| Security Issues and Fixes: 192.168.1.4 |
| Type |
Port |
Issue and Fix |
| Warning |
general/tcp |
The remote host does not discard TCP SYN packets which
have the FIN flag set.
Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.
See also : http://archives.neohapsis.com/archives/bugtraq/2002-10/0266.html
http://www.kb.cert.org/vuls/id/464113
Solution : Contact your vendor for a patch
Risk factor : Medium
BID : 7487
Nessus ID : 11618 |
| Informational |
general/tcp |
The remote host is up
Nessus ID : 10180 |
| Informational |
general/tcp |
Nmap found that this host is running Linux 2.4.0 - 2.5.20, Linux 2.4.18 - 2.6.4 (x86), Linux 2.4.19 w/grsecurity patch, Linux 2.4.20 - 2.4.22 w/grsecurity.org patch, Linux 2.4.22-ck2 (x86) w/grsecurity.org and HZ=1000 patches
Nessus ID : 10336 |
| Informational |
general/tcp |
HTTP NIDS evasion functions are enabled.
You may get some false negative results
Nessus ID : 10890 |
| Informational |
general/tcp |
The remote host is running Linux Kernel 2.4
Nessus ID : 11936 |
| Informational |
dhcpclient (68/tcp) |
The service closed the connection after 0 seconds without sending any data
It might be protected by some TCP wrapper
Nessus ID : 10330 |
| Warning |
X11 (6000/tcp) |
This X server does *not* allow any client to connect to it
however it is recommended that you filter incoming connections
to this port as attacker may send garbage data and slow down
your X session or even kill the server.
Here is the server version : 11.0
Here is the message we received : No protocol specified
Solution : filter incoming connections to ports 6000-6009
Risk factor : Low
CVE : CVE-1999-0526
Nessus ID : 10407 |
| Vulnerability |
ftp (21/tcp) |
It was possible to kill the service by sending a single long
text line.
A cracker may be able to use this flaw to crash your software
or even execute arbitrary code on your system.
Risk factor : High
Nessus ID : 11175 |
| Vulnerability |
ftp (21/tcp) |
It was possible to disable the remote FTP server
by connecting to it about 3000 times, with
one connection at a time.
If the remote server is running from within [x]inetd, this
is a feature and the FTP server should automatically be back
in a couple of minutes.
An attacker may use this flaw to prevent this
service from working properly.
Solution : If the remote server is GoodTech ftpd server,
download the newest version from http://www.goodtechsys.com.
BID : 2270
Risk factor : High
CVE : CAN-2001-0188
BID : 2270
Nessus ID : 10690 |
| Informational |
ftp (21/tcp) |
An unknown service is running on this port.
It is usually reserved for FTP
Nessus ID : 10330 |
| Warning |
general/icmp |
The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.
This may help him to defeat all your time based authentication protocols.
Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).
Risk factor : Low
CVE : CAN-1999-0524
Nessus ID : 10114 |
| Informational |
general/icmp |
Here is the route recorded between 192.168.1.2 and 192.168.1.4 :
192.168.1.4.
192.168.1.4.
Nessus ID : 12264 |
| Informational |
general/udp |
For your information, here is the traceroute to 192.168.1.4 :
192.168.1.2
192.168.1.4
Nessus ID : 10287 |