• Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Archives
    Archives Contains a list of blog posts that were created previously.
  • Login
    Login Login form

Millions of 'must be firewalled' services are open to the entire internet – research

Posted by on in Internet Research
  • Hits: 624

Millions of services that ought to be restricted are exposed on the open internet, creating a huge risk of hacker attack against databases and more.


Infosec firm Rapid7’s researchers took a close look at the millions and millions of individual services that live on the public IP network, one of the most fundamental components of the internet.


Researchers attempted to ascertain to which extent various internet protocols are in use, where they are located, and how much of this is inherently insecure due to running over non-encrypted, cleartext channels.


Millions of systems on the internet offer services that should not be exposed to the public network. The survey uncovered 15 million nodes appearing to offer telnet (usually unencrypted), 11.2 million appearing to offer direct access to relational databases, and 4.5 million apparent printer services.


Around 4.7 million systems expose one of the most commonly attacked ports used by Microsoft systems, 445/TCP. Oddly 75 per cent of the servers offering SMB/CIFS services – a (usually) Microsoft service for file sharing and remote administration for Windows machines – originated in just six countries: the United States, China, Hong Kong, Belgium, Australia and Poland.


The most exposed nations on the internet included countries with the largest GDPs, such as the United States, China, France, and Russia.


The research – summarised here – was put together by Bob Rudis, Jon Hart and Tod Beardsley. Beardsley explained that the research gave the team a fresh perspective on the services deployed on the public side of firewalls the world over.


Although, to the man on the street, the internet is imagined to run over the one or two protocols that the World Wide Web runs on – HTTP and HTTPS – there are loads of other services. Rapid7’s researchers say their study shows how much telnet, SSH, FTP, SMTP, or any of the other protocols that run on TCP/IP is actually in use, where are they all located, and how much of it is inherently insecure due to running over non-encrypted, cleartext channels for the first time.


He explained this was different from, but complementary to, other research efforts.


“While projects like CAIDA and Shodan perform ongoing telemetry that covers important aspects of the internet, we here at Rapid7 are unaware of any ongoing effort to gauge the general deployment of services on public networks. So, we built our own, using Project Sonar,” Beardsley said. ®


Source:  http://www.theregister.co.uk/2016/06/08/services_beyond_the_firewall_research_rapid7/


Rate this blog entry:


airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media