Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE

Forums » The Site » Old Forums » Kerio - Tiny Support » [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:

Links: ·Forum Guidelines ·Kerio/Tiny pre-3.x FAQ ·BBR Security Forum ·Security FAQ

Release of Kerio Personal Firewall 4.0.6 »
« [Kerio 2.x] Ports open in all versions of Kerio 2.15!

gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA

Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE

Kerio uses that port for -all- admins, local admin being accomplished via a loopback... and it isn't an unsound way to do it, just as long as the developer knows what he's doing and properly secures the administrative ports... problem arises where they're left open, and visible, they become a firewall fingerprint... and if they're left open, and unpassworded, they're an advertisement to get owned.

As far as defending against "half-open" scans, Kerio handled the nMap scans I threw at it over my LAN fairly well, some time back, when I tested it... I may have to try doing it again, with 2.1.5 ... I think it might be interesting to do it with 4.x, sometime, but I would rather wait until something resembling a stable build comes out... and as far as I can see, so far, it ain't here, yet.
--
Even when you feel like your life is fading
I know that you'll go on forever
You're that good...

permalink · 2003-11-25 02:53:12 · Print ·

the viper

join:2002-03-29
Nashua, NH

Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE

I did a full port scann 1- 65535 lol while i ate Turkey , and this was the result w/ KPF 4.008 ids on and rule set from Blitzen from 2.1.5...

Port: Status Service Description
1-1970 stealthed n/a n/a
1972-2175 stealthed n/a n/a
2177-44333 stealthed n/a n/a
44335-65535 stealthed n/a n/a
1971 closed n/a n/a
2176 closed n/a n/a
44334 open n/a n/a

Recommendation:

permalink · 2003-11-27 19:04:33 ·

BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR

·Verizon FIOS

·Verizon Online DSL

Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY H

Ahh.. they made the worthless ids the component blocking the packet... Funny, how they want you to use a horribly coded ids, but your advanced rules are not able to block the packet. That is if it wasn't blocked by some other source.
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.

permalink · 2003-11-27 19:22:03 ·

ghost16825
Use security metrics
Premium
join:2003-08-26

said by the viper :
I did a full port scann 1- 65535 lol while i ate Turkey , and this was the result w/ KPF 4.008 ids on and rule set from Blitzen from 2.1.5...

Port: Status Service Description
1-1970 stealthed n/a n/a
1972-2175 stealthed n/a n/a
2177-44333 stealthed n/a n/a
44335-65535 stealthed n/a n/a
1971 closed n/a n/a
2176 closed n/a n/a
44334 open n/a n/a

Recommendation:

I can confirm that this affects 2.15 as well.
That's right 2.15!
I'm starting a new tread for this one.
»[Kerio 2.x] Ports open in all versions of Kerio 2.15!

permalink · 2003-11-28 02:52:53 · Print ·

your comment..

Forums » The Site » Old Forums » Kerio - Tiny Support	Release of Kerio Personal Firewall 4.0.6 » « [Kerio 2.x] Ports open in all versions of Kerio 2.15!


Thursday, 26-Nov 07:15:20	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF