Port Redirection Attack – Explanation with Examples

By | 9th November 2015

What is Port Redirection Attack?

A port redirection attack is another type of attack based on trust exploitation. The attacker uses a compromised host to gain access through a firewall that would otherwise be blocked.

Look at it this way; the host on the outside can get to the host on the public services segment, but not the host on the inside.

If an intruder is able to compromise the host on the public services segment, the attacker could install software to redirect traffic from the outside host directly to the inside host.

Although neither communication violates the rules implemented in the firewall, the outside host has now achieved connectivity to the inside host through the port redirection process on the public services host. An example of a tool that can provide this type of access is Netcat.



redirect 1

Solution
Port redirection can be controlled primarily through the use of proper trust models. Antivirus software or a host-based intrusion detection system (IDS) can help detect an attacker and prevent installation of such utilities on a host.




Other Types of Networks Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *