|
 | 作者: yushili [yushili]
 论坛用户 |
登录 |
| X-Scan 检测报告 本报表列出了被检测主机的详细漏洞信息, 请根据提示信息或链接内容进行相应修补. 欢迎参加X-Scan脚本翻译项目 扫描时间 2006-2-28 上午 11:40:15 - 2006-2-28 上午 11:46:15 检测结果 存活主机 1 漏洞数量 1 警告数量 0 提示数量 7 主机列表 主机 检测结果 60.176.8.77 发现安全漏洞 主机摘要 - OS: Unknown OS; PORT/TCP: 21, 80, 135, 443 [返回顶部] 主机分析: 这里不写ip地址了 主机地址 端口/服务 服务漏洞 60.176.8.77 https (443/tcp) 发现安全提示 60.176.8.77 http (80/tcp) 发现安全提示 60.176.8.77 epmap (135/tcp) 发现安全提示 60.176.8.77 ftp (21/tcp) 发现安全提示 60.176.8.77 X Font Service (7100/tcp) 发现安全漏洞 60.176.8.77 tcp 发现安全提示 安全漏洞及解决方案: 60.176.8.77 类型 端口/服务 安全漏洞及解决方案 提示 https (443/tcp) Maybe the "https" service running on this port. NESSUS_ID : 10330 提示 http (80/tcp) Maybe the "http" service running on this port. NESSUS_ID : 10330 提示 http (80/tcp) 一个不知名的服务正在这个端口运行。 他可能是由一个木马所打开. 除非你确实知道这个端口所运行的程序, 你最好检查你的系统. 解决方案: 运行最好的反病毒软件确认是否有木马在运行。 风险等级:低 ___________________________________________________________________ An unknown service runs on this port. It is sometimes opened by this/these Trojan horse(s): 711 trojan (Seven Eleven) AckCmd Back End Back Orifice 2000 Plug-Ins Cafeini CGI Backdoor Executor God Message God Message 4 Creator Hooker IISworm MTX NCX Noob Ramen Reverse WWW Tunnel Backdoor RingZero RTB 666 Seeker WAN Remote Web Server CT WebDownloader Unless you know for sure what is behind it, you'd better check your system *** Anyway, don't panic, Nessus only found an open port. It may *** have been dynamically allocated to some service (RPC...) Solution: if a trojan horse is running, run a good antivirus scanner Risk factor : Low NESSUS_ID : 11157 提示 epmap (135/tcp) Maybe the "epmap" service running on this port. NESSUS_ID : 10330 提示 ftp (21/tcp) Maybe the "ftp" service running on this port. NESSUS_ID : 10330 提示 ftp (21/tcp) 一个不知名的服务正在这个端口运行。 他可能是由一个木马所打开. 除非你确实知道这个端口所运行的程序, 你最好检查你的系统. 解决方案: 运行最好的反病毒软件确认是否有木马在运行。 风险等级:低 ___________________________________________________________________ An unknown service runs on this port. It is sometimes opened by this/these Trojan horse(s): Back Construction Blade Runner Cattivik FTP Server CC Invader Dark FTP Doly Trojan Fore FreddyK Invisible FTP Juggernaut 42 Larva MotIv FTP Net Administrator Ramen RTB 666 Senna Spy FTP server The Flu Traitor 21 WebEx WinCrash Unless you know for sure what is behind it, you'd better check your system *** Anyway, don't panic, Nessus only found an open port. It may *** have been dynamically allocated to some service (RPC...) Solution: if a trojan horse is running, run a good antivirus scanner Risk factor : Low NESSUS_ID : 11157 漏洞 X Font Service (7100/tcp) 远程X Font Service (xfs) 存在缓冲区溢出漏洞。攻击者可以利用这个漏洞远程获得主机管理员权限。 解决方案:参见CERT Advisory CA-2002-34 风险等级:高 ___________________________________________________________________ The remote X Font Service (xfs) might be vulnerable to a buffer overflow. An attacker may use this flaw to gain root on this host remotely. *** Note that Nessus did not actually check for the flaw *** as details about this vulnerability are still unknown Solution : See CERT Advisory CA-2002-34 Risk factor : High CVE_ID : CAN-2002-1317 BUGTRAQ_ID : 6241 NESSUS_ID : 11188 提示 tcp ** All ports were skipped by this check because some ** scripts could not connect to them before the defined timeout This might be an availability problem related which might be due to the following reasons : - The remote host is now down, either because a user turned it off during the scan - A network outage has been experienced during the scan, and the remote network cannot be reached from the Nessus server any more - This Nessus server has been blacklisted by the system administrator or by automatic intrusion detection/prevention systems which have detected the vulnerability assessment. In any case, the audit of the remote host might be incomplete and may need to be done again NESSUS_ID : 10919 请问我用telnet ip 直接就进去了(不知道是不是连上了),我要如何进入他的机子比如我要给他发一句话跳出在他的窗口,应该如何实现?偶看了好久都没看明白(因为偶什么都不会,看论坛上的东西也看不懂) |
| 地主 发表时间: 06-02-28 12:12 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 菜鸟乐园 标题: 有人能帮我分析下这个吗?偶不是懒,而是实在不知道如何下手