fido/content on false false [User-Agent] = [CCBot/2.0 (https://commoncrawl.org/faq/)] [X-dynatrace-Origin-URL] = [https://www.fido.ca/consumer/content/open-service-risks] [Accept-Encoding] = [gzip] [True-Client-IP] = [3.236.212.116] [X-Akamai-Edgescape] = [georegion=288,country_code=US,region_code=VA,city=ASHBURN,dma=511,pmsa=8840,msa=8872,areacode=703,county=LOUDOUN,fips=51107,lat=39.0438,long=-77.4879,timezone=EST,zip=20146-20149,continent=NA,throughput=vhigh,bw=5000,network=aws,asnum=14618,network_type=hosted,location_id=0] [X-dynaTrace] = [FW4;1415312027;14;-2136985174;161782844;7;-1151093806;625;98f0;2h01;3h80a031aa;4h09a49c3c] [X-WebLogic-KeepAliveSecs] = [30] [Proxy-Client-IP] = [3.236.212.116, 184.28.36.71] [X-dynaTrace-Application] = [1%3B1%3B02988af77a4c58f7] [X-ruxit-Apache-ServerNamePorts] = [www.fido.ca:8443] [Cookie] = [dtCookie==3=srv=14=sn=B8CE514A95FEAAF056857710CC745DCF=perc=100000=ol=0=mul=1=app:02988af77a4c58f7=1] [Akamai-Origin-Hop] = [2] [Accept] = [text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8] [Connection] = [Keep-Alive] [Host] = [www.fido.ca] [Pragma] = [no-cache] [X-WebLogic-Force-JVMID] = [1002084856] [Via] = [1.1 v1-akamaitech.net(ghost) (AkamaiGHost), 1.1 akamai.net(ghost) (AkamaiGHost)] [TE] = [chunked;q=1.0] [X-Akamai-CONFIG-LOG-DETAIL] = [true] [Cache-Control] = [no-cache, max-age=0] [X-DataStream-Session-Id] = [40b3c064-6145c826-2f84a05] [X-Forwarded-For] = [3.236.212.116, 184.28.36.71] [X-dynaTrace-RequestState] = [agentId=0x80a031aa&pathDepth=1] [Accept-Language] = [en-US,en;q=0.5] content open-service-risks /nac/#/choose-phone /phones /plans promotions /pages/#/internet mobile/add-ons mobile/travel Network coverage mobile/prepaid-cell-phone-plans tablets /web/page/portal/Fido/Accessories /home-phone /lte-hotspots https://rogersbank.com/en/fido_mastercard_details? MOBILE mobile getcurious getcurious_cbm Tablets tablets setLanguage en Tablets Plan tablets_plan setLanguage en iphone iphone setLanguage en iphone compare iphone_compare setLanguage en INTERNET /homeinternet promotions easyloginriverpage support getcurious_faq Store Locator storelocator fido fido /login /pages/#/logout /web/Fido.portal?_nfpb=true&_pageLabel=ShoppingCart # /web/Fido.portal?_nfpb=true&_pageLabel=fido_search&Ntt= signin-interceptor <li class="visible-xs"><a href="/consumer/storelocator">FIND A STORE</a></li> <li class="visible-xs"><a href="/consumer/storelocator">TROUVER UN MAGASIN</a></li> <li id="shopcart"><a title="Shopping cart" href="/web/Fido.portal?_nfpb=true&_pageLabel=ShoppingCart" data-count="$itemsInCart$"><i class="rui-icon-cart"></i><span class="sr-only">shopping cart</span></a></li> <li id="search"><a title="Search" href="#" data-toggle="modal" data-target="#modal-typeahead"><i class="rui-icon-search"></i> Search</a></li> <li id="shopcart"><a title="Shopping cart" href="/web/Fido.portal?_nfpb=true&_pageLabel=ShoppingCart" data-count="$itemsInCart$"><i class="rui-icon-cart"></i><span class="sr-only">shopping cart</span></a></li> <li id="search"><a title="Search" href="#" data-toggle="modal" data-target="#modal-typeahead"><i class="rui-icon-search"></i> Recherche</a></li> <div id="shopcart-mob"><a title="Shopping cart" href="/web/Fido.portal?_nfpb=true&_pageLabel=ShoppingCart" data-count="$itemsInCart$"><i class="rui-icon-cart"></i><span class="sr-only">shopping cart</span></a></div> <div id="search-mob"><a title="Search" href="#" data-toggle="modal" data-target="#modal-typeahead"><i class="rui-icon-search"></i><span class="sr-only">search</span></a></div> <div id="shopcart-mob"><a title="Shopping cart" href="/web/Fido.portal?_nfpb=true&_pageLabel=ShoppingCart" data-count="$itemsInCart$"><i class="rui-icon-cart"></i><span class="sr-only">shopping cart</span></a></div> <div id="search-mob"><a title="Search" href="#" data-toggle="modal" data-target="#modal-typeahead"><i class="rui-icon-search"></i><span class="sr-only">Recherche</span></a></div> en fr ab bc mb nb nl ns on pe qc sk on =3=srv=14=sn=B8CE514A95FEAAF056857710CC745DCF=perc=100000=ol=0=mul=1=app:02988af77a4c58f7=1

We noticed that you're not using the latest version of your browser.

You'll still be able to use our site, but it might not work or look the way it's supposed to. We recommend upgrading your browser.

Exit
More

We noticed that you're not using the latest version of your browser.

You'll still be able to use our site, but it might not work or look the way it's supposed to. We recommend upgrading your browser.

Exit
Less

If you're unable to download the latest version of Internet Explorer, please ensure you have compatibility view turned off.

How to disable compatibility view

  1. Open Internet Explorer.
  2. Click on the Tools menu (you may have to press Alt to bring up the menu).
  3. If the Compatibility View box is checked, click to remove checkmark.
  4. Click Tools again.
  5. Select Compatibility View Settings.
    • Make sure "rogers.com" is not listed under "Websites you've added to Compatibility View."
  6. Close and reopen Internet Explorer.
  7. Go to rogers.com.

Support

com.rogers.livesite.controller.form.EmailArticleFormController sendEmailArticle fido/content on false false component.support.content.article. [User-Agent] = [CCBot/2.0 (https://commoncrawl.org/faq/)] [X-dynatrace-Origin-URL] = [https://www.fido.ca/consumer/content/open-service-risks] [Accept-Encoding] = [gzip] [True-Client-IP] = [3.236.212.116] [X-Akamai-Edgescape] = [georegion=288,country_code=US,region_code=VA,city=ASHBURN,dma=511,pmsa=8840,msa=8872,areacode=703,county=LOUDOUN,fips=51107,lat=39.0438,long=-77.4879,timezone=EST,zip=20146-20149,continent=NA,throughput=vhigh,bw=5000,network=aws,asnum=14618,network_type=hosted,location_id=0] [X-dynaTrace] = [FW4;1415312027;14;-2136985174;161782844;7;-1151093806;625;98f0;2h01;3h80a031aa;4h09a49c3c] [X-WebLogic-KeepAliveSecs] = [30] [Proxy-Client-IP] = [3.236.212.116, 184.28.36.71] [X-dynaTrace-Application] = [1%3B1%3B02988af77a4c58f7] [X-ruxit-Apache-ServerNamePorts] = [www.fido.ca:8443] [Cookie] = [dtCookie==3=srv=14=sn=B8CE514A95FEAAF056857710CC745DCF=perc=100000=ol=0=mul=1=app:02988af77a4c58f7=1] [Akamai-Origin-Hop] = [2] [Accept] = [text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8] [Connection] = [Keep-Alive] [Host] = [www.fido.ca] [Pragma] = [no-cache] [X-WebLogic-Force-JVMID] = [1002084856] [Via] = [1.1 v1-akamaitech.net(ghost) (AkamaiGHost), 1.1 akamai.net(ghost) (AkamaiGHost)] [TE] = [chunked;q=1.0] [X-Akamai-CONFIG-LOG-DETAIL] = [true] [Cache-Control] = [no-cache, max-age=0] [X-DataStream-Session-Id] = [40b3c064-6145c826-2f84a05] [X-Forwarded-For] = [3.236.212.116, 184.28.36.71] [X-dynaTrace-RequestState] = [agentId=0x80a031aa&pathDepth=1] [Accept-Language] = [en-US,en;q=0.5] content open-service-risks on =3=srv=14=sn=B8CE514A95FEAAF056857710CC745DCF=perc=100000=ol=0=mul=1=app:02988af77a4c58f7=1 /default/main/internet/fido/WORKAREA/common en_US kjarzhvf 2021-03-02 09:54:07 true site/support kjarzhvf templatedata/site/support/data/Internet/Technical-Support/open-service-risks 1616185365 2021-03-22 15:36:09 /default/main/internet/fido/STAGING /default/main/internet/fido open-service-risks 1616185396323 2021-03-22 15:36:09 /default/main/internet/fido/WORKAREA/common/templatedata/site/support/data/Internet/Technical-Support/open-service-risks templatedata/site/support/data/Internet/Technical-Support/open-service-risks 1 true open-service-risks ab, bc, mb, nb, nl, ns, nt, nu, on, pe, qc, sk, yt en, fr Internet customer 1614696808458 Open Service Vulnerabilities | Fido Cyber Security Learn more about the various risks posed to users of Open Services like Open DNS, Open NTP, Open SNMP and more, and how to resolve issues if they occur. Open Service Vulnerabilities <p>Some Open Services pose different vulnerabilities and risks than others. Read on to learn more about these risks and how to avoid them.</p> <p>&nbsp;</p> <h2>Open DNS Resolver, NTP Modes 6 &amp; 7, SNMP, Chargen, QOTD, NetBIOS, SSDP and LDAP Services</h2> <p>These Open Services are accessible to anyone on the internet and are responding to queries.</p> <p><span style="text-decoration: underline;">THE RISK</span>: The vulnerabilities of these Open Services can be exploited by a remote user to use your internet connection to anonymously attack other devices or sites and servers across the internet</p> <p>&nbsp;</p> <h2>Open LDAP (TCP) Service</h2> <p>The Open LDAP (TCP) Service is running on port 389/TCP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Hosts running LDAP using port 389/TCP are often Active Directory services. The data disclosed by the server resides on, making it vulnerable to attack.</p> <p>&nbsp;</p> <h2>Open Cisco Smart Install Service</h2> <p>The Open Cisco Smart Install Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: This service doesn&rsquo;t require authentication and could allow a remote user to obtain a copy of your device&rsquo;s configuration file and upload an altered version or malicious software.</p> <p>&nbsp;</p> <h2>Open SMB Service</h2> <p>The Open SERVER Message Block (SMB) Service is running on port 445/TCP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: The SMB protocol is not protected and can be accessed openly by anyone to obtain stored files and sensitive information, resulting in vulnerability to brute force attacks, multiple exploits and/or the disclosure of confidential information.</p> <p>&nbsp;</p> <h2>Open VNC Service</h2> <p>The Open Virtual Network Computing (VNC) Service is a graphical desktop sharing system running on port 5900/TCP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: VNC doesn&rsquo;t utilize encryption and, if configured improperly, can potentially disclose sensitive information or unknowingly provide remote access to your system.</p> <p>&nbsp;</p> <h2>Open XDMCP Service</h2> <p>The X Display Manager (XDMCP) Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Using this service poses a risk of disclosing sensitive information or unknowingly providing remote access to your system.</p> <p>&nbsp;</p> <h2>Open mDNS Service</h2> <p>In computer networking, the multicast Domain Name System (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Devices using mDNS could potentially respond to malicious queries outside a local network and inadvertently facilitate a large-scale Denial of Service attack.</p> <p>&nbsp;</p> <h2>Open Portmapper Service</h2> <p>The Open Portmapper Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Devices using the service are at risk of being used in an attack and/or disclosing large amounts of information about the system using Portmapper.</p> <p>&nbsp;</p> <h2>Open Elasticsearch Service</h2> <p>The Open Elasticsearch Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Elasticsearch doesn&rsquo;t support authentication, so remote users could potentially access Elasticsearch and gain control of the service, putting your information at risk of being disclosed.</p> <p>&nbsp;</p> <h2>Open MongoDB Service</h2> <p>The Open MongoDB Service (MongoDB NoSQL database) is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Authentication is not enabled, which can pose a risk of unwanted remote access for malicious users and potential data breaches.</p> <p>&nbsp;</p> <h2>Open MS-SQL Server Resolution Service</h2> <p>The Open MS-SQL Server Resolution Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: If this service is accessible via your network, you&rsquo;re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.</p> <p>&nbsp;</p> <h2>Open Redis Service</h2> <p>The Open Redis Service (Redis key-value store) is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: If this service is accessible via your network, you&rsquo;re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.</p> <p>&nbsp;</p> <h2>Open NAT-PMP Service</h2> <p>The Open NAT Port Mapping Protocol (PMP) Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: This service has the potential to expose information about your network.</p> <p>&nbsp;</p> <h2>Open IPMI Service</h2> <p>The Open Intelligent Platform Management Interface (IPMI) Service is running on port 623/UDP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Devices with IPMI exposed have the potential to be compromised at the Baseboard Management Controller (BMC) level.</p> <p>&nbsp;</p> <h2>Open Telnet Service</h2> <p>The Open Telnet Service is running on port 23/TCP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Due to a lack of encryption, Telnet traffic can be intercepted. Open Telnet ports can also be exploited by malware, potentially resulting in initiating Denial of Service attacks, the extracting or destroying of information and more.</p> <p>&nbsp;</p> <h2>Open RDP Service</h2> <p>The Open Remote Desktop Protocol (RDP) Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: If you use this service, misconfiguration can put your computer or network at risk of being accessed remotely for information gathering.</p> <p>&nbsp;</p> <h2>Open TFTP Service</h2> <p>The Open TFTP Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: This service has no access control mechanisms, which may result in being accessed remotely to retrieve sensitive information or be used in attacks.</p> <p>&nbsp;</p> <h2>Open Apple Remote Desktop Service</h2> <p>The Open Apple Remote Desktop Service is running on port 3283/UDP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: This service&rsquo;s vulnerabilities could be exploited by external users to be used in attacks or to leak information about the system it&rsquo;s running on.</p> <p>&nbsp;</p> <h2>Open FTP Service</h2> <p>The Open File Transfer Protocol (FTP) Service is running on port 21/TCP and is accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: This service provides no encryption (unless you&rsquo;re using FTPS), so sensitive information or system credentials could potentially be exposed. Devices using the service are also at risk of being used in UDP amplification attacks.</p> <p>&nbsp;</p> <h2>Open Hadoop Service</h2> <p>The Open Hadoop Service is running and have either the NameNode or DataNode web interfaces running. They are accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Using this service puts you at risk of potentially having your sensitive information disclosed.</p> <p>&nbsp;</p> <h2>Open DB2 Discovery Service</h2> <p>The Open DB2 Discovery Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Using this service puts you at risk of potentially having your sensitive information exposed and used in attacks.</p> <p>&nbsp;</p> <h2>Open Ubiquiti Discovery Service</h2> <p>The Open Ubiquiti Discovery Service is running and accessible to anyone on the internet.</p> <p><span style="text-decoration: underline;">THE RISK</span>: Using this service puts you at risk of potentially having your sensitive information disclosed and used in a UDP amplification attack.</p> <p>&nbsp;</p> <h2>What do I do if my service is open to the internet and is responding to queries?</h2> <p>If you use an open service and your device is behaving strangely or showing signs of an exploitable vulnerability, try the following:</p> <ul style=" font-size: 16px; "> <li>If you have the expertise, disable the Open Service or restrict access to only trusted IP addresses on your device.</li> <li>If you&rsquo;re unable to complete the above, or if you&rsquo;ve completed the above but your device is still acting strangely, bring it to a third-party computer repair technician to solve the problem. <p>&nbsp;</p> <p><strong>Related Links:</strong></p> <ul style=" font-size: 16px; "> <li><a href="https://www.fido.ca/consumer/content/vulnerabilities">What is a Vulnerability? | Fido Cyber Security</a></li> </ul> </li> </ul> Open service open services DNS NTP NTP Mode 6, NTP Mode 7, SNMP, Chargen, QOTD, NetBIOS, SSDP, LDAP Vulnérabilités des services ouverts | Cybersécurité de Fido Apprenez-en davantage sur les divers risques que présentent les services ouverts comme Open DNS, Open NTP, Open SNMP, etc. et sur la façon de résoudre les problèmes le cas échéant. Vulnérabilités des services ouverts <p>Certains services ouverts pr&eacute;sentent plus de vuln&eacute;rabilit&eacute;s et de risques de diff&eacute;rents types que les autres. Poursuivez votre lecture pour en apprendre davantage sur ces risques et sur la fa&ccedil;on de les &eacute;viter.</p> <p>&nbsp;</p> <h2>Resolver Open DNS, NTP modes 6 et 7, SNMP, Chargen, QOTD, NetBIOS, SSDP et services LDAP</h2> <p>Tous ceux qui se trouvent sur Internet et qui r&eacute;pondent &agrave; des requ&ecirc;tes ont acc&egrave;s &agrave; ces services ouverts.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Un utilisateur &agrave; distance peut exploiter les vuln&eacute;rabilit&eacute;s de ces services ouverts pour se servir de votre connexion Internet en vue d&rsquo;attaquer anonymement d&rsquo;autres appareils, sites et serveurs sur Internet.</p> <p>&nbsp;</p> <h2>Service LDAP (TCP) ouvert</h2> <p>Le service LDAP (TCP) ouvert s&rsquo;ex&eacute;cute sur le port 389/TCP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Les h&ocirc;tes ex&eacute;cutant le service LDAP sur le port 389/TCP sont souvent des services Active Directory. Les donn&eacute;es divulgu&eacute;es par le serveur y r&eacute;sident, ce qui rend celui-ci vuln&eacute;rable aux attaques.</p> <p>&nbsp;</p> <h2>Service Smart Install de Cisco</h2> <p>Le service Smart Install de Cisco ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Ce service n&rsquo;exige aucune authentification et pourrait permettre &agrave; un utilisateur &agrave; distance d&rsquo;obtenir une copie du fichier de configuration de votre appareil et de t&eacute;l&eacute;verser une version modifi&eacute;e ou un logiciel malveillant.</p> <p>&nbsp;</p> <h2>Service SMB ouvert</h2> <p>Le service SMB (SERVER Message Block) ouvert s&rsquo;ex&eacute;cute sur le port 445/TCP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Le protocole SMB n&rsquo;est pas prot&eacute;g&eacute;, et n&rsquo;importe qui peut y acc&eacute;der librement pour obtenir des fichiers ou des renseignements confidentiels stock&eacute;s, ce qui entra&icirc;ne une vuln&eacute;rabilit&eacute; aux attaques par force brute, l&rsquo;exploitation multiple et/ou la divulgation de renseignements confidentiels.</p> <p>&nbsp;</p> <h2>Service VNC ouvert</h2> <p>Le service VNC (Virtual Network Computing) ouvert, un syst&egrave;me graphique de partage de bureau informatique, s&rsquo;ex&eacute;cute sur le port 5900/TCP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Le service VNC n&rsquo;utilise pas le chiffrement et, s&rsquo;il n&rsquo;est pas configur&eacute; de la bonne fa&ccedil;on, il peut divulguer des renseignements confidentiels ou fournir un acc&egrave;s &agrave; distance &agrave; votre syst&egrave;me, &agrave; votre insu.</p> <p>&nbsp;</p> <h2>Service XDMCP ouvert</h2> <p>Le service XDMCP (X Display Manager) s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : L&rsquo;utilisation de ce service pr&eacute;sente un risque de divulgation de renseignements confidentiels et d&rsquo;utilisation de votre syst&egrave;me &agrave; distance, &agrave; votre insu.</p> <p>&nbsp;</p> <h2>Service mDNS ouvert</h2> <p>Dans un r&eacute;seau informatique, le protocole de syst&egrave;me de noms de domaine &agrave; diffusion multiple (multicast Domain Name System &ndash; mDNS) r&eacute;sout les noms d&rsquo;h&ocirc;te aux adresses IP dans les petits r&eacute;seaux ne comprenant aucun serveur de nom local.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Des appareils utilisant le protocole mDNS pourraient r&eacute;pondre aux requ&ecirc;tes malveillantes provenant de l&rsquo;ext&eacute;rieur d&rsquo;un r&eacute;seau local et faciliter par erreur une attaque par d&eacute;ni de service &agrave; grande &eacute;chelle.</p> <p>&nbsp;</p> <h2>Service Portmapper ouvert</h2> <p>Le service Portmapper ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Les appareils utilisant ce service pourraient servir dans le cadre d&rsquo;une attaque et/ou d&rsquo;une divulgation d&rsquo;importantes quantit&eacute;s de renseignements sur le syst&egrave;me &agrave; l&rsquo;aide de Portmapper.</p> <p>&nbsp;</p> <h2>Service Elasticsearch ouvert</h2> <p>Le service Elasticsearch ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Le service Elasticsearch ne prend pas en charge l&rsquo;authentification. Un utilisateur &agrave; distance pourrait acc&eacute;der &agrave; Elasticsearch et prendre le contr&ocirc;le du service, ce qui pr&eacute;sente un risque de divulgation de vos renseignements.</p> <p>&nbsp;</p> <h2>Service MongoDB ouvert</h2> <p>Le service MongoDB ouvert (base de donn&eacute;es MongoDB NoSQL) s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : L&rsquo;authentification est d&eacute;sactiv&eacute;e, ce qui pr&eacute;sente un risque d&rsquo;acc&egrave;s &agrave; distance non d&eacute;sir&eacute; pour les utilisateurs malveillants et les atteintes possibles &agrave; la s&eacute;curit&eacute; des donn&eacute;es.</p> <p>&nbsp;</p> <h2>Service de r&eacute;solution de serveur MS-SQL ouvert</h2> <p>Le service de r&eacute;solution de serveur MS-SQL ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si ce service est accessible sur votre r&eacute;seau, les renseignements qui s&rsquo;y trouvent pourraient &ecirc;tre expos&eacute;s. Le service lui-m&ecirc;me peut servir dans le cadre d&rsquo;attaques d&rsquo;amplification UDP.</p> <p>&nbsp;</p> <h2>Service Redis ouvert</h2> <p>Le service Redis ouvert (magasin de valeur cl&eacute; Redis) s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si ce service est accessible sur votre r&eacute;seau, les renseignements qui s&rsquo;y trouvent pourraient &ecirc;tre expos&eacute;s. Le service lui-m&ecirc;me peut servir dans le cadre d&rsquo;attaques d&rsquo;amplification UDP.</p> <p>&nbsp;</p> <h2>Service NAT-PMP ouvert</h2> <p>Le protocole NAT-PMP (NAT Port Mapping Protocol) s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Ce service pourrait r&eacute;v&eacute;ler des renseignements sur votre r&eacute;seau.</p> <p>&nbsp;</p> <h2>Service IPMI ouvert</h2> <p>Le service IPMI (Intelligent Platform Management Interface) ouvert s&rsquo;ex&eacute;cute sur le port 623/UDP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Les appareils avec le service IPMI expos&eacute; peuvent &ecirc;tre compromis au niveau du contr&ocirc;leur de gestion de la carte de base (Baseboard Management Controller &ndash; BMC]).</p> <p>&nbsp;</p> <h2>Service Telnet ouvert</h2> <p>Le service Telnet ouvert s&rsquo;ex&eacute;cute sur le port 23/TCP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : En raison d&rsquo;un manque de chiffrement, il est possible d&rsquo;intercepter le trafic de Telnet. Des logiciels malveillants peuvent &eacute;galement exploiter les ports Telnet ouverts, ce qui pourrait entra&icirc;ner notamment des attaques par d&eacute;ni de service, et l&rsquo;extraction ou la destruction d&rsquo;information.</p> <p>&nbsp;</p> <h2>Service RDP ouvert</h2> <p>Le service RDP (Remote Desktop Protocol) ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si vous utilisez ce service, une mauvaise configuration peut pr&eacute;senter un risque d&rsquo;acc&egrave;s &agrave; distance aux fins de collecte de renseignements pour votre ordinateur ou votre r&eacute;seau.</p> <p>&nbsp;</p> <h2>Service TFTP ouvert</h2> <p>Le service TFTP ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Ce service ne rec&egrave;le aucun m&eacute;canisme de contr&ocirc;le d&rsquo;acc&egrave;s, de sorte qu&rsquo;on peut y acc&eacute;der &agrave; distance afin de r&eacute;cup&eacute;rer des renseignements confidentiels ou s&rsquo;en servir dans des attaques.</p> <p>&nbsp;</p> <h2>Service Apple Remote Desktop ouvert</h2> <p>Le service Apple Remote Desktop ouvert s&rsquo;ex&eacute;cute sur le port 3283/UDP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Des utilisateurs externes peuvent exploiter les vuln&eacute;rabilit&eacute;s de ce service dans des attaques ou laisser filtrer de l&rsquo;information sur le syst&egrave;me sur lequel il s&rsquo;ex&eacute;cute.</p> <p>&nbsp;</p> <h2>Service FTP ouvert</h2> <p>Le protocole de transfert de fichier ouvert (File Transfer Protocol &ndash; FTP) s&rsquo;ex&eacute;cute sur le port 21/TCP et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Ce service n&rsquo;offre aucun chiffrement (&agrave; moins que vous utilisiez le protocole FTPS). Ainsi, il peut d&eacute;voiler des renseignements confidentiels ou des informations d&rsquo;identification de syst&egrave;me. Les appareils utilisant ce service risquent de servir dans des attaques d&rsquo;amplification UDP.</p> <p>&nbsp;</p> <h2>Service Hadoop ouvert</h2> <p>Le service Hadoop ouvert s&rsquo;ex&eacute;cute, et entra&icirc;ne l&rsquo;ex&eacute;cution des interfaces web NameNode ou DataNode. Il est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si vous utilisez ce service, vos renseignements confidentiels pourraient &ecirc;tre divulgu&eacute;s.</p> <p>&nbsp;</p> <h2>Service DB2 Discovery ouvert</h2> <p>Le service DB2 Discovery ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si vous utilisez ce service, vos renseignements confidentiels pourraient &ecirc;tre divulgu&eacute;s et utilis&eacute;s dans des attaques.</p> <p>&nbsp;</p> <h2>Service Ubiquiti Discovery ouvert</h2> <p>Le service Ubiquiti Discovery ouvert s&rsquo;ex&eacute;cute et est accessible &agrave; tous sur Internet.</p> <p><span style="text-decoration: underline;">LE RISQUE</span> : Si vous utilisez ce service, vos renseignements confidentiels pourraient &ecirc;tre divulgu&eacute;s et utilis&eacute;s dans une attaque d&rsquo;amplification UDP.</p> <p>&nbsp;</p> <h2>Que dois-je faire si mon service est ouvert sur Internet et qu&rsquo;il r&eacute;pond aux requ&ecirc;tes.</h2> <p>Si vous utilisez un service ouvert et que votre appareil se comporte de fa&ccedil;on &eacute;trange ou montre des signes de vuln&eacute;rabilit&eacute; exploitable, essayez ce qui suit :</p> <ul style=" font-size: 16px; "> <li>Si vous poss&eacute;dez l&rsquo;expertise n&eacute;cessaire, d&eacute;sactivez le service ouvert ou limitez son acc&egrave;s aux adresses IP de confiance seulement sur votre appareil.</li> <li>Si vous n&rsquo;avez pas cette expertise, ou si vous avez effectu&eacute; l&rsquo;&eacute;tape ci-dessus et que votre appareil se comporte toujours de mani&egrave;re &eacute;trange, apportez-le &agrave; un technicien de r&eacute;paration informatique externe pour r&eacute;soudre le probl&egrave;me.</li> </ul> <p>&nbsp;</p> <p><strong>Liens utiles:</strong></p> <ul style=" font-size: 16px; "> <li><a href="https://www.fido.ca/consumer/content/vulnerabilities">Qu&rsquo;est-ce qu&rsquo;une vuln&eacute;rabilit&eacute;? | Cybers&eacute;curit&eacute; de Fido</a></li> </ul> Service ouvert services ouverts DNS NTP NTP Mode 6, NTP Mode 7, SNMP, Chargen, QOTD, NetBIOS, SSDP, LDAP 6LfFoRATAAAAAF4k8pYifmzO12cKXzERsY-nUGdh

Open Service Vulnerabilities

Some Open Services pose different vulnerabilities and risks than others. Read on to learn more about these risks and how to avoid them.

 

Open DNS Resolver, NTP Modes 6 & 7, SNMP, Chargen, QOTD, NetBIOS, SSDP and LDAP Services

These Open Services are accessible to anyone on the internet and are responding to queries.

THE RISK: The vulnerabilities of these Open Services can be exploited by a remote user to use your internet connection to anonymously attack other devices or sites and servers across the internet

 

Open LDAP (TCP) Service

The Open LDAP (TCP) Service is running on port 389/TCP and is accessible to anyone on the internet.

THE RISK: Hosts running LDAP using port 389/TCP are often Active Directory services. The data disclosed by the server resides on, making it vulnerable to attack.

 

Open Cisco Smart Install Service

The Open Cisco Smart Install Service is running and accessible to anyone on the internet.

THE RISK: This service doesn’t require authentication and could allow a remote user to obtain a copy of your device’s configuration file and upload an altered version or malicious software.

 

Open SMB Service

The Open SERVER Message Block (SMB) Service is running on port 445/TCP and is accessible to anyone on the internet.

THE RISK: The SMB protocol is not protected and can be accessed openly by anyone to obtain stored files and sensitive information, resulting in vulnerability to brute force attacks, multiple exploits and/or the disclosure of confidential information.

 

Open VNC Service

The Open Virtual Network Computing (VNC) Service is a graphical desktop sharing system running on port 5900/TCP and is accessible to anyone on the internet.

THE RISK: VNC doesn’t utilize encryption and, if configured improperly, can potentially disclose sensitive information or unknowingly provide remote access to your system.

 

Open XDMCP Service

The X Display Manager (XDMCP) Service is running and accessible to anyone on the internet.

THE RISK: Using this service poses a risk of disclosing sensitive information or unknowingly providing remote access to your system.

 

Open mDNS Service

In computer networking, the multicast Domain Name System (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.

THE RISK: Devices using mDNS could potentially respond to malicious queries outside a local network and inadvertently facilitate a large-scale Denial of Service attack.

 

Open Portmapper Service

The Open Portmapper Service is running and accessible to anyone on the internet.

THE RISK: Devices using the service are at risk of being used in an attack and/or disclosing large amounts of information about the system using Portmapper.

 

Open Elasticsearch Service

The Open Elasticsearch Service is running and accessible to anyone on the internet.

THE RISK: Elasticsearch doesn’t support authentication, so remote users could potentially access Elasticsearch and gain control of the service, putting your information at risk of being disclosed.

 

Open MongoDB Service

The Open MongoDB Service (MongoDB NoSQL database) is running and accessible to anyone on the internet.

THE RISK: Authentication is not enabled, which can pose a risk of unwanted remote access for malicious users and potential data breaches.

 

Open MS-SQL Server Resolution Service

The Open MS-SQL Server Resolution Service is running and accessible to anyone on the internet.

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

 

Open Redis Service

The Open Redis Service (Redis key-value store) is running and accessible to anyone on the internet.

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

 

Open NAT-PMP Service

The Open NAT Port Mapping Protocol (PMP) Service is running and accessible to anyone on the internet.

THE RISK: This service has the potential to expose information about your network.

 

Open IPMI Service

The Open Intelligent Platform Management Interface (IPMI) Service is running on port 623/UDP and is accessible to anyone on the internet.

THE RISK: Devices with IPMI exposed have the potential to be compromised at the Baseboard Management Controller (BMC) level.

 

Open Telnet Service

The Open Telnet Service is running on port 23/TCP and is accessible to anyone on the internet.

THE RISK: Due to a lack of encryption, Telnet traffic can be intercepted. Open Telnet ports can also be exploited by malware, potentially resulting in initiating Denial of Service attacks, the extracting or destroying of information and more.

 

Open RDP Service

The Open Remote Desktop Protocol (RDP) Service is running and accessible to anyone on the internet.

THE RISK: If you use this service, misconfiguration can put your computer or network at risk of being accessed remotely for information gathering.

 

Open TFTP Service

The Open TFTP Service is running and accessible to anyone on the internet.

THE RISK: This service has no access control mechanisms, which may result in being accessed remotely to retrieve sensitive information or be used in attacks.

 

Open Apple Remote Desktop Service

The Open Apple Remote Desktop Service is running on port 3283/UDP and is accessible to anyone on the internet.

THE RISK: This service’s vulnerabilities could be exploited by external users to be used in attacks or to leak information about the system it’s running on.

 

Open FTP Service

The Open File Transfer Protocol (FTP) Service is running on port 21/TCP and is accessible to anyone on the internet.

THE RISK: This service provides no encryption (unless you’re using FTPS), so sensitive information or system credentials could potentially be exposed. Devices using the service are also at risk of being used in UDP amplification attacks.

 

Open Hadoop Service

The Open Hadoop Service is running and have either the NameNode or DataNode web interfaces running. They are accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed.

 

Open DB2 Discovery Service

The Open DB2 Discovery Service is running and accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information exposed and used in attacks.

 

Open Ubiquiti Discovery Service

The Open Ubiquiti Discovery Service is running and accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed and used in a UDP amplification attack.

 

What do I do if my service is open to the internet and is responding to queries?

If you use an open service and your device is behaving strangely or showing signs of an exploitable vulnerability, try the following:

  • If you have the expertise, disable the Open Service or restrict access to only trusted IP addresses on your device.
  • If you’re unable to complete the above, or if you’ve completed the above but your device is still acting strangely, bring it to a third-party computer repair technician to solve the problem.

     

    Related Links: