Information System security: understanding the issue of exposure
One of the weaknesses of TCP/IP is still not solved today: the exposure of services.
If there is a network and security issue as old as the Internet, it is certainly the issue of service exposure. The internet network allows anyone to make services accessible through two pieces of information: an IP address, usually encoded on 4 bytes, and a port encoded on 2 bytes. Most of the time, knowledge of this information is sufficient to establish a connection with the associated application, regardless of the user's profile, whether legitimate or an attacker.
By delving a little deeper, one realizes that it is the cause of the majority of intrusions within information systems.
Let's take a closer look at a mechanism that is ubiquitous on the Internet and within private networks.