Plugin ID | 134 |
Plugin name | NetAsq IPS-Firewall management port tcp-1300 detection |
Plugin filename | NetAsq IPS-Firewall management port tcp-1300 detection.plugin |
Plugin filesize | 2818 bytes |
Plugin family | Firewalls |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/09/02 |
Plugin updated name | Marc Ruef |
Plugin updated email | marc dot ruef at computec dot ch |
Plugin updated web | http://www.computec.ch |
Plugin updated company | computec.ch |
Plugin updated date | 2004/11/13 |
Plugin version | 1.1 |
Plugin changelog | Corrected the plugin structure and added the accuracy values in 1.1 |
Plugin protocol | tcp |
Plugin port | 1300 |
Plugin procedure detection | open|sleep|send ATK\n|sleep|send QUIT\n|close|pattern_exists *200 code=[0-9]* OR *103 code=[0-9]* |
Plugin detection accuracy | 90 |
Plugin comment | Check is adapted from the Nessus plugin (see Nessus ID listed in the sources). |
Bug affected | NetAsq IPS-Firewalls |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | The remote host seems to be a NetAsq ISP-Firewall with port tcp/1300 open to allow the Firewall Manager tool to remotely configure it. Letting attackers know that you are using a NetAsq will help them to focus their attack or will make them change their strategy. |
Bug solution | The service should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 1400). Try to prevent unwanted connection attempts by filtering traffic with firewalling. |
Bug fixing time | Approx. 30 minutes |
Bug exploit availability | Yes |
Bug remote | Yes |
Bug local | Yes |
Bug severity | Low |
Bug popularity | 3 |
Bug simplicity | 6 |
Bug impact | 5 |
Bug risk | 4 |
Bug Nessus risk | Low |
Bug check tools | Nessus is able to do a similar check. |
Source Nessus ID | 14378 |
Source Literature | Building Internet Firewalls, Elizabeth D. Zwicky, Simon Cooper and D. B. Chapman, September 1, 2000, O'Reilly & Associates, ISBN 1565928717, 2nd edition |
Source Misc. | http://www.netasq.com |