Plug and connect:
We can see open ports(physical) in places like airports, restaurants, office lobbies and even at homes. These ports can be a printer port, network port, display port etc. We keep them open because we want our environment to be scale and flexible. But why don't we consider that these ports are also possible threats for attack?
Plug and hack:
Consider your organization has an open Ethernet port in the waiting hall. Basically the purpose of waiting hall is to keep guests wait there. Now an attacker can reach that organization as a guest and connects to Ethernet port with a cable. Boom, he will be inside organizations network so easily.
Although we have secured organization by applying patches, employee awareness etc.. We should also consider the following questions:
- Does our open (IO& n/w) ports has mac binding or any authentication mechanism.
- Does our open (IO & n/w) ports are isolated from organization main network
- Does our open (IO & n/w) ports are monitored
- Do we have control on open (IO & n/w) ports
If we can prepare solutions for the above problems, then we can harden our infra from "plug and hack" attacks.