systems will have different services running by default. The firewall process can tightly…show more content…
UPnP Internet servers were found to have remotely exploitable unchecked buffers that would allow, in principle, remote malicious hackers. Microsoft Windows is vulnerable to a buffer overflow, caused by improper bounds checking by the Universal Plug and Play (UPnP) service. By sending a specially-crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges when combined with another exploit. Unused Internet servers and services should not be left running if they are not actively needed, for this reason this port should be closed until needed.
Port 5357: This port is opened because you have Network Discovery enabled in a Public Network profile. The port is vulnerable to info leak problems allowing it to be accessed remotely by malicious authors. This port should be closed if network discovery is not required.
Port 6839: This port is not associated with any particular services and should be closed unless it is associated and used.
Port 7435: This port is not associated with any particular services and should be closed unless it is associated and used.
Port 9100: This TCP port is used for printing. Port numbers 9101 and 9102 are for parallel ports 2 and 3 on the three-port HP Jetdirect external print servers. It is used for network-connected print devices. This port should remain open to allow print services.
Ports 9101 and 9102: