[^] Back
192.168.1.5 |
Scan time :
Start time : | Sun Feb 11 23:17:36 2007 |
End time : | Sun Feb 11 23:23:19 2007 | |
Number of vulnerabilities :
Open ports : | 12 |
Low : | 14 |
Medium : | 0 |
High : | 0 | |
|
Information about the remote host :
Operating system : | Microsoft Windows XP SP2 |
NetBIOS name : | TESTING |
DNS name : | (unknown) | |
|
[^] Back to 192.168.1.5
Traceroute |
For your information, here is the traceroute from 192.168.1.250 to 192.168.1.5 : 192.168.1.250 192.168.1.5
Nessus ID : 10287
|
[^] Back to 192.168.1.5
Port netbios-ns (137/tcp) |
Using NetBIOS to retrieve information from a Windows host |
Synopsis :
It is possible to obtain the network name of the remote host.
Description :
The remote host listens on udp port 137 and replies to NetBIOS nbtscan requests. By sending a wildcard request it is possible to obtain the name of the remote system and the name of its domain.
Risk factor :
None
Plugin output :
The following 6 NetBIOS names have been gathered :
TESTING = Computer name WORKGROUP = Workgroup / Domain name TESTING = File Server Service WORKGROUP = Browser Service Elections WORKGROUP = Master Browser __MSBROWSE__ = Master Browser
The remote host has the following MAC address on its adapter : 08:00:46:1c:f9:fc CVE : CVE-1999-0621 Other references : OSVDB:13577
Nessus ID : 10150
|
[^] Back to 192.168.1.5 [^] Back to 192.168.1.5
Port microsoft-ds (445/tcp) |
SMB Detection |
A CIFS server is running on this port
Nessus ID : 11011
|
SMB NativeLanMan |
Synopsis :
It is possible to obtain information about the remote operating system.
Description :
It is possible to get the remote operating system name and version (Windows and/or Samba) by sending an authentication request to port 139 or 445.
Risk factor :
None
Plugin output :
The remote Operating System is : Windows 5.1 The remote native lan manager is : Windows 2000 LAN Manager The remote SMB Domain Name is : TESTING
Nessus ID : 10785
|
SMB LanMan Pipe Server browse listing |
Synopsis :
It is possible to obtain network information.
Description :
It was possible to obtain the browse list of the remote Windows system by send a request to the LANMAN pipe. The browse list is the list of the nearest Windows systems of the remote host.
Risk factor :
None
Plugin output :
Here is the browse list of the remote host :
TESTING ( os: 5.1 )
Other references : OSVDB:300
Nessus ID : 10397
|
SMB accessible registry |
Synopsis :
Access the remote Windows Registry.
Description :
It was not possible to connect to PIPE\winreg on the remote host. If you intend to use Nessus to perform registry-based checks, the registry checks will not work because the 'Remote Registry Access' service (winreg) has been disabled on the remote host or can not be connected to with the supplied credentials.
Risk factor :
None
Nessus ID : 10400
|
[^] Back to 192.168.1.5
Port netbios-ssn (139/tcp) |
SMB Detection |
An SMB server is running on this port
Nessus ID : 11011
|
[^] Back to 192.168.1.5
icmp timestamp request |
Synopsis :
It is possible to determine the exact time set on the remote host.
Description :
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date which is set on your machine.
This may help him to defeat all your time based authentication protocols.
Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
Risk factor :
None / CVSS Base Score : 0 (AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)
Plugin output :
The ICMP timestamps seem to be in little endian format (not in network format) The difference between the local and remote clocks is 3 seconds
CVE : CVE-1999-0524
Nessus ID : 10114
|
Record route |
Here is the route recorded between 192.168.1.250 and 192.168.1.5 : 192.168.1.5.
Nessus ID : 12264
|
[^] Back to 192.168.1.5
NTP read variables |
An NTP (Network Time Protocol) server is listening on this port.
Risk factor : Low
Nessus ID : 10884
|
[^] Back to 192.168.1.5
OS Identification |
The remote host is running Microsoft Windows XP SP2
Nessus ID : 11936
|
Information about the scan |
Information about this scan :
Nessus version : 3.0.4 Plugin feed version : 200701101815 Type of plugin feed : Registered (7 days delay) Scanner IP : 192.168.1.250 Port scanner(s) : nessus_tcp_scanner synscan Port range : default Thorough tests : yes Experimental tests : no Paranoia level : 0 Report Verbosity : 2 Safe checks : no Max hosts : 40 Max checks : 5 Scan Start Date : 2007/2/11 23:17 Scan duration : 343 sec
Nessus ID : 19506
|
Local Checks Failed |
Synopsis :
It was not possible to log into the remote host
Description :
The credentials provided for the scan did not allow us to log into the remote host.
Risk factor :
None
Plugin output :
- It was not possible to log into the remote host via smb
Nessus ID : 21745
|
|