Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE

ghost16825 Use security metrics Premium join:2003-08-26	reply to the viper Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY H said by the viper : I did a full port scann 1- 65535 lol while i ate Turkey , and this was the result w/ KPF 4.008 ids on and rule set from Blitzen from 2.1.5... Port: Status Service Description 1-1970 stealthed n/a n/a 1972-2175 stealthed n/a n/a 2177-44333 stealthed n/a n/a 44335-65535 stealthed n/a n/a 1971 closed n/a n/a 2176 closed n/a n/a 44334 open n/a n/a Recommendation: I can confirm that this affects 2.15 as well. That's right 2.15! I'm starting a new tread for this one. »[Kerio 2.x] Ports open in all versions of Kerio 2.15!
	to forum · permalink · 2003-11-28 02:52:53 · (locked)
BlitzenZeus Burnt Out Cynic Premium,MVM join:2000-01-13 Beaverton, OR ·Verizon FIOS ·Verizon Online DSL	reply to the viper Ahh.. they made the worthless ids the component blocking the packet... Funny, how they want you to use a horribly coded ids, but your advanced rules are not able to block the packet. That is if it wasn't blocked by some other source. -- My hourly rates: $25 per hour. $35 per hour if you want to watch. $45 per hour if you want to help. $75 per hour if you tried to fix it, and failed.
	to forum · permalink · 2003-11-27 19:22:03 · (locked)
the viper join:2002-03-29 Nashua, NH	reply to gwion Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE I did a full port scann 1- 65535 lol while i ate Turkey , and this was the result w/ KPF 4.008 ids on and rule set from Blitzen from 2.1.5... Port: Status Service Description 1-1970 stealthed n/a n/a 1972-2175 stealthed n/a n/a 2177-44333 stealthed n/a n/a 44335-65535 stealthed n/a n/a 1971 closed n/a n/a 2176 closed n/a n/a 44334 open n/a n/a Recommendation:
	to forum · permalink · 2003-11-27 19:04:33 · (locked)
gwion wild colonial boy Premium,ExMod 2001-08 join:2000-12-28 Pittsburgh, PA	reply to matunga Kerio uses that port for -all- admins, local admin being accomplished via a loopback... and it isn't an unsound way to do it, just as long as the developer knows what he's doing and properly secures the administrative ports... problem arises where they're left open, and visible, they become a firewall fingerprint... and if they're left open, and unpassworded, they're an advertisement to get owned. As far as defending against "half-open" scans, Kerio handled the nMap scans I threw at it over my LAN fairly well, some time back, when I tested it... I may have to try doing it again, with 2.1.5 ... I think it might be interesting to do it with 4.x, sometime, but I would rather wait until something resembling a stable build comes out... and as far as I can see, so far, it ain't here, yet. -- Even when you feel like your life is fading I know that you'll go on forever You're that good...
	to forum · permalink · 2003-11-25 02:53:12 · (locked)


Thursday, 26-Nov 03:46:03	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF