|
 | 作者: weipop [weipop]
 论坛用户 |
登录 |
| + 127.0.0.1 : . 开放端口列表 : o pop3 (110/tcp) (发现安全提示) o www (80/tcp) (发现安全漏洞) o imap (143/tcp) (发现安全提示) o smtp (25/tcp) (发现安全提示) o ftp (21/tcp) (发现安全提示) o epmap (135/tcp) (发现安全警告) o https (443/tcp) (发现安全提示) o microsoft-ds (445/tcp) (发现安全提示) o domain (53/tcp) (发现安全提示) o netbios-ssn (139/tcp) (发现安全警告) o cifs (445/tcp) (发现安全提示) o DCE/1ff70682-0a51-30e8-076d-740be8cee98b (1025/tcp) (发现安全提示) o DCE/12345778-1234-abcd-ef00-0123456789ac (1026/tcp) (发现安全提示) o DCE/50abc2a4-574d-40b3-9d66-ee4fd5fba076 (1029/tcp) (发现安全提示) . 端口"pop3 (110/tcp)"发现安全提示 : A pop3 server is running on this port NESSUS_ID : 10330 . 端口"www (80/tcp)"发现安全漏洞 : The remote WebDAV server may be vulnerable to a buffer overflow when it receives a too long request. An attacker may use this flaw to execute arbitrary code within the LocalSystem security context. *** As safe checks are enabled, Nessus did not actually test for this *** flaw, so this might be a false positive Solution : See http://www.microsoft.com/technet/security/bulletin/ms03-007.mspx Risk Factor : High CVE_ID : CAN-2003-0109 BUGTRAQ_ID : 7116 NESSUS_ID : 11412 Other references : IAVA:2003-A-0005 . 端口"www (80/tcp)"发现安全提示 : A web server is running on this port NESSUS_ID : 10330 . 端口"www (80/tcp)"发现安全提示 : Nessus was not able to exactly identify this server. It might be: Microsoft-IIS/6.0 (w/ ASP.NET 1.1.4322) The fingerprint differs from these known signatures on 1 point(s) If you know what this server is and if you are using an up to date version of this script, please send this signature to www-signatures@nessus.org : HTM:200:200:505:400:---:400:400:400:200:400:400:---:400:400:400:400:411:411:403:200:501:400:411:+++::Microsoft-IIS/6.0 Including these headers: ETag: "092a23efc15c41:4d3" Try to provide as much information as you can: software & operating system release, sub-version, patch numbers, and specific configuration options, if any. NESSUS_ID : 11919 . 端口"www (80/tcp)"发现安全提示 : The remote web server type is : Microsoft-IIS/6.0 Solution : You can use urlscan to change reported server for IIS. NESSUS_ID : 10107 . 端口"imap (143/tcp)"发现安全提示 : An IMAP server is running on this port NESSUS_ID : 10330 . 端口"smtp (25/tcp)"发现安全提示 : Maybe the "smtp" service running on this port. Here is its banner: 35 30 30 20 ca b2 c3 b4 a3 bf ce d2 b2 bb c0 ed 500 ............ bd e2 d5 e2 b8 f6 a1 a3 0d 0a 35 30 30 20 ca b2 ........ 500 .. c3 b4 a3 bf ce d2 b2 bb c0 ed bd e2 d5 e2 b8 f6 ................ a1 a3 0d 0a 32 32 30 20 63 73 64 79 2e 6b 6d 69 .. 220 csdy.kmi 70 2e 6e 65 74 20 45 53 4d 54 50 20 4d 44 61 65 p.net ESMTP MDae 6d 6f 6e 20 36 2e 38 2e 35 3b 20 4d 6f 6e 2c 20 mon 6.8.5 Mon, 30 35 20 4a 75 6c 20 32 30 30 34 20 31 34 3a 31 05 Jul 2004 14:1 37 3a 33 37 20 2b 30 38 30 30 0d 0a 7:37 +0800 NESSUS_ID : 10330 . 端口"smtp (25/tcp)"发现安全提示 : Remote SMTP server banner : 220 csdy.kmip.net ESMTP MDaemon 6.8.5 Mon, 05 Jul 2004 14:20:47 +0800 NESSUS_ID : 10263 . 端口"ftp (21/tcp)"发现安全提示 : Maybe the "ftp" service running on this port. Here is its banner: 32 32 30 20 bb b6 d3 ad b9 e2 c1 d9 b5 d8 d1 f4 220 ............ cd f8 c2 e7 0d 0a 35 33 30 20 4e 6f 74 20 6c 6f .... 530 Not lo 67 67 65 64 20 69 6e 2e 0d 0a gged in. NESSUS_ID : 10330 . 端口"ftp (21/tcp)"发现安全提示 : Remote FTP server banner : NESSUS_ID : 10092 . 端口"epmap (135/tcp)"发现安全警告 : Distributed Computing Environment (DCE) services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries. An attacker may use this fact to gain more knowledge about the remote host. Solution : filter incoming traffic to this port. Risk factor : Low NESSUS_ID : 10736 . 端口"epmap (135/tcp)"发现安全提示 : Maybe the "epmap" service running on this port. NESSUS_ID : 10330 . 端口"https (443/tcp)"发现安全提示 : Maybe the "https" service running on this port. NESSUS_ID : 10330 . 端口"microsoft-ds (445/tcp)"发现安全提示 : Maybe the "microsoft-ds" service running on this port. NESSUS_ID : 10330 . 端口"domain (53/tcp)"发现安全提示 : Maybe the "domain" service running on this port. NESSUS_ID : 10330 . 端口"netbios-ssn (139/tcp)"发现安全警告 : [远程注册表信息]: [ProductName]: Microsoft Windows Server 2003 [SOFTWARE\Microsoft\Windows NT\CurrentVersion]: CurrentBuild: 1.511.1 () (Obsolete data - do not use) InstallDate: 25 B5 76 40 ProductName: Microsoft Windows Server 2003 RegDone: RegisteredOrganization: diyang RegisteredOwner: fuwuqi SoftwareType: SYSTEM CurrentVersion: 5.2 CurrentBuildNumber: 3790 BuildLab: 3790.srv03_rtm.030324-2048 CurrentType: Uniprocessor Free SystemRoot: C:\WINDOWS SourcePath: G:\2003\I386 PathName: C:\WINDOWS ProductId: 69813-071-0000545-42605 DigitalProductId: A4 00 00 00 03 00 00 00 36 39 38 31 33 2D 30 37 31 2D 30 30 30 30 35 34 35 2D 34 32 36 30 35 00 54 00 00 00 41 32 32 2D 30 30 30 30 31 00 00 00 00 00 00 00 8E 68 19 C6 02 13 6F 0B 88 2F 8D 2F 14 BA 02 00 00 00 00 00 60 21 77 40 59 18 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38 30 30 30 32 00 00 00 00 00 00 00 1C 04 00 00 0E 48 24 04 F8 01 00 00 72 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9C 68 B3 2F LicenseInfo: 71 FE A2 A0 F3 41 09 83 12 05 99 9F 7A AF E7 E3 F0 6A 51 ED AB 62 02 5C A9 5C 19 A6 B9 24 92 24 13 96 92 67 D4 A9 49 B7 2C 0E D7 55 29 08 47 3D 1F 86 20 A5 82 E1 8C 65 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]: AutoRestartShell: 01 00 00 00 DefaultDomainName: CSDY DefaultUserName: fuwuqi LegalNoticeCaption: LegalNoticeText: PowerdownAfterShutdown: 0 ReportBootOk: 1 Shell: Explorer.exe ShutdownWithoutLogon: 0 System: Userinit: C:\WINDOWS\system32\userinit.exe, VmApplet: rundll32 shell32,Control_RunDLL "sysdm.cpl" SfcQuota: FF FF FF FF PreloadFontFile: simsun allocatecdroms: 0 allocatedasd: 0 allocatefloppies: 0 cachedlogonscount: 10 forceunlocklogon: 00 00 00 00 passwordexpirywarning: 0E 00 00 00 scremoveoption: 0 AllowMultipleTSSessions: 01 00 00 00 AppSetup: UIHost: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73 74 65 6D 33 32 5C 6C 6F 67 6F 6E 75 69 2E 65 78 65 00 DebugServerCommand: no SFCDisable: 00 00 00 00 WinStationsDisabled: 0 ShowLogonOptions: 00 00 00 00 AltDefaultUserName: fuwuqi AltDefaultDomainName: CSDY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB819696]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB819696\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 819696 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 819696 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823182]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823182\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 823182 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 823182 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823559]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823559\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 823559 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 823559 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823980]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB823980\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 823980 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 823980 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824105]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824105\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 824105 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 824105 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824141]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824141\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 824141 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 824141 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824146]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB824146\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 824146 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 824146 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB825119]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB825119\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 825119 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 825119 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB828028]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB828028\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 828028 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 828028 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB828035]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB828035\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 828035 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 828035 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB829558]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB829558\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 829558 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 829558 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB832894]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB832894\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 832894 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 832894 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB835732]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\KB835732\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Server 2003 修补程序包 - KB 835732 Backup Dir: Fix Description: Windows Server 2003 修补程序包 - KB 835732 Installed By: Installed On: Service Pack: 01 00 00 00 Valid: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\Q147222]: Installed: 01 00 00 00 [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\Q828026]: [SOFTWARE\Microsoft\Windows NT\CurrentVersion\HotFix\Q828026\File 1]: Flags: New File: New Link Date: Old Link Date: Installed: 01 00 00 00 Comments: Windows Media Player Hotfix [请参阅 Q828026 以获得更多信息] Backup Dir: Fix Description: Windows Media Player Hotfix [请参阅 Q828026 以获得更多信息] Installed By: Installed On: Service Pack: 00 00 00 00 Valid: 01 00 00 00 0 00 00 Comments: Windows Media Player Hotfix [请参阅 Q828026 以获得更多信息] Backup Dir: Fix Description: Windows Media Player Hotfix [请参阅 Q828026 以获得更多 . 端口"netbios-ssn (139/tcp)"发现安全警告 : [服务器信息 Level 101]: 主机名称: "127.0.0.1" 操作系统: Windows NT 系统版本: 5.2 注释:"" 主机类型: WORKSTATION SERVER SERVER_NT BACKUP_BROWSER DFS . 端口"netbios-ssn (139/tcp)"发现安全警告 : [网络共享资源列表 Level 1]: E$: 磁盘 - [默认共享] (System) IPC$: 进程间通信(IPC$) - [远程 IPC] (System) D$: 磁盘 - [默认共享] (System) F$: 磁盘 - [默认共享] (System) ADMIN$: 磁盘 - [远程管理] (System) C$: 磁盘 - [默认共享] (System) $WINDOWS$: 磁盘 - [] . 端口"cifs (445/tcp)"发现安全提示 : A CIFS server is running on this port NESSUS_ID : 11011 . 端口"cifs (445/tcp)"发现安全提示 : It was possible to log into the remote host using a NULL session. The concept of a NULL session is to provide a null username and a null password, which grants the user the 'guest' access To prevent null sessions, see MS KB Article Q143474 (NT 4.0) and Q246261 (Windows 2000). Note that this won't completely disable null sessions, but will prevent them from connecting to IPC$ Please see http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html All the smb tests will be done as ''/'' CVE_ID : CAN-1999-0504, CAN-1999-0506, CVE-2000-0222, CAN-1999-0505, CAN-2002-1117 BUGTRAQ_ID : 494, 990 NESSUS_ID : 10394 . 端口"DCE/1ff70682-0a51-30e8-076d-740be8cee98b (1025/tcp)"发现安全提示 : Distributed Computing Environment (DCE) services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries. An attacker may use this fact to gain more knowledge about the remote host. Here is the list of DCE services running on this port: UUID: 1ff70682-0a51-30e8-076d-740be8cee98b, version 1 Endpoint: ncacn_ip_tcp:127.0.0.1[1025] UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1 Endpoint: ncacn_ip_tcp:127.0.0.1[1025] UUID: 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1 Endpoint: ncacn_ip_tcp:127.0.0.1[1025] Solution : filter incoming traffic to this port. Risk Factor : Low NESSUS_ID : 10736 . 端口"DCE/12345778-1234-abcd-ef00-0123456789ac (1026/tcp)"发现安全提示 : Distributed Computing Environment (DCE) services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries. An attacker may use this fact to gain more knowledge about the remote host. Here is the list of DCE services running on this port: UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1 Endpoint: ncacn_ip_tcp:127.0.0.1[1026] UUID: 12345678-1234-abcd-ef00-0123456789ab, version 1 Endpoint: ncacn_ip_tcp:127.0.0.1[1026] Annotation: IPSec Policy agent endpoint Solution : filter incoming traffic to this port. Risk Factor : Low NESSUS_ID : 10736 . 端口"DCE/50abc2a4-574d-40b3-9d66-ee4fd5fba076 (1029/tcp)"发现安全提示 : Distributed Computing Environment (DCE) services running on the remote host can be enumerated by connecting on port 135 and doing the appropriate queries. An attacker may use this fact to gain more knowledge about the remote host. Here is the list of DCE services running on this port: UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076, version 5 Endpoint: ncacn_ip_tcp:127.0.0.1[1029] Solution : filter incoming traffic to this port. Risk Factor : Low NESSUS_ID : 10736 请高手门给点意见啊 |
| 地主 发表时间: 04-07-05 14:27 |
 | 回复: dingking [dingking]  论坛用户 |
登录 |
|
把端口关了就是~!・ |
| B1层 发表时间: 04-07-06 19:07 |
| 回复: lijingxi [lijingxi]  见习版主 |
登录 |
|
是啊!把不需要的端口关闭就行了! |
| B2层 发表时间: 04-07-06 21:30 |
| 回复: eagle_1 [eagle_1]  论坛用户 |
登录 |
|
怎么关闭端口啊? |
| B3层 发表时间: 04-07-09 13:49 |
 | 回复: xieeputi [xieeputi] 论坛用户 |
登录 |
|
先把ipc共享关了啊,把你的所有盘都关了共享! 在把那些有漏洞的断口都关掉! 最好再给你的机子下个操作系统的补丁! 再装个个人防火墙就差不多了,平时上网陌生人给你看的东西不要看,一般就没什么事了! |
| B4层 发表时间: 04-07-10 10:25 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 黑客进阶 标题: 扫描我电脑发现的。怎么使我的电脑安全。