I am doing this because I usually fight administrators to turn this off, not on. I know there is always the issue of usability verses security but I must say that attackers that find port 5631/5632 will mark it as a possible mode for remote attack. If they can gain access to these systems, privilege escalation tools can quickly be run, giving them complete control of the local machine. At that point the attacker is inside your network and you have real problems.
Dig Deeper on Campus area network
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ... Continue Reading
Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security. Continue Reading
Security expert Michael Gregg fields a question about unknown network cards gaining access to a user's network. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.