Plug and connect:
We can see open ports(physical) in places like airports, restaurants, office lobbies and even at homes. These ports can be a printer port, network port, display port etc. We keep them open because we want our environment to be scale and flexible. But why don't we consider that these ports are also possible threats for attack?
Plug and hack:
Consider your organization has an open Ethernet port in the waiting hall. Basically the purpose of waiting hall is to keep guests wait there. Now an attacker can reach that organization as a guest and connects to Ethernet port with a cable. Boom, he will be inside organizations network so easily.
Although we have secured organization by applying patches, employee awareness etc.. We should also consider the following questions:
- Does our open (IO& n/w) ports has mac binding or any authentication mechanism.
- Does our open (IO & n/w) ports are isolated from organization main network
- Does our open (IO & n/w) ports are monitored
- Do we have control on open (IO & n/w) ports
If we can prepare solutions for the above problems, then we can harden our infra from "plug and hack" attacks.
I have planned this blog to express my view on Information security and will try to learn/help from/for other security minds. All views expressed here are strictly from personal view. This blog is neither an organization nor affiliated to any organization with respect to the blog posts.
Hi.. Myself Varun Kondagadapa and I am Information Security Specialist having 2+ years of experience in Securing organizations. From startups to MNC I have work experience in all scales of Infra.
Be the first one to comment