TCP/IP ports are a system resource, identified by a number, allocated to an application running on a network host to communicate with applications running on other network hosts. In the operation of such ports, specific rules must be considered. The TCP/IP standard assumes wired links with a transition to wireless only in the last miles (Jiang, 2019). A port can only be occupied by one program and cannot be used by another at that moment. All programs use ports to communicate with each other over a network. For each of the TCP / IP protocols, the standard defines the possibility of simultaneously allocating many unique ports on the host, identified by numbers. However, such protocols have vulnerabilities that can be used to steal data. Therefore, it is worth studying their weaknesses in order to take them into account in the future.
One of the principal vulnerabilities can be called visibility when scanning a network. A network administrator can detect scan attempts by analyzing network traffic and monitoring Echo messages sent sequentially to all network addresses quickly. For greater secrecy, an attacker can significantly stretch the process in time, which also applies to scanning TCP / IP ports. Listening is another way to penetrate the network. Using switches, the listening area on an Ethernet network can be limited by dividing the network into segments. In this case, attackers can intercept only frames received or sent by the nodes of the segment to which they are connected without resorting to active actions. Data encryption is the only way to deal with eavesdropping on an Ethernet segment (Bistouni & Jahanshahi, 2017). Data theft through TCP/IP ports can also occur in case of impersonation. If two nodes exchange IP datagrams, they accordingly identify each other by IP addresses. In this case, an attacker can imitate one of the nodes, usually a host, to intercept traffic.
The impact of the described vulnerabilities varies by vendor and application, but it is rated as critical in some cases. To know what vulnerabilities it is subject to, the software manufacturer can be contacted. Exploiting the vulnerability allows an attacker to create denial-of-service (DDoS) conditions on existing TCP/IP connections, which leads to premature termination of the session. Session termination affects the application layer, and the nature and severity depend on the application protocol.
References
Bistouni, F., & Jahanshahi, M. (2017). Remove and contraction: A novel method for calculating the reliability of Ethernet ring mesh networks Links to an external site. Reliability Engineering and System Safety, 167, 362–375. Web.
Jiang, S. (2019). Marine internet for internetworking in oceans: A tutorial. Future Internet, 11(7), 146. Web.