Google Chrome is without a doubt the most popular browser today. This keeps developers constantly looking for ways to improve security as well as performance. In this article, we echo the latest news related to Google's browser, which will block port 10080 to prevent NAT Slipstreaming attacks.
Chrome blocks port 10080
It should be noted that it is not the first time that the Google browser blocks a port to improve security. Precisely to prevent NAT Slipstreaming attacks, they have recently blocked some ports. Now it is the turn of TCP port 10080.
Google Chrome has decided to block HTTP, HTTPS, and FTP access to TCP port 10080 to prevent ports from being exploited in NAT Slipstreaming 2.0 attacks. This is a major issue that can put our security at risk. Specifically, it allows malicious website scripts to bypass visitors' NAT firewall and gain access to any TCP / UDP port on the internal network.
If these vulnerabilities are exploited, a hacker could carry out different attacks. For example, they could modify the router's configuration and gain access to network servers. This vulnerability only affects certain ports and therefore browser developers decide to block those that are little used.
Until now, Google Chrome already blocked FTP, HTTP and HTTPS access on ports 69, 137, 161, 554, 1719, 1720, 1723, 5060, 5061 and 6566. Now to this list, we must add the TCP port 10080, which will also help prevent NAT Slipstreaming 2.0 attacks.
This port, TCP 10080, was already blocked by Mozilla Firefox a few months ago. As we know, Firefox is also one of the most used browsers and one that has more users on different operating systems. In this way, they have already looked for a way to improve security and avoid risks for users.
Some developers use port 10080 as an alternative to 80
There is one point that can be problematic and that is that some developers use port 10080 as an alternative to port 80. According to Adam Rice, developer of Google Chrome, it is an attractive portending in 80 and does not require root privileges to link on Unix systems.
What happens if someone tries to enter a blocked port? In this chaos, users are shown an error message stating 'ERR_UNSAFE_PORT' when they try to access the port. This could affect websites that are hosted on port 10080, so those responsible should choose to switch to another port.
In short, once again Google Chrome is looking for a way to improve user security. This time, as has happened on other occasions, it has blocked access to TCP port 10080. Of course, as we have seen, it could affect websites that were hosted on this port, unless the developers decide to change it.
You can see our tutorial where we explain how to enable DNS over HTTPS in Chrome, another point to consider in order to improve security and avoid problems.
0 Comments