Using Fport on Windows NT to Map Applications to Open Ports

摘要

To develop defense-in-depth computer security, an understanding of various vulnerabilities must be realized before a protection strategy is developed. One element to minimize vulnerabilities is to develop computer security policies, and these policies must be in practice. In addition, risk assessments should be performed, and the highest risk-factor vulnerabilities must be eliminated promptly. A commonly accepted computer security policy usually starts with a firewall being established at the company's Internet connection. A next step could be host scanning or network intrusion detection systems within the organization. Also for consideration is 'backdoor' access to the network via modem connections from other networks. Policies should extend to routine backups for critical data. Additional protection can be installed with host-based intrusion detection systems to protect against the 'insider threat' or access through the firewall. However, to establish an effective host-based intrusion detection system, knowledge of the services and applications that open ports on the system is a necessity.