Reply to post: Re: .NET 4.0.30319

This page is currency unavailable... Travelex scrubs UK homepage, kills services, knackers other sites amid 'software virus' infection

[VtS]Alf

Re: .NET 4.0.30319

But really it does NOT. Security by obscurity et al. If you, for example, provide a Cisco Anyconnect VPN for your clients at IP xxx.xxx.xxx.xxx:port_not_at_default, portscanners all over the world WILL discover your open port.

With a few tools they might discover that you run an IPSec VPN solution straight from your ASA. There ARE holes in the ASA software (up to version xxx, but you did not get to update to just yet, because enterprise), thus a VPN connection can be hacked/initiated/abused with a brute force hack (often). The attacker can connect with VPN (our just hacked account) and can discover other servers in that network. Keep this in mind.

Other situation:

Now, I am a business that exposes (hopefully) a Terminal Server Gateway or an RDP server to the internet. Port 3389. People can brute force accounts to this server (they can’t because of MS’ software).

Both situations provide an open port, which software do we need to hack?

Either way, they are both equally dangerous and updated software/firmware from all vendors prevents this.

I might not make myself popular with my statements, but I trust Microsoft more to mitigate these flaws than I do Cisco (at the ASA level).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020