Nessus Scan Report
This report gives details on hosts that were tested and issues that were found. Please follow the recommended steps and procedures to eradicate these threats.

Scan Details
Hosts which were alive and responding during test 1
Number of security holes found 0
Number of security warnings found 1


Host List
Host(s) Possible Issue
192.168.1.107 Security warning(s) found
[ return to top ]


Analysis of Host
Address of Host Port/Service Issue regarding Port
192.168.1.107 general/udp Security notes found
192.168.1.107 general/icmp Security notes found
192.168.1.107 mdns (5353/udp) Security warning(s) found
192.168.1.107 sunrpc (111/udp) Security notes found
192.168.1.107 unknown (938/udp) Security notes found
192.168.1.107 unknown (941/tcp) Security notes found
192.168.1.107 general/tcp Security notes found
192.168.1.107 ssh (22/tcp) Security notes found
192.168.1.107 sunrpc (111/tcp) Security notes found


Security Issues and Fixes: 192.168.1.107
Type Port Issue and Fix
Informational general/udp For your information, here is the traceroute from 192.168.1.106 to 192.168.1.107 :
192.168.1.106
192.168.1.107

Nessus ID : 10287
Informational general/icmp
Synopsis :

It is possible to determine the exact time set on the remote host.

Description :

The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date which is set on your machine.

This may help him to defeat all your time based authentication
protocols.

Solution :

Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor :

None

Plugin output :

The ICMP timestamps seem to be in little endian format (not in network format)
The difference between the local and remote clocks is 8038 seconds.

CVE : CVE-1999-0524
Nessus ID : 10114
Warning mdns (5353/udp) Synopsis :

It is possible to obtain information about the remote host.

Description :

The remote service understands the Bonjour (also known as ZeroConf or
mDNS) protocol, which allows anyone to uncover information from the
remote host such as its operating system type and exact version, its
hostname, and the list of services it is running.

Solution :

Filter incoming traffic to UDP port 5353 if desired.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Plugin output :

Nessus was able to extract the following information :

- Computer name : 192-168-1-107.local.
- Ethernet addr : 00:0c:29:12:b3:9e
- Computer Type : I686
- Operating System : LINUX

Nessus ID : 12218
Informational sunrpc (111/udp) Synopsis :

An ONC RPC service is running on the remote host.

Description :

By sending a DUMP request to the portmapper, it was possible to
enumerate the ONC RPC services running on the remote port. Using this
information, it is possible to connect and bind to each service by
sending an RPC request to the remote port.

Risk factor :

None

Plugin output :

The following RPC services are available on UDP port 111 :

- program: 100000 (portmapper), version: 2

Nessus ID : 11111
Informational unknown (938/udp) Synopsis :

An ONC RPC service is running on the remote host.

Description :

By sending a DUMP request to the portmapper, it was possible to
enumerate the ONC RPC services running on the remote port. Using this
information, it is possible to connect and bind to each service by
sending an RPC request to the remote port.

Risk factor :

None

Plugin output :

The following RPC services are available on UDP port 938 :

- program: 100024 (status), version: 1

Nessus ID : 11111
Informational unknown (941/tcp) Synopsis :

An ONC RPC service is running on the remote host.

Description :

By sending a DUMP request to the portmapper, it was possible to
enumerate the ONC RPC services running on the remote port. Using this
information, it is possible to connect and bind to each service by
sending an RPC request to the remote port.

Risk factor :

None

Plugin output :

The following RPC services are available on TCP port 941 :

- program: 100024 (status), version: 1

Nessus ID : 11111
Informational general/tcp Information about this scan :

Nessus version : 4.0.1
Plugin feed version : 200906262334
Type of plugin feed : HomeFeed (Non-commercial use only)
Scanner IP : 192.168.1.106
Port scanner(s) : nessus_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Paranoia level : 1
Report Verbosity : 1
Safe checks : yes
Optimize the test : yes
CGI scanning : disabled
Web application tests : disabled
Max hosts : 20
Max checks : 4
Recv timeout : 5
Backports : Detected
Scan Start Date : 2009/6/28 12:13
Scan duration : 64 sec

Nessus ID : 19506
Informational general/tcp
Remote operating system : Linux Kernel 2.4
Linux Kernel 2.6
Confidence Level : 54
Method : SinFP


The remote host is running one of these operating systems :
Linux Kernel 2.4
Linux Kernel 2.6
Nessus ID : 11936
Informational general/tcp
Synopsis :

The manufacturer can be deduced from the Ethernet OUI.

Description :

Each ethernet MAC address starts with a 24-bit 'Organizationally
Unique Identifier'.
These OUI are registered by IEEE.

See also :

http://standards.ieee.org/faqs/OUI.html
http://standards.ieee.org/regauth/oui/index.shtml

Risk factor :

None

Plugin output :

The following card manufacturers were identified :

00:0c:29:12:b3:9e : VMware, Inc.

Nessus ID : 35716
Informational general/tcp Synopsis :

The remote host seems to be a VMware virtual machine.

Description :

According to the MAC address of its network adapter, the remote host
is a VMware virtual machine.

Since it is physically accessible through the network, ensure that its
configuration matches your organization's security policy.

Risk factor :

None
Nessus ID : 20094
Informational general/tcp Synopsis :

The remote service implements TCP timestamps.

Description :

The remote host implements TCP timestamps, as defined by RFC1323.
A side effect of this feature is that the uptime of the remote
host can sometimes be computed.

See also :

http://www.ietf.org/rfc/rfc1323.txt

Risk factor :

None
Nessus ID : 25220
Informational general/tcp 192.168.1.107 resolves as 192-168-1-107.tpgi.com.au.
Nessus ID : 12053
Informational ssh (22/tcp)
Synopsis :

Security patches are backported.

Description :

Security patches may have been 'back ported' to the remote SSH server
without changing its version number.

Banner-based checks have been disabled to avoid false positives.

Solution :

Give Nessus credentials to perform local checks.

Risk factor :

None

Nessus ID : 39520
Informational ssh (22/tcp)
Synopsis :

An SSH server is running on the remote host.

Description :

This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.

Risk factor :

None

Plugin output :

The remote SSH daemon supports the following versions of the
SSH protocol :

- 1.99
- 2.0


SSHv2 host key fingerprint : 84:d6:fb:2f:13:6e:41:86:47:b8:41:b3:ae:4d:a5:b1

Nessus ID : 10881
Informational ssh (22/tcp) Synopsis :

An SSH server is listening on this port.

Description :

It is possible to obtain information about the remote SSH
server by sending an empty authentication request.

Risk factor :

None

Plugin output :

SSH version : SSH-2.0-OpenSSH_4.3
SSH supported authentication : publickey,gssapi-with-mic,password

Nessus ID : 10267
Informational ssh (22/tcp) An SSH server is running on this port.
Nessus ID : 22964
Informational sunrpc (111/tcp) Synopsis :

An ONC RPC service is running on the remote host.

Description :

By sending a DUMP request to the portmapper, it was possible to
enumerate the ONC RPC services running on the remote port. Using this
information, it is possible to connect and bind to each service by
sending an RPC request to the remote port.

Risk factor :

None

Plugin output :

The following RPC services are available on TCP port 111 :

- program: 100000 (portmapper), version: 2

Nessus ID : 11111
Informational sunrpc (111/tcp) Synopsis :

An ONC RPC portmapper is running on the remote host.

Description :

The RPC portmapper is running on this port.

The portmapper allows someone to get the port number of each RPC
service running on the remote host by sending either multiple lookup
requests or a DUMP request.

Risk factor :

None
Nessus ID : 10223

This file was generated by Nessus, the security scanner.