Opening Ports

While playing around on one of the challenge machines, I setup some port forwarding. It occured to me that during that period anyone coming along to start the same box with an nmap scan might stumble across my temporary port, blissfully unware it wasn’t part of the official challenge. Worst case on the wrong machine, someone could accidentally leap-frog a bunch of steps!

Is there an understood etiquette around (not) opening up additional ports? On the odd occasions it’s the most useful way to proceed, I can make sure to pick a high port outside likely nmap scans, and try to filter incoming connections to just my IP where the script/service allows. Beyond that it is considered fair game?

I would probably just use Chisel and that should prevent something like this I believe.

As for etiquette, I don’t believe there are rules that prohibit it as long as it doesn’t affect the box that stops others from using it as well.

I am not aware of any hard and fast policy or rule on this. I’ve worked on quite a few boxes where you find other people’s netcat listeners etc.

There are a few times where people have found flags etc because other people have left their exploits lying around, or services listening.

I don’t think its really possible to fully avoid either.

Chisel looks good but I’ve found some more lightweight perl that does the job. I’ll see if i can put in some IP whitelisting then combined with a very high port number, I won’t fret too much!