Nessus Plugin #14377
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
Arkoon identification
- Family:
- Firewalls
- Category:
- infos
- Copyright:
- This script is Copyright (C) 2004 David Maciejak
- Summary:
- Determines if the remote host is an Arkoon
- Version:
- $Revision: 1.2 $
- Cve_id:
- -
- Bugtraq_id:
- -
- Xrefs:
- -
- Description:
The remote host has the three TCP ports 822, 1750, 1751
open.
It's very likely that this host is an Arkoon security dedicated
appliance with ports
TCP/822 dedicated to ssh service
TCP/1750 dedicated to Arkoon Manager
TCP/1751 dedicated to Arkoon Monitoring
Letting attackers know that you are using an Arkoon
appliance will help them to focus their attack or will
make them change their strategy.
You should not let them know such information.
Solution : do not allow any connection on the
firewall itself, except for the firewall
protocol, and allow that for trusted sources
only.
If you have a router which performs packet
filtering, then add ACL that disallows the
connection to these ports for unauthorized
systems.
See also : http://www.arkoon.net
Risk factor : Low
Generiert am 27.04.2005 um 18:49:54 Uhr.