Arkoon appliance ssh port tcp-822 detection 1.1
 
Plugin ID136
Plugin nameArkoon appliance ssh port tcp-822 detection
Plugin filenameArkoon appliance ssh port tcp-822 detection.plugin
Plugin filesize2951 bytes
Plugin familyFirewalls
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/02
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.1
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.1
Plugin protocoltcp
Plugin port822
Plugin procedure detectionopen|sleep|close|pattern_exists *SSH-[0-9].*SSF*
Plugin detection accuracy95
Plugin commentCheck is adapted from the Nessus plugin (see Nessus ID listed in the sources).
Bug produced nameArkoon Network Security
Bug produced emailsupport at arkoon dot net
Bug produced webhttp://www.arkoon.net
Bug affectedArkoon appliances
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote host seems to be a Arkoon appliance with SSH port tcp/822 open. Letting attackers know that you are using a Arkoon appliance will help them to focus their attack or will make them change their strategy.
Bug solutionThe service should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 1400). Try to prevent unwanted connection attempts by filtering traffic with firewalling.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug exploit urlhttp://www.nessus.org
Bug remoteNo
Bug localNo
Bug severityLow
Bug popularity3
Bug simplicity6
Bug impact5
Bug risk4
Bug Nessus riskLow
Bug check toolsNessus is able to do a similar check.
Source Nessus ID14377
Source LiteratureBuilding Internet Firewalls, Elizabeth D. Zwicky, Simon Cooper and D. B. Chapman, September 1, 2000, O'Reilly & Associates, ISBN 1565928717, 2nd edition
Source Misc.http://www.arkoon.net

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.