Plugin ID | 272 |
Plugin name | Netgear RP114 telnet administration detection |
Plugin filename | Netgear RP114 telnet administration detection.plugin |
Plugin filesize | 2211 bytes |
Plugin family | Firewalls |
Plugin created name | Marc Ruef |
Plugin created email | marc dot ruef at computec dot ch |
Plugin created web | http://www.computec.ch |
Plugin created company | computec.ch |
Plugin created date | 2004/11/12 |
Plugin version | 1.0 |
Plugin protocol | tcp |
Plugin port | 23 |
Plugin procedure detection | open|sleep|clsose|pattern_exists *ÿûÿû*Password: * |
Plugin detection accuracy | 97 |
Plugin comment | There are several other possibilities to detect a Netgear RP114 - These will be implemented as independend ATK plugin in the future. |
Bug affected | Netgear RP114 |
Bug not affected | Other solutions |
Bug vulnerability class | Configuration |
Bug description | The remote host seems to be a Netgear RP114. This is a small SOHO appliance firewall. It is possible to define the settings over the telnet interface. This does just rely on a simple password authentication (no user name) in clear text. |
Bug solution | The server should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 8023). Try to prevent unwanted connection attempts by filtering traffic with firewalling. |
Bug fixing time | Approx. 1 hour |
Bug exploit availability | Yes |
Bug remote | Yes |
Bug local | No |
Bug severity | Medium |
Bug popularity | 6 |
Bug simplicity | 8 |
Bug impact | 7 |
Bug risk | 7 |
Source Literature | Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X |
Source Misc. | http://www.computec.ch |