Saturday, 2 February 2013

Nessus


Nessus

Nessus’ reports are split into two sections - a summary of the findings
about the host, including the services found to be running and whether
any security issues were found on those services; for the NT host:


Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 8
- Number of security warnings found : 5
- Number of security notes found : 3
TESTED HOSTS
192.168.3.4 (Security holes found)
DETAILS
+ 192.168.3.4 :
. List of open ports :
o www (80/tcp) (Security hole found)
o unknown (135/tcp)
o netbios-ssn (139/tcp) (Security hole found)
o https (443/tcp)
o unknown (1028/tcp)
o unknown (1063/tcp)
o unknown (3924/tcp) (Security warnings found)
o general/tcp (Security hole found)
o general/udp (Security notes found)
o netbios-ns (137/udp) (Security warnings found)


And for our Solaris target:

Nessus Scan Report
------------------
SUMMARY
- Number of hosts which were alive during the test : 1
- Number of security holes found : 4
- Number of security warnings found : 25
TESTED HOSTS
192.168.2.3 (Security problems found)
DETAILS
+ 192.168.2.3 :
. List of open ports :
o echo (7/tcp) (Security warnings found)
o discard (9/tcp)
o daytime (13/tcp) (Security warnings found)
o chargen (19/tcp) (Security warnings found)
o ftp (21/tcp) (Security warnings found)
o telnet (23/tcp) (Security warnings found)
o smtp (25/tcp) (Security hole found)
o time (37/tcp)
o finger (79/tcp) (Security warnings found)
o sunrpc (111/tcp)
o exec (512/tcp) (Security warnings found)

o login (513/tcp) (Security warnings found)
o shell (514/tcp) (Security warnings found)
o printer (515/tcp)
o uucp (540/tcp)
o unknown (1103/tcp)
o unknown (4045/tcp)
o unknown (6000/tcp)
o unknown (6112/tcp)
o unknown (7100/tcp)
o unknown (32777/udp) (Security warnings found)
o unknown (32775/tcp) (Security warnings found)
o unknown (32772/udp) (Security hole found)
o unknown (32776/udp) (Security warnings found)
o unknown (32773/udp) (Security hole found)
o unknown (32775/udp) (Security warnings found)
o unknown (32778/udp) (Security warnings found)
o unknown (32774/udp) (Security warnings found)
o unknown (4045/udp) (Security warnings found)
o unknown (32779/udp) (Security hole found)
o echo (7/udp) (Security warnings found)
o daytime (13/udp) (Security warnings found)
o chargen (19/udp) (Security warnings found)

The reports then provide exact details of the warnings or holes
discovered, for example the NT box is shown to have a number of web
vulnerabilities, including;







at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)