LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
LinkBack Search this Thread
Old 08-08-2005, 03:18 PM   #1
Mr. New
Member
 
Registered: Oct 2004
Distribution: Kubuntu and Mac OS X
Posts: 80

Rep: Reputation: 15
whats the dangers of leaving a port open?


I'm wondering if there are any dangers in leaving a port open? I have bittorrent running and would like to know if there are any serious security issues with it.
 
Old 08-08-2005, 04:14 PM   #2
trickykid
Guru
 
Registered: Jan 2001
Posts: 24,133

Rep: Reputation: 194Reputation: 194
Anything can potentially exploit your machine. Just think of it this way, your connected and that's all that is needed for some to crack open your machine.. A truly secure machine is one that isn't powered on..
 
Old 08-09-2005, 04:37 PM   #3
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,527

Rep: Reputation: 147Reputation: 147
Open port means there's a program listening on that port. Programs are usually buggy. Bugs can be usually exploited... Results are not good.
 
Old 08-09-2005, 05:18 PM   #4
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,042

Rep: Reputation: 952Reputation: 952Reputation: 952Reputation: 952Reputation: 952Reputation: 952Reputation: 952Reputation: 952
Are there any dangers? Technically, no. Every process on your computer that is supposed to be providing any sort of service to your internal network or to the Internet (by-definition) must "have a port open." The term simply means that a process is listening for connections on that port.

The questions is, do you know...
  • Why a process is running on your computer, and listening to that port?
  • Which process it is?
  • How that process is configured? (Is it set up correctly? Is it vulnerable?)
  • Who it is listening to? (Is it listening to "the whole Internet" or just to your internal network?
  • Whether the incoming traffic is encrypted? Validated as to source?
The typical problem is that many people just drag a public distro "out of the box," configure it according to the defaults (which usually drags in just about everything except the kitchen-sink), attach it to the Internet without a single firewall ... and thus really don't know what in the heck it's doing or why.

"Script kiddies" perform automated searches for computers like this. Among tens of millions of addresses, simple probability says that an exploitable number of systems will be found.

It is almost trivially simple to protect your system, if you actually do it. Many cat-burglars have testified that they never had to break down a door or defeat a burglar alarm: they simply went from door to door, say pretending to be delivering newspapers, and twisted the doorknob to see if the door was unlocked. (If it was, then of course the alarm was off, too.) If so, they simply walked inside, found the lady's dresser, scooped a handful of jewelry into their "newspaper" bag, closed the door and went on to the next house. Exactly the same strategy works well on the Internet!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 08:44 AM
leaving a machine on 24/7. whats the impact on hardware life-span ??? qwijibow Linux - Hardware 8 01-23-2005 07:12 PM
whats my serial port? surrealism Linux - Newbie 2 04-24-2004 08:26 AM
Need to know whats running on port 21 gr8razorx Linux - Networking 5 12-05-2003 12:19 PM
whats the open command? zexter Linux - General 17 11-02-2003 12:57 AM


All times are GMT -5. The time now is 02:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration