Nessus Scan Report
This report gives details on hosts that were tested and issues that were found. Please follow the recommended steps and procedures to eradicate these threats.

Scan Details
Hosts which were alive and responding during test 1
Number of security holes found 2
Number of security warnings found 3

Host List
Host(s) Possible Issue Security hole(s) found
[ return to top ]

Analysis of Host
Address of Host Port/Service Issue regarding Port general/tcp Security warning(s) found dhcpclient (68/tcp) Security notes found X11 (6000/tcp) Security warning(s) found ftp (21/tcp) Security hole found general/icmp Security warning(s) found general/udp Security notes found

Security Issues and Fixes:
Type Port Issue and Fix
Warning general/tcp
The remote host does not discard TCP SYN packets which
have the FIN flag set.

Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.

See also :

Solution : Contact your vendor for a patch
Risk factor : Medium
BID : 7487
Nessus ID : 11618
Informational general/tcp The remote host is up
Nessus ID : 10180
Informational general/tcp Nmap found that this host is running Linux 2.4.0 - 2.5.20, Linux 2.4.18 - 2.6.4 (x86), Linux 2.4.19 w/grsecurity patch, Linux 2.4.20 - 2.4.22 w/ patch, Linux 2.4.22-ck2 (x86) w/ and HZ=1000 patches

Nessus ID : 10336
Informational general/tcp HTTP NIDS evasion functions are enabled.
You may get some false negative results
Nessus ID : 10890
Informational general/tcp The remote host is running Linux Kernel 2.4
Nessus ID : 11936
Informational dhcpclient (68/tcp) The service closed the connection after 0 seconds without sending any data
It might be protected by some TCP wrapper

Nessus ID : 10330
Warning X11 (6000/tcp) This X server does *not* allow any client to connect to it
however it is recommended that you filter incoming connections
to this port as attacker may send garbage data and slow down
your X session or even kill the server.

Here is the server version : 11.0
Here is the message we received : No protocol specified

Solution : filter incoming connections to ports 6000-6009
Risk factor : Low
CVE : CVE-1999-0526
Nessus ID : 10407
Vulnerability ftp (21/tcp)
It was possible to kill the service by sending a single long
text line.
A cracker may be able to use this flaw to crash your software
or even execute arbitrary code on your system.

Risk factor : High
Nessus ID : 11175
Vulnerability ftp (21/tcp)
It was possible to disable the remote FTP server
by connecting to it about 3000 times, with
one connection at a time.

If the remote server is running from within [x]inetd, this
is a feature and the FTP server should automatically be back
in a couple of minutes.

An attacker may use this flaw to prevent this
service from working properly.

Solution : If the remote server is GoodTech ftpd server,
download the newest version from
BID : 2270
Risk factor : High
CVE : CAN-2001-0188
BID : 2270
Nessus ID : 10690
Informational ftp (21/tcp) An unknown service is running on this port.
It is usually reserved for FTP
Nessus ID : 10330
Warning general/icmp
The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor : Low
CVE : CAN-1999-0524
Nessus ID : 10114
Informational general/icmp Here is the route recorded between and :

Nessus ID : 12264
Informational general/udp For your information, here is the traceroute to :

Nessus ID : 10287

This file was generated by Nessus, the open-sourced security scanner.