Security News > 2021 > April > Google Chrome blocks port 10080 to stop NAT Slipstreaming attacks
Google Chrome is now blocking HTTP, HTTPS, and FTP access to TCP port 10080 to prevent the ports from being abused in NAT Slipstreaming 2.0 attacks.
Last year, security researcher Samy Kamkar disclosed a new version of the NAT Slipstreaming vulnerability that allows scripts on malicious websites to bypass visitors' NAT firewall and gain access to any TCP/UDP port on the visitor's internal network.
Today, Google has stated that they intend to block TCP port 10080 in Chrome, which Firefox has already blocked since November 2020.
In discussions regarding whether the port should be blocked, browser developers determined that the Amanda backup software and VMWare vCenter utilize the port but would not be affected by the block.
The most concerning point regarding blocking port 10080 is that some developers may utilize it as an alternative to port 80.
If you are currently hosting a website on port 10080, you may want to consider using a different port to allow Google Chrome to continue accessing the site.
News URL
Related news
- Google Chrome’s AI feature lets you quickly check website trustworthiness (source)
- Google Chrome uses AI to analyze pages in new scam detection feature (source)
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)
- Google says new scam protection feature in Chrome uses AI (source)