In SecureCloud, risky ports are commonly-used ports exposed to the internet. They are therefore considered high risk and could leave your assets open to attack. The list of risky ports can be managed in Configuration and the scope of reporting them further refined in Exceptions.
A default list is included when you install SecureCloud, which you can modify to your requirements:
- Port 23 - Telnet: Data is plain text and so open to injection
- Port 110 - POP3: Plain text
- Port 137-9 NetBIOS meant for file and printer sharing - can be used to obtain system information such as domain, workgroup and system names
- Port 445 SMB over IP - can be used to obtain system information
- Port 3389 - RDP - could be breached by brute-force methods for trying username and password combinations
