Types of Cyberattack, Specific Risks and How to Mitigate those Risks
Please note that the list of cyberattack types is distributed by the Canadian Centre for Cyber Security and the means to mitigate is provided by third parties. This information is not meant to be exhaustive and Skyway West is not responsible for omissions or mistakes.
What is the exposed service VNC RDP vulnerability, what is the risk and how can you mitigate that risk?
What is it? Virtual Network Computing (VNC) is a platform-independent remote desktop control system. There are numerous VNC implementations (LibVNC, TightVNC, UltraVNC, etc.) which run on Windows, Linux, macOS, iOS, Android and other operating systems. VNC uses port 5900 or 5800. VNC is used for work-from-home scenarios and for remote troubleshooting and maintenance by IT professionals. Why is ...What is the Exposed Service SSL enforced TCP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Remote Desktop Protocol (RDP) allows a remote computer to take control of a computer in your network. RDP comes pre-installed for Microsoft Windows but can also be used with Apple OSX computers. RDP is used by many to work-from-home; it’s also used by IT support departments to perform remote maintenance and troubleshooting. RDP ...What is the Exposed Service SMB Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Server Message Block (SMB), also called Common Internet File System (CIFS) allows Microsoft Windows computers to share files, serial ports and printers across a network. SMB uses ports 139 or 445. The UpGuard link below provides background on the protocol and how it works. Why is it a risk? Version 1.0 of SMB contains a ...What is the Exposed Service RDP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Remote Desktop Protocol (RDP) allows a remote computer to take control of a computer in your network. RDP comes pre-installed for Microsoft Windows but can also be used with Apple OSX computers. RDP is used by many to work-from-home; it’s also used by IT support departments to perform remote maintenance and troubleshooting. RDP ...What is the Exposed Service PostgreSQL Wire Protocol Vulnerability, what is the risk and how can you mitigate that risk?
What is it? PostgreSQL’s wire protocol ensures persistent, long-lived connections that are crucial for client-server communication in database operations. Why is it a risk? Port 5432 of your server is exposed to the internet. This may allow attackers to gain access to your database. How can you mitigate the risk? If you do not actually need to access your database ...What is the Exposed Service MDNS Vulnerability, what is the risk and how can you mitigate that risk?
What is it? The Domain Name System (DNS) is a network of computers that convert web addresses like “google.com” into Internet Protocol (IP) addresses like 192.168.0.1. The client computer connects to a DNS server and asks for the IP address of “google.com” and gets an answer back. Multicast DNS (mDNS) does the same thing but in a ...What is the Exposed Service LDAP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Lightweight Directory Access Protocol (LDAP) allows remote users to lookup directory data. An LDAP Directory usually contains information about users, but may also contain data about printers, servers, conference rooms, other equipment, etc. LDAP is the protocol used to access the proprietary Microsoft Active Directory. Although LDAP is not Active Directory specific, most exposed ...What is the Exposed Service IPP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? Internet Printing Protocol (IPP), as its name implies, allows computers and mobile phones to send print jobs to a printer connected to the network. It is the basis for a number of proprietary network printing services like AirPrint, IPP Everywhere and Mopria Alliance. IPP not only allows queueing of jobs to be printed, but ...What is the Exposed Service CWMP Vulnerability, what is the risk and how can you mitigate that risk?
What is it? CPE WAN Management Protocol (CWMP, also known as TR-069) allows a remote computer to manage broadband routers, VoIP phones, etc. If Universal Plug and Play (UPnP) is supported and configured, CWMP can be used to manage devices inside the local area network. By default, CWMP uses ports 7547-7550. A Man in The Middle (MiTM) ...What is the DDOS potential TFTP Attack, what is the risk and how can you mitigate that risk?
What is it? Trivial File Transfer Protocol (TFTP) can operate in very little memory so it is sometimes used by a desktop computer to update the firmware on a router. TFTP uses port 69. TFTP is rarely used for Internet file transfers. Wikipedia (link below) does a good job of explaining TFTP. Why is it a risk? As its ...What is the DDOS potential SNMP Attack, what is the risk and how can you mitigate that risk?
What is it? Simple Network Management Protocol (SNMP) is used by network administrators to monitor and control devices (computers, routers, printers, etc.) remotely. There are 3 versions of SNMP. SNMP uses ports 161 and 162. Wikipedia (link below) provides a good overview of the versions, capabilities and security implications of SNMP. Why is it a risk? Being able to ...What is the DDOS potential NTP Attack, what is the risk and how can you mitigate that risk?
What is it? Network Time Protocol (NTP) is used to synchronize your computer clock with other computers on the Internet. By far the most common use of NTP is for one computer to ask “what time is it?” of another computer. But NTP has many other, less used, capabilities. “Mode 6” commands allow NTP to be ...