| Security Issues and Fixes: 192.168.1.7 |
| Type |
Port |
Issue and Fix |
| Warning |
general/tcp |
The remote host does not discard TCP SYN packets which
have the FIN flag set.
Depending on the kind of firewall you are using, an
attacker may use this flaw to bypass its rules.
See also : http://archives.neohapsis.com/archives/bugtraq/2002-10/0266.html
http://www.kb.cert.org/vuls/id/464113
Solution : Contact your vendor for a patch
Risk factor : Medium
BID : 7487
Nessus ID : 11618 |
| Warning |
general/tcp |
The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.
An attacker may use this feature to determine traffic patterns
within your network. A few examples (not at all exhaustive) are:
1. A remote attacker can determine if the remote host sent a packet
in reply to another request. Specifically, an attacker can use your
server as an unwilling participant in a blind portscan of another
network.
2. A remote attacker can roughly determine server requests at certain
times of the day. For instance, if the server is sending much more
traffic after business hours, the server may be a reverse proxy or
other remote access device. An attacker can use this information to
concentrate his/her efforts on the more critical machines.
3. A remote attacker can roughly estimate the number of requests that
a web server processes over a period of time.
Solution : Contact your vendor for a patch
Risk factor : Low
Nessus ID : 10201 |
| Informational |
general/tcp |
The remote host is up
Nessus ID : 10180 |
| Informational |
general/tcp |
TCP inject NIDS evasion function is enabled. Some tests might
run slowly and you may get some false negative results.
Nessus ID : 10889 |
| Informational |
general/tcp |
The remote host is running Microsoft Windows XP
Nessus ID : 11936 |
| Informational |
microsoft-ds (445/tcp) |
A CIFS server is running on this port
Nessus ID : 11011 |
| Informational |
microsoft-ds (445/tcp) |
The remote native lan manager is : Windows 2000 LAN Manager
The remote Operating System is : Windows 5.1
The remote SMB Domain Name is : WORKGROUP
Nessus ID : 10785 |
| Vulnerability |
general/icmp |
The remote host is vulnerable to an 'Etherleak' -
the remote ethernet driver seems to leak bits of the
content of the memory of the remote operating system.
Note that an attacker may take advantage of this flaw
only when its target is on the same physical subnet.
See also : http://www.atstake.com/research/advisories/2003/a010603-1.txt
Solution : Contact your vendor for a fix
Risk factor : Serious
CVE : CAN-2003-0001
BID : 6535
Nessus ID : 11197 |
| Informational |
general/udp |
For your information, here is the traceroute to 192.168.1.7 :
192.168.1.3
192.168.1.7
Nessus ID : 10287 |
| Informational |
ntp (123/udp) |
A NTP (Network Time Protocol) server is listening on this port.
Risk factor : Low
Nessus ID : 10884 |
| Warning |
netbios-ns (137/udp) |
The following 6 NetBIOS names have been gathered :
DEFAULT = This is the computer name registered for workstation services by a WINS client.
DEFAULT = Computer name
WORKGROUP = Workgroup / Domain name
WORKGROUP = Workgroup / Domain name (part of the Browser elections)
WORKGROUP
__MSBROWSE__
The remote host has the following MAC address on its adapter :
00:0c:29:80:0e:34
If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.
Risk factor : Medium
CVE : CAN-1999-0621
Nessus ID : 10150 |