We must thank IT virtualization as it led us to cloud technology. Today's IT infrastructures are already running their mission critical business applications on virtual machines. Like the physical infrastructure, virtualization is also cursed with cyber security challenges. This article talks about a typical open source virtualization solution and depicts the steps to secure its.
An open port is an attack surface. The daemon that is listing on a port, could be vulnerable to a buffer overflow, or another remotely exploitable vulnerability.
Open ports (actually the programs listening and responding at them) may reveal information about the system or network architecture. They can leak banners, software versions, content, the fact a system is there at all (instead of dropping the packet) and what type of system it is (for example, nmap can fingerprint systems). Rook's answer got me thinking about this.
Without open port controls, software can open any candidate port and immediately communicate unhindered. This is often relied upon by games, chat programs and other useful software, but is undesirable for malware.
The network stack and the programs at open ports, even if the requests are invalid, still process incoming traffic. Even if electricity isn't an issue, technological solutions still have limited resources: degraded or denial of service results from finding a way to commit a port, network stack, computer, its hardware, network, or the people so they can't do much else.
Related to integrity and availability, an overwhelming amount of events and their logs can hide malicious activity (such as exploiting something you aren't looking at, to gain access) and lead to administrative fatigue and error. Potential misuse of certain services, by forcing the system to participate in DDOS attack someone else is also possible.
Solution: Set the X-XSS-Protection header
Setting this header reduces exposure to drive-by download attacks and sites serving user uploaded content. The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This allows to opt-out of MIME type sniffing, or, in other words, it is a way to say that the webmasters knew what they were doing.
Solution:Set the X-Content-Type-Options: no sniff header.