Security Basics mailing list archives
Re: DHL connect software
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Wed, 28 Mar 2007 01:18:12 +0200
On 2007-03-27 Murda Mcloud wrote:
Has anyone had to install this software for their mailroom department? DHL Connect-it allows staff to do their consignments up etc before sending the packages through DHL. I have found out that it uses 443 and 80 for the connection to DHL and for updates it requires 20/21 (all outbound).
You mean the software is initiating outbound connections to the remote ports 20/tcp, 21/tcp, 80/tcp, and 443/tcp? These are probably: 20/tcp -> FTP (active mode, data channel) 21/tcp -> FTP (active mode, command channel) 80/tcp -> HTTP 443/tcp -> HTTPS However, if it really uses active FTP, the data channel should be established inbound, with 20/tcp being the remote source port.
It also seems to require admin privs on the local box-and needs shared drives if others on the LAN are to print reports from the dbase that gets created on the workstation. I am going to run filemon/regmon to see what kind of things it does in terms of files and keys. Does anyone else have suggestions for what other info to gather to test its 'secureness'?
If you're running XP or Server 2003 you could try LUABugLight [1] in addition to Regmon/Filemon. Also, as has already been suggested, inspect the network traffic with a sniffer (e.g. Wireshark [2]). In case the traffic going to port 443/tcp is really HTTPS (i.e. SSL-encrypted) you could give Paros Proxy [3] a try. [1] http://blogs.msdn.com/aaron_margosis/archive/2006/08/07/LuaBuglight.aspx [2] http://www.wireshark.org/ [3] http://www.parosproxy.org/ Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- DHL connect software Murda Mcloud (Mar 27)
- Re: DHL connect software Tremaine Lea (Mar 27)
- Re: DHL connect software Ansgar -59cobalt- Wiechers (Mar 27)
- RE: DHL connect software J.M. Seitz (Mar 27)
- Re: DHL connect software Dan Tesch (Mar 28)