Plugin ID | 136 |
Plugin name | Arkoon appliance ssh port tcp-822 detection |
Plugin filename | Arkoon appliance ssh port tcp-822 detection.plugin |
Plugin filesize | 2951 bytes |
Plugin family | Firewalls |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/09/02 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/13 |
Plugin version | 1.1 |
Plugin changelog | Corrected the plugin structure and added the accuracy values in 1.1 |
Plugin protocol | tcp |
Plugin port | 822 |
Plugin procedure detection | open|sleep|close|pattern_exists *SSH-[0-9].*SSF* |
Plugin detection accuracy | 95 |
Plugin comment | Check is adapted from the Nessus plugin (see Nessus ID listed in the sources). |
Bug produced name | Arkoon Network Security |
Bug produced email | support at arkoon dot net |
Bug produced web | http://www.arkoon.net |
Bug affected | Arkoon appliances |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | The remote host seems to be a Arkoon appliance with SSH port tcp/822 open. Letting attackers know that you are using a Arkoon appliance will help them to focus their attack or will make them change their strategy. |
Bug solution | The service should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 1400). Try to prevent unwanted connection attempts by filtering traffic with firewalling. |
Bug fixing time | Approx. 30 minutes |
Bug exploit availability | Yes |
Bug exploit url | http://www.nessus.org |
Bug remote | No |
Bug local | No |
Bug severity | Low |
Bug popularity | 3 |
Bug simplicity | 6 |
Bug impact | 5 |
Bug risk | 4 |
Bug Nessus risk | Low |
Bug check tools | Nessus is able to do a similar check. |
Source Nessus ID | 14377 |
Source Literature | Building Internet Firewalls, Elizabeth D. Zwicky, Simon Cooper and D. B. Chapman, September 1, 2000, O'Reilly & Associates, ISBN 1565928717, 2nd edition |
Source Misc. | http://www.arkoon.net |