Основні поняття
Port forwarding services pose security risks due to vulnerabilities in protocols and lack of access control, exposing critical data and infrastructure.
Анотація
The article discusses the security implications of port forwarding services (PFS), highlighting the emergence of PFS as an alternative to traditional techniques like NAT traversal. It delves into the technical mechanisms of PFS, experiment attack scenarios, classification of port-forwarded websites (PFWs), and the widespread adoption of PFS. The study reveals that a significant percentage of PFWs serve access to critical data or infrastructure without proper access control, leading to security risks. Additionally, it identifies attacks on PFS protocols and abuse by malicious actors for activities like malware distribution and phishing.
Directory:
- Introduction
- Scarcity of IPv4 addresses leads to tension between offering web services and costly cloud computing.
- Various techniques explored for port forwarding external visits.
- Background
- Port forwarding services designed for ordinary users.
- Reverse port forwarding used for traffic redirection.
- Methodology
- Research methodology includes PFS analyzer, PFW collector, and PFW classifier.
- PFS Providers and Port-Forwarded Websites
- Technical mechanisms of representative PFS providers revealed.
- Scale, evolution, categories, usage, origins, and access control measures analyzed for port-forwarded websites.
- Security and Privacy Risks
- Exposure of critical websites like ICS and IoT discussed.
Статистика
Leveraging these methodologies, we have observed the widespread adoption of PFS with millions of PFWs distributed across tens of thousands of ISPs worldwide.
Furthermore, 32.31% PFWs have been classified into website categories that serve access to critical data or infrastructure.
Цитати
"A non-negligible portion of PFWs fail to enforce any authentication mechanisms."
"Many PFWs are not always online during their lifetime due to various factors."