Re: Port forwarding/open ports?



AV wrote:
To be able for another person to connect to my Netmeeting (conf.exe)in Windows XP and share applications I would need to open the ports 1720 and 1503 in my router firewall.

My wonder is how much more vulnerable I will be if I do that? It would be nice not to have to open and close those ports over and over again in my router firewall when I need it and instead having them open all the time so it will just be to start Netmeeting when I need to collaborate and share applications.

- Is it just a risk (bigger or smaller?) when I have Netmeeting started since I suppose some good hacker would need an application that actually listens to those open ports to be able to do anything? If I normally don't have Netmeeting started I suppose the ports could just as well be open in my router all the time?

- If it is a risk as described above, what if I create a rule in my software firewall that blocks those two ports on the computer in my LAN to which the ports are forwarded? It is quicker for me to put that rule on and off in my software firewall than to open and close the ports in the router.

- These same questions above goes for the one port one can choose to have open in the router to give the best possible chances for good sound quality for Skype IP calls. How risky or not is it to have a few ports open in you router firewall?

Some ports have to be open to operate.

It's as risky as the software exposes the system to.

I frequently use dynamically open ports by scripting the open an close in batch file that call the program in question.

For example skype has the following vulnerabilities listed:

	
Search Advisory, Vulnerability, and Virus Database

Search: [Advanced Search]


All Content Secunia Advisories Virus Information

View full vulnerability report for a specific product:
- Skype for Linux 0.x
- Skype for Linux 1.x
- Skype for Mac OS X 0.x
- Skype for Mac OS X 1.x
- Skype for Pocket PC 1.x
- Skype for Windows 1.x


Found: 3 Secunia Security Advisories, displaying 1-3

Sort by: Match, Title, Date

Title	Date
Skype Multiple Buffer Overflow Vulnerabilities	2005-10-25
Skype "skype_profile.jpg" Insecure Temporary File Creation	2005-07-18
Skype "callto:" URI Handler Buffer Overflow Vulnerability	2004-11-15



Found: 5 Viruses, displaying 1-5

W32/Mytob.gr@MM
....Suspended. We've got something we would like to share with you. Skype for Windows 1.4 - Have you got the new Skype? What is...
Report from McAfee. On 19th Oct 2005.
W32.Fanbot.A@mm
....ort@[RECIPIENT MAIL DOMAIN] Subject: One of the following: Share Skype. What is Skype? Skype for Windows 1.4 - Have you got...
Report from Symantec. On 17th Oct 2005.
Samony.A
....ionally, Samony.A spreads via email in a message that deals with Skype , which is a telephony over IP program. Visible Sympt...
Report from Panda Antivirus. On 26th Oct 2005.
W32.Looksky.A@mm
....e firewall settings. Distribution Subject of email : Skylook for Skype Name of attachment : skylook_1.exe Size of attachment...
Report from Symantec. On 25th Oct 2005.
W32.Mytob.ML@mm
....ed, it performs the following actions: Copies itself as %System%\skype32.exe. Note: %System% is a variable that refers to th...
Report from Symantec. On 3rd Dec 2005.



(from secunia http://secunia.com/search/?search=skype)

All software opens the vulnerability window. Many factors including the software contol the danger to the local system. It depends if the benefits outweigh the risk of use.

Not sure I have helped much but understand everything you use to communicate on the web increases your risk of compromise. How a tool is used (user behaviour) can significantly increase that risk. Opening unknown executables, and communicating with unknown people always increases the risk.

Winged
.



Relevant Pages

  • OT: Trend Micro WFBS beta starting soon
    ... getting pattern updates for laptops off the LAN. ... Trend firewall, even set to High, has inbound NetBIOS ports open. ... File and Printer Sharing" and when someone chooses it, it opens inbound ...
    (microsoft.public.windows.server.sbs)
  • Re: Trend Micro WFBS beta starting soon
    ... before getting pattern updates for laptops off the LAN. ... Trend firewall, even set to High, has inbound NetBIOS ports open. ... File and Printer Sharing" and when someone chooses it, it opens inbound ...
    (microsoft.public.windows.server.sbs)
  • Re: Trend Micro WFBS beta starting soon
    ... before getting pattern updates for laptops off the LAN. ... Trend firewall, even set to High, has inbound NetBIOS ports open. ... File and Printer Sharing" and when someone chooses it, it opens inbound ...
    (microsoft.public.windows.server.sbs)
  • Re: Norton Personal Firewall 2003
    ... that the ports are open bot if i'm running the p2p ... it was possible to download 'infected' versions of KaZaA ... If you actually selected the 'Permit All' option for a P2P program, ...
    (comp.security.firewalls)
  • Re: XP: offene Ports verstehen
    ... > wir hatten ja die Diskussion um offene Ports bei AntiVir 6+7. ... Skype muß ... Listening-Ports auskommt - sehr NAT-freundlich eben. ... Besonders weil dort auch Verbindungen ...
    (de.comp.security.misc)