| Network Vulnerability Assessment Report |
| |
| Sorted by host names |
| |||||||||
|
| Id | Name |
| max_hosts | 16 | |
| max_checks | 10 | |
| log_whole_attack | yes | |
| cgi_path | /cgi-bin | |
| port_range | 1-1024 | |
| optimize_test | yes | |
| language | english | |
| checks_read_timeout | 5 | |
| non_simult_ports | 139, 445 | |
| plugins_timeout | 320 | |
| safe_checks | yes | |
| auto_enable_dependencies | no | |
| use_mac_addr | no | |
| save_knowledge_base | no | |
| kb_restore | no | |
| only_test_hosts_whose_kb_we_dont_have | no | |
| only_test_hosts_whose_kb_we_have | no | |
| kb_dont_replay_scanners | no | |
| kb_dont_replay_info_gathering | no | |
| kb_dont_replay_attacks | no | |
| kb_dont_replay_denials | no | |
| kb_max_age | 864000 | |
| plugin_upload | no | |
| plugin_upload_suffixes | .nasl, .inc | |
| slice_network_addresses | no | |
| ntp_save_sessions | yes | |
| ntp_detached_sessions | yes | |
| server_info_nessusd_version | 2.3.0 | |
| server_info_libnasl_version | 2.3.0 | |
| server_info_libnessus_version | 2.3.0 | |
| server_info_thread_manager | fork | |
| server_info_os | Linux | |
| server_info_os_version | 2.6.9-deep1 | |
| reverse_lookup | no | |
| ntp_keep_communication_alive | yes | |
| ntp_opt_show_end | yes | |
| save_session | no | |
| detached_scan | no | |
| continuous_scan | no |
| Service | Severity | Description |
| www (80/tcp) | Port is open | |
| general/tcp | The remote host seems to generate Initial Sequence Numbers (ISN) in a weak manner which seems to solely depend on the source and dest port of the TCP packets. An attacker may exploit this flaw to establish spoofed connections to the remote host. The Raptor Firewall and Novell Netware are known to be vulnerable to this flaw, although other network devices may be vulnerable as well. Solution : If you are using a Raptor Firewall, see http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html Otherwise, contact your vendor for a patch. Reference : http://online.securityfocus.com/archive/1/285729 Risk factor : High CVE : CAN-2002-1463 BID : 5387, 8652 | |
| general/tcp | The remote host accepts loose source routed IP packets. The feature was designed for testing purpose. An attacker may use it to circumvent poorly designed IP filtering and exploit another flaw. However, it is not dangerous by itself. Solution : drop source routed packets on this host or on other ingress routers or firewalls. Risk factor : Low | |
| www (80/tcp) | The remote web server type is : IP_SHARER WEB 1.0 Solution : We recommend that you configure (if possible) your web server to return a bogus Server header in order to not leak information. | |
| general/tcp | 192.168.1.22 resolves as kruger.dnepr.net.ru. | |
| www (80/tcp) | A web server is running on this port | |
| general/udp | For your information, here is the traceroute to 192.168.1.22 : 192.168.1.37 192.168.1.22 |