Network Vulnerability Assessment Report
26.09.2007
Sorted by host names

Session name: Edimax BR-6215SRgStart Time:26.09.2007 15:46:36
Finish Time:26.09.2007 16:07:57
Elapsed:0 day(s) 00:21:21
Total records generated:8
high severity:0
Medium severity:0
informational:8


Summary of scanned hosts

HostHolesWarningsOpen portsState
10.0.0.34003Finished


10.0.0.34

ServiceSeverityDescription
microsoft-ds (445/tcp)
Info
Port is open
netbios-ns (137/tcp)
Info
Port is open
www (80/tcp)
Info
Port is open
microsoft-ds (445/tcp)
Info
A CIFS server is running on this port
netbios-ns (137/tcp)
Info

Synopsis :

It is possible to obtain the network name of the remote host.

Description :

The remote host listens on udp port 137 and replies to NetBIOS nbtscan
requests. By sending a wildcard request it is possible to obtain the
name of the remote system and the name of its domain.

Risk factor :

None

Plugin output :

The following 7 NetBIOS names have been gathered :

STORAGE = Computer name
STORAGE = Messenger Service
STORAGE = File Server Service
__MSBROWSE__ = Master Browser
WORKGROUP = Master Browser
WORKGROUP = Browser Service Elections
WORKGROUP = Workgroup / Domain name

This SMB server seems to be a SAMBA server (MAC address is NULL).
CVE : CVE-1999-0621
Other references : OSVDB:13577
general/icmp
Info

Synopsis :

It is possible to determine the exact time set on the remote host.

Description :

The remote host answers to an ICMP timestamp request. This allows an attacker
to know the date which is set on your machine.

This may help him to defeat all your time based authentication protocols.

Solution : filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor :

None / CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)

Plugin output :

The ICMP timestamps seem to be in little endian format (not in network format)
The difference between the local and remote clocks is 31026 seconds

CVE : CVE-1999-0524
general/tcp
Info
The following ports were open at the beginning of the scan but are now closed:

Port 80 was detected as being open but is now closed.

This might be an availability problem related which might be due to the following reasons :

- The remote host is now down, either because a user turned it off during the scan
- A network outage has been experienced during the scan, and the remote
network cannot be reached from the Vulnerability Scanner any more
- This Vulnerability Scanner has been blacklisted by the system administrator
or by automatic intrusion detection/prevention systems which have detected the
vulnerability assessment.

In any case, the audit of the remote host might be incomplete and may need to
be done again

www (80/tcp)
Info
A web server is running on this port