Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Note that you have a fair bit of control over the types of baseline comparison information displayed in your report by using our Report Style Editor. The default is to display ALL test results in your current report, along with notes as to which results are different from the previous report.
According to your current report style, baseline comparisons are: | Enabled |
No audit could be found against which a comparison could be done according to the current baselining rules. |
Category | High | Med | Low | Other |
Fedora Local Security Checks | ||||
SuSE Local Security Checks | ||||
Web application abuses | ||||
Debian Local Security Checks | ||||
Ubuntu Local Security Checks | ||||
Huawei EulerOS Local Security Checks | ||||
General | ||||
CentOS Local Security Checks | ||||
Red Hat Local Security Checks | ||||
Mandrake Local Security Checks | ||||
Windows : Microsoft Bulletins | ||||
Product detection | ||||
Gentoo Local Security Checks | ||||
FreeBSD Local Security Checks | ||||
Denial of Service | ||||
Oracle Linux Local Security Checks | ||||
CGI abuses | ||||
Databases | ||||
Amazon Linux Local Security Checks | ||||
Policy | ||||
CISCO | ||||
Web Servers | ||||
Buffer overflow | ||||
Slackware Local Security Checks | ||||
Windows | ||||
Conectiva Local Security Checks | ||||
IT-Grundschutz-deprecated | ||||
Service detection | ||||
Backdoors | ||||
Mageia Linux Local Security Checks | ||||
Turbolinux Local Security Tests | ||||
Default Accounts | ||||
Mac OS X Local Security Checks | ||||
FTP | ||||
Gain a shell remotely | ||||
IT-Grundschutz | ||||
Nmap NSE net | ||||
Trustix Local Security Checks | ||||
Nmap NSE | ||||
JunOS Local Security Checks | ||||
F5 Local Security Checks | ||||
Huawei | ||||
Remote file access | ||||
Gain root remotely | ||||
SMTP problems | ||||
Privilege escalation | ||||
Misc. | ||||
IT-Grundschutz-15 | ||||
SSL and TLS | ||||
AIX Local Security Checks | ||||
CGI abuses : XSS | ||||
VMware Local Security Checks | ||||
Malware | ||||
RPC | ||||
Palo Alto PAN-OS Local Security Checks | ||||
FortiOS Local Security Checks | ||||
Citrix Xenserver Local Security Checks | ||||
Windows : User management | ||||
SNMP | ||||
Useless services | ||||
Peer-To-Peer File Sharing | ||||
Firewalls | ||||
HP-UX Local Security Checks | ||||
Settings | ||||
Brute force attacks | ||||
Compliance | ||||
Port scanners | ||||
Finger abuses | ||||
Credentials | ||||
NIS | ||||
Solaris Local Security Checks | ||||
Totals: | 0 | 0 | 0 | 0 |
Port | Protocol | Probable Service |
21 | TCP | ftp |
You appear to be running an ftp server. You should take care of the
following potential problem areas:
Logins Writable directories Bounce-attack scans FTP bounce attack : An interesting "feature" of the ftp protocol (RFC 959) is support for "proxy" ftp connections. In other words, I should be able to connect from evil.com to the FTP server-PI (protocol interpreter) of target.com to establish the control communication connection. Then I should be able to request that the server-PI initiate an active server-DTP (data transfer process) to send a file ANYWHERE on the internet! Presumably to a User-DTP, although the RFC specifically states that asking one server to send a file to another is OK. Now this may have worked well in 1985 when the RFC was just written. But nowadays, we can't have people hijacking ftp servers and requesting that data be spit out to arbitrary points on the internet. As *Hobbit* wrote back in 1995, this protocol flaw "can be used to post virtually untraceable mail and news, hammer on servers at various sites, fill up disks, try to hop firewalls, and generally be annoying and hard to track down at the same time." What we will exploit this for is to (surprise, surprise) scan TCP ports from a "proxy" ftp server. Thus you could connect to an ftp server behind a firewall, and then scan ports that are more likely to be blocked (139 is a good one). If the ftp server allows reading from and writing to a directory (such as /incoming), you can send arbitrary data to ports that you do find open. | ||
22 | TCP | ssh |
You appear to be running SSH. That's good. A couple of things to note with it, however. Like any other software package, SSH is also subject to bugs that are fixed over time. These bugs, despite the fact that SSH provides a secure communication channel, may allow an attacker to compromise your system. You should ensure that you are running the latest SSH/patched versions. | ||
25 | TCP | smtp |
You appear to be to be running a mail gateway. You should make sure that your mail system cannot be used as a mail relay. Internet SPAM, also known as UBE (unsolicited bulk email) is a problem on the internet, and spammers (those that send this type of mail) will often use poorly configured mail systems to deliver mail on their behalf. This deflects the wrath of many system administrators to YOU, the owner/operator of the misconfigured service. It can also result in you being placed in one of several on-line databases that list you as allowing mail-relay, the end-result being that some mail systems will reject any mail you try to send. | ||
80 | TCP | http |
It appears that you are running a web server. If you have not done so, we recommend that you run the latest version of a popular web server. Many "fringe market" web servers have known bugs that are slow to be fixed because few people care about the problems. These problems can often leave you open to someone accessing/modifying files on your system that they shouldn't. By running a popular web server, you lower the risk of this type of problem, and when problems are found, it is likely that a patch will be made available rapidly to fix the problem. Check our survey to see what the most popular web servers are. | ||
5432 | TCP | postgres |
No description available for this port at this time. | ||
Number of open ports found by port scan:5 | ||
Finally, please note that this list is dependent on the audit you ran. If you come back in a month and run the same audit again, it is likely that this supplement will change, since additional tests will have probably been added to the test suite. Each audit report we produce has its own copy of this supplement that reflects the test suite available at the time this audit was run.
Because of the large size of this report, it may take several minutes for it to be displayed properly on some browsers once the complete report is downloaded (e.g. Netscape). Be patient, it will come up eventually.