Retina Report

Page 1 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582

Executive Report
CONFIDENTIAL INFORMATION
The following report contains company confidential information. Do not distribute, email, fax, or transfer via any electronic mechanism unless it has been approved by the recipient company's security policy. All copies and backups of this document should be saved on protected storage at all times. Do not share any of the information contained within this report with anyone unless they are authorized to view the information. Violating any of the previous instructions is grounds for termination.

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 2 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582

Metrics for '59.167.156.241'

File name: Audits revision: Scanner version: Start time: Duration: Credentials: Audit groups: Address groups: IP ranges: Total hosts attempted: Total hosts scanned: No access: C:\Programmi\eEye Digital Security\Retina 5\Scans\Chevron.rtd 2582 5.17.1 03/12/2012 3.17.53 0d 0h 43m 23s - Null Session All Audits, Third Party Patch Assessment, Virtualization, Zero-Day N/A www.radioislam.org 1 1 0

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 3 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 NETWORK ANALYSIS RESULTS Report Summary Scanner Name Scanner Version Scan Start Date Scan Start Time Scan Duration Scan Name Scan Status Vulnerable Machines Retina 5.17.1.2582 03/12/2012 3.17.53 0h 43m 23s 59.167.156.241 Completed 1 Machines Scanned Vulnerabilities Total High Risk Vulnerabilities Medium Risk Vulnerabilities Low Risk Vulnerabilities Information Only Audits Credential Used 1 16 3 11 2 7

Top 5 Most Vulnerable Hosts

Num. of Vulnerabilities By Risk

% of Vulnerabilities By Risk

Avg. of Vulnerabilities By Risk

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 4 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOTAL VULNERABILITIES BY CATEGORY The following is an overview of the total vulnerabilities by audit category. Accounts AIX Local Security Audits

Anti-Virus

Backdoors

Caldera Local Security Audits

CGI Scripts

Cisco Local Security Audits Cisco Local Security Audits

Conectiva Local Security Audits

Database

Debian Local Security Audits

DNS Services

DoS

EnGarde Local Security Audits

Fedora Local Security Audits

FreeBSD Local Security Audits

FTP Servers

Gentoo Local Security Audits

HPUX Local Security Audits

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 5 of 21

Immunix Local Security Audits

IP Services

IRIX Local Security Audits

Juniper Local Security Audits

Local UNIX Security Audits

Mac OS X Local Security Audits

Mail Servers

Mandrake Local Security Audits

Miscellaneous

Mobile Mobile devices, software, and configuration.

NetBIOS

NetBSD Local Security Audits

OpenBSD Local Security Audits

Peer-To-Peer P2P File Sharing Applications

Red Hat Local Security Audits

Registry

Remote Access

RPC Services

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 6 of 21

SCO Local Security Audits

Service Control

Slackware Local Security Audits

SNMP Servers

Solaris Local Security Audits

Spyware

SSH Servers

SuSE Local Security Audits

Trustix Local Security Audits

TurboLinux Local Security Audits

Ubuntu Local Security Audits

Virtualization

Web Application

Web Servers

Windows

Wireless

In Configuration We Trust

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 7 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 VULNERABILITIES The following is an overview of the top 20 vulnerabilities on your network. Rank 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Vulnerability Name SMTP Server Detected Anonymous FTP FTP Default Credentials FTP Server Port Bounce FTP Service Network News Transfer Protocol Server Detected Apache 2.2 Multiple Vulnerabilities (Zero-Day) - Banner Apache APR Apr_fnmatch Infinite Loop Denial of Service Apache Crafted HTTP Request Denial of Service (20110914) Apache ETag Information Disclosure Apache HTTP Range Request Denial of Service (20110830) - Remote Apache HTTP Range Request Denial of Service (20110830) Apache HTTP Server Multiple Vulnerabilities (20120913) - Banner Apache httpd Multiple Vulnerabilities (201007) Apache HTTPD Server Version Out Of Date Apache Mod_SetEnvIf .htaccess Privilege Escalation Apache Multiple Vulnerabilities (20120131) - Banner Apache Reverse Proxy Crafted URI Request Information Disclosure - Banner Apache Server Tokens Detected - Minimal HTTP 1.1 Protocol Detected Count 4 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

Top 20 Vulnerabilities

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 8 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 OPEN PORTS The following is an overview of the top 20 open ports on your network. Rank 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Port Number TCP:21 TCP:24 TCP:25 TCP:80 TCP:81 TCP:82 TCP:110 TCP:119 TCP:143 TCP:389 TCP:465 TCP:563 TCP:587 TCP:993 TCP:995 TCP:999 TCP:1038 TCP:1100 TCP:1431 TCP:3124 Description FTP - File Transfer Protocol [Control] PMS - Private Mail System SMTP - Simple Mail Transfer Protocol WWW-HTTP - World Wide Web HTTP (Hyper Text Transfer Protocol) HOSTS2-NS - HOSTS2 Name Server XFER - XFER Utility POP3 - Post Office Protocol - Version 3 NNTP - Network News Transfer Protocol IMAP - Interim Mail Access Protocol LDAP - Lightweight Directory Access Protocol SSMTP - ssmtp SNEWS - snews SUBMISSION IMAPS - Imap4 protocol over TLS/SSL POP3S - Pop3 (Post Office Protocol) over TLS/SSL PUPROUTER Message Tracking Query Protocol MCTP RGTP - Reverse Gossip Transport Beacon Port Count 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

Top 20 Open Ports

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 9 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 RUNNING SERVICES The following is an overview of the top 20 running services on your network. Rank Name Description No Services Discovered Count

Top 20 Running Services No Services Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 10 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 OPERATING SYSTEMS The following is an overview of the top 20 operating systems on your network. Rank Operating System Name No Operating Systems Discovered Count

Top 20 Operating Systems No Operating Systems Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 11 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 USER ACCOUNTS The following is an overview of the top 20 user accounts on your network. Rank Account Name No Users Discovered Count

Top 20 User Accounts No Users Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 12 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 TOP 20 NETWORK SHARES The following is an overview of the top 20 network shares on your network. Rank Share Name No Shares Discovered Count

Top 20 Network Shares No Shares Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 13 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 VULNERABILITIES The following is an overview of the bottom 20 vulnerabilities on your network. Rank 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Vulnerability Name Anonymous FTP FTP Default Credentials FTP Server Port Bounce FTP Service Network News Transfer Protocol Server Detected Apache 2.2 Multiple Vulnerabilities (Zero-Day) - Banner Apache APR Apr_fnmatch Infinite Loop Denial of Service Apache Crafted HTTP Request Denial of Service (20110914) Apache ETag Information Disclosure Apache HTTP Range Request Denial of Service (20110830) - Remote Apache HTTP Range Request Denial of Service (20110830) Apache HTTP Server Multiple Vulnerabilities (20120913) - Banner Apache httpd Multiple Vulnerabilities (201007) Apache HTTPD Server Version Out Of Date Apache Mod_SetEnvIf .htaccess Privilege Escalation Apache Multiple Vulnerabilities (20120131) - Banner Apache Reverse Proxy Crafted URI Request Information Disclosure - Banner Apache Server Tokens Detected - Minimal HTTP 1.1 Protocol Detected SMTP Server Detected Count 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 4

Bottom 20 Vulnerabilities

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 14 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 OPEN PORTS The following is an overview of the bottom 20 open ports on your network. Rank 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. Port Number TCP:21 TCP:24 TCP:25 TCP:80 TCP:81 TCP:82 TCP:110 TCP:119 TCP:143 TCP:389 TCP:465 TCP:563 TCP:587 TCP:993 TCP:995 TCP:999 TCP:1038 TCP:1100 TCP:1431 TCP:3124 Description FTP - File Transfer Protocol [Control] PMS - Private Mail System SMTP - Simple Mail Transfer Protocol WWW-HTTP - World Wide Web HTTP (Hyper Text Transfer Protocol) HOSTS2-NS - HOSTS2 Name Server XFER - XFER Utility POP3 - Post Office Protocol - Version 3 NNTP - Network News Transfer Protocol IMAP - Interim Mail Access Protocol LDAP - Lightweight Directory Access Protocol SSMTP - ssmtp SNEWS - snews SUBMISSION IMAPS - Imap4 protocol over TLS/SSL POP3S - Pop3 (Post Office Protocol) over TLS/SSL PUPROUTER Message Tracking Query Protocol MCTP RGTP - Reverse Gossip Transport Beacon Port Count 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1

Bottom 20 Open Ports

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 15 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 RUNNING SERVICES The following is an overview of the bottom 20 running services on your network. Rank Name Description No Services Discovered Count

Bottom 20 Running Services No Services Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 16 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 OPERATING SYSTEMS The following is an overview of the bottom 20 operating systems on your network. Rank Operating System Name No Operating Systems Discovered Count

Botom 20 Operating Systems No Operating Systems Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 17 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 USER ACCOUNTS The following is an overview of the bottom 20 user accounts on your network. Rank Account Name No Users Discovered Count

Bottom 20 User Accounts No Users Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 18 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 BOTTOM 20 NETWORK SHARES The following is an overview of the bottom 20 network shares on your network. Rank Share Name No Shares Discovered Count

Bottom 20 Network Shares No Shares Discovered

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 19 of 21

Retina Network Security Scanner

Network Vulnerability Assessment & Remediation Management 03/12/2012 - Report created by version 5.17.1.2582 GLOSSARY The following is glossary of common terms used throughout this report. DoS Attack: A Denial of Service (DoS) attack is a remote attack against a servers TCP/IP stack or services. DoS attacks can saturate a servers bandwidth, saturate all available connections for a particular service, or even crash a server. Exploit: A script or program that takes advantage of vulnerabilities in services or programs to allow an attacker to gain unauthorized or elevated system access. Host: A node on a network. Usually refers to a computer or device on a network which both initiates and accepts network connections. IP Address: The 32-bit address defined by the Internet Protocol in STD 5, RFC 791. It is usually represented in dotted decimal notation. Any device connected to the Internet that used TCP/IP is assigned an IP Address. An IP Address can be likened to a home address in that no two are alike. Netbios: Network Basic Input Output System. The standard interface to networks on IBM PC and compatible networks. Ping: A program used to test reachability of destination nodes by sending them an ICMP echo request and waiting for a reply. Port: A port in the network sense is the pathway that a computer uses to transmit and receive data. As an example, Web Servers typically listen for requests on port 80. Registry: The internal system configuration that a user can customize to alter his computing environment on the Microsoft Windows Platform. The registry is organized in a hierarchical structure of subtrees and their respective keys, subkeys, and values that apply to those keys and subkeys Risk Level - Info: Retina may provide additional information about a host that does not necessarily represent a security threat, but may be useful to the administrator in order to better assess the security of the host, or the network at large. These alerts are displayed with the list of discovered vulnerabilities, and are indicated by a green 'I' icon. Risk Level - Low: A low-risk vulnerability is typically one that only presents a threat in specific and unlikely circumstances. Such a vulnerability may provide an attacker with information that could be combined with other, higher-risk vulnerabilities, in order to compromise the host or its users. Risk Level - Medium: Medium-risk vulnerabilities are serious security threats that would allow a trusted but non-privileged user to assume complete control of a host, or would permit an untrusted user to disrupt service or gain access to sensitive information. Risk Level - High: A vulnerability is designated as high-risk if it would allow a user who has not been given any amount of trust on a susceptible host to take control of it. Other vulnerabilities that severely impact the overall safety and usability of the network may also be designated as high-risk. Service: A service is a program running on a remote machine that in one way or another provides a service to users. For example, when you visit a website the remote server displays a web page via its web server service. Share: A folder, set of files, or even a hard drive partition set up on a machine to allow access to other users. Shares are frequently set up with incorrect file permissions which

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 20 of 21

could allow an attacker to gain access to this data. Sniffer: frequently attackers will place a sniffer program on a compromised machine. The sole purpose of a sniffer is to collect data being transmitted on the network in clear-text including usernames and passwords. Subnet: A portion of a network, which may be a physically independent network segment, which shares a network address with other portions of the network and is distinguished by a subnet number. Vulnerability: A weakness or a flaw in a program or service that can allow an attacker to gain unauthorized or elevated system access.

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012

Retina Report

Page 21 of 21

file://C:\Programmi\eEye Digital Security\Retina 5\Reports\Temp\Executive\Executiv... 03/12/2012