NetAsq IPS-Firewall management port tcp-1300 detection 1.1
 
Plugin ID134
Plugin nameNetAsq IPS-Firewall management port tcp-1300 detection
Plugin filenameNetAsq IPS-Firewall management port tcp-1300 detection.plugin
Plugin filesize2818 bytes
Plugin familyFirewalls
Plugin created nameMarc Ruef
Plugin created emailmarc dot ruef at computec dot ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2004/09/02
Plugin updated nameMarc Ruef
Plugin updated emailmarc dot ruef at computec dot ch
Plugin updated webhttp://www.computec.ch
Plugin updated companycomputec.ch
Plugin updated date2004/11/13
Plugin version1.1
Plugin changelogCorrected the plugin structure and added the accuracy values in 1.1
Plugin protocoltcp
Plugin port1300
Plugin procedure detectionopen|sleep|send ATK\n|sleep|send QUIT\n|close|pattern_exists *200 code=[0-9]* OR *103 code=[0-9]*
Plugin detection accuracy90
Plugin commentCheck is adapted from the Nessus plugin (see Nessus ID listed in the sources).
Bug affectedNetAsq IPS-Firewalls
Bug not affectedOther solutions
Bug vulnerability classConfiguration
Bug descriptionThe remote host seems to be a NetAsq ISP-Firewall with port tcp/1300 open to allow the Firewall Manager tool to remotely configure it. Letting attackers know that you are using a NetAsq will help them to focus their attack or will make them change their strategy.
Bug solutionThe service should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 1400). Try to prevent unwanted connection attempts by filtering traffic with firewalling.
Bug fixing timeApprox. 30 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localYes
Bug severityLow
Bug popularity3
Bug simplicity6
Bug impact5
Bug risk4
Bug Nessus riskLow
Bug check toolsNessus is able to do a similar check.
Source Nessus ID14378
Source LiteratureBuilding Internet Firewalls, Elizabeth D. Zwicky, Simon Cooper and D. B. Chapman, September 1, 2000, O'Reilly & Associates, ISBN 1565928717, 2nd edition
Source Misc.http://www.netasq.com

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.