![]() Otherwise, they won't be able to connect because browser's are only configured to (inconspicuously) insert port 80 by default. For example, if you use 8080 instead of 80 for your HTTP web file transfer service, likeso:Īll your users will have to include the 8080 port number when they enter your site's URL in their browser. Well, first of all, if you use nonstandard ports for your network services, your end users might have problems connecting to them. Let's now go back to our discussion of using nonstandard ports. If you attempt to build your own encryption algorithm from scratch and then simply rely on the secrecy of its design, chances are it won't take much for a highly trained cryptanalyst to break it. This is so that experts could easily analyse, test, and discover weaknesses. In the field of cryptography, while private and secret keys are kept confidential, the internal workings of the strongest cryptographic algorithms are actually open to the public. With the right set of tools, a skilled attacker should be able to decompile and reverse engineer the file. #Security through obscurity softwareLike, just because a piece of security software is in the form of a binary executable file, doesn't mean no one would be able to figure out how it actually works. The thing is, not all attackers are going to be naive. Well, it certainly might fool would-be attackers if its mechanics remain obscure. ![]() For example: you deploy a single-dial padlock that really only requires a single number instead of a combination and then simply bank on the likelihood that no one will know how this special padlock works. Security through obscurity is that common but highly contentious practice of applying security countermeasures that mainly rely on the confidentiality of an object's inner workings. We'd like to focus more on that second reason, as it's a classic example of what security folks call "security by obscurity".įirst, let's define what that is. ![]() They see it as a countermeasure against attacks aimed at the standard port.The standard port is already in use, or.Of course, system administrators don't just use alternative ports simply because they can. That's why we sometimes see an FTP service listening on port 2021, a HTTP service on port 8080, or a SFTP/SSH service on port 2222. In fact, most server applications that provide these services will allow you to choose your desired port number. Related post: Can You Identify The Port Numbers of These 12 File Transfer Protocols? FTP is normally configured to listen on port 21, HTTP on port 80, and SFTP on port 22 - there are really no hard and fast rules that prohibit the use of other (non-reserved) port numbers. ![]() Why some people use non-standard portsĪlthough each network service is assigned a standard port by IANA (Internet Assigned Numbers Authority) - e.g. Clearly, the topic makes for an interesting discussion, so here we are to discuss it. On the other, you have those who actually recommend it. On one side you have those who consider the use of non-standard ports a form of "security through obscurity" and hence discourage it. While we encounter this quite often, the use of non-standard ports is one of those practices where many IT folks have opposing views. ![]() Last week, while responding to one of the tickets at our HelpDesk, I noticed that the port number used wasn't standard. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |