SlideShare a Scribd company logo

Отчет Audit report RAPID7

Sergey Yrievich
Sergey Yrievich

The audit report summarizes a security audit performed on May 28, 2014. The audit found 2 vulnerabilities on 1 system, with no critical vulnerabilities. The most common vulnerabilities were related to TCP sequence number approximation and generic ICMP timestamp responses. To address these issues, patches need to be applied to disable ICMP timestamp responses and enable TCP MD5 signatures.

1 of 18
Audit Report Audit_report_pdf Audited on May 28, 2014 Reported on May 28, 2014
Page 1 Audit Report 1. Executive Summary This report represents a security audit performed by Nexpose from Rapid7 LLC. It contains confidential information about the state of your network. Access to this information by unauthorized personnel may allow them to compromise your network. Site Name Start Time End Time Total Time Status mikrotik-vpn ( 9 x x x x x x 2 ) May 28, 2014 01:29, PDT May 28, 2014 01:35, PDT 6 minutes Success There is not enough historical data to display risk trend. The audit was performed on one system which was found to be active and was scanned. There were 2 vulnerabilities found during this scan. No critical vulnerabilities were found. Critical vulnerabilities require immediate attention. They are relatively easy for attackers to exploit and may provide them with full control of the affected systems. One vulnerability was severe. Severe vulnerabilities are often harder to exploit and may not provide the same access to affected systems. There was one moderate vulnerability discovered. These often provide information to attackers that may assist them in mounting subsequent attacks on your network. These should also be fixed in a timely manner, but are not as urgent as the other vulnerabilities. There were 1 occurrences of the tcp-seq-num-approximation and generic-icmp-timestamp vulnerabilities, making them the most common vulnerabilities. There were 2 vulnerabilities in the Network category, making it the most common vulnerability category.
Page 2 Audit Report The tcp-seq-num-approximation vulnerability poses the highest risk to the organization with a risk score of 194. Risk scores are based on the types and numbers of vulnerabilities on affected assets. One operating system was identified during this scan. There were 6 services found to be running during this scan. The DNS, DNS-TCP, ISAKMP, PPTP, SSH and callbook services were found on 1 systems, making them the most common services.
• Page 3 Audit Report 2. Discovered Systems Node Operating System Risk Aliases 9 x x x x x x2 Linux 1.27 194 MikroTik
Page 4 Audit Report 3. Discovered and Potential Vulnerabilities 3.1. Critical Vulnerabilities No critical vulnerabilities were reported. 3.2. Severe Vulnerabilities 3.2.1. TCP Sequence Number Approximation Vulnerability (tcp-seq-num-approximation) Description: TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. Affected Nodes: Affected Nodes: Additional Information: 9 x x x x x x2 TCP reset with incorrect sequence number triggered this fault on 9 x x x x x x2:2x x0: An existing connection was forcibly closed by the remote host References: Source Reference BID 10183 CERT TA04-111A CERT-VN 415294 CVE CVE-2004-0230 MS MS05-019 MS MS06-064 NETBSD NetBSD-SA2004-006 OSVDB 4030 OVAL OVAL2689 OVAL OVAL270 OVAL OVAL3508 OVAL OVAL4791 OVAL OVAL5711
• • • • • • • • Page 5 Audit Report Source Reference SECUNIA 11440 SECUNIA 11458 SECUNIA 22341 SGI 20040403-01-A URL ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc URL http://tools.ietf.org/html/draft-ietf-tcpm-tcpsecure-12 URL http://www.uniras.gov.uk/vuls/2004/236929/index.htm XF 15886 Vulnerability Solution: Enable TCP MD5 Signatures Enable the TCP MD5 signature option as documented in RFC 2385. It was designed to reduce the danger from certain security attacks on BGP, such as TCP resets. Microsoft Windows 2000 SP4 OR SP3 (x86), Microsoft Windows 2000 Professional SP4 OR SP3 (x86), Microsoft Windows 2000 Server SP4 OR SP3 (x86), Microsoft Windows 2000 Advanced Server SP4 OR SP3 (x86), Microsoft Windows 2000 Datacenter Server SP4 OR SP3 (x86) MS05-019: Security Update for Windows 2000 (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows Server 2003 < SP1 (x86), Microsoft Windows Server 2003, Standard Edition < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition < SP1 (x86), Microsoft Windows Server 2003, Web Edition < SP1 (x86), Microsoft Windows Small Business Server 2003 < SP1 (x86) MS05-019: Security Update for Windows Server 2003 (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows XP Professional SP2 OR SP1 (x86), Microsoft Windows XP Home SP2 OR SP1 (x86) MS05-019: Security Update for Windows XP (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows XP Professional SP1 OR SP2 (x86), Microsoft Windows XP Home SP1 OR SP2 (x86) MS06-064: Security Update for Windows XP (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 (x86_64), Microsoft Windows Server 2003, Standard Edition SP1 (x86_64), Microsoft Windows Server 2003, Enterprise Edition SP1 (x86_64), Microsoft Windows Server 2003, Datacenter Edition SP1 (x86_64), Microsoft Windows Server 2003, Web Edition SP1 (x86_64), Microsoft Windows Small Business Server 2003 SP1 (x86_64) MS06-064: Security Update for Windows Server 2003 x64 Edition (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows XP Professional SP1 (x86_64) MS06-064: Security Update for Windows XP x64 Edition (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Datacenter Edition SP1
• • Page 6 Audit Report OR < SP1 (ia64), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (ia64), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (ia64) MS06-064: Security Update for Windows Server 2003 for Itanium-based Systems (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (x86), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (x86) MS06-064: Security Update for Windows Server 2003 (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Locate and fix vulnerable traffic inspection devices along the route to the target In many situations, target systems are, by themselves, patched or otherwise unaffected by this vulnerability. In certain configurations, however, unaffected systems can be made vulnerable if the path between an attacker and the target system contains an affected and unpatched network device such as a firewall or router and that device is responsible for handling TCP connections for the target. In this case, locate and apply remediation steps for network devices along the route that are affected. 3.3. Moderate Vulnerabilities 3.3.1. ICMP timestamp response (generic-icmp-timestamp) Description: The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some systems to exploit weak time-based random number generators in other services. In addition, the versions of some operating systems can be accurately fingerprinted by analyzing their responses to invalid ICMP timestamp requests. Affected Nodes: Affected Nodes: Additional Information: 9 x x x x x x2 Remote system time: 01:35:38.205 PDT References: Source Reference CVE CVE-1999-0524 OSVDB 95 XF 306 XF 322
• • • • • Page 7 Audit Report Vulnerability Solution: HP-UX Disable ICMP timestamp responses on HP/UX Execute the following command: ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Cisco IOS Disable ICMP timestamp responses on Cisco IOS Use ACLs to block ICMP types 13 and 14. For example: deny icmp any any 13 deny icmp any any 14 Note that it is generally preferable to use ACLs that block everything by default and then selectively allow certain types of traffic in. For example, block everything and then only allow ICMP unreachable, ICMP echo reply, ICMP time exceeded, and ICMP source quench: permit icmp any any unreachable permit icmp any any echo-reply permit icmp any any time-exceeded permit icmp any any source-quench The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). SGI Irix Disable ICMP timestamp responses on SGI Irix IRIX does not offer a way to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using ipfilterd, and/or block it at any external firewalls. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Linux Disable ICMP timestamp responses on Linux Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using iptables, and/or block it at the firewall. For example: ipchains -A input -p icmp --icmp-type timestamp-request -j DROP ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition Disable ICMP timestamp responses on Windows NT 4
• • • • Page 8 Audit Report Windows NT 4 does not provide a way to block ICMP packets. Therefore, you should block them at the firewall. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). OpenBSD Disable ICMP timestamp responses on OpenBSD Set the "net.inet.icmp.tstamprepl" sysctl variable to 0. sysctl -w net.inet.icmp.tstamprepl=0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Cisco PIX Disable ICMP timestamp responses on Cisco PIX A properly configured PIX firewall should never respond to ICMP packets on its external interface. In PIX Software versions 4.1(6) until 5.2.1, ICMP traffic to the PIX's internal interface is permitted; the PIX cannot be configured to NOT respond. Beginning in PIX Software version 5.2.1, ICMP is still permitted on the internal interface by default, but ICMP responses from its internal interfaces can be disabled with the icmp command, as follows, where <inside> is the name of the internal interface: icmp deny any 13 <inside> icmp deny any 14 <inside> Don't forget to save the configuration when you are finished. See Cisco's support document Handling ICMP Pings with the PIX Firewall for more information. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Sun Solaris Disable ICMP timestamp responses on Solaris Execute the following commands: /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp 0 /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server Disable ICMP timestamp responses on Windows 2000 Use the IPSec filter feature to define and apply an IP filter list that blocks ICMP types 13 and 14. Note that the standard TCP/IP blocking capability under the "Networking and Dialup Connections" control panel is NOT capable of blocking ICMP (only TCP and UDP). The IPSec filter features, while they may seem strictly related to the IPSec standards, will allow you to selectively block these ICMP packets. See http://support.microsoft.com/kb/313190 for more information. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).
• 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. • 1. 2. 3. 4. 5. 6. • Page 9 Audit Report Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003 Disable ICMP timestamp responses on Windows XP/2K3 ICMP timestamp responses can be disabled by deselecting the "allow incoming timestamp request" option in the ICMP configuration panel of Windows Firewall. Go to the Network Connections control panel. Right click on the network adapter and select "properties", or select the internet adapter and select File->Properties. Select the "Advanced" tab. In the Windows Firewall box, select "Settings". Select the "General" tab. Enable the firewall by selecting the "on (recommended)" option. Select the "Advanced" tab. In the ICMP box, select "Settings". Deselect (uncheck) the "Allow incoming timestamp request" option. Select "OK" to exit the ICMP Settings dialog and save the settings. Select "OK" to exit the Windows Firewall dialog and save the settings. Select "OK" to exit the internet adapter dialog. For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/hnw_understanding_firewall.mspx?mfr=true Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008 Disable ICMP timestamp responses on Windows Vista/2008 ICMP timestamp responses can be disabled via the netsh command line utility. Go to the Windows Control Panel. Select "Windows Firewall". In the Windows Firewall box, select "Change Settings". Enable the firewall by selecting the "on (recommended)" option. Open a Command Prompt. Enter "netsh firewall set icmpsetting 13 disable" For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/hnw_understanding_firewall.mspx?mfr=true Disable ICMP timestamp responses Disable ICMP timestamp replies for the device. If the device does not support this level of configuration, the easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14
Page 10 Audit Report (timestamp response).
• • • • Page 11 Audit Report 4. Discovered Services 4.1. DNS DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser. 4.1.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 udp 53 0 4.2. DNS-TCP DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser. This service is used primarily for zone transfers between DNS servers. It can, however, be used for standard DNS queries as well. 4.2.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 53 0 4.3. ISAKMP ISAKMP, the Internet Security Association and Key Management Protocol, is used to negotiate and manage security associations for protocols. IKE, the Internet Key Exchange protocol, combines the ISAKMP, Oakley and SKEME protocols to negotiate key exchanges. IPSec, the IP Security protocol uses IKE and ISAKMP to negotiate the encryption and authentication mechanisms to be used. 4.3.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 udp 500 0 4.4. PPTP The Point-to-Point Tunneling Protocol (PPTP) is an extension to PPP. It allows PPP packets to be wrapped in IP datagrams for transmission over a TCP/IP network. 4.4.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 1723 0 firmware-revision: 1 hostname: MikroTik vendor: MikroTik version: 1.0
Page 12 Audit Report 4.5. SSH SSH, or Secure SHell, is designed to be a replacement for the aging Telnet protocol. It primarily adds encryption and data integrity to Telnet, but can also provide superior authentication mechanisms such as public key authentication. 4.5.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 22 0 4.6. callbook 4.6.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 2000 0
Page 13 Audit Report 5. Discovered Users and Groups No user or group information was discovered during the scan.
Page 14 Audit Report 6. Discovered Databases No database information was discovered during the scan.
Page 15 Audit Report 7. Discovered Files and Directories No file or directory information was discovered during the scan.
Page 16 Audit Report 8. Policy Evaluations No policy evaluations were performed.
Page 17 Audit Report 9. Spidered Web Sites No web sites were spidered during the scan.
Ad

Recommended

Report PAPID 7
Report PAPID 7Report PAPID 7
Report PAPID 7
Sergey Yrievich
 
Отчет Csa report RAPID7
Отчет Csa report RAPID7Отчет Csa report RAPID7
Отчет Csa report RAPID7
Sergey Yrievich
 
Отчет Executive overview RAPID7
Отчет Executive overview RAPID7Отчет Executive overview RAPID7
Отчет Executive overview RAPID7
Sergey Yrievich
 
Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7Отчет Executive penetration RAPID 7
Отчет Executive penetration RAPID 7
Sergey Yrievich
 
資安控管實務技術
資安控管實務技術資安控管實務技術
資安控管實務技術
bv8af4
 
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
 
ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019ENPM808 Independent Study Final Report - amaster 2019
ENPM808 Independent Study Final Report - amaster 2019
Alexander Master
 
Internal penetration test_hitchhackers_guide
Internal penetration test_hitchhackers_guideInternal penetration test_hitchhackers_guide
Internal penetration test_hitchhackers_guide
Darin Fredde
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buenaño
 
CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014
Đồng Quốc Vương
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slides
Amy Gerrie
 
How the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development LifecycleHow the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development Lifecycle
Seungjoo Kim
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Security Session
 
Recommended Software and Modifications for Server Security
Recommended Software and Modifications for Server SecurityRecommended Software and Modifications for Server Security
Recommended Software and Modifications for Server Security
HTS Hosting
 
Accurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilegeAccurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilege
UltraUploader
 
business
businessbusiness
business
Gajendra Saini
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Time-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerTime-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN Controller
Lippo Group Digital
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
David Sweigert
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
ShortestPathFirst
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Firewall arch by Tareq Hanaysha
Firewall arch by Tareq HanayshaFirewall arch by Tareq Hanaysha
Firewall arch by Tareq Hanaysha
Hanaysha
 
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit FrameworkIRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET Journal
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and Mitigation
Jerod Brennen
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3
Muhammad Denis Iqbal
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for Mainframes
Cheryl Biswas
 
Computer Security: Worms
Computer Security: WormsComputer Security: Worms
Computer Security: Worms
Sabidur Rahman
 
Network_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdfNetwork_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdf
TngPhanThanh8
 
MS08 067
MS08 067MS08 067
MS08 067
Tim Krabec
 
Ad

More Related Content

What's hot (20)

26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buenaño
 
CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014
Đồng Quốc Vương
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slides
Amy Gerrie
 
How the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development LifecycleHow the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development Lifecycle
Seungjoo Kim
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Security Session
 
Recommended Software and Modifications for Server Security
Recommended Software and Modifications for Server SecurityRecommended Software and Modifications for Server Security
Recommended Software and Modifications for Server Security
HTS Hosting
 
Accurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilegeAccurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilege
UltraUploader
 
business
businessbusiness
business
Gajendra Saini
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Time-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerTime-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN Controller
Lippo Group Digital
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
David Sweigert
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
ShortestPathFirst
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Firewall arch by Tareq Hanaysha
Firewall arch by Tareq HanayshaFirewall arch by Tareq Hanaysha
Firewall arch by Tareq Hanaysha
Hanaysha
 
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit FrameworkIRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET Journal
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and Mitigation
Jerod Brennen
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3
Muhammad Denis Iqbal
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for Mainframes
Cheryl Biswas
 
Computer Security: Worms
Computer Security: WormsComputer Security: Worms
Computer Security: Worms
Sabidur Rahman
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buenaño
 
CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014CCNA 1 Chapter 11 v5.0 2014
CCNA 1 Chapter 11 v5.0 2014
Đồng Quốc Vương
 
FireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slidesFireSIGHT Management Center (FMC) slides
FireSIGHT Management Center (FMC) slides
Amy Gerrie
 
How the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development LifecycleHow the CC Harmonizes with Secure Software Development Lifecycle
How the CC Harmonizes with Secure Software Development Lifecycle
Seungjoo Kim
 
Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Security Session
 
Recommended Software and Modifications for Server Security
Recommended Software and Modifications for Server SecurityRecommended Software and Modifications for Server Security
Recommended Software and Modifications for Server Security
HTS Hosting
 
Accurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilegeAccurately detecting source code of attacks that increase privilege
Accurately detecting source code of attacks that increase privilege
UltraUploader
 
business
businessbusiness
business
Gajendra Saini
 
Hardening Database Server
Hardening Database ServerHardening Database Server
Hardening Database Server
Fahri Firdausillah
 
Time-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN ControllerTime-based DDoS Detection and Mitigation for SDN Controller
Time-based DDoS Detection and Mitigation for SDN Controller
Lippo Group Digital
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
David Sweigert
 
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
DDoS Open Threat Signaling (DOTS) Working Group Presentation on draft-ietf-do...
ShortestPathFirst
 
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Monitoring Privileged User Actions for Security and Compliance with SureLog: ...
Ertugrul Akbas
 
Firewall arch by Tareq Hanaysha
Firewall arch by Tareq HanayshaFirewall arch by Tareq Hanaysha
Firewall arch by Tareq Hanaysha
Hanaysha
 
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit FrameworkIRJET- A Study on Penetration Testing using Metasploit Framework
IRJET- A Study on Penetration Testing using Metasploit Framework
IRJET Journal
 
DDoS Attack Preparation and Mitigation
DDoS Attack Preparation and MitigationDDoS Attack Preparation and Mitigation
DDoS Attack Preparation and Mitigation
Jerod Brennen
 
technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3technical overview - endpoint protection 10.3.3
technical overview - endpoint protection 10.3.3
Muhammad Denis Iqbal
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for Mainframes
Cheryl Biswas
 
Computer Security: Worms
Computer Security: WormsComputer Security: Worms
Computer Security: Worms
Sabidur Rahman
 

Similar to Отчет Audit report RAPID7 (20)

Network_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdfNetwork_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdf
TngPhanThanh8
 
MS08 067
MS08 067MS08 067
MS08 067
Tim Krabec
 
G3t R00t at IUT
G3t R00t at IUTG3t R00t at IUT
G3t R00t at IUT
Nahidul Kibria
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment Report
Harshit Singh Bhatia
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Martin Holovský
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
Lori Head
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Olli-Pekka Niemi
 
Troubleshooting basic networks
Troubleshooting basic networksTroubleshooting basic networks
Troubleshooting basic networks
Arnold Derrick Kinney
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
IRJET Journal
 
Oscon2008 network-troubleshooting-v1
Oscon2008 network-troubleshooting-v1Oscon2008 network-troubleshooting-v1
Oscon2008 network-troubleshooting-v1
sabry khalil
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days
 
Intrusion Techniques
Intrusion TechniquesIntrusion Techniques
Intrusion Techniques
Festival Software Livre
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
aaajjj4
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
dcalhoun1984
 
The Art of defence: How vulnerabilites help shape security features and mitig...
The Art of defence: How vulnerabilites help shape security features and mitig...The Art of defence: How vulnerabilites help shape security features and mitig...
The Art of defence: How vulnerabilites help shape security features and mitig...
Priyanka Aash
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
Network_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdfNetwork_Forenic_Training_for_beginner.pdf
Network_Forenic_Training_for_beginner.pdf
TngPhanThanh8
 
MS08 067
MS08 067MS08 067
MS08 067
Tim Krabec
 
G3t R00t at IUT
G3t R00t at IUTG3t R00t at IUT
G3t R00t at IUT
Nahidul Kibria
 
Vulnerability Assessment Report
Vulnerability Assessment ReportVulnerability Assessment Report
Vulnerability Assessment Report
Harshit Singh Bhatia
 
Practical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacksPractical steps to mitigate DDoS attacks
Practical steps to mitigate DDoS attacks
Martin Holovský
 
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 29Tuts.Com New CCNA 200-120 New CCNA New Questions 2
9Tuts.Com New CCNA 200-120 New CCNA New Questions 2
Lori Head
 
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wpUs 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Us 13-opi-evading-deep-inspection-for-fun-and-shell-wp
Olli-Pekka Niemi
 
Troubleshooting basic networks
Troubleshooting basic networksTroubleshooting basic networks
Troubleshooting basic networks
Arnold Derrick Kinney
 
Network Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain EssayNetwork Vulnerabilities And Cyber Kill Chain Essay
Network Vulnerabilities And Cyber Kill Chain Essay
Karen Oliver
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
A REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURESA REVIEW ON NMAP AND ITS FEATURES
A REVIEW ON NMAP AND ITS FEATURES
IRJET Journal
 
Oscon2008 network-troubleshooting-v1
Oscon2008 network-troubleshooting-v1Oscon2008 network-troubleshooting-v1
Oscon2008 network-troubleshooting-v1
sabry khalil
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days
 
Intrusion Techniques
Intrusion TechniquesIntrusion Techniques
Intrusion Techniques
Festival Software Livre
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
aaajjj4
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
dcalhoun1984
 
The Art of defence: How vulnerabilites help shape security features and mitig...
The Art of defence: How vulnerabilites help shape security features and mitig...The Art of defence: How vulnerabilites help shape security features and mitig...
The Art of defence: How vulnerabilites help shape security features and mitig...
Priyanka Aash
 
Hunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentationHunting for APT in network logs workshop presentation
Hunting for APT in network logs workshop presentation
OlehLevytskyi1
 
Ad

More from Sergey Yrievich (20)

Uninterruptible power adoption trends to 2025
Uninterruptible power adoption trends to 2025Uninterruptible power adoption trends to 2025
Uninterruptible power adoption trends to 2025
Sergey Yrievich
 
Свод знаний управление проектами
Свод знаний управление проектамиСвод знаний управление проектами
Свод знаний управление проектами
Sergey Yrievich
 
IoT— концепция, изменяющая мир
IoT— концепция, изменяющая мирIoT— концепция, изменяющая мир
IoT— концепция, изменяющая мир
Sergey Yrievich
 
UI report
UI reportUI report
UI report
Sergey Yrievich
 
2020 battery market Ukraine
2020 battery market Ukraine2020 battery market Ukraine
2020 battery market Ukraine
Sergey Yrievich
 
Salt batteries. Sodium Nickel Chloride batteries.
Salt batteries. Sodium Nickel Chloride batteries.Salt batteries. Sodium Nickel Chloride batteries.
Salt batteries. Sodium Nickel Chloride batteries.
Sergey Yrievich
 
Компьютерное обозрение N48 2000 г.
Компьютерное обозрение N48 2000 г.Компьютерное обозрение N48 2000 г.
Компьютерное обозрение N48 2000 г.
Sergey Yrievich
 
Wiring unlimited.
Wiring unlimited.Wiring unlimited.
Wiring unlimited.
Sergey Yrievich
 
Toshiba Rechargeable Battery SCiB™
Toshiba Rechargeable Battery SCiB™Toshiba Rechargeable Battery SCiB™
Toshiba Rechargeable Battery SCiB™
Sergey Yrievich
 
Eaton 9 sx UPS user manual ru
Eaton 9 sx UPS user manual ruEaton 9 sx UPS user manual ru
Eaton 9 sx UPS user manual ru
Sergey Yrievich
 
Инструкция пользователя ИБП GXT2 10кВА 230
Инструкция пользователя ИБП GXT2 10кВА 230Инструкция пользователя ИБП GXT2 10кВА 230
Инструкция пользователя ИБП GXT2 10кВА 230
Sergey Yrievich
 
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
Sergey Yrievich
 
Кабельная трасса, схема обвязки оборудования 0,4кВ
Кабельная трасса, схема обвязки оборудования 0,4кВКабельная трасса, схема обвязки оборудования 0,4кВ
Кабельная трасса, схема обвязки оборудования 0,4кВ
Sergey Yrievich
 
Техническая спецификация, гибридный инвертор резервного электропитания
Техническая спецификация, гибридный инвертор резервного электропитанияТехническая спецификация, гибридный инвертор резервного электропитания
Техническая спецификация, гибридный инвертор резервного электропитания
Sergey Yrievich
 
21.04.2017 резервное электропитание
21.04.2017 резервное электропитание21.04.2017 резервное электропитание
21.04.2017 резервное электропитание
Sergey Yrievich
 
ДСТУ IEC 62040-3:1999 IDT
ДСТУ IEC 62040-3:1999 IDTДСТУ IEC 62040-3:1999 IDT
ДСТУ IEC 62040-3:1999 IDT
Sergey Yrievich
 
Электронные Стабилизаторы
Электронные СтабилизаторыЭлектронные Стабилизаторы
Электронные Стабилизаторы
Sergey Yrievich
 
Электронные Стабилизаторы часть вторая
Электронные Стабилизаторы часть втораяЭлектронные Стабилизаторы часть вторая
Электронные Стабилизаторы часть вторая
Sergey Yrievich
 
Октаэдры с эмос
Октаэдры с эмосОктаэдры с эмос
Октаэдры с эмос
Sergey Yrievich
 
Tier Standard Topology
Tier Standard TopologyTier Standard Topology
Tier Standard Topology
Sergey Yrievich
 
Uninterruptible power adoption trends to 2025
Uninterruptible power adoption trends to 2025Uninterruptible power adoption trends to 2025
Uninterruptible power adoption trends to 2025
Sergey Yrievich
 
Свод знаний управление проектами
Свод знаний управление проектамиСвод знаний управление проектами
Свод знаний управление проектами
Sergey Yrievich
 
IoT— концепция, изменяющая мир
IoT— концепция, изменяющая мирIoT— концепция, изменяющая мир
IoT— концепция, изменяющая мир
Sergey Yrievich
 
UI report
UI reportUI report
UI report
Sergey Yrievich
 
2020 battery market Ukraine
2020 battery market Ukraine2020 battery market Ukraine
2020 battery market Ukraine
Sergey Yrievich
 
Salt batteries. Sodium Nickel Chloride batteries.
Salt batteries. Sodium Nickel Chloride batteries.Salt batteries. Sodium Nickel Chloride batteries.
Salt batteries. Sodium Nickel Chloride batteries.
Sergey Yrievich
 
Компьютерное обозрение N48 2000 г.
Компьютерное обозрение N48 2000 г.Компьютерное обозрение N48 2000 г.
Компьютерное обозрение N48 2000 г.
Sergey Yrievich
 
Wiring unlimited.
Wiring unlimited.Wiring unlimited.
Wiring unlimited.
Sergey Yrievich
 
Toshiba Rechargeable Battery SCiB™
Toshiba Rechargeable Battery SCiB™Toshiba Rechargeable Battery SCiB™
Toshiba Rechargeable Battery SCiB™
Sergey Yrievich
 
Eaton 9 sx UPS user manual ru
Eaton 9 sx UPS user manual ruEaton 9 sx UPS user manual ru
Eaton 9 sx UPS user manual ru
Sergey Yrievich
 
Инструкция пользователя ИБП GXT2 10кВА 230
Инструкция пользователя ИБП GXT2 10кВА 230Инструкция пользователя ИБП GXT2 10кВА 230
Инструкция пользователя ИБП GXT2 10кВА 230
Sergey Yrievich
 
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
«Вперше в Україні – унікальна система автоматизованого контролю прав на об’єк...
Sergey Yrievich
 
Кабельная трасса, схема обвязки оборудования 0,4кВ
Кабельная трасса, схема обвязки оборудования 0,4кВКабельная трасса, схема обвязки оборудования 0,4кВ
Кабельная трасса, схема обвязки оборудования 0,4кВ
Sergey Yrievich
 
Техническая спецификация, гибридный инвертор резервного электропитания
Техническая спецификация, гибридный инвертор резервного электропитанияТехническая спецификация, гибридный инвертор резервного электропитания
Техническая спецификация, гибридный инвертор резервного электропитания
Sergey Yrievich
 
21.04.2017 резервное электропитание
21.04.2017 резервное электропитание21.04.2017 резервное электропитание
21.04.2017 резервное электропитание
Sergey Yrievich
 
ДСТУ IEC 62040-3:1999 IDT
ДСТУ IEC 62040-3:1999 IDTДСТУ IEC 62040-3:1999 IDT
ДСТУ IEC 62040-3:1999 IDT
Sergey Yrievich
 
Электронные Стабилизаторы
Электронные СтабилизаторыЭлектронные Стабилизаторы
Электронные Стабилизаторы
Sergey Yrievich
 
Электронные Стабилизаторы часть вторая
Электронные Стабилизаторы часть втораяЭлектронные Стабилизаторы часть вторая
Электронные Стабилизаторы часть вторая
Sergey Yrievich
 
Октаэдры с эмос
Октаэдры с эмосОктаэдры с эмос
Октаэдры с эмос
Sergey Yrievich
 
Tier Standard Topology
Tier Standard TopologyTier Standard Topology
Tier Standard Topology
Sergey Yrievich
 
Ad

Recently uploaded (20)

Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
UXPA Boston
 
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
ICT Frame Magazine Pvt. Ltd.
 
Right to liberty and security of a person.pdf
Right to liberty and security of a person.pdfRight to liberty and security of a person.pdf
Right to liberty and security of a person.pdf
danielbraico197
 
DevOpsDays SLC - Platform Engineers are Product Managers.pptx
DevOpsDays SLC - Platform Engineers are Product Managers.pptxDevOpsDays SLC - Platform Engineers are Product Managers.pptx
DevOpsDays SLC - Platform Engineers are Product Managers.pptx
Justin Reock
 
Building Connected Agents: An Overview of Google's ADK and A2A Protocol
Building Connected Agents: An Overview of Google's ADK and A2A ProtocolBuilding Connected Agents: An Overview of Google's ADK and A2A Protocol
Building Connected Agents: An Overview of Google's ADK and A2A Protocol
Suresh Peiris
 
Understanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdfUnderstanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdf
Fulcrum Concepts, LLC
 
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdfICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
Eryk Budi Pratama
 
Cybersecurity Tools and Technologies - Microsoft Certificate
Cybersecurity Tools and Technologies - Microsoft CertificateCybersecurity Tools and Technologies - Microsoft Certificate
Cybersecurity Tools and Technologies - Microsoft Certificate
VICTOR MAESTRE RAMIREZ
 
Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Kit-Works Team Study_아직도 Dockefile.pdf_김성호Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Wonjun Hwang
 
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Christian Folini
 
Design pattern talk by Kaya Weers - 2025 (v2)
Design pattern talk by Kaya Weers - 2025 (v2)Design pattern talk by Kaya Weers - 2025 (v2)
Design pattern talk by Kaya Weers - 2025 (v2)
Kaya Weers
 
Build With AI - In Person Session Slides.pdf
Build With AI - In Person Session Slides.pdfBuild With AI - In Person Session Slides.pdf
Build With AI - In Person Session Slides.pdf
Google Developer Group - Harare
 
React Native for Business Solutions: Building Scalable Apps for Success
React Native for Business Solutions: Building Scalable Apps for SuccessReact Native for Business Solutions: Building Scalable Apps for Success
React Native for Business Solutions: Building Scalable Apps for Success
Amelia Swank
 
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
SOFTTECHHUB
 
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptxUiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
anabulhac
 
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Alan Dix
 
Mastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B LandscapeMastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B Landscape
marketing943205
 
Secondary Storage for a microcontroller system
Secondary Storage for a microcontroller systemSecondary Storage for a microcontroller system
Secondary Storage for a microcontroller system
fizarcse
 
Building the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdfBuilding the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdf
Cheryl Hung
 
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdfKit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Wonjun Hwang
 
Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
Longitudinal Benchmark: A Real-World UX Case Study in Onboarding by Linda Bor...
UXPA Boston
 
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
MULTI-STAKEHOLDER CONSULTATION PROGRAM On Implementation of DNF 2.0 and Way F...
ICT Frame Magazine Pvt. Ltd.
 
Right to liberty and security of a person.pdf
Right to liberty and security of a person.pdfRight to liberty and security of a person.pdf
Right to liberty and security of a person.pdf
danielbraico197
 
DevOpsDays SLC - Platform Engineers are Product Managers.pptx
DevOpsDays SLC - Platform Engineers are Product Managers.pptxDevOpsDays SLC - Platform Engineers are Product Managers.pptx
DevOpsDays SLC - Platform Engineers are Product Managers.pptx
Justin Reock
 
Building Connected Agents: An Overview of Google's ADK and A2A Protocol
Building Connected Agents: An Overview of Google's ADK and A2A ProtocolBuilding Connected Agents: An Overview of Google's ADK and A2A Protocol
Building Connected Agents: An Overview of Google's ADK and A2A Protocol
Suresh Peiris
 
Understanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdfUnderstanding SEO in the Age of AI.pdf
Understanding SEO in the Age of AI.pdf
Fulcrum Concepts, LLC
 
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdfICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
ICDCC 2025: Securing Agentic AI - Eryk Budi Pratama.pdf
Eryk Budi Pratama
 
Cybersecurity Tools and Technologies - Microsoft Certificate
Cybersecurity Tools and Technologies - Microsoft CertificateCybersecurity Tools and Technologies - Microsoft Certificate
Cybersecurity Tools and Technologies - Microsoft Certificate
VICTOR MAESTRE RAMIREZ
 
Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Kit-Works Team Study_아직도 Dockefile.pdf_김성호Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Kit-Works Team Study_아직도 Dockefile.pdf_김성호
Wonjun Hwang
 
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Crazy Incentives and How They Kill Security. How Do You Turn the Wheel?
Christian Folini
 
Design pattern talk by Kaya Weers - 2025 (v2)
Design pattern talk by Kaya Weers - 2025 (v2)Design pattern talk by Kaya Weers - 2025 (v2)
Design pattern talk by Kaya Weers - 2025 (v2)
Kaya Weers
 
Build With AI - In Person Session Slides.pdf
Build With AI - In Person Session Slides.pdfBuild With AI - In Person Session Slides.pdf
Build With AI - In Person Session Slides.pdf
Google Developer Group - Harare
 
React Native for Business Solutions: Building Scalable Apps for Success
React Native for Business Solutions: Building Scalable Apps for SuccessReact Native for Business Solutions: Building Scalable Apps for Success
React Native for Business Solutions: Building Scalable Apps for Success
Amelia Swank
 
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
OpenAI Just Announced Codex: A cloud engineering agent that excels in handlin...
SOFTTECHHUB
 
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptxUiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
UiPath AgentHack - Build the AI agents of tomorrow_Enablement 1.pptx
anabulhac
 
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Who's choice? Making decisions with and about Artificial Intelligence, Keele ...
Alan Dix
 
Mastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B LandscapeMastering Testing in the Modern F&B Landscape
Mastering Testing in the Modern F&B Landscape
marketing943205
 
Secondary Storage for a microcontroller system
Secondary Storage for a microcontroller systemSecondary Storage for a microcontroller system
Secondary Storage for a microcontroller system
fizarcse
 
Building the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdfBuilding the Customer Identity Community, Together.pdf
Building the Customer Identity Community, Together.pdf
Cheryl Hung
 
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdfKit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Kit-Works Team Study_팀스터디_김한솔_nuqs_20250509.pdf
Wonjun Hwang
 

Отчет Audit report RAPID7

  • 1. Audit Report Audit_report_pdf Audited on May 28, 2014 Reported on May 28, 2014
  • 2. Page 1 Audit Report 1. Executive Summary This report represents a security audit performed by Nexpose from Rapid7 LLC. It contains confidential information about the state of your network. Access to this information by unauthorized personnel may allow them to compromise your network. Site Name Start Time End Time Total Time Status mikrotik-vpn ( 9 x x x x x x 2 ) May 28, 2014 01:29, PDT May 28, 2014 01:35, PDT 6 minutes Success There is not enough historical data to display risk trend. The audit was performed on one system which was found to be active and was scanned. There were 2 vulnerabilities found during this scan. No critical vulnerabilities were found. Critical vulnerabilities require immediate attention. They are relatively easy for attackers to exploit and may provide them with full control of the affected systems. One vulnerability was severe. Severe vulnerabilities are often harder to exploit and may not provide the same access to affected systems. There was one moderate vulnerability discovered. These often provide information to attackers that may assist them in mounting subsequent attacks on your network. These should also be fixed in a timely manner, but are not as urgent as the other vulnerabilities. There were 1 occurrences of the tcp-seq-num-approximation and generic-icmp-timestamp vulnerabilities, making them the most common vulnerabilities. There were 2 vulnerabilities in the Network category, making it the most common vulnerability category.
  • 3. Page 2 Audit Report The tcp-seq-num-approximation vulnerability poses the highest risk to the organization with a risk score of 194. Risk scores are based on the types and numbers of vulnerabilities on affected assets. One operating system was identified during this scan. There were 6 services found to be running during this scan. The DNS, DNS-TCP, ISAKMP, PPTP, SSH and callbook services were found on 1 systems, making them the most common services.
  • 4. • Page 3 Audit Report 2. Discovered Systems Node Operating System Risk Aliases 9 x x x x x x2 Linux 1.27 194 MikroTik
  • 5. Page 4 Audit Report 3. Discovered and Potential Vulnerabilities 3.1. Critical Vulnerabilities No critical vulnerabilities were reported. 3.2. Severe Vulnerabilities 3.2.1. TCP Sequence Number Approximation Vulnerability (tcp-seq-num-approximation) Description: TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. Affected Nodes: Affected Nodes: Additional Information: 9 x x x x x x2 TCP reset with incorrect sequence number triggered this fault on 9 x x x x x x2:2x x0: An existing connection was forcibly closed by the remote host References: Source Reference BID 10183 CERT TA04-111A CERT-VN 415294 CVE CVE-2004-0230 MS MS05-019 MS MS06-064 NETBSD NetBSD-SA2004-006 OSVDB 4030 OVAL OVAL2689 OVAL OVAL270 OVAL OVAL3508 OVAL OVAL4791 OVAL OVAL5711
  • 6. • • • • • • • • Page 5 Audit Report Source Reference SECUNIA 11440 SECUNIA 11458 SECUNIA 22341 SGI 20040403-01-A URL ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc URL http://tools.ietf.org/html/draft-ietf-tcpm-tcpsecure-12 URL http://www.uniras.gov.uk/vuls/2004/236929/index.htm XF 15886 Vulnerability Solution: Enable TCP MD5 Signatures Enable the TCP MD5 signature option as documented in RFC 2385. It was designed to reduce the danger from certain security attacks on BGP, such as TCP resets. Microsoft Windows 2000 SP4 OR SP3 (x86), Microsoft Windows 2000 Professional SP4 OR SP3 (x86), Microsoft Windows 2000 Server SP4 OR SP3 (x86), Microsoft Windows 2000 Advanced Server SP4 OR SP3 (x86), Microsoft Windows 2000 Datacenter Server SP4 OR SP3 (x86) MS05-019: Security Update for Windows 2000 (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows Server 2003 < SP1 (x86), Microsoft Windows Server 2003, Standard Edition < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition < SP1 (x86), Microsoft Windows Server 2003, Web Edition < SP1 (x86), Microsoft Windows Small Business Server 2003 < SP1 (x86) MS05-019: Security Update for Windows Server 2003 (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows XP Professional SP2 OR SP1 (x86), Microsoft Windows XP Home SP2 OR SP1 (x86) MS05-019: Security Update for Windows XP (KB893066) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=36661 Microsoft Windows XP Professional SP1 OR SP2 (x86), Microsoft Windows XP Home SP1 OR SP2 (x86) MS06-064: Security Update for Windows XP (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 (x86_64), Microsoft Windows Server 2003, Standard Edition SP1 (x86_64), Microsoft Windows Server 2003, Enterprise Edition SP1 (x86_64), Microsoft Windows Server 2003, Datacenter Edition SP1 (x86_64), Microsoft Windows Server 2003, Web Edition SP1 (x86_64), Microsoft Windows Small Business Server 2003 SP1 (x86_64) MS06-064: Security Update for Windows Server 2003 x64 Edition (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows XP Professional SP1 (x86_64) MS06-064: Security Update for Windows XP x64 Edition (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (ia64), Microsoft Windows Server 2003, Datacenter Edition SP1
  • 7. • • Page 6 Audit Report OR < SP1 (ia64), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (ia64), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (ia64) MS06-064: Security Update for Windows Server 2003 for Itanium-based Systems (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Microsoft Windows Server 2003 SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Standard Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Enterprise Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Datacenter Edition SP1 OR < SP1 (x86), Microsoft Windows Server 2003, Web Edition SP1 OR < SP1 (x86), Microsoft Windows Small Business Server 2003 SP1 OR < SP1 (x86) MS06-064: Security Update for Windows Server 2003 (KB922819) Download and apply the patch from: http://go.microsoft.com/fwlink/?LinkId=73864 Locate and fix vulnerable traffic inspection devices along the route to the target In many situations, target systems are, by themselves, patched or otherwise unaffected by this vulnerability. In certain configurations, however, unaffected systems can be made vulnerable if the path between an attacker and the target system contains an affected and unpatched network device such as a firewall or router and that device is responsible for handling TCP connections for the target. In this case, locate and apply remediation steps for network devices along the route that are affected. 3.3. Moderate Vulnerabilities 3.3.1. ICMP timestamp response (generic-icmp-timestamp) Description: The remote host responded to an ICMP timestamp request. The ICMP timestamp response contains the remote host's date and time. This information could theoretically be used against some systems to exploit weak time-based random number generators in other services. In addition, the versions of some operating systems can be accurately fingerprinted by analyzing their responses to invalid ICMP timestamp requests. Affected Nodes: Affected Nodes: Additional Information: 9 x x x x x x2 Remote system time: 01:35:38.205 PDT References: Source Reference CVE CVE-1999-0524 OSVDB 95 XF 306 XF 322
  • 8. • • • • • Page 7 Audit Report Vulnerability Solution: HP-UX Disable ICMP timestamp responses on HP/UX Execute the following command: ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Cisco IOS Disable ICMP timestamp responses on Cisco IOS Use ACLs to block ICMP types 13 and 14. For example: deny icmp any any 13 deny icmp any any 14 Note that it is generally preferable to use ACLs that block everything by default and then selectively allow certain types of traffic in. For example, block everything and then only allow ICMP unreachable, ICMP echo reply, ICMP time exceeded, and ICMP source quench: permit icmp any any unreachable permit icmp any any echo-reply permit icmp any any time-exceeded permit icmp any any source-quench The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). SGI Irix Disable ICMP timestamp responses on SGI Irix IRIX does not offer a way to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using ipfilterd, and/or block it at any external firewalls. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Linux Disable ICMP timestamp responses on Linux Linux offers neither a sysctl nor a /proc/sys/net/ipv4 interface to disable ICMP timestamp responses. Therefore, you should block ICMP on the affected host using iptables, and/or block it at the firewall. For example: ipchains -A input -p icmp --icmp-type timestamp-request -j DROP ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Microsoft Windows NT, Microsoft Windows NT Workstation, Microsoft Windows NT Server, Microsoft Windows NT Advanced Server, Microsoft Windows NT Server, Enterprise Edition, Microsoft Windows NT Server, Terminal Server Edition Disable ICMP timestamp responses on Windows NT 4
  • 9. • • • • Page 8 Audit Report Windows NT 4 does not provide a way to block ICMP packets. Therefore, you should block them at the firewall. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). OpenBSD Disable ICMP timestamp responses on OpenBSD Set the "net.inet.icmp.tstamprepl" sysctl variable to 0. sysctl -w net.inet.icmp.tstamprepl=0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Cisco PIX Disable ICMP timestamp responses on Cisco PIX A properly configured PIX firewall should never respond to ICMP packets on its external interface. In PIX Software versions 4.1(6) until 5.2.1, ICMP traffic to the PIX's internal interface is permitted; the PIX cannot be configured to NOT respond. Beginning in PIX Software version 5.2.1, ICMP is still permitted on the internal interface by default, but ICMP responses from its internal interfaces can be disabled with the icmp command, as follows, where <inside> is the name of the internal interface: icmp deny any 13 <inside> icmp deny any 14 <inside> Don't forget to save the configuration when you are finished. See Cisco's support document Handling ICMP Pings with the PIX Firewall for more information. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Sun Solaris Disable ICMP timestamp responses on Solaris Execute the following commands: /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp 0 /usr/sbin/ndd -set /dev/ip ip_respond_to_timestamp_broadcast 0 The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response). Microsoft Windows 2000, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server Disable ICMP timestamp responses on Windows 2000 Use the IPSec filter feature to define and apply an IP filter list that blocks ICMP types 13 and 14. Note that the standard TCP/IP blocking capability under the "Networking and Dialup Connections" control panel is NOT capable of blocking ICMP (only TCP and UDP). The IPSec filter features, while they may seem strictly related to the IPSec standards, will allow you to selectively block these ICMP packets. See http://support.microsoft.com/kb/313190 for more information. The easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14 (timestamp response).
  • 10. • 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. • 1. 2. 3. 4. 5. 6. • Page 9 Audit Report Microsoft Windows XP, Microsoft Windows XP Home, Microsoft Windows XP Professional, Microsoft Windows Server 2003, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Web Edition, Microsoft Windows Small Business Server 2003 Disable ICMP timestamp responses on Windows XP/2K3 ICMP timestamp responses can be disabled by deselecting the "allow incoming timestamp request" option in the ICMP configuration panel of Windows Firewall. Go to the Network Connections control panel. Right click on the network adapter and select "properties", or select the internet adapter and select File->Properties. Select the "Advanced" tab. In the Windows Firewall box, select "Settings". Select the "General" tab. Enable the firewall by selecting the "on (recommended)" option. Select the "Advanced" tab. In the ICMP box, select "Settings". Deselect (uncheck) the "Allow incoming timestamp request" option. Select "OK" to exit the ICMP Settings dialog and save the settings. Select "OK" to exit the Windows Firewall dialog and save the settings. Select "OK" to exit the internet adapter dialog. For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/hnw_understanding_firewall.mspx?mfr=true Microsoft Windows Vista, Microsoft Windows Vista Home, Basic Edition, Microsoft Windows Vista Home, Basic N Edition, Microsoft Windows Vista Home, Premium Edition, Microsoft Windows Vista Ultimate Edition, Microsoft Windows Vista Enterprise Edition, Microsoft Windows Vista Business Edition, Microsoft Windows Vista Business N Edition, Microsoft Windows Vista Starter Edition, Microsoft Windows Server 2008, Microsoft Windows Server 2008 Standard Edition, Microsoft Windows Server 2008 Enterprise Edition, Microsoft Windows Server 2008 Datacenter Edition, Microsoft Windows Server 2008 HPC Edition, Microsoft Windows Server 2008 Web Edition, Microsoft Windows Server 2008 Storage Edition, Microsoft Windows Small Business Server 2008, Microsoft Windows Essential Business Server 2008 Disable ICMP timestamp responses on Windows Vista/2008 ICMP timestamp responses can be disabled via the netsh command line utility. Go to the Windows Control Panel. Select "Windows Firewall". In the Windows Firewall box, select "Change Settings". Enable the firewall by selecting the "on (recommended)" option. Open a Command Prompt. Enter "netsh firewall set icmpsetting 13 disable" For more information, see: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en- us/hnw_understanding_firewall.mspx?mfr=true Disable ICMP timestamp responses Disable ICMP timestamp replies for the device. If the device does not support this level of configuration, the easiest and most effective solution is to configure your firewall to block incoming and outgoing ICMP packets with ICMP types 13 (timestamp request) and 14
  • 12. • • • • Page 11 Audit Report 4. Discovered Services 4.1. DNS DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser. 4.1.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 udp 53 0 4.2. DNS-TCP DNS, the Domain Name System, provides naming services on the Internet. DNS is primarily used to convert names, such as www.rapid7.com to their corresponding IP address for use by network programs, such as a browser. This service is used primarily for zone transfers between DNS servers. It can, however, be used for standard DNS queries as well. 4.2.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 53 0 4.3. ISAKMP ISAKMP, the Internet Security Association and Key Management Protocol, is used to negotiate and manage security associations for protocols. IKE, the Internet Key Exchange protocol, combines the ISAKMP, Oakley and SKEME protocols to negotiate key exchanges. IPSec, the IP Security protocol uses IKE and ISAKMP to negotiate the encryption and authentication mechanisms to be used. 4.3.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 udp 500 0 4.4. PPTP The Point-to-Point Tunneling Protocol (PPTP) is an extension to PPP. It allows PPP packets to be wrapped in IP datagrams for transmission over a TCP/IP network. 4.4.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 1723 0 firmware-revision: 1 hostname: MikroTik vendor: MikroTik version: 1.0
  • 13. Page 12 Audit Report 4.5. SSH SSH, or Secure SHell, is designed to be a replacement for the aging Telnet protocol. It primarily adds encryption and data integrity to Telnet, but can also provide superior authentication mechanisms such as public key authentication. 4.5.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 22 0 4.6. callbook 4.6.1. Discovered Instances of this Service Device Protocol Port Vulnerabilities Additional Information 9 x x x x x x2 tcp 2000 0
  • 14. Page 13 Audit Report 5. Discovered Users and Groups No user or group information was discovered during the scan.
  • 15. Page 14 Audit Report 6. Discovered Databases No database information was discovered during the scan.
  • 16. Page 15 Audit Report 7. Discovered Files and Directories No file or directory information was discovered during the scan.
  • 17. Page 16 Audit Report 8. Policy Evaluations No policy evaluations were performed.
  • 18. Page 17 Audit Report 9. Spidered Web Sites No web sites were spidered during the scan.