英文:
web-server only opens port 80, can be hacked or not?
问题
以下是翻译好的部分:
有一个运行网站的Web服务器(使用index html php mysql),网络运营商只打开了端口80,其余端口(包括端口21/22等)都关闭了。维护只能在机房内进行。
黑客是否仍然能够控制这台机器?黑客可以对Centos操作系统造成什么样的损害?
从根本上来说,是否可以通过端口80进行SSH/FTP访问?
请详细说明,提前感谢。
英文:
There is a web-server running website (index html php mysql), which network operator only opens port 80, and the rest ports (including port 21/22 etc) are all closed. The maintenance is only available inside the machine room.
Is the hacker still able to gain control of the machine ? What kind of damage can hacker do to the Centos operation system ?
Deep down, is it possible to SSH/FTP through port 80 ?
please elaborate, thanks in advance.
答案1
得分: 0
这与打开的端口关系较小,更多关注的是与操作系统一起暴露的服务有多安全。此外,暴露在互联网上意味着远比仅在本地网络上可访问时存在更多风险,但这并不意味着您应该接受本地网络上的不安全情况。现在说到这一点,如果没有经验丰富的资源执行配置审计或渗透测试,很难说目前的影响是什么。如果你想要最糟糕的情况,那么是的,整个主机甚至在没有暴露SSH或FTP的情况下也可以通过Web服务器中的漏洞受到威胁。
英文:
This has less to do with the port that is open and more about how secure whatever services along with the OS being exposed are. Also, being exposed to the internet means far more risk versus only accessible on the local network but that doesn't mean you should be ok with something being insecure on the local network. Now with that being said, without an experienced resource performing configuration audits or penetration testing it's hard to say what the current impact is. If you want worst case scenario, then yes the entire host can be compromised through vulnerabilities in the web server even without SSH or FTP being exposed.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论