The Vulnerability of Port 23 and Port 53 When the Firewall is Off

Data packets utilize various ports associated with specific IP addresses and end points to travel to and from a particular computer. This process is enabled through the use of UDP or TCP transport layer protocols. Theoretically, all ports are potentially at risk of attack but can be secured by implementing different strategies. This means that there is no port which is natively secure.

In the test, two ports which were open when the firewall was running were port 23 and 53. Port 23 is one of the transmission control protocol (TCP) ports, and it is used by Telnet server to establish a reliable connection-oriented transport (Kak, 2017). The reason why port 23 is one of the most dangerous ports to vulnerabilities is attributed to the fact that Telnet transmits unmasked information which attackers can listen in easily. Additionally, attackers can perform remote code execution to tamper with the communication process. Port 53 is used by DNS service network to translate domain names (Espina & Baha, 2013). The vulnerability of the port 53 is attributed to its issue of not being monitored regularly. When attackers need an exit channel, port 53 provides an ideal exit strategy since all they need to do is turn data into DNS traffic.

When the firewall was turned off, the most vulnerable ports were port 21 and port 25. Port 21 controls the file transfer protocol (FTP), and it provides password and username of a file when accessed over TCP (Espina & Baha, 2013). Nevertheless, when transmitting this data, FTP traffic is sent unencrypted, and this information can be captured easily using MITM attacks. This is made more accessible when the firewall is turned off. Port 25 controls the secure mail transfer protocol (SMTP) and is set by default to direct outgoing emails (Tankard, 2017). When the firewall is off, the port can get clogged with many spam emails which are then sent to other computers to complete a potential attack. The infected computers are known as “zombie” PCs since they are used by attackers to send anonymous emails to other people.

To safeguard the security of the PC, it is essential to keep the firewall turned on always. Furthermore, one should check for open ports when the firewall is on to ensure that they are not used as attack channels. This can be done by closing down the ports or assigning them to other functionalities.

References

Espina, D., & Baha, D. (2013). The present and the future of TCP/IP, 1-8. Retrieved from www.idt.mdh.se/kurser/ct3340/ht09/.../IRCSE09.../ircse09_submission_24.pdf

Kak, A. (2017). TCP/IP Vulnerabilities and DoS Attacks: IP Spoofing, SYN Flooding, and The Shrew DoS Attack. Computer and Network Security. Retrieved from engineering.purdue.edu/kak/compsec/NewLectures/Lecture16.pdf

Tankard, C. (2017). Securing emails. Network Security, 2017(6), 20. dx.doi.org/10.1016/s1353-4858(17)30063-6