Arkoon Appliance Identification
|
|
Article ID: 14377
Last updated: 27 Jan, 2009
|
|
|
|
Views: 428
|
|
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.
|
|
Arkoon Appliance Identification |
|
| This script is Copyright (C) 2004-2008 David Maciejak |
|
|
| Family | Firewalls |
| Plugin ID | 14377 |
| Bugtraq ID |
|
| CVE ID |
|
|
| Description: |
The remote host has the three TCP ports 822, 1750, 1751
open.
Its very likely that this host is an Arkoon security dedicated
appliance with ports
TCP/822 dedicated to ssh service
TCP/1750 dedicated to Arkoon Manager
TCP/1751 dedicated to Arkoon Monitoring
Letting attackers know that you are using an Arkoon
appliance will help them to focus their attack or will
make them change their strategy.
You should not let them know such information.
Solution : do not allow any connection on the
firewall itself, except for the firewall
protocol, and allow that for trusted sources
only.
If you have a router which performs packet
filtering, then add ACL that disallows the
connection to these ports for unauthorized
systems.
See also : http://www.arkoon.net/
Risk factor : Low |
|
