[ Thanks to Pieter for
this link. ]
“A network intruder will look for security weaknesses at every
point in your network architecture. If you have adequately locked
down the Physical, Data Link, Network, and Transport layers of your
network, the wily hacker will simply move up to those protocols and
services your network does expose to the Internet. These
application-specific protocols are actually much easier to exploit,
somany hackers start there and drop down to the Network or
Transport level when they need to circumvent a protocol’s security
mechanisms. In this article, we’ll go over each of the most
commonly used Internet services, briefly examining each for their
weaknesses and abuse potential. First, however, we’ll discuss
sockets and services ingeneral, identifying typical service
vulnerabilities so you can identify potential problems when you
need to install services on your own network.“Which services are safe to allow through your firewall, which
are not safe, and which ones do you do need to keep an eye on? When
a new service becomes popular, or when you want to give your
network clients a new Internet-based tool, what do you look for
when you evaluate the service…?”