5 Protocols That Should Be Closely Watched

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/monitoring/5-protocols-that-should-be-closely-watch/240164357

By Robert Lemos
Dark Reading
November 30, 2013

For decades, opportunistic attackers have scanned the Internet for open 
ports through which they can compromise vulnerable applications.

Such scanning has only gotten easier: The Shodan search engine regularly 
scans the Internet and stores the results for anyone to search; 
researchers from the University of Michigan have refined techniques to 
allow for fast, comprehensive scans of a single port across the Internet; 
and programs, such as NMap, allow anyone to scan for open, and potentially 
vulnerable, ports.

While the most commonly attacked ports are those used by Secure Shell 
(SSH), the file transfer protocol (FTP), the remote desktop protocol 
(RDP), and Web servers (HTTP), companies need to monitor network activity 
aimed at less common protocols and ports, say security experts. Attackers 
will likely increasingly look for vulnerabilities in less common ports, 
says HD Moore, chief research officer for vulnerability-management firm 
Rapid7, which has made a name for itself scanning the Internet for just 
those ports.

"This stuff is not in the top bucket, in terms of priority, but it tends 
to bite people because they are not keeping an eye on it," he says.

[...]



--
Find the best InfoSec talent without breaking your
IT recruiting budget! Save 50 percent off our normal
rate by using the discount code - XMAS2013
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/