VLAN418_RADI – 192.9.200.221

VLAN: 418CIDR: 10.44.100.0/22, 193.224.48.64/27, 192.9.200.0/24NAT: 193.224.49.26Nessus mappa: 1472
Scan: RADIDátum: 2026-01-30 16:08
Ollama alapú vezetői elemzés

Összkép: A vizsgált rendszerben kritikus és magas kockázati szintű sérülékenység van jelen, amelyek a biztonsági fenyegetettséget növelik. A sürgősség 0-7 nap.

Fő kockázati témák: Az X11 Server Unauthenticated Access és az X Server Unauthenticated Access: Screenshot kritikus sérülékenységek, valamint a rlogin Service Detection és a Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS magas kockázatú sérülékenységei.

Ajánlott 0–7 nap: A kritikus sérülékenységekhez kapcsolódóan sürgős intézkedéseket kell tenni, például a X11 és az X Server korlátozását vagy leállítását. Azonnal szükség van a rlogin Service és a ntpd monlist Command Enabled DoS sérülékenységeinek kezelésére is.

Ajánlott 7–30 nap: A rendszer általános biztonsági állapotát javítani kell, például az SMB Signing bekapcsolásával és a Telnet szolgáltatás leállítás

Kritikus (2 típus / 2 összes)
  1. X11 Server Unauthenticated Access
  2. X Server Unauthenticated Access: Screenshot
Magas (2 típus / 2 összes)
  1. rlogin Service Detection
  2. Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS
Közepes (4 típus / 4 összes)
  1. Unencrypted Telnet Server
  2. SMB Signing not required
  3. SSH Weak Algorithms Supported
  4. Network Time Protocol (NTP) Mode 6 Scanner
Ollama: llama3.1:8b | ollama version is 0.14.2 | 2026-01-30 22:30

CRITICAL (2)

X11 Server Unauthenticated Access
Plugin ID: 19948 Port: tcp/6000 CVE: CVE-1999-0526
The remote X11 server accepts connections from anywhere. An attacker can connect to it to eavesdrop on the keyboard and mouse events of a user on the remote host. It is even possible for an attacker to grab a screenshot of the remote host or to display arbitrary programs. An attacker can exploit this flaw to obtain the username and password of a user on the remote host.
Javasolt megoldás
Restrict access to this port by using the 'xhost' command. If the X11 client/server facility is not used, disable TCP entirely.
X Server Unauthenticated Access: Screenshot
Plugin ID: 66349 Port: tcp/6000 CVE: CVE-1999-0526
The remote X server accepts remote TCP connections. It is possible for an attacker to grab a screenshot of the remote host.
Javasolt megoldás
Restrict access to this port by using the 'xhost' command. If the X client/server facility is not used, disable TCP connections to the X server entirely.

HIGH (2)

rlogin Service Detection
Plugin ID: 10205 Port: tcp/513 CVE: CVE-1999-0651
The rlogin service is running on the remote host. This service is vulnerable since data is passed between the rlogin client and server in cleartext. A man-in-the-middle attacker can exploit this to sniff logins and passwords. Also, it may allow poorly authenticated logins without passwords. If the host is vulnerable to TCP sequence number guessing (from any network) or IP spoofing (including ARP hijacking on a local network) then it may be possible to bypass authentication. Finally, rlogin is an easy way to turn file-write access into full logins through the .rhosts or rhosts.equiv files.
Javasolt megoldás
Comment out the 'login' line in /etc/inetd.conf and restart the inetd process. Alternatively, disable this service and use SSH instead.
Network Time Protocol Daemon (ntpd) monlist Command Enabled DoS
Plugin ID: 71783 Port: udp/123 CVE: CVE-2013-5211
The version of ntpd running on the remote host has the 'monlist' command enabled. This command returns a list of recent hosts that have connected to the service. However, it is affected by a denial of service vulnerability in ntp_request.c that allows an unauthenticated, remote attacker to saturate network traffic to a specific IP address by using forged REQ_MON_GETLIST or REQ_MON_GETLIST_1 requests. Furthermore, an attacker can exploit this issue to conduct reconnaissance or distributed denial of service (DDoS) attacks.
Javasolt megoldás
If using NTP from the Network Time Protocol Project, upgrade to NTP version 4.2.7-p26 or later. Alternatively, add 'disable monitor' to the ntp.conf configuration file and restart the service. Otherwise, limit access to the affected service to trusted hosts, or contact the vendor for a fix.

MEDIUM (4)

Unencrypted Telnet Server
Plugin ID: 42263 Port: tcp/23
The remote host is running a Telnet server over an unencrypted channel. Using Telnet over an unencrypted channel is not recommended as logins, passwords, and commands are transferred in cleartext. This allows a remote, man-in-the-middle attacker to eavesdrop on a Telnet session to obtain credentials or other sensitive information and to modify traffic exchanged between a client and server. SSH is preferred over Telnet since it protects credentials from eavesdropping and can tunnel additional data streams such as an X11 session.
Javasolt megoldás
Disable the Telnet service and use SSH instead.
SMB Signing not required
Plugin ID: 57608 Port: tcp/445
Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server.
Javasolt megoldás
Enforce message signing in the host's configuration. On Windows, this is found in the policy setting 'Microsoft network server: Digitally sign communications (always)'. On Samba, the setting is called 'server signing'. See the 'see also' links for further details.
SSH Weak Algorithms Supported
Plugin ID: 90317 Port: tcp/22
Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys.
Javasolt megoldás
Contact the vendor or consult product documentation to remove the weak ciphers.
Network Time Protocol (NTP) Mode 6 Scanner
Plugin ID: 97861 Port: udp/123
The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause a reflected denial of service condition.
Javasolt megoldás
Restrict NTP mode 6 queries.

LOW (5)

ICMP Timestamp Request Remote Date Disclosure
Plugin ID: 10114 Port: icmp/0 CVE: CVE-1999-0524
The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols. Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time.
Javasolt megoldás
Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14).
X Server Detection
Plugin ID: 10407 Port: tcp/6000
The remote host is running an X11 server. X11 is a client-server protocol that can be used to display graphical applications running on a given host on a remote client. Since the X11 traffic is not ciphered, it is possible for an attacker to eavesdrop on the connection.
Javasolt megoldás
Restrict access to this port. If the X11 client/server facility is not used, disable TCP support in X11 entirely (-nolisten tcp).
SSH Server CBC Mode Ciphers Enabled
Plugin ID: 70658 Port: tcp/22 CVE: CVE-2008-5161
The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption.
SSH Weak MAC Algorithms Enabled
Plugin ID: 71049 Port: tcp/22
The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak. Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms.
SSH Weak Key Exchange Algorithms Enabled
Plugin ID: 153953 Port: tcp/22
The remote SSH server is configured to allow key exchange algorithms which are considered weak. This is based on the IETF draft document Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH) RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST NOT be enabled. This includes: diffie-hellman-group-exchange-sha1 diffie-hellman-group1-sha1 gss-gex-sha1-* gss-group1-sha1-* gss-group14-sha1-* rsa1024-sha1 Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions.
Javasolt megoldás
Contact the vendor or consult product documentation to disable the weak algorithms.