Developer Programmer
شنبه 22 فروردین 1383, 15:51 عصر
روی کامپیوتر خودم واسه اینکه بتونم ASP بنویسم IIS 5 رو نصب کردم و Zone-Alarm
بعد با یه نرم افزار Security Scanner کامپیوترم رو چک کرد
مقداری پورت باز پیدا شد که فکر میکنم بخاطر این بود که به ZoneAlarm اجازه دادم برنامه کار کند
اما اما اما ... مقداری باگ امنیتی پیدا کرد که بعضی ها به ریسک زیاد رسیده اند
کمکم کنید جلوی اینها رو ببندم
متن منتشر شده رو عینا کپی میکنم تا شاید فرجی حاصل شود
<span dir=ltr>
IP Services:SNMP Remote Access
Description SNMP Remote Access for this community
Risk Level: High
How To Fix: Disable SNMP Service or set IP range access.
Community Name public
-------------------
FTP Servers:Anonymous FTP
Port: 21
Description It is recommended that you disable anonymous FTP access if it is not needed. Anonymous FTP access can lead to an attacker gaining information about your system that can possibly lead to them gaining access to your system.
Risk Level: Medium
How To Fix: Follow your FTP server instructions on how to disable anonymous FTP.
CVE CAN-1999-0497
-------------
FTP Servers:FTP Bruteforce
Port: 21
Description FTP Server vurnerabled bruteforce operations.
Risk Level: Medium
How To Fix: Update FTP Server or set Limit for USER/PASS if FTP Server supported this option or install other FTP Server.
CVE GENERIC-MAP-NOMATCH
----------------
IP Services:chargen service
Port: 19
Description The Chargen (Character Generator) service listens on port 19 and can be used to remotely launch a DoS attack against the server running Chargen.
Risk Level: Medium
How To Fix: In Unix: Disable the chargen service in the /etc/inetd.conf file. Restart inetd so changes will take effect.
In Windows NT: Disable the simple TCP/IP service.
CVE CVE-1999-0103
---------------
IP Services:echo service
Port: 7
Description The echo service can be used to create a DoS (Denial of Service) attack against the remote machine.
Risk Level: Low
How To Fix: Disable the echo service.
If you are using Unix disable the echo service in the /etc/inetd.conf file. Restart inetd so changes take effect.
If you are using NT open control panel/services and disable "Simple TCP/IP services".
CVE CVE-1999-0103
----------------
Mail Servers:SMTP without AuthLogin
Port: 25
Description All people can use this SMTP server for send mail without password
Risk Level: Low
How To Fix: Follow your SMTP server's manual on how to install authlogin.
------------------
Web Servers:IISHelp
Port: 80
Description The /iishelp folder contains default files installed by IIS.
Risk Level: Information
How To Fix: It is recommended that you remove this virtual directory and read the help files offline.
Script http://afshin/iishelp/
CVE GENERIC-MAP-NOMATCH
</span>
بعد با یه نرم افزار Security Scanner کامپیوترم رو چک کرد
مقداری پورت باز پیدا شد که فکر میکنم بخاطر این بود که به ZoneAlarm اجازه دادم برنامه کار کند
اما اما اما ... مقداری باگ امنیتی پیدا کرد که بعضی ها به ریسک زیاد رسیده اند
کمکم کنید جلوی اینها رو ببندم
متن منتشر شده رو عینا کپی میکنم تا شاید فرجی حاصل شود
<span dir=ltr>
IP Services:SNMP Remote Access
Description SNMP Remote Access for this community
Risk Level: High
How To Fix: Disable SNMP Service or set IP range access.
Community Name public
-------------------
FTP Servers:Anonymous FTP
Port: 21
Description It is recommended that you disable anonymous FTP access if it is not needed. Anonymous FTP access can lead to an attacker gaining information about your system that can possibly lead to them gaining access to your system.
Risk Level: Medium
How To Fix: Follow your FTP server instructions on how to disable anonymous FTP.
CVE CAN-1999-0497
-------------
FTP Servers:FTP Bruteforce
Port: 21
Description FTP Server vurnerabled bruteforce operations.
Risk Level: Medium
How To Fix: Update FTP Server or set Limit for USER/PASS if FTP Server supported this option or install other FTP Server.
CVE GENERIC-MAP-NOMATCH
----------------
IP Services:chargen service
Port: 19
Description The Chargen (Character Generator) service listens on port 19 and can be used to remotely launch a DoS attack against the server running Chargen.
Risk Level: Medium
How To Fix: In Unix: Disable the chargen service in the /etc/inetd.conf file. Restart inetd so changes will take effect.
In Windows NT: Disable the simple TCP/IP service.
CVE CVE-1999-0103
---------------
IP Services:echo service
Port: 7
Description The echo service can be used to create a DoS (Denial of Service) attack against the remote machine.
Risk Level: Low
How To Fix: Disable the echo service.
If you are using Unix disable the echo service in the /etc/inetd.conf file. Restart inetd so changes take effect.
If you are using NT open control panel/services and disable "Simple TCP/IP services".
CVE CVE-1999-0103
----------------
Mail Servers:SMTP without AuthLogin
Port: 25
Description All people can use this SMTP server for send mail without password
Risk Level: Low
How To Fix: Follow your SMTP server's manual on how to install authlogin.
------------------
Web Servers:IISHelp
Port: 80
Description The /iishelp folder contains default files installed by IIS.
Risk Level: Information
How To Fix: It is recommended that you remove this virtual directory and read the help files offline.
Script http://afshin/iishelp/
CVE GENERIC-MAP-NOMATCH
</span>