Home Cyber Crime Google Chrome to block port 554 to stop NAT Slipstreaming attacks

Google Chrome to block port 554 to stop NAT Slipstreaming attacks


Google Chrome

Google Chrome will block the browser’s entry to TCP port 554 to guard towards assaults utilizing the NAT Slipstreaming 2.0 vulnerability.

Final yr, safety researchers disclosed a new version of the NAT Slipstreaming vulnerability that enables malicious scripts to bypass an internet site customer’s NAT firewall and entry any TCP/UDP port on the customer’s inner community.

Illustration of the NAT Slipstreaming 2.0 attack
Illustration of the NAT Slipstreaming 2.0 assault

As this vulnerability solely works on particular ports monitored by a router’s Software Stage Gateway (ALG), browser builders, together with Google, Safari, and Mozilla, have been blocking susceptible ports that don’t obtain lots of site visitors.

When the vulnerability was first disclosed, Google Chrome 87 began blocking HTTP and HTTPS entry to TCP ports 5060 and 5061 to guard towards the vulnerability.

In January 2021, Google blocked HTTP, HTTPS, and FTP entry to an additional seven ports: ports 69, 137, 161, 1719, 1720, 1723, and 6566.

Up to now, Google additionally blocked port 554 however eliminated the block after complaints from enterprise customers.

“Chrome briefly blocked port 554 earlier than, but it surely was unblocked as a result of complaints from enterprise customers. Nevertheless, we’ve now achieved tough consensus at https://github.com/whatwg/fetch/pull/1148 to dam 554,” Chromium engineer Adam Rice introduced at this time.

Google and Safari builders are additionally discussing blocking entry to port 10080, which Firefox already blocks, however are hesitant as a result of this port receiving official requests.

As soon as a port is blocked, when a person makes an attempt to connect with it, customers are proven an error message stating ‘ERR_UNSAFE_PORT.’

Google Chrome blocking access to an unsafe port
Google Chrome blocking entry to an unsafe port

When you host an internet site on these ports, it’s best to change to a unique port to permit guests to proceed accessing your software.

Firefox 84+ and Safari are already blocking port 554 of their browsers.

Source link