Comprehensive Website Port Scan: Functions, Benefits, and Security Threats

jatniwalafizza786 143 views 26 slides Jul 31, 2024
Slide 1
Slide 1 of 26
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26

About This Presentation

Join Darshana Gaikwad for an insightful presentation on conducting a detailed website port scan. Learn how to identify open ports, understand their functions, assess the benefits, and recognize potential security threats. This presentation also guides you through generating a comprehensive report, e...

Size: 1.31 MB
Language: en
Added: Jul 31, 2024
Slides: 26 pages

Slide Content

Scan a Website & find out what Open Ports are actively running, What are the Functions, Benefits & Threats of such Ports being Opened. Generate the Detailed Report of the same. DARSHANA GAIKWAD (SVNG-MAR2024-CSEH-1)

Agenda Abstract Deliverables Tool PoC References

Abstract - This project explores open ports on a website using tool like Nmap. Open ports represents active channels on a server, potentially offering access to services and data. The goals are to find active ports, understand what they do, and assess the benefits and risks of each port. The project will also suggest ways to improve port security and manage potential threats effectively. Developing robust strategies to mitigate identify threats including: Proper port configuration, enhanced firewall settings. This underscore the importance of port management and overall website performance.

PORTS: Ports are essential for internet communication. They act as a endpoint for data exchange. Each IP address has two types of ports: UDP and TCP. Both types have up to 65,535 ports each, enabling multiple types of services and connections simultaneously . Well known Ports (0-1023) Registered Ports (1024 – 49151) Dynamic/Static Ports (49153-65535) For more information refer: Common Ports Cheat Sheet: The Ultimate List (stationx.net) TCP and UDP Port are in one of these three states: Open – Port is actively accepting the connections. Closed – Port is accessible but no service is running. Filtered – Port status is unclear due to filtering.

Open Port Scanning: Port Scanning is a method of determining which ports on a network are open and could be receiving and sending data. When hacker send a packet to a port, the response they receive determines whether the port is being used and if there are any potential weaknesses that could be exploited. Port Scanning can be performed by following steps: Selecting a Target - Choose the target device, website or network. Sending a request - Send message using TCP or UDP to check each port’s status. Analysing responses – Determine the ports are opened, closed, filtered based on the responses.

Deliverables Case Study on Sports Website: Site Name - http://www.dream11.com Category - online gaming, Sports. Type - Fantasy Sports entertainment. Content - Dream11 is an online fantasy sports platform based in India, allowing users to create virtual teams of real players from various sports and earn points based on players' performances in real matches. Overall Ranking - 139446

Data Collection https://sitereport.netcraft.com/?url=https://www.dream11.com <- Source Background Site Title : Play fantasy Sports & Wish cash prizes on Dream11. Site Rank : 139466. Description : Play fantasy game with over 20 crore users. Download the Dream11 app & wish cash prizes. Dream big with Dream11. Date First Seen : April 2000 Primary Language : English Network Site - http://www.dream11.com Domain - dream11.com Netblock Owner - Amazon.com Inc

Data Collection Hosting Company - Amazon Hosting Country – US IPV4 Address 13.224.68.76 (virus Total) IPV4 Autonomous System AS16509 IPV6 Ad dress 2600:9000:21ca6800:f:32aa:7fc0:93a1 IPV6 Autonomous System AS16509 Reverse DNS server-13-224-68-76.dub2.r.cloudfront.net Nameserver ns-232.awsdns-29.com Domain Registrar godaddy.com Nameserver Organization whois.markmonitor.com DNS Admin [email protected] Top Level Domain Commercial entities (.com) DNS Security Extensions Enabled

Data Collection http://www.dream11.com website have currently using the following technologies . Domains : Primary Domain- www.dream11.com other associated Domain – dream11.in , dream11.co.in Hosting Providers : Often uses cloud services from Amazon web services & Cloudflare for DDos Protection. SSL Certificate : Secured by SSL Certificate Programming Languages and Frameworks: Backend: Java Frontend: AngularJS, HTML, CSS Mobile: Swift (iOS), Kotlin (Android) Frameworks: Spring Boot, Hibernet Database: MySQL, MongoDB

Impact Analysis The purpose of this impact analysis is to evaluate the potential effects of conducting open ports scanning on a website’s security and performance. Open ports scanning is an essential cybersecurity practice that helps identify vulnerabilities and strengthen the overall security posture of a website. Methodology: The impact analysis will involve assessing the impact of open ports scanning on website availability, performance and data integrity. Tool such as Nmap is used to conduct the scanning and analyse the results. Port scanning can expose vulnerabilities in a website, increase the risk of attacks, and lead to performance issues so we will implement mitigation strategies to minimize any negative effects.

Lets, perform port scanning for http://www.dream11.com using NMAP tool. Open Kali-Linux, then open the terminal and firstly run the below command to update and upgrade packages. S udo apt update && apt full-upgrade -y Now open the tool called Nmap, Nmap can be open from the start menu or opening the terminal and simply type Nmap. Steps to Reproduce

Now to scan the target website run the below command. nmap www.dream11.com After the scanning we got the results: PORT STATE SERVICE 80/ tcp Open HTTP 443 / tcp Open HTTPS According to the output these two ports are being opened & remaining ports are filtered ports. We will see the function, benefits & threats of these ports and also how to secure these ports.

Functions, Benefits & Threats of the Open Ports. Functions of Port 80 (HTTP) HTTP stands for Hypertext Transfer Protocol. Allows web browsers to communicate with web servers over HTTP. Handles incoming traffic for websites and web applications. Enables the transfer of web content such as HTML pages, images and videos. Facilitates the loading and display of webpages in a browser. Support basic web functionalities like browsing, downloading files and accessing web services.

Benefits of Port 80 (HTTP) Default Port For HTTP: Port 80 is the default port for HTTP, allowing web browsers to connect to web servers without specifying a port number. Web Traffic Transmission: It transmits web data between web servers and clients, enabling web pages to be requested and served. Redirecting to HTTPS: Many web servers initially respond on port 80 and then redirect users to secured HTTPS pages on port 443. Web Applications & APIs: Port 80 is used by web Applications and APIs for client-server communication. Compatibility: Port 80 is universally supported by web browsers, ensuring compatibility for most users. Minimal Configuration: It requires minimal configuration on web servers, making it easy to set up and manage.

Threats of the Open Port 80 (HTTP) Unencrypted Data Transmission: Data transmitted over port 80 is unencrypted, making it vulnerable to intercept and data theft. Spoofing and Man-in-Middle Attacks: Attackers can impersonate system or services and send malicious packets, often in combination with IP spoofing and man-in-the-middle attacks. Application-Layer Attacks: Port 80 can be attacked via application-layer attacks such as SQL injection, cross-site request forgery. Denial of Service & Distributed Denial of Service Attacks: Attackers can send massive numbers of connection requests to deplete the services resources. Brute-Forcing and Credential Sniffing: Port 80 can be exploited for brute-forcing passwords and credentials sniffing, especially if the service is not properly configured. Packet Sniffing: Malicious third parties can intercept and access sensitive information such as credit card numbers by using packet sniffers.

Functions of Port 443 (HTTPS) HTTPS stands for Hypertext Transfer Protocol Secure. Port 443 is used for secure web browsing over HTTPS. It encrypts data transmitted between a web server and a web browser. It provides a secure way to exchange sensitive information such as login credentials, payment details and personal data. Port 443 helps protect against man-in-the-middle attacks and eavesdropping on internet connections. It is commonly used for online banking, e-commerce websites and secure logins.

Benefits of Port 443 (HTTPS) Data Encryption: Port 443 is used for HTTPS, which encrypts data transmitted between a client and server, Protecting sensitive information like login credentials and credit card numbers from interception. Trust and Security: HTTPS over port 443 establishes trust with users by displaying a padlock icon and the “Secure” label in the browser's address bar, including a secure connection. Enhanced Security: Port 443 is less likely to be blocked by firewalls, making it accessible to the users without requiring specific firewall configuration. Increased User Trust: Users are more likely to Complete transactions on HTTPS Sites, as they Feel their data is secure. Protection from Cyber Threats: HTTPS over port 443 helps protect against cyber threats like man-in-the-middle attacks, spoofing, and data breaches by encrypting data in transit.

Threats of Port 443 (HTTPS) Data Interception: Data transmitted over port 443 can be intercepted by third parties, including internet service providers (ISPs), if the communication is not properly encrypted. Unsecured Endpoints: Opening port 443 on unsecured endpoints, such as public Wi-Fi networks, can increase the risk of being hacked. This is because attackers know that port 443 is often used for sensitive traffic. Firewall Configuration: Incorrect firewall configurations can allow unauthorized access to port 443, exposing the system to potential threats. Man-in-the-Middle (MITM) Attacks: Malicious actors can intercept the communication between a client and server, gaining unauthorized access to sensitive information. SSL/TLS Vulnerabilities: Older versions of SSL protocols, such as the Heartbleed bug, can be exploited to access private data. However, newer versions like TLS 1.2 and TLS 1.3 have addressed these vulnerabilities. Malware Infections: Attackers may use open ports, including port 443, to infiltrate systems with malware, leading to data breaches and system compromise

Mitigations Here are some key mitigation strategies for securing open port 80: Use HTTPS and Security Headers : Enable HTTPS to encrypt data in transit, using a certificate from a trusted Certificate Authority (CA). Firewall Rules and Web Application Firewall (WAF) : Configure firewalls to restrict access to port 80, allowing only necessary IP addresses or ranges. Implement a WAF to filter and monitor HTTP traffic, protecting against common web exploits such as SQL injection and cross-site scripting (XSS). Keep Software Updated and Use IDPS : Regularly update web server software and related applications, and deploy Intrusion Detection and Prevention Systems (IDPS). Enforce Access Controls and Network Segmentation : Limit server access to authorized personnel with strong authentication and role-based controls, and use network segmentation to isolate the web server. Enable Logging, Monitoring, and Conduct Penetration Testing : Set up detailed logging and monitoring with SIEM tools, and perform regular penetration testing to find and fix vulnerabilities. Maintain Backups and Validate User Input : Keep regular backups with a recovery plan and ensure proper validation and sanitization of user inputs to prevent attacks.

Mitigations Here are some key mitigation strategies for securing open port 443 : Strong Encryption and HTTPS Configuration : Use strong encryption protocols (TLS 1.2 or higher) and obtain certificates from trusted Certificate Authorities (CAs). Web Application Firewall (WAF) : Implement a WAF to filter an monitor HTTPS traffic, protecting against common web exploits such as SQL injection, cross-site scripting (XSS), and other attacks. Regular Patching and Updates : Keep web server software, TLS libraries, and related applications up to date with the latest security patches to protect against known vulnerabilities. Access Controls and Authentication : Enforce strong access controls and use multi-factor authentication (MFA) for administrative access to the web server. Logging, Monitoring, and Intrusion Detection : Enable detailed logging of HTTPS traffic and regularly monitor logs for unusual or suspicious behavior. Use Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS) to detect and respond to threats.

Tools Nmap (Network Mapper) is widely used cyber security tool. The purpose of Nmap is understanding network topology, discovering open ports, and identifying running services and detect vulnerabilities. NMAP Commands To Scan a network nmap - sP Target Ip To scan for open ports nmap –p- target To scan for specific port range nmap –p target To scan for OS service detection nmap -O – sV target Scan with TCP scan nmap – sT <target> Scan with UDP Scan nmap – sU <target> https://www.tutorialspoint.com/nmap-cheat-sheet

Proof of Concept Port scanning is a technique used to identify open ports and services on a network, often utilized by both security professionals and attackers. During the port scanning of the website, we found that only two ports are open: Port 80 (HTTP) & Port 443 (HTTPS). The remaining ports are filtered, indicating they are protected by a firewall. Scanning Overview: Scanned Website: http://www.dream11.com Scanning Tool Used: NMAP Opened Ports Identified: Port 80 (HTTP), Port 443 (HTTPS). Link for PoC: https://1drv.ms/v/s!AkGCXQm2kXrymWg0r9RyklRm93zl?e=ZgrrOJ

Questions?

References https://nmap.org/docs.html https://www.digitalocean.com/community/tutorials https://www.tutorialspoint.com/ https://lms.bostoninstituteofanalytics.org/courses/cyber-security-ethical-hacking/

Thank You!
Tags
website scan slideshare slide share presentation cybersecurity tips and tricks cybersecurity project cybersecurity website security
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 143
  • Slides 26
  • Age 489 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category