Nessus Scan Report
This report gives details on hosts that were tested and issues that were found. Please follow the recommended steps and procedures to eradicate these threats.

Scan Details
Hosts which were alive and responding during test 1
Number of security holes found 3
Number of security warnings found 3

Host List
Host(s) Possible Issue Security hole(s) found
[ return to top ]

Analysis of Host
Address of Host Port/Service Issue regarding Port general/tcp Security hole found ftp (21/tcp) Security hole found general/icmp Security hole found general/udp Security notes found

Security Issues and Fixes:
Type Port Issue and Fix
Vulnerability general/tcp It was possible to make the remote server crash
using the 'land' attack.

An attacker may use this flaw to shut down this server, thus
preventing your network from working properly.

Solution : contact your operating
system vendor for a patch.

Risk factor : High
CVE : CVE-1999-0016
BID : 2666
Nessus ID : 10133
Warning general/tcp
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.

An attacker may use this feature to determine traffic patterns
within your network. A few examples (not at all exhaustive) are:

1. A remote attacker can determine if the remote host sent a packet
in reply to another request. Specifically, an attacker can use your
server as an unwilling participant in a blind portscan of another

2. A remote attacker can roughly determine server requests at certain
times of the day. For instance, if the server is sending much more
traffic after business hours, the server may be a reverse proxy or
other remote access device. An attacker can use this information to
concentrate his/her efforts on the more critical machines.

3. A remote attacker can roughly estimate the number of requests that
a web server processes over a period of time.

Solution : Contact your vendor for a patch
Risk factor : Low
Nessus ID : 10201
Warning general/tcp
The remote host accepts loose source routed IP packets.
The feature was designed for testing purpose.
An attacker may use it to circumvent poorly designed IP filtering
and exploit another flaw. However, it is not dangerous by itself.

Solution : drop source routed packets on this host or on other ingress
routers or firewalls.

Risk factor : Low
Nessus ID : 11834
Informational general/tcp The remote host is up
Nessus ID : 10180
Informational general/tcp HTTP NIDS evasion functions are enabled.
You may get some false negative results
Nessus ID : 10890
Informational general/tcp Nessus was not able to reliably identify the remote operating system. It might be:
Microsoft Windows 2003 Server
FreeBSD 4.6
The fingerprint differs from these known signatures on 5 points.
If you know what operating system this host is running, please send this signature to :
Nessus ID : 11936
Vulnerability ftp (21/tcp)
It was possible to disable the remote FTP server
by connecting to it about 3000 times, with
one connection at a time.

If the remote server is running from within [x]inetd, this
is a feature and the FTP server should automatically be back
in a couple of minutes.

An attacker may use this flaw to prevent this
service from working properly.

Solution : If the remote server is GoodTech ftpd server,
download the newest version from
BID : 2270
Risk factor : High
CVE : CAN-2001-0188
BID : 2270
Nessus ID : 10690
Informational ftp (21/tcp) An unknown service is running on this port.
It is usually reserved for FTP
Nessus ID : 10330
Informational ftp (21/tcp) An unknown service runs on this port.
It is sometimes opened by this/these Trojan horse(s):
Back Construction
Blade Runner
Cattivik FTP Server
CC Invader
Dark FTP
Doly Trojan
Invisible FTP
Juggernaut 42
Net Administrator
RTB 666
Senna Spy FTP server
The Flu
Traitor 21

Unless you know for sure what is behind it, you'd better
check your system

*** Anyway, don't panic, Nessus only found an open port. It may
*** have been dynamically allocated to some service (RPC...)

Solution: if a trojan horse is running, run a good antivirus scanner
Risk factor : Low
Nessus ID : 11157
Vulnerability general/icmp
The remote host is vulnerable to an 'Etherleak' -
the remote ethernet driver seems to leak bits of the
content of the memory of the remote operating system.

Note that an attacker may take advantage of this flaw
only when its target is on the same physical subnet.

See also :
Solution : Contact your vendor for a fix
Risk factor : High
CVE : CAN-2003-0001
BID : 6535
Nessus ID : 11197
Warning general/icmp
The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor : Low
CVE : CAN-1999-0524
Nessus ID : 10114
Informational general/icmp Here is the route recorded between and :

Nessus ID : 12264
Informational general/udp For your information, here is the traceroute to :

Nessus ID : 10287

This file was generated by Nessus, the open-sourced security scanner.