Documente Academic
Documente Profesional
Documente Cultură
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Table of Contents
SANS Top 20 Overview
........................................................................................................................................................................................
.......................................................................................................................................
1
2
3
.......................................................................................................................................
PCI Compliance Summary ............................................................................................................................................................................................................... 4
DISA Compliance Summary .............................................................................................................................................................................................................6
CIS Compliance Summary ............................................................................................................................................................................................................... 8
HIPAA Compliance Summary ........................................................................................................................................................................................................ 10
11
17
.................................................................................................
System Scanned within 30 Days ...................................................................................................................................................................................................13
Systems Scanned Credentials within 7 Days Summary ............................................................................................................................................................ 16
..................................................................................................................................................
Malicious Process Detection ......................................................................................................................................................................................................... 18
Virus Spike .......................................................................................................................................................................................................................................19
Active Virus ......................................................................................................................................................................................................................................20
............................................................................................................................
21
28
.................................................................................................................................
WAP Count .......................................................................................................................................................................................................................................29
SANS Control -7 Wireless Device Control ................................................................................................................................................................................... 30
Vulnerable WAP ...............................................................................................................................................................................................................................31
......................................................................
32
Table of Contents
Tenable Network Security
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
35
47
52
62
............................................................................................
Host On Network .............................................................................................................................................................................................................................36
New Services ................................................................................................................................................................................................................................... 39
Port Scanner Identified Services ...................................................................................................................................................................................................42
.......................................................................
User Added ...................................................................................................................................................................................................................................... 48
User Changes .................................................................................................................................................................................................................................. 49
User Removal .................................................................................................................................................................................................................................. 50
New User Creation .......................................................................................................................................................................................................................... 51
............................................................................................................................................
Linked to Bot List ........................................................................................................................................................................................................................... 53
Web Site Linked to Malicious Content ......................................................................................................................................................................................... 54
Threatlist Intrusion .......................................................................................................................................................................................................................... 55
Threatlist Statistics ......................................................................................................................................................................................................................... 56
Firewall Anomaly Statistics ............................................................................................................................................................................................................57
Connection Statistics ......................................................................................................................................................................................................................58
Access Denied Anomaly Statistics ............................................................................................................................................................................................... 60
Login Failure Large Anomaly Statistics ....................................................................................................................................................................................... 61
...................................................................................................
Event Trend Summary .................................................................................................................................................................................................................... 64
Long Term Intrusion Activity .........................................................................................................................................................................................................67
Multiple System Crashes ................................................................................................................................................................................................................68
Long Term DNS Failures ................................................................................................................................................................................................................69
Long Term Error Activity ............................................................................................................................................................................................................... 71
Long Term DOS Activity ................................................................................................................................................................................................................ 72
....................................................................................................
73
Table of Contents
Tenable Network Security
ii
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
76
87
92
.....................................................................................................
Login Failure Events .......................................................................................................................................................................................................................77
Password Guessing Intrusion Events .......................................................................................................................................................................................... 80
Successful Password Guessing Events .......................................................................................................................................................................................81
User Account Locked Out Events ................................................................................................................................................................................................ 82
Password Never Expires ................................................................................................................................................................................................................ 83
Passwords Never Changed ............................................................................................................................................................................................................84
Account with Blank Password ...................................................................................................................................................................................................... 85
Windows Administrator Default Password .................................................................................................................................................................................. 86
...................................................................................................................................
Data Leakage ................................................................................................................................................................................................................................... 88
USB Device Usage .......................................................................................................................................................................................................................... 89
Dropbox Software Detection ..........................................................................................................................................................................................................90
BitTorrent Activity ........................................................................................................................................................................................................................... 91
................................................................................................................
Client Side Patch Related Vulnerabilities .....................................................................................................................................................................................93
Mobile Device Passive Vulnerabilities ..........................................................................................................................................................................................94
Web Client Passive Vulnerabilities ............................................................................................................................................................................................... 95
General Passive Vulnerabilities .....................................................................................................................................................................................................97
Port Range 1-1024 Passive Vulnerabilities ................................................................................................................................................................................ 100
Port Range 1025-5000 Passive Vulnerabilities .......................................................................................................................................................................... 101
Port Range 5001-10000 Passive Vulnerabilities ........................................................................................................................................................................ 102
Port Range 10000+ Passive Vulnerabilities ............................................................................................................................................................................... 103
Table of Contents
Tenable Network Security
iii
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
Info
Med.
High
172.31.100.62
IP Address
NetBIOS Name
sc01.melcara.com
DNS Name
50
172.31.100.63
lce01.melcara.com
50
172.31.100.64
pvs01.melcara.com
50
172.31.100.65
scan01.melcara.com
50
20
20
172.31.100.40
172.31.104.141
UNKNOWN\FAMILY-PC
172.31.100.11
NPROTECT\DC02
10
172.31.100.26
10
172.31.100.29
10
172.31.100.55
10
10
172.31.100.103
10
172.31.100.110
10
172.31.100.102
WORKGROUP\NAS3T
172.31.100.253
dc02.nprotect.int
10
172.31.104.134
NPROTECT\JND-DTP
10
172.31.104.135
UNKNOWN\GRD-LPTP
10
172.31.104.251
10
172.31.104.253
10
172.31.100.56
172.31.104.129
172.31.104.131
172.31.104.133
172.31.104.136
172.31.104.137
172.31.104.139
172.31.104.140
172.31.104.143
172.31.104.130
UNKNOWN\LPTP01
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
Info
Med.
High
172.31.100.62
IP Address
NetBIOS Name
sc01.melcara.com
DNS Name
50
172.31.100.63
lce01.melcara.com
50
172.31.100.64
pvs01.melcara.com
50
172.31.100.65
scan01.melcara.com
50
20
20
172.31.100.40
172.31.104.141
UNKNOWN\FAMILY-PC
172.31.100.11
NPROTECT\DC02
10
172.31.100.26
10
172.31.100.29
10
172.31.100.55
10
10
172.31.100.103
10
172.31.100.110
10
172.31.100.102
WORKGROUP\NAS3T
172.31.100.253
dc02.nprotect.int
10
172.31.104.134
NPROTECT\JND-DTP
10
172.31.104.135
UNKNOWN\GRD-LPTP
10
172.31.104.251
10
172.31.104.253
10
172.31.100.56
172.31.104.129
172.31.104.131
172.31.104.133
172.31.104.136
172.31.104.137
172.31.104.139
172.31.104.140
172.31.104.143
172.31.104.130
UNKNOWN\LPTP01
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
Info
Med.
High
172.31.100.63
IP Address
NetBIOS Name
lce01.melcara.com
2561
451
190
254
172.31.100.62
sc01.melcara.com
2541
452
193
252
172.31.100.64
pvs01.melcara.com
2521
451
194
250
scan01.melcara.com
2515
452
183
25
244
dc02.nprotect.int
571
162
72
47
43
172.31.100.65
DNS Name
172.31.100.11
NPROTECT\DC02
172.31.104.141
UNKNOWN\FAMILY-PC
545
162
76
45
41
172.31.104.134
NPROTECT\JND-DTP
541
162
75
47
40
172.31.104.135
UNKNOWN\GRD-LPTP
541
162
75
47
40
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
NetBIOS Name
172.31.100.11
NPROTECT\DC02
172.31.104.141
UNKNOWN\FAMILY-PC
DNS Name
dc02.nprotect.int
Score
Total
Info
Med.
High
133
32
18
13
130
32
19
13
10
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
11
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total Systems
12
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
13
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
NetBIOS Name
DNS Name
OS CPE
172.31.104.253
172.31.104.251
cpe:/o:linux:linux_kernel:2.6
172.31.104.146
cpe:/o:microsoft:windows_7::sp1:x86enterprise
172.31.104.144
172.31.104.140
172.31.104.138
172.31.104.137
cpe:/o:apple:mac_os_x:10.8
172.31.104.136
172.31.104.135
UNKNOWN\GRD-LPTP
cpe:/o:microsoft:windows_7:::enterprise
172.31.104.134
NPROTECT\JND-DTP
cpe:/o:microsoft:windows_7::sp1:x64enterprise
172.31.104.132
172.31.104.131
172.31.104.130
cpe:/o:apple:mac_os_x:10.8
UNKNOWN\LPTP01
cpe:/o:apple:mac_os_x:10.8
172.31.104.129
172.31.103.253
172.31.102.253
172.31.102.251
cisco-lwapp-controller.nprotect.int
cpe:/o:linux:linux_kernel:2.6
172.31.102.250
172.31.102.222
172.31.102.221
172.31.100.253
172.31.100.102
WORKGROUP\NAS3T
cpe:/o:debian:debian_linux:5.0
172.31.100.65
scan01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.64
pvs01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.63
lce01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.62
sc01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.56
cpe:/o:hp:hp-ux:9.05
14
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
NetBIOS Name
DNS Name
OS CPE
172.31.100.55
172.31.100.40
cpe:/o:linux:linux_kernel:2.6
172.31.100.29
cpe:/o:vmware:esx_server
172.31.100.26
cpe:/o:vmware:esx_server
172.31.100.11
NPROTECT\DC02
dc02.nprotect.int
cpe:/
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
15
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
NetBIOS Name
172.31.104.134
NPROTECT\JND-DTP
172.31.100.11
NPROTECT\DC02
DNS Name
OS CPE
cpe:/o:microsoft:windows_7::sp1:x64enterprise
dc02.nprotect.int
cpe:/
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
16
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
17
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
18
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Virus Spike
Virus Spike
19
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Active Virus
ActiveVirus
20
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
21
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
Severity
Plugin Name
Family
5824
High
6015
High
Web Servers
6017
High
Web Servers
6021
High
6062
High
Web Servers
6129
High
Web Servers
6263
High
Web Servers
6302
High
6304
High
PHP 5.3.9
php_register_variable_ex()
Code Execution
Web Servers
6494
High
Web Servers
6495
High
Web Servers
6530
High
Web Servers
6556
High
Web Servers
55976
High
Web Servers
Web Servers
22
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Plugin
Total
Severity
Plugin Name
Family
3038
High
3657
High
CGI
Web Servers
6332
High
12218
Medium
mDNS Detection
Service detection
2810
Medium
Web Servers
5720
Medium
Web Servers
5782
Medium
Web Servers
5799
Medium
Web Servers
6400
Medium
Web Servers
6576
Medium
6671
Medium
6701
Medium
6707
Medium
Web Servers
10678
Medium
Web Servers
55640
Medium
CGI abuses
Web Servers
23
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Plugin
Total
Severity
Plugin Name
Family
57640
Medium
57792
Medium
Web Servers
3703
Medium
DNS Servers
20007
Medium
Service detection
3223
Medium
CGI
5789
Medium
Web Servers
5790
Medium
Web Servers
6018
Medium
Web Servers
6657
Medium
Web Servers
10079
Medium
FTP
11411
Medium
CGI abuses
19782
Medium
FTP
CGI abuses : XSS
CGI abuses : XSS
39466
Medium
49067
Medium
55903
Medium
4666
Low
Internal IP Address
Disclosure
Web Servers
24
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Plugin
Total
Severity
Plugin Name
Family
26194
Low
1134
Low
Web Servers
1724
Low
Web Servers
10663
Low
Service detection
FTP
34324
Low
22964
70
Info
Service Detection
Service detection
25221
56
Info
Remote listeners
enumeration (Linux / AIX)
Service detection
11111
26
Info
Service detection
1442
15
Info
Web Servers
Service detection
10267
10
Info
5273
10
Info
Internet Services
Service detection
Web Servers
10884
Info
3830
Info
24260
Info
10107
Info
Web Servers
49704
Info
External URLs
Web Servers
Web Servers
6479
Info
43111
Info
10281
Info
Service detection
Info
Service detection
17975
25
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Plugin
Total
Severity
Plugin Name
Family
20301
Info
23777
Info
23778
Info
50845
Info
OpenSSL Detection
Service detection
20870
Info
Service detection
57396
Info
Service detection
4667
Info
Web Servers
10662
Info
Web mirroring
Web Servers
Web Servers
Service detection
11032
Info
11419
Info
CGI abuses
33817
Info
CGI abuses
39470
Info
CGI abuses
CGI abuses
40773
Info
40984
Info
CGI abuses
42057
Info
Web Servers
47830
Info
CGI abuses
57323
Info
11153
Info
Service detection
22227
Info
Service detection
53513
Info
Service detection
20285
Info
HP Integrated Lights-Out
Detection
Service detection
26
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Plugin
Total
Severity
Plugin Name
Family
45555
Info
Service detection
5721
Info
Backdoors
10147
Info
Service detection
10666
Info
Service detection
25240
Info
Service detection
6484
Info
11819
Info
Service detection
1762
Info
Web Servers
1804
Info
FTP Servers
10092
Info
Service detection
18261
Info
Web Servers
40406
Info
CGI abuses
49705
Info
52703
Info
vsftpd Detection
FTP
27
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
28
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
WAP Count
MAC Address
OS CPE
00:15:99:a0:ba:51
29
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
30
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Vulnerable WAP
Vulnerable WAP
31
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
32
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
OS CPE
Total
Info
Low
Med.
High
Crit.
172.31.102.250
11
172.31.100.253
172.31.102.253
172.31.103.253
172.31.104.253
33
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
34
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
35
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Host On Network
36
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
NetBIOS Name
DNS Name
OS CPE
172.31.104.253
172.31.104.251
cpe:/o:linux:linux_kernel:2.6
172.31.104.146
cpe:/o:microsoft:windows_7::sp1:x86enterprise
172.31.104.144
172.31.104.140
172.31.104.138
172.31.104.137
cpe:/o:apple:mac_os_x:10.8
172.31.104.136
172.31.104.135
UNKNOWN\GRD-LPTP
cpe:/o:microsoft:windows_7:::enterprise
172.31.104.134
NPROTECT\JND-DTP
cpe:/o:microsoft:windows_7::sp1:x64enterprise
172.31.104.132
172.31.104.131
172.31.104.130
cpe:/o:apple:mac_os_x:10.8
UNKNOWN\LPTP01
cpe:/o:apple:mac_os_x:10.8
172.31.104.129
172.31.103.253
172.31.102.253
172.31.102.251
cisco-lwapp-controller.nprotect.int
cpe:/o:linux:linux_kernel:2.6
172.31.102.250
172.31.102.222
172.31.102.221
172.31.100.253
172.31.100.102
WORKGROUP\NAS3T
cpe:/o:debian:debian_linux:5.0
172.31.100.65
scan01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.64
pvs01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.63
lce01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.62
sc01.melcara.com
cpe:/o:centos:centos:6:update4
172.31.100.56
cpe:/o:hp:hp-ux:9.05
172.31.100.55
172.31.100.40
cpe:/o:linux:linux_kernel:2.6
37
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
NetBIOS Name
DNS Name
OS CPE
172.31.100.29
cpe:/o:vmware:esx_server
172.31.100.26
cpe:/o:vmware:esx_server
172.31.100.11
NPROTECT\DC02
dc02.nprotect.int
cpe:/
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
38
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
New Services
39
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
443
Port
15
80
15
22
11
23
3389
445
139
135
8080
427
53
9100
9000
8194
8193
8192
8100
8000
5989
5200
5001
3689
3269
3268
2638
2030
2020
1099
902
40
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Port
Score
Total
636
631
593
548
515
464
389
111
88
49
21
41
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
42
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Total
443
45
80
45
22
43
62078
32
111
18
23
18
3389
12
445
12
139
12
135
12
427
10
631
49152
49154
8060
123
53
8194
8193
8192
8100
8080
8000
5989
902
464
389
88
49157
43
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Port
Total
49155
49153
9100
5200
3269
3268
1099
636
593
515
49158
9000
8834
5355
4500
3689
2638
2030
2020
1900
1243
601
548
500
138
137
49
49206
49205
49190
44
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Port
Total
49187
49156
47001
31300
9389
5353
1241
68
65370
65152
64756
64548
64547
63405
62636
61204
60901
60493
60208
60183
60050
60049
59640
59007
57700
56032
55984
55263
54791
54579
45
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Port
Total
54189
54185
54158
53676
52768
52767
52555
52500
52452
52430
51720
46
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
47
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
User Added
48
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
User Changes
49
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
User Removal
50
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
51
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
52
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
53
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
54
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Threatlist Intrusion
55
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Threatlist Statistics
56
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
57
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Connection Statistics
58
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
LCE
Count
172.31.104.146
lce01
40
172.31.104.131
lce01
26
172.31.104.141
lce01
22
172.31.100.65
lce01
16
172.31.100.11
lce01
12
172.31.104.143
lce01
12
172.31.104.138
lce01
12
172.31.104.144
lce01
172.31.102.221
lce01
172.31.104.142
lce01
172.31.104.132
lce01
172.31.104.137
lce01
172.31.104.134
lce01
172.31.104.135
lce01
172.31.104.130
lce01
172.31.100.62
lce01
172.31.100.110
lce01
172.31.104.157
lce01
172.31.104.136
lce01
172.31.104.129
lce01
172.31.102.223
lce01
59
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
60
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
61
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
62
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
63
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
64
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Count
application
39
connection
143043
continuous
268
data-leak
60
detected-change
331
dns
314758
error
968
firewall
144355
intrusion
lce
1991
login
16747
login-failure
42
to
65
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Event Type
Count
logout
8990
nbs
network
46682160
process
social-networks
139
stats
562
system
997
unnormalized
71793
web-access
474388
to
66
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
67
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
68
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
69
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
LCE
Count
172.31.100.11
lce01
241
172.31.104.134
lce01
112
172.31.104.132
lce01
43
172.31.104.137
lce01
28
172.31.104.143
lce01
22
172.31.104.141
lce01
13
172.31.104.135
lce01
11
172.31.104.146
lce01
172.31.100.65
lce01
172.31.100.110
lce01
172.31.104.142
lce01
70
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
71
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
72
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
73
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
74
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Severity
10079
Plugin
Medium
Plugin Name
FTP
Family
19782
Medium
FTP
2406
Low
Internet Messengers
1273
Low
5980
Low
34324
Low
3963
Info
4672
Info
Data Leakage
4673
Info
Data Leakage
5214
Info
Data Leakage
4570
Info
Internet Messengers
52703
Info
vsftpd Detection
FTP
FTP
75
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
76
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
77
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Count
administrator
21
aevauzac
bykwalcs
cewlmzfy
donbsgym
dpscwvne
dquwthgx
dyhozudz
ebcluxwf
ecnzuwju
to
LCE
lce01
Count
42
78
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
172.31.100.65
LCE
lce01
Count
42
79
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Count
172.31.100.11
172.31.100.65
80
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
81
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
82
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Top 100 hosts with user account that have passwords that don't expire.
IP Address
NetBIOS Name
172.31.100.11
NPROTECT\DC02
172.31.104.141
UNKNOWN\FAMILY-PC
DNS Name
dc02.nprotect.int
OS CPE
cpe:/
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
83
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Top 100 hosts with user account that have never changed passwords.
IP Address
NetBIOS Name
172.31.100.11
NPROTECT\DC02
172.31.104.134
NPROTECT\JND-DTP
172.31.104.141
UNKNOWN\FAMILY-PC
DNS Name
dc02.nprotect.int
OS CPE
cpe:/
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
cpe:/o:microsoft:windows_7::sp1:x64enterprise
84
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Top 100 hosts with user account that have never changed passwords.
85
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
86
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
87
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
Data Leakage
NetBIOS Name
DNS Name
scan01.melcara.com
Score
OS CPE
Total
Info
Low
Med.
High
Crit.
cpe:/
o:centos:centos:6:update4
cpe:/
2
o:canonical:ubuntu_linux:11.04
88
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
172.31.104.134
NetBIOS Name
NPROTECT\JND-DTP
DNS Name
Score
0
OS CPE
cpe:/o:microsoft:windows_7::sp1:x64enterprise
89
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
90
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
BitTorrent Activity
91
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
92
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
93
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
94
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
95
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
NetBIOS Name
DNS Name
Score
Total
Info
Low
Med.
High
Crit.
cpe:/
o:apple:mac_os_x:10.8
30
cpe:/
o:apple:mac_os_x:10.8
172.31.100.110
30
172.31.104.131
30
172.31.104.133
OS CPE
172.31.104.135
UNKNOWN\GRDLPTP
20
cpe:/
2
o:microsoft:windows_7:::enterprise
172.31.104.134
NPROTECT\JNDDTP
10
cpe:/
o:microsoft:windows_7::sp1:x64-1
enterprise
96
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
97
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
NetBIOS Name
DNS Name
Score
Total
Info
Low
Med.
High
Crit.
172.31.104.144
cpe:/
o:microsoft:windows_7::sp1:x86-2
enterprise
172.31.104.143
cpe:/
o:freebsd:freebsd:6.0
172.31.104.140
172.31.104.139
172.31.104.138
172.31.104.137
172.31.104.253
172.31.104.251
172.31.104.157
172.31.104.142
172.31.104.141
UNKNOWN\FAMILYPC
172.31.104.136
OS CPE
cpe:/
o:linux:linux_kernel:2.6
cpe:/
o:apple:mac_os_x:10.8
cpe:/
o:apple:mac_os_x:10.8
cpe:/
3
o:microsoft:windows_7:::enterprise
172.31.104.133
cpe:/
o:apple:mac_os_x:10.8
172.31.104.132
172.31.104.135
0
UNKNOWN\GRDLPTP
172.31.104.131
172.31.104.130
UNKNOWN\LPTP01
cpe:/
o:apple:mac_os_x:10.8
cpe:/
o:apple:mac_os_x:10.8
172.31.104.129
24
172.31.103.253
172.31.102.253
98
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
IP Address
NetBIOS Name
DNS Name
cisco-lwapp-controller.
nprotect.int
172.31.102.251
Score
0
OS CPE
Total
Info
Low
Med.
High
Crit.
cpe:/
67
o:canonical:ubuntu_linux:11.04
16
22
27
cpe:/
o:linux:linux_kernel:2.6
172.31.102.250
172.31.102.223
338
172.31.100.253
172.31.100.110
cpe:/
o:debian:debian_linux:5.0
172.31.100.102
WORKGROUP\
NAS3T
172.31.100.65
scan01.melcara.com
cpe:/
o:centos:centos:6:update4
172.31.100.64
pvs01.melcara.com
cpe:/
o:centos:centos:6:update4
172.31.100.63
lce01.melcara.com
cpe:/
o:centos:centos:6:update4
172.31.100.62
sc01.melcara.com
cpe:/
o:centos:centos:6:update4
172.31.100.40
cpe:/
o:linux:linux_kernel:2.6
172.31.100.29
10
cpe:/
o:vmware:esx_server
cpe:/
9
5
o:microsoft:windows_server_2008:r2:sp1:x64enterprise
172.31.100.11
NPROTECT\DC02
dc02.nprotect.int
99
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
100
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
101
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
102
SecurityCenter 4
TENABLE NETWORK SECURITY INC., COPYRIGHT 2013
103