httpx icon indicating copy to clipboard operation
httpx copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Feature Request: Risky Port Detection and Hygiene Recommendations

Open iamthefrogy opened this issue 1 month ago • 0 comments

I AM NOT SURE WHETHER THIS SHOULD BE PART OF HTTPX FR OR NAABU/NUCLEI BUT KINDLY MOVE WHEREVER IT MAY FITS WITHIN PD.

Summary: Implement a feature in httpx to detect and recommend actions for risky network ports that should not be exposed to the internet, enhancing network security and compliance.

Description: Network ports are essential for connectivity but can pose significant risks if improperly managed. This feature will scan for exposed ports and provide recommendations based on their risk level.

Risky Ports and Recommendations:

  1. FTP (20, 21): Risk of unauthorized file access and data theft due to insecure data transmission.
  2. SSH (22): Risk of brute-force attacks and unauthorized system access.
  3. Telnet (23): Insecure communication, risking data interception and information leaks.
  4. SMTP (25), POP3 (110), IMAP (143), SMTP (587): Risk of spam attacks, phishing, and email interception.
  5. DNS (53): Risk of DNS spoofing or DDoS attacks, disrupting network services.
  6. TFTP (69): Lack of authentication, risking unauthorized file access.
  7. SNMP (161, 162): Risk of unauthorized access and control over network devices.
  8. LDAP (389): Risk of unauthorized access to directory information.
  9. NetBIOS (137-139), SMB (445): Risk of unauthorized data access and potential ransomware attacks.
  10. RDP (3389): Risk of unauthorized remote access and potential system control.
  11. Database Ports (MySQL 3306, PostgreSQL 5432, MSSQL 1433/1434, Oracle SQL 1521): Risk of unauthorized database access and data theft.
  12. Apache Cassandra (7000, 7001, 9042, 7199): Risk of unauthorized NoSQL database access.
  13. Redis Data Store (6379): Risk of unauthorized database access and data manipulation.

Associated Risks with Open Ports:

  • Unauthorized Access
  • Data Breaches
  • Denial-of-Service Attacks
  • Exploitation of Services
  • Zero-Day Vulnerabilities Exploitation
  • Service Scanning and Enumeration
  • Automated Bot Attacks
  • Man-in-the-Middle Attacks
  • Configuration Errors
  • Compromise of Associated Systems
  • Regulatory and Compliance Violations

Best Practices for Port Hygiene:

  1. Close Unnecessary Ports: Only keep essential ports open.
  2. Use Firewalls: Implement firewalls to control traffic.
  3. Use Secure Protocols: Use secure, encrypted protocols and avoid outdated, insecure ones.

Proposed Implementation:

  1. Detection: Scan for exposed ports and identify risky ones.
  2. Recommendation: Provide actionable recommendations for securing risky ports.
  3. Reporting: Generate detailed reports to help teams take necessary actions.

iamthefrogy avatar May 20 '24 09:05 iamthefrogy