How opening a port is a security concern?

Question

4.00/5 (2 votes)

See more:

In my windows form application

1. I am opening a port (by finding a random free port in a given range)
2. Starting a HttpListener on that port
3. Creating requests and as a response getting file streams from my file system (from
HD)
4. So meanwhile the port is open there is a service running on it which is nothing but a
HttpListener listening to a request of a specific format (http://localhost:5000....).
5. As soon as the application is closed the port is no longer open.
6. This means till the port is open a service is running on it.

So what I want to understand is, whether the above mentioned scenario is a security risk from hackers point of view.

I know opening a port is giving a wider area for threat but if a service which doesn't give anything out is running on it till it is open, than also it is a security risk.

Thanks & Regards,
Shubhanshu

Posted 27-Jan-16 7:09am

Shubhanshu Pathak

Add a Solution

Comments

Sergey Alexandrovich Kryukov 27-Jan-16 15:15pm

Please see my comment to the Solution 1. I don't see how your strategy can possibly make things worse.

The only negative thing would be… the false sense of security.
Even though your strategy may seem to reduce the risk of attack, it does not really guarantee anything, because the attacker can also scan ports and try some open ones for an attack. It's important to understand that all processes on the same system hardly can occupy too many ports. Please see: https://en.wikipedia.org/wiki/Security_through_obscurity.

Maybe the real benefit of your solution is just avoiding port clashes, which is one of the real problems, but not security.

—SA

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Kornfeld Eliyahu Peter · Answer 1 · 2016-01-27T08:14:00

Solution 1

When you open a port into your system, you have to consider two things...
1. What resource can be accesses via that port
2. Who can access those resources
So, yes a port opening is a security risk and you should handle it as such...
Consider to add some security to your service, like user-name-password and/or certificate and maybe encryption too...
It also can be good if the port number can be based on a computation - that will enable you to rotate the port number without giving it away...

Posted 27-Jan-16 8:14am

Kornfeld Eliyahu Peter

Comments

Sergey Alexandrovich Kryukov 27-Jan-16 15:09pm

Even though each of your statements seems correct to me, it does not say something definitive. I mean, you did not say anything specific on the idea of using a random port number, you only provided considerations valid for any other strategy of using ports, be they well-known of fixed.

Don't you think that using a random free port is not less secure that any other port? Anyway, only of you provide some consideration related to the idea of using random free ports, the answer will be helpful.

See also my comment to the question. You may find it interesting.

—SA

Kornfeld Eliyahu Peter 28-Jan-16 1:43am

The idea of random port came me once as a defense against DoS attacks...Even in the case the hacker can not do 'real' damage using the port and the service behind it the port can be blocked by DoS...Switching the port over forces the hacker to restart the scan and the whole process and the meantime the service is up and running...

Shubhanshu Pathak 31-Jan-16 1:11am

Hi Kornfeld,

I have mentioned the reason of the random ports in the below comment.
Can you please throw some light on the concerns which has been mentioned below.

Thanks in advance...
Shubh

Kornfeld Eliyahu Peter 31-Jan-16 2:59am

As I mentioned opened port not definitely a security risk, if handled correctly...But even then, the hacker can use DoS attack to render your service unreachable...So just picking up a port randomly not always enough, you probably need the ability to change the port while the service running...

Shubhanshu Pathak 31-Jan-16 22:25pm

Hi Kornfeld,
Thank you so much for the response.

So what I understood from the discussion is:
1. 'Opening a port' is not a security risk if the underlying service is good
enough to handle the security breaches.
2. If the services doesn't provide any edit functionality to the user/hacker
than it is safe enough.
3. Service in my case is just allowing the user to open HTML pages in a
windows form application inside a WebBrowser control. The user of the
application can't modify the URL.
4. The running service always turns off as the application gets closed. Next
time it will be launched with some other port.

As you mentioned about the DoS attack. In this case the hacker can make the service unavailable. This should be fine for my case as my service starts and stops multiple times and is short lived.

Kindly correct me if any of my above understanding is wrong.

Thanks,
Shubh

Shubhanshu Pathak 27-Jan-16 23:45pm

Thanks to all of you for providing comments and solutions...

@SA...
The idea of random port is like this.
1. I just picked a port range (5000 - 9000)
2. Now using the System.Net.NetworkInformation.IPGlobalProperties interface got all
the ports
3. Just looped through them to get the free port.
4. This is just to avoid my listener to hook to a already in-use port.

With random port I am not trying to solve any security issue...

@All...
when a hacker tries to get the open port from a machine where this application is running definitely he will get this port opened by my application.
But in this port already a service is running which doesn't expose anything. Even if he/she will get the url format which I am using, it can't be browsed from any other machine (say, by replacing localhost with IP of the m/c)

So from this port -
1. can the hacker damage anything else on the machine?
2. Can he gets access to something which is vulnerable?

Many Thanks,
Shubh

Konstantin A. Magg · Answer 2 · 2016-01-27T11:38:00

I am not a security expert and there are people here, that are much more confident in this topic. But let give you some thoughts:

Can you be sure, that you cannot "damage" your system calling your application on the given port?

How about invalid formatted reuests? Keep in mind, that you have some hdd access calls here.
How about massiv number of calls in short time (aka dos)?