Duvida Segurança

[tppa]

Pessoal boa noite, eu uso csf como firewall e tava fazendo uns teste com o nessus aqui e geralmente com csf ativado a varredura seria bloquada e entao resolvi fazer teste com o csf desativado e para minha surpresa.

 

 

medium SSL Certificate Cannot Be Trusted General 4
medium SSL Self-Signed Certificate General 4
medium DNS Server Cache Snooping Remote Information Disclosure DNS 1
medium DNS Server Recursive Query Cache Poisoning Weakness DNS 1
medium DNS Server Spoofed Request Amplification DDoS DNS 1
medium PHP expose_php Information Disclosure Web Servers 1
medium Web Server Generic Cookie Injection CGI abuses 1
medium Web Server Generic XSS CGI abuses : XSS 1
low SSL RC4 Cipher Suites Supported General 5
low FTP Supports Clear Text Authentication FTP 1
low SMTP Service Cleartext Login Permitted SMTP problems 1
low SSL Anonymous Cipher Suites Supported Service detection 1
info Nessus SYN scanner Port scanners 15
info Service Detection Service detection 10
info OpenSSL Detection Service detection 5
info SSL / TLS Versions Supported General 5
info SSL Certificate Information General 5
info SSL Cipher Suites Supported General 5
info SSL Compression Methods Supported General 5
info SSL Perfect Forward Secrecy Cipher Suites Supported General 5
info DNS Server Detection DNS 2
info HTTP Server Type and Version Web Servers 2
info HyperText Transfer Protocol (HTTP) Information Web Servers 2
info IMAP Service Banner Retrieval Service detection 2
info Additional DNS Hostnames General 1
info Common Platform Enumeration (CPE) General 1
info Device Type General 1
info FTP Server Detection Service detection 1
info FTP Service AUTH TLS Command Support FTP 1
info HTTP Methods Allowed (per directory) Web Servers 1
info ICMP Timestamp Request Remote Date Disclosure General 1
info IMAP Service STARTTLS Command Support Misc. 1
info Nessus Scan Information Settings 1
info OS Identification General 1
info Patch Report General 1
info POP Server Detection Service detection 1
info POP3 Service STLS Command Support Misc. 1
info SMTP Authentication Methods SMTP problems 1
info SMTP Server Detection Service detection 1
info SSL Session Resume Supported General 1
info Traceroute Information General 1
info Web Server Directory Enumeration Web Servers 1
info Web Server No 404 Error Code Check Web Servers 1
 

[joaopaulo]

Amigo, se você desativa o firewall... é complicado o penetration-test ter resultados reais né?

 

Coloque o seu IP na Whitelist do CSF, de um flush no cphulk e no CSF e rode novamente.

 

Att,