| 我是菜鸟.现把扫描好的结果发上去.哪位高人帮我一下.请把步骤写清楚些.真心的感谢了.
我的邮箱: alei2920@sina.com
直接在这里回复也行.谢谢了.
192.168.1.250 (发现安全漏洞)
. OS: Windows; PORT/TCP:
详细资料
+ 192.168.1.250 :
. 开放端口列表 :
o ftp (21/tcp) (发现安全漏洞)
o www (80/tcp) (发现安全漏洞)
o https (443/tcp) (发现安全提示)
o netbios-ssn (139/tcp) (发现安全提示)
o epmap (135/tcp) (发现安全警告)
o smb (139/tcp) (发现安全提示)
o DCE/906b0ce0-c70b-1067-b317-00dd010662da (1025/tcp) (发现安全提示)
o DCE/1ff70682-0a51-30e8-076d-740be8cee98b (1026/tcp) (发现安全提示)
o DCE/82ad4280-036b-11cf-972c-00aa006887b0 (1027/tcp) (发现安全提示)
o netbios-ns (137/udp) (发现安全警告)
o tcp (发现安全提示)
. 端口"ftp (21/tcp)"发现安全漏洞 :
FTP弱口令:
"ftp/[空口令]"
. 端口"ftp (21/tcp)"发现安全漏洞 :
FTP弱口令:
"anonymous/[空口令]"
. 端口"ftp (21/tcp)"发现安全警告 :
Anonymous pub: /
Link: ftp://192.168.1.250/
Readable: YES
Deletable: YES
Make directory: YES
Remove directory: YES
. 端口"ftp (21/tcp)"发现安全警告 :
This FTP service allows anonymous logins. If you do not want to share data
with anyone you do not know, then you should deactivate the anonymous
account,
since it may only cause troubles.
The content of the remote FTP root is :
03-18-05 01:33PM 0 .nessus_test_2
01-25-05 07:00PM 73f649de3f58cf10ceb30c17
02-18-05 07:06AM cc
01-25-05 07:42PM Database
03-18-05 12:17PM HA_winamp295_FZR
03-18-05 12:17PM 3351345 HA_winamp295_FZR.rar
04-03-05 01:31PM mir2
03-18-05 01:33PM 0 nessus_test
01-25-05 07:42PM 2929 price.cfg
03-03-05 03:19AM program
01-25-05 07:42PM 4442 ProxIDMap.dat
01-25-05 07:42PM 19114 pubsrv.cfg
02-06-05 12:55PM Pubwin4服务版备份
02-25-05 03:00PM WUTemp
03-17-05 10:54PM 10129408 会员备份.mdb
03-25-05 10:28AM 净网服务
01-25-05 07:45PM 64 新建 文本文档.txt
03-19-05 07:07PM 新建文件夹
Risk factor : Low
CVE_ID : CAN-1999-0497
NESSUS_ID : 10079
. 端口"ftp (21/tcp)"发现安全提示 :
A FTP server is running on this port.
Here is its banner :
220 xhysf Microsoft FTP Service (Version 5.0).
NESSUS_ID : 10330
. 端口"ftp (21/tcp)"发现安全提示 :
通过登陆目标服务器并经过缓冲器接收可查出FTP服务的类型和版本。这些注册过的标识信息将给予潜在的攻击者们关于他们要攻击的系统的额外信息。版本和类型会在可能的地方被泄露。
解决方案:将这些注册过的标识信息转变为普通类别的信息。。
风险等级:低
___________________________________________________________________
Remote FTP server banner :
220 xhysf Microsoft FTP Service (Version 5.0).
NESSUS_ID : 10092
. 端口"www (80/tcp)"发现安全漏洞 :
The remote WebDAV server may be vulnerable to a buffer overflow when
it receives a too long request.
An attacker may use this flaw to execute arbitrary code within the
LocalSystem security context.
*** As safe checks are enabled, Nessus did not actually test for this
*** flaw, so this might be a false positive
Solution : See
http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx
Risk Factor : High
CVE_ID : CAN-2003-0109
BUGTRAQ_ID : 7116
NESSUS_ID : 11412
Other references : IAVA:2003-A-0005
. 端口"www (80/tcp)"发现安全警告 :
CGI漏洞:
http://192.168.1.250/scripts
. 端口"www (80/tcp)"发现安全提示 :
A web server is running on this port
NESSUS_ID : 10330
. 端口"www (80/tcp)"发现安全提示 :
该插件试图确认远程主机上存在的各普通目录
___________________________________________________________________
The following directories require authentication:
/printers
NESSUS_ID : 11032
. 端口"www (80/tcp)"发现安全提示 :
The remote web server type is :
Microsoft-IIS/5.0
Solution : You can use urlscan to change reported server for IIS.
NESSUS_ID : 10107
. 端口"https (443/tcp)"发现安全提示 :
Maybe the "https" service running on this port.
NESSUS_ID : 10330
. 端口"netbios-ssn (139/tcp)"发现安全提示 :
Maybe the "netbios-ssn" service running on this port.
Here is its banner:
83 .
NESSUS_ID : 10330
. 端口"epmap (135/tcp)"发现安全警告 :
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Solution : filter incoming traffic to this port.
Risk factor : Low
NESSUS_ID : 10736
. 端口"epmap (135/tcp)"发现安全提示 :
Maybe the "epmap" service running on this port.
NESSUS_ID : 10330
. 端口"smb (139/tcp)"发现安全提示 :
远程主机开放了445端口,没有开放139端口。
两台Windows 2000
主机间的';Netbios-less';通讯通过445端口完成。攻击者可以利用该漏洞获取主机的共享连接,用户名列表及其他信息...
解决方案: 过滤该端口收到的数据。
风险等级: 中
___________________________________________________________________
An SMB server is running on this port
NESSUS_ID : 11011
. 端口"DCE/906b0ce0-c70b-1067-b317-00dd010662da (1025/tcp)"发现安全提示 :
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Here is the list of DCE services running on this port:
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1025]
UUID: 906b0ce0-c70b-1067-b317-00dd010662da, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1025]
Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736
. 端口"DCE/1ff70682-0a51-30e8-076d-740be8cee98b (1026/tcp)"发现安全提示 :
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Here is the list of DCE services running on this port:
UUID: 1ff70682-0a51-30e8-076d-740be8cee98b, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1026]
UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1
Endpoint: ncacn_ip_tcp:192.168.1.250[1026]
Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736
. 端口"DCE/82ad4280-036b-11cf-972c-00aa006887b0 (1027/tcp)"发现安全提示 :
Distributed Computing Environment (DCE) services running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Here is the list of DCE services running on this port:
UUID: 82ad4280-036b-11cf-972c-00aa006887b0, version 2
Endpoint: ncacn_ip_tcp:192.168.1.250[1027]
Solution : filter incoming traffic to this port.
Risk Factor : Low
NESSUS_ID : 10736
. 端口"netbios-ns (137/udp)"发现安全警告 :
如果NetBIOS端口(UDP:137)已经打开,
一个远程攻击者可以利用这个漏洞获得主机
的敏感信息,比如机器名,工作组/域名,
当前登陆用户名等。
解决方法:阻止这个端口的外部通信。
风险等级:中
___________________________________________________________________
The following 6 NetBIOS names have been gathered :
INet~Services = Workgroup / Domain name (Domain Controller)
IS~XHYSF
XHYSF = This is the computer name registered for workstation
services by a WINS client.
XHYSF = This is the current logged in user registered for this
workstation.
WORKGROUP = Workgroup / Domain name
ADMINISTRATOR = This is the current logged in user registered for this
workstation.
The remote host has the following MAC address on its adapter :
00:00:e8:14:ea:ed
If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.
Risk factor : Medium
CVE_ID : CAN-1999-0621
NESSUS_ID : 10150
. 端口"tcp"发现安全提示 :
The remote host is running Microsoft Windows 2000 Professional
NESSUS_ID : 11936
------------------------------------------------------
本报表由网络安全漏洞扫描器"X-Scan"生成.
Microsoft Windows XP [版本 5.1.2600]
(C) 版权所有 1985-2001 Microsoft Corp.
C:Documents and Settingshaha>cd
C:>nbtstat -a 192.168.1.250
本地连接:
Node IpAddress: [192.168.1.62] Scope Id: []
NetBIOS Remote Machine Name Table
Name Type Status
---------------------------------------------
INet~Services <1C> GROUP Registered
IS~XHYSF.......<00> UNIQUE Registered
XHYSF <00> UNIQUE Registered
XHYSF <03> UNIQUE Registered
WORKGROUP <00> GROUP Registered
ADMINISTRATOR <03> UNIQUE Registered
MAC Address = 00-00-E8-14-EA-ED
|
