518 KiB
518 KiB
Plugin ID,CVE,CVSS,Risk,Host,Protocol,Port,Name,Synopsis,Description,Solution,See Also,Plugin Output,STIG Severity,CVSS v3.0 Base Score,CVSS Temporal Score,CVSS v3.0 Temporal Score,Risk Factor,BID,XREF,MSKB,Plugin Publication Date,Plugin Modification Date,Metasploit,Core Impact,CANVAS
"10287","","","None","11.1.65.0","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.0 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.1","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.1","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.1 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.1","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.1","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.1","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.1","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.1","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.1","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=1.489, rootdisp=4.503, refid=11.1.80.193,
reftime=0xeb6ae3d1.29d6be35, clock=0xeb6ae3d5.2907c24c, peer=6225, tc=6,
mintc=3, offset=-0.063, frequency=13.204, sys_jitter=0.045,
clk_jitter=0.017, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.1","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.10","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.10 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.11","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.11 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.12","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.12 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.13","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.13 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.14","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.14 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.15","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.15 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.16","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.16 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.17","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.17 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.18","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.18 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.19","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.19 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.2","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.2","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.2 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10884","","","None","11.1.65.2","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.2","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.2","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.2","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.2","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=1.397, rootdisp=4.935, refid=11.1.80.193,
reftime=0xeb6ae46a.2dd70cfe, clock=0xeb6ae4a5.4789c98b, peer=57687,
tc=6, mintc=3, offset=-0.094, frequency=8.235, sys_jitter=0.059,
clk_jitter=0.022, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.2","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10107","","","None","11.1.65.20","tcp","443","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.20","tcp","8901","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.20","tcp","8999","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.20","tcp","9090","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.20","tcp","9091","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.20","tcp","9990","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.20","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-OpenSSH_9.6
SSH supported authentication : publickey,password,keyboard-interactive
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.20","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.20 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10386","","","None","11.1.65.20","tcp","443","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","The following title tag will be used :
北望","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10386","","","None","11.1.65.20","tcp","9091","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
Unfortunately, Nessus has been unable to find a way to recognize this
page so some CGI-related checks have been disabled.
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10863","","","None","11.1.65.20","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Issuer Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Serial Number: 4E 4A 80 01
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: May 20 01:48:07 2021 GMT
Not Valid After: May 19 01:48:07 2024 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 C4 D0 C9 1E 9C BE 92 3A 5B 65 A0 C7 79 CE BF 06 6F 16 F2
27 D1 4F 2B 4D 73 04 F4 C4 E6 64 38 52 0E 5B 8B 58 37 72 98
B1 67 F6 A8 E7 71 0B 97 21 63 A2 5A 26 F4 63 DD 7A 73 A5 B1
13 B0 36 BA 6D C7 60 38 7C 72 5C 7D 40 BD E7 51 FC D6 5F EF
0D 53 F6 FE 0F BE 98 23 D7 3D D8 E0 C1 96 3A 97 D7 59 34 27
1B E4 53 16 76 46 AE DC A4 E4 8F 2F D2 0B C1 78 A6 59 19 73
16 6D 06 F8 0A 22 DE 84 12 3D DA B0 E0 9E F5 2B FE 0A 39 4E
93 E7 84 29 74 63 E1 82 2F 38 D8 79 C9 31 BD A4 85 C3 2D 95
BA DD 37 AD 31 D1 78 A4 F5 76 36 9F 44 F8 E6 51 78 BB 19 1D
BC C7 6C B7 8C 47 73 51 34 29 E1 04 AF 3F 33 3E 67 C5 C2 35
92 F5 80 D0 F5 B5 ED BA 0F 7E 30 93 11 59 14 99 A2 80 F7 60
93 EE 75 8D 9F D3 43 01 A9 74 E2 13 75 2F 52 02 33 74 62 2E
9D 5C 32 1A F8 6A E7 EB 5A 6D 27 87 B9 58 35 8C 51
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 AD BD 35 F3 92 FB 9E 60 26 13 A8 F7 25 6E BC 78 FB 99 A0
92 96 C9 FE EE 58 7A 4E 1F 66 E1 07 21 1F 34 A4 40 88 F6 BA
23 F2 D3 01 F9 54 61 ED 23 AE A4 0A 02 0E B8 1E 69 73 9C 3F
3B C3 DA BD 44 83 E2 CF 35 1D 32 D9 0D 68 4C 3E E0 20 30 BA
3A 40 89 0E 9C 60 1F 37 D7 9F 36 3D D4 1E 50 95 5E C4 69 25
67 84 95 7F 62 66 97 DE AD AE 6B D5 7C 76 7C BF 34 D7 96 C6
97 90 A3 9F 63 C4 75 6A 43 94 7B C3 C3 3F A8 28 E2 BD 3D AF
31 25 E7 A7 F2 4C 71 9D 84 8B 1E CA 87 9F EE 0F DF 43 C8 AF
D7 56 05 A2 0B 54 10 2E 56 00 D1 15 63 3C 0F 0B ED C8 22 A4
76 BE 1C 9B AA BB 35 FE 1A 8A 43 B2 3B 66 7A 04 AE 2A FC CA
66 74 34 FD 89 A4 F7 8F B0 50 D3 C0 6F 9B 91 7E 51 B9 49 1F
26 4C CE 39 88 24 8F 7A AE 5E B0 19 F8 1A 83 8B F0 73 E2 DD
46 FF 49 FF A9 FC 1B 8D 70 C2 09 A1 60 E5 C7 DC AA
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 24 CC D4 A8 09 E4 9C D2 70 FF 1C 33 B1 F6 8A 4E DF CC 64 0A
Fingerprints :
SHA-256 Fingerprint: 41 89 A6 6E 05 67 46 3A 96 81 F6 86 62 B7 AB E7 55 52 7B 8F
41 A5 32 C8 2F BC 05 BE DA 3F 90 6B
SHA-1 Fingerprint: 25 D4 B8 D1 D1 05 10 C5 C9 A6 94 40 84 05 0C F2 13 81 81 23
MD5 Fingerprint: FF 48 D1 17 C4 B2 DD 12 53 9A 4D 2D BE 43 12 70
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDlzCCAn+gAwIBAgIETkqAATANBgkqhkiG9w0BAQsFADB8MQ4wDAYDVQQGEwVDSElOQTEQMA4GA1UECBMHQkVJSklORzEQMA4GA1UEBxMHQkVJSklORzEbMBkGA1UEChMSSDNDIFNlY0NlbnRlciBDU0FQMRswGQYDVQQLExJIM0MgU2VjQ2VudGVyIENTQVAxDDAKBgNVBAMTA0gzQzAeFw0yMTA1MjAwMTQ4MDdaFw0yNDA1MTkwMTQ4MDdaMHwxDjAMBgNVBAYTBUNISU5BMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRswGQYDVQQKExJIM0MgU2VjQ2VudGVyIENTQVAxGzAZBgNVBAsTEkgzQyBTZWNDZW50ZXIgQ1NBUDEMMAoGA1UEAxMDSDNDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNDJHpy+kjpbZaDHec6/Bm8W8ifRTytNcwT0xOZkOFIOW4tYN3KYsWf2qOdxC5chY6JaJvRj3XpzpbETsDa6bcdgOHxyXH1AvedR/NZf7w1T9v4Pvpgj1z3Y4MGWOpfXWTQnG+RTFnZGrtyk5I8v0gvBeKZZGXMWbQb4CiLehBI92rDgnvUr/go5TpPnhCl0Y+GCLzjYeckxvaSFwy2Vut03rTHReKT1djafRPjmUXi7GR28x2y3jEdzUTQp4QSvPzM+Z8XCNZL1gND1te26D34wkxFZFJmigPdgk+51jZ/TQwGpdOITdS9SAjN0Yi6dXDIa+Grn61ptJ4e5WDWMUQIDAQABoyEwHzAdBgNVHQ4EFgQUJMzUqAnknNJw/xwzsfaKTt/MZAowDQYJKoZIhvcNAQELBQADggEBAK29NfOS+55gJhOo9yVuvHj7maCSlsn+7lh6Th9m4QchHzSkQIj2uiPy0wH5VGHtI66kCgIOuB5pc5w/O8PavUSD4s81HTLZDWhMPuAgMLo6QIkOnGAfN9efNj3UHlCVXsRpJWeElX9iZpfera5r1Xx2fL8015bGl5Cjn2PEdWpDlHvDwz+oKOK9Pa8xJeen8kxxnYSLHsqHn+4P30PIr9dWBaILVBAuVgDRFWM8DwvtyCKkdr4cm6q7Nf4aikOyO2Z6BK4q/MpmdDT9iaT3j7BQ08Bvm5F+UblJHyZMzjmIJI96rl6wGfgag4vwc+LdRv9J/6n8G41wwgmhYOXH3Ko=
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10863","","","None","11.1.65.20","tcp","8901","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Issuer Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Serial Number: 4E 4A 80 01
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: May 20 01:48:07 2021 GMT
Not Valid After: May 19 01:48:07 2024 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 C4 D0 C9 1E 9C BE 92 3A 5B 65 A0 C7 79 CE BF 06 6F 16 F2
27 D1 4F 2B 4D 73 04 F4 C4 E6 64 38 52 0E 5B 8B 58 37 72 98
B1 67 F6 A8 E7 71 0B 97 21 63 A2 5A 26 F4 63 DD 7A 73 A5 B1
13 B0 36 BA 6D C7 60 38 7C 72 5C 7D 40 BD E7 51 FC D6 5F EF
0D 53 F6 FE 0F BE 98 23 D7 3D D8 E0 C1 96 3A 97 D7 59 34 27
1B E4 53 16 76 46 AE DC A4 E4 8F 2F D2 0B C1 78 A6 59 19 73
16 6D 06 F8 0A 22 DE 84 12 3D DA B0 E0 9E F5 2B FE 0A 39 4E
93 E7 84 29 74 63 E1 82 2F 38 D8 79 C9 31 BD A4 85 C3 2D 95
BA DD 37 AD 31 D1 78 A4 F5 76 36 9F 44 F8 E6 51 78 BB 19 1D
BC C7 6C B7 8C 47 73 51 34 29 E1 04 AF 3F 33 3E 67 C5 C2 35
92 F5 80 D0 F5 B5 ED BA 0F 7E 30 93 11 59 14 99 A2 80 F7 60
93 EE 75 8D 9F D3 43 01 A9 74 E2 13 75 2F 52 02 33 74 62 2E
9D 5C 32 1A F8 6A E7 EB 5A 6D 27 87 B9 58 35 8C 51
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 AD BD 35 F3 92 FB 9E 60 26 13 A8 F7 25 6E BC 78 FB 99 A0
92 96 C9 FE EE 58 7A 4E 1F 66 E1 07 21 1F 34 A4 40 88 F6 BA
23 F2 D3 01 F9 54 61 ED 23 AE A4 0A 02 0E B8 1E 69 73 9C 3F
3B C3 DA BD 44 83 E2 CF 35 1D 32 D9 0D 68 4C 3E E0 20 30 BA
3A 40 89 0E 9C 60 1F 37 D7 9F 36 3D D4 1E 50 95 5E C4 69 25
67 84 95 7F 62 66 97 DE AD AE 6B D5 7C 76 7C BF 34 D7 96 C6
97 90 A3 9F 63 C4 75 6A 43 94 7B C3 C3 3F A8 28 E2 BD 3D AF
31 25 E7 A7 F2 4C 71 9D 84 8B 1E CA 87 9F EE 0F DF 43 C8 AF
D7 56 05 A2 0B 54 10 2E 56 00 D1 15 63 3C 0F 0B ED C8 22 A4
76 BE 1C 9B AA BB 35 FE 1A 8A 43 B2 3B 66 7A 04 AE 2A FC CA
66 74 34 FD 89 A4 F7 8F B0 50 D3 C0 6F 9B 91 7E 51 B9 49 1F
26 4C CE 39 88 24 8F 7A AE 5E B0 19 F8 1A 83 8B F0 73 E2 DD
46 FF 49 FF A9 FC 1B 8D 70 C2 09 A1 60 E5 C7 DC AA
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 24 CC D4 A8 09 E4 9C D2 70 FF 1C 33 B1 F6 8A 4E DF CC 64 0A
Fingerprints :
SHA-256 Fingerprint: 41 89 A6 6E 05 67 46 3A 96 81 F6 86 62 B7 AB E7 55 52 7B 8F
41 A5 32 C8 2F BC 05 BE DA 3F 90 6B
SHA-1 Fingerprint: 25 D4 B8 D1 D1 05 10 C5 C9 A6 94 40 84 05 0C F2 13 81 81 23
MD5 Fingerprint: FF 48 D1 17 C4 B2 DD 12 53 9A 4D 2D BE 43 12 70
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDlzCCAn+gAwIBAgIETkqAATANBgkqhkiG9w0BAQsFADB8MQ4wDAYDVQQGEwVDSElOQTEQMA4GA1UECBMHQkVJSklORzEQMA4GA1UEBxMHQkVJSklORzEbMBkGA1UEChMSSDNDIFNlY0NlbnRlciBDU0FQMRswGQYDVQQLExJIM0MgU2VjQ2VudGVyIENTQVAxDDAKBgNVBAMTA0gzQzAeFw0yMTA1MjAwMTQ4MDdaFw0yNDA1MTkwMTQ4MDdaMHwxDjAMBgNVBAYTBUNISU5BMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRswGQYDVQQKExJIM0MgU2VjQ2VudGVyIENTQVAxGzAZBgNVBAsTEkgzQyBTZWNDZW50ZXIgQ1NBUDEMMAoGA1UEAxMDSDNDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNDJHpy+kjpbZaDHec6/Bm8W8ifRTytNcwT0xOZkOFIOW4tYN3KYsWf2qOdxC5chY6JaJvRj3XpzpbETsDa6bcdgOHxyXH1AvedR/NZf7w1T9v4Pvpgj1z3Y4MGWOpfXWTQnG+RTFnZGrtyk5I8v0gvBeKZZGXMWbQb4CiLehBI92rDgnvUr/go5TpPnhCl0Y+GCLzjYeckxvaSFwy2Vut03rTHReKT1djafRPjmUXi7GR28x2y3jEdzUTQp4QSvPzM+Z8XCNZL1gND1te26D34wkxFZFJmigPdgk+51jZ/TQwGpdOITdS9SAjN0Yi6dXDIa+Grn61ptJ4e5WDWMUQIDAQABoyEwHzAdBgNVHQ4EFgQUJMzUqAnknNJw/xwzsfaKTt/MZAowDQYJKoZIhvcNAQELBQADggEBAK29NfOS+55gJhOo9yVuvHj7maCSlsn+7lh6Th9m4QchHzSkQIj2uiPy0wH5VGHtI66kCgIOuB5pc5w/O8PavUSD4s81HTLZDWhMPuAgMLo6QIkOnGAfN9efNj3UHlCVXsRpJWeElX9iZpfera5r1Xx2fL8015bGl5Cjn2PEdWpDlHvDwz+oKOK9Pa8xJeen8kxxnYSLHsqHn+4P30PIr9dWBaILVBAuVgDRFWM8DwvtyCKkdr4cm6q7Nf4aikOyO2Z6BK4q/MpmdDT9iaT3j7BQ08Bvm5F+UblJHyZMzjmIJI96rl6wGfgag4vwc+LdRv9J/6n8G41wwgmhYOXH3Ko=
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10863","","","None","11.1.65.20","tcp","9002","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: 86
State/Province: Anhui
Locality: Hefei
Organization: H3C
Organization Unit: H3C
Common Name: cyber
Issuer Name:
Country: 86
State/Province: Anhui
Locality: Hefei
Organization: H3C
Organization Unit: H3C
Common Name: cyber
Serial Number: 12 15 55 F4
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Nov 10 06:32:57 2021 GMT
Not Valid After: Oct 17 06:32:57 2121 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 8F 1F 40 C8 4E 1E 84 D0 52 45 90 DF 65 CB 56 17 7B 8F 5E
70 0B 95 E6 8C DC 61 AB 51 F2 61 ED 2E D8 62 00 E3 0F A9 DB
9B F6 11 21 24 57 9E CD D9 E0 9B BE 98 52 80 B5 2F B6 1E EE
57 5B 1A A2 40 DF A4 06 10 F3 8E 4C B8 A5 C7 4B 40 27 A2 67
AC A6 F8 48 94 A6 1A B6 F0 72 AD 1A 15 C6 CC CB 68 2B C8 E0
B1 D8 40 46 C6 0F C5 A6 4F 0D 02 FE 4D EA 19 89 A4 EF 87 E4
82 B2 58 02 EE CB 0F 26 EB 0A 45 19 A6 79 04 DE E6 9B 12 E3
41 35 6D 49 69 18 7B 06 C4 59 09 F2 D4 C8 6E 77 C9 A1 ED 5C
74 89 0C 40 0F A6 DA 90 51 BD 72 22 47 CD 68 81 13 83 A3 70
E9 01 3D EF 6B CD 76 FD 9D 35 1B 2A 3B 1D A0 AF 89 05 14 B4
F8 F7 91 2E 2A 20 E6 F8 7A 46 27 6A 08 3E 16 E3 23 F8 6A 54
A8 55 55 F1 88 02 59 78 5D 96 E7 38 A1 60 F2 4B 8D C7 DF 3C
8C EC 75 FA 77 3E 51 59 42 44 C1 69 D9 A6 96 8C 93
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 74 07 7F 1A B4 F7 42 89 C9 3F E1 D7 B7 34 9C F6 35 ED 57
54 9B 81 4A 76 01 69 E2 15 E3 AB 41 E1 44 C2 35 93 E4 BF FA
1B FE F0 D1 FA D3 1A 7A 96 CC 0B 30 FE 60 16 A9 DC 30 85 52
E9 77 1F C6 E3 A3 8D B5 91 CE B6 CB 34 4C 5A 41 22 94 59 C8
EC 74 60 21 6A C9 51 6D 2D 7B 58 BB 9B E3 5A BC 7C 9D 26 38
EB CB D4 55 ED 36 0B A9 E8 29 98 71 97 DD 01 5E 11 1F F7 6A
64 A9 84 D7 9A CD 8A A0 1D 5B 9E 0B 9C 0A B8 DC 28 12 E1 38
13 6F 8E 41 D3 CC 85 27 43 4D 41 E8 8E 8B 67 1E E2 54 67 DA
58 AD E9 0F 7A 91 BD 3A 6A 04 AE AA CD 40 F1 73 FC 45 D8 09
51 99 AE 9F AF 18 A7 90 0A B2 0D 62 B4 22 42 B5 1E 43 0F 59
39 81 F9 EA C0 2D F2 DA B0 BE E1 95 BE 55 76 9D 00 68 78 66
23 38 5D C4 03 C9 51 79 B5 78 FE 90 9F BA BF 29 C9 80 15 AE
21 F3 4B 9A DE 9C 8E 08 57 4C 56 45 E0 8B 5B BE 8F
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 76 AE 5A 44 33 4E 2F 34 BE EA 46 F9 76 BD CC E6 6D 51 AD 29
Fingerprints :
SHA-256 Fingerprint: A5 55 C2 CC 27 3A DC E9 F4 B2 7A 83 6A 33 97 DD BB 45 04 46
46 39 4C 68 68 F0 D9 0A 19 EB BC FB
SHA-1 Fingerprint: 2F 64 C2 ED 5F 41 1F 4C 09 DC FA 24 35 39 12 23 94 F8 61 75
MD5 Fingerprint: 4C A8 9D D5 B1 F1 79 AC 07 8B 50 9F 34 0D 95 38
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDUzCCAjugAwIBAgIEEhVV9DANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwI4NjEOMAwGA1UECBMFQW5odWkxDjAMBgNVBAcTBUhlZmVpMQwwCgYDVQQKEwNIM0MxDDAKBgNVBAsTA0gzQzEOMAwGA1UEAxMFY3liZXIwIBcNMjExMTEwMDYzMjU3WhgPMjEyMTEwMTcwNjMyNTdaMFkxCzAJBgNVBAYTAjg2MQ4wDAYDVQQIEwVBbmh1aTEOMAwGA1UEBxMFSGVmZWkxDDAKBgNVBAoTA0gzQzEMMAoGA1UECxMDSDNDMQ4wDAYDVQQDEwVjeWJlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI8fQMhOHoTQUkWQ32XLVhd7j15wC5XmjNxhq1HyYe0u2GIA4w+p25v2ESEkV57N2eCbvphSgLUvth7uV1saokDfpAYQ845MuKXHS0AnomespvhIlKYatvByrRoVxszLaCvI4LHYQEbGD8WmTw0C/k3qGYmk74fkgrJYAu7LDybrCkUZpnkE3uabEuNBNW1JaRh7BsRZCfLUyG53yaHtXHSJDEAPptqQUb1yIkfNaIETg6Nw6QE972vNdv2dNRsqOx2gr4kFFLT495EuKiDm+HpGJ2oIPhbjI/hqVKhVVfGIAll4XZbnOKFg8kuNx988jOx1+nc+UVlCRMFp2aaWjJMCAwEAAaMhMB8wHQYDVR0OBBYEFHauWkQzTi80vupG+Xa9zOZtUa0pMA0GCSqGSIb3DQEBCwUAA4IBAQB0B38atPdCick/4de3NJz2Ne1XVJuBSnYBaeIV46tB4UTCNZPkv/ob/vDR+tMaepbMCzD+YBap3DCFUul3H8bjo421kc62yzRMWkEilFnI7HRgIWrJUW0te1i7m+NavHydJjjry9RV7TYLqegpmHGX3QFeER/3amSphNeazYqgHVueC5wKuNwoEuE4E2+OQdPMhSdDTUHojotnHuJUZ9pYrekPepG9OmoErqrNQPFz/EXYCVGZrp+vGKeQCrINYrQiQrUeQw9ZOYH56sAt8tqwvuGVvlV2nQBoeGYjOF3EA8lRebV4/pCfur8pyYAVriHzS5renI4IV0xWReCLW76P
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10863","","","None","11.1.65.20","tcp","9090","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Issuer Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Serial Number: 4E 4A 80 01
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: May 20 01:48:07 2021 GMT
Not Valid After: May 19 01:48:07 2024 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 C4 D0 C9 1E 9C BE 92 3A 5B 65 A0 C7 79 CE BF 06 6F 16 F2
27 D1 4F 2B 4D 73 04 F4 C4 E6 64 38 52 0E 5B 8B 58 37 72 98
B1 67 F6 A8 E7 71 0B 97 21 63 A2 5A 26 F4 63 DD 7A 73 A5 B1
13 B0 36 BA 6D C7 60 38 7C 72 5C 7D 40 BD E7 51 FC D6 5F EF
0D 53 F6 FE 0F BE 98 23 D7 3D D8 E0 C1 96 3A 97 D7 59 34 27
1B E4 53 16 76 46 AE DC A4 E4 8F 2F D2 0B C1 78 A6 59 19 73
16 6D 06 F8 0A 22 DE 84 12 3D DA B0 E0 9E F5 2B FE 0A 39 4E
93 E7 84 29 74 63 E1 82 2F 38 D8 79 C9 31 BD A4 85 C3 2D 95
BA DD 37 AD 31 D1 78 A4 F5 76 36 9F 44 F8 E6 51 78 BB 19 1D
BC C7 6C B7 8C 47 73 51 34 29 E1 04 AF 3F 33 3E 67 C5 C2 35
92 F5 80 D0 F5 B5 ED BA 0F 7E 30 93 11 59 14 99 A2 80 F7 60
93 EE 75 8D 9F D3 43 01 A9 74 E2 13 75 2F 52 02 33 74 62 2E
9D 5C 32 1A F8 6A E7 EB 5A 6D 27 87 B9 58 35 8C 51
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 AD BD 35 F3 92 FB 9E 60 26 13 A8 F7 25 6E BC 78 FB 99 A0
92 96 C9 FE EE 58 7A 4E 1F 66 E1 07 21 1F 34 A4 40 88 F6 BA
23 F2 D3 01 F9 54 61 ED 23 AE A4 0A 02 0E B8 1E 69 73 9C 3F
3B C3 DA BD 44 83 E2 CF 35 1D 32 D9 0D 68 4C 3E E0 20 30 BA
3A 40 89 0E 9C 60 1F 37 D7 9F 36 3D D4 1E 50 95 5E C4 69 25
67 84 95 7F 62 66 97 DE AD AE 6B D5 7C 76 7C BF 34 D7 96 C6
97 90 A3 9F 63 C4 75 6A 43 94 7B C3 C3 3F A8 28 E2 BD 3D AF
31 25 E7 A7 F2 4C 71 9D 84 8B 1E CA 87 9F EE 0F DF 43 C8 AF
D7 56 05 A2 0B 54 10 2E 56 00 D1 15 63 3C 0F 0B ED C8 22 A4
76 BE 1C 9B AA BB 35 FE 1A 8A 43 B2 3B 66 7A 04 AE 2A FC CA
66 74 34 FD 89 A4 F7 8F B0 50 D3 C0 6F 9B 91 7E 51 B9 49 1F
26 4C CE 39 88 24 8F 7A AE 5E B0 19 F8 1A 83 8B F0 73 E2 DD
46 FF 49 FF A9 FC 1B 8D 70 C2 09 A1 60 E5 C7 DC AA
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 24 CC D4 A8 09 E4 9C D2 70 FF 1C 33 B1 F6 8A 4E DF CC 64 0A
Fingerprints :
SHA-256 Fingerprint: 41 89 A6 6E 05 67 46 3A 96 81 F6 86 62 B7 AB E7 55 52 7B 8F
41 A5 32 C8 2F BC 05 BE DA 3F 90 6B
SHA-1 Fingerprint: 25 D4 B8 D1 D1 05 10 C5 C9 A6 94 40 84 05 0C F2 13 81 81 23
MD5 Fingerprint: FF 48 D1 17 C4 B2 DD 12 53 9A 4D 2D BE 43 12 70
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDlzCCAn+gAwIBAgIETkqAATANBgkqhkiG9w0BAQsFADB8MQ4wDAYDVQQGEwVDSElOQTEQMA4GA1UECBMHQkVJSklORzEQMA4GA1UEBxMHQkVJSklORzEbMBkGA1UEChMSSDNDIFNlY0NlbnRlciBDU0FQMRswGQYDVQQLExJIM0MgU2VjQ2VudGVyIENTQVAxDDAKBgNVBAMTA0gzQzAeFw0yMTA1MjAwMTQ4MDdaFw0yNDA1MTkwMTQ4MDdaMHwxDjAMBgNVBAYTBUNISU5BMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRswGQYDVQQKExJIM0MgU2VjQ2VudGVyIENTQVAxGzAZBgNVBAsTEkgzQyBTZWNDZW50ZXIgQ1NBUDEMMAoGA1UEAxMDSDNDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNDJHpy+kjpbZaDHec6/Bm8W8ifRTytNcwT0xOZkOFIOW4tYN3KYsWf2qOdxC5chY6JaJvRj3XpzpbETsDa6bcdgOHxyXH1AvedR/NZf7w1T9v4Pvpgj1z3Y4MGWOpfXWTQnG+RTFnZGrtyk5I8v0gvBeKZZGXMWbQb4CiLehBI92rDgnvUr/go5TpPnhCl0Y+GCLzjYeckxvaSFwy2Vut03rTHReKT1djafRPjmUXi7GR28x2y3jEdzUTQp4QSvPzM+Z8XCNZL1gND1te26D34wkxFZFJmigPdgk+51jZ/TQwGpdOITdS9SAjN0Yi6dXDIa+Grn61ptJ4e5WDWMUQIDAQABoyEwHzAdBgNVHQ4EFgQUJMzUqAnknNJw/xwzsfaKTt/MZAowDQYJKoZIhvcNAQELBQADggEBAK29NfOS+55gJhOo9yVuvHj7maCSlsn+7lh6Th9m4QchHzSkQIj2uiPy0wH5VGHtI66kCgIOuB5pc5w/O8PavUSD4s81HTLZDWhMPuAgMLo6QIkOnGAfN9efNj3UHlCVXsRpJWeElX9iZpfera5r1Xx2fL8015bGl5Cjn2PEdWpDlHvDwz+oKOK9Pa8xJeen8kxxnYSLHsqHn+4P30PIr9dWBaILVBAuVgDRFWM8DwvtyCKkdr4cm6q7Nf4aikOyO2Z6BK4q/MpmdDT9iaT3j7BQ08Bvm5F+UblJHyZMzjmIJI96rl6wGfgag4vwc+LdRv9J/6n8G41wwgmhYOXH3Ko=
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10863","","","None","11.1.65.20","tcp","9091","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Issuer Name:
Country: CHINA
State/Province: BEIJING
Locality: BEIJING
Organization: H3C SecCenter CSAP
Organization Unit: H3C SecCenter CSAP
Common Name: H3C
Serial Number: 4E 4A 80 01
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: May 20 01:48:07 2021 GMT
Not Valid After: May 19 01:48:07 2024 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 C4 D0 C9 1E 9C BE 92 3A 5B 65 A0 C7 79 CE BF 06 6F 16 F2
27 D1 4F 2B 4D 73 04 F4 C4 E6 64 38 52 0E 5B 8B 58 37 72 98
B1 67 F6 A8 E7 71 0B 97 21 63 A2 5A 26 F4 63 DD 7A 73 A5 B1
13 B0 36 BA 6D C7 60 38 7C 72 5C 7D 40 BD E7 51 FC D6 5F EF
0D 53 F6 FE 0F BE 98 23 D7 3D D8 E0 C1 96 3A 97 D7 59 34 27
1B E4 53 16 76 46 AE DC A4 E4 8F 2F D2 0B C1 78 A6 59 19 73
16 6D 06 F8 0A 22 DE 84 12 3D DA B0 E0 9E F5 2B FE 0A 39 4E
93 E7 84 29 74 63 E1 82 2F 38 D8 79 C9 31 BD A4 85 C3 2D 95
BA DD 37 AD 31 D1 78 A4 F5 76 36 9F 44 F8 E6 51 78 BB 19 1D
BC C7 6C B7 8C 47 73 51 34 29 E1 04 AF 3F 33 3E 67 C5 C2 35
92 F5 80 D0 F5 B5 ED BA 0F 7E 30 93 11 59 14 99 A2 80 F7 60
93 EE 75 8D 9F D3 43 01 A9 74 E2 13 75 2F 52 02 33 74 62 2E
9D 5C 32 1A F8 6A E7 EB 5A 6D 27 87 B9 58 35 8C 51
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 AD BD 35 F3 92 FB 9E 60 26 13 A8 F7 25 6E BC 78 FB 99 A0
92 96 C9 FE EE 58 7A 4E 1F 66 E1 07 21 1F 34 A4 40 88 F6 BA
23 F2 D3 01 F9 54 61 ED 23 AE A4 0A 02 0E B8 1E 69 73 9C 3F
3B C3 DA BD 44 83 E2 CF 35 1D 32 D9 0D 68 4C 3E E0 20 30 BA
3A 40 89 0E 9C 60 1F 37 D7 9F 36 3D D4 1E 50 95 5E C4 69 25
67 84 95 7F 62 66 97 DE AD AE 6B D5 7C 76 7C BF 34 D7 96 C6
97 90 A3 9F 63 C4 75 6A 43 94 7B C3 C3 3F A8 28 E2 BD 3D AF
31 25 E7 A7 F2 4C 71 9D 84 8B 1E CA 87 9F EE 0F DF 43 C8 AF
D7 56 05 A2 0B 54 10 2E 56 00 D1 15 63 3C 0F 0B ED C8 22 A4
76 BE 1C 9B AA BB 35 FE 1A 8A 43 B2 3B 66 7A 04 AE 2A FC CA
66 74 34 FD 89 A4 F7 8F B0 50 D3 C0 6F 9B 91 7E 51 B9 49 1F
26 4C CE 39 88 24 8F 7A AE 5E B0 19 F8 1A 83 8B F0 73 E2 DD
46 FF 49 FF A9 FC 1B 8D 70 C2 09 A1 60 E5 C7 DC AA
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 24 CC D4 A8 09 E4 9C D2 70 FF 1C 33 B1 F6 8A 4E DF CC 64 0A
Fingerprints :
SHA-256 Fingerprint: 41 89 A6 6E 05 67 46 3A 96 81 F6 86 62 B7 AB E7 55 52 7B 8F
41 A5 32 C8 2F BC 05 BE DA 3F 90 6B
SHA-1 Fingerprint: 25 D4 B8 D1 D1 05 10 C5 C9 A6 94 40 84 05 0C F2 13 81 81 23
MD5 Fingerprint: FF 48 D1 17 C4 B2 DD 12 53 9A 4D 2D BE 43 12 70
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDlzCCAn+gAwIBAgIETkqAATANBgkqhkiG9w0BAQsFADB8MQ4wDAYDVQQGEwVDSElOQTEQMA4GA1UECBMHQkVJSklORzEQMA4GA1UEBxMHQkVJSklORzEbMBkGA1UEChMSSDNDIFNlY0NlbnRlciBDU0FQMRswGQYDVQQLExJIM0MgU2VjQ2VudGVyIENTQVAxDDAKBgNVBAMTA0gzQzAeFw0yMTA1MjAwMTQ4MDdaFw0yNDA1MTkwMTQ4MDdaMHwxDjAMBgNVBAYTBUNISU5BMRAwDgYDVQQIEwdCRUlKSU5HMRAwDgYDVQQHEwdCRUlKSU5HMRswGQYDVQQKExJIM0MgU2VjQ2VudGVyIENTQVAxGzAZBgNVBAsTEkgzQyBTZWNDZW50ZXIgQ1NBUDEMMAoGA1UEAxMDSDNDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNDJHpy+kjpbZaDHec6/Bm8W8ifRTytNcwT0xOZkOFIOW4tYN3KYsWf2qOdxC5chY6JaJvRj3XpzpbETsDa6bcdgOHxyXH1AvedR/NZf7w1T9v4Pvpgj1z3Y4MGWOpfXWTQnG+RTFnZGrtyk5I8v0gvBeKZZGXMWbQb4CiLehBI92rDgnvUr/go5TpPnhCl0Y+GCLzjYeckxvaSFwy2Vut03rTHReKT1djafRPjmUXi7GR28x2y3jEdzUTQp4QSvPzM+Z8XCNZL1gND1te26D34wkxFZFJmigPdgk+51jZ/TQwGpdOITdS9SAjN0Yi6dXDIa+Grn61ptJ4e5WDWMUQIDAQABoyEwHzAdBgNVHQ4EFgQUJMzUqAnknNJw/xwzsfaKTt/MZAowDQYJKoZIhvcNAQELBQADggEBAK29NfOS+55gJhOo9yVuvHj7maCSlsn+7lh6Th9m4QchHzSkQIj2uiPy0wH5VGHtI66kCgIOuB5pc5w/O8PavUSD4s81HTLZDWhMPuAgMLo6QIkOnGAfN9efNj3UHlCVXsRpJWeElX9iZpfera5r1Xx2fL8015bGl5Cjn2PEdWpDlHvDwz+oKOK9Pa8xJeen8kxxnYSLHsqHn+4P30PIr9dWBaILVBAuVgDRFWM8DwvtyCKkdr4cm6q7Nf4aikOyO2Z6BK4q/MpmdDT9iaT3j7BQ08Bvm5F+UblJHyZMzjmIJI96rl6wGfgag4vwc+LdRv9J/6n8G41wwgmhYOXH3Ko=
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"11219","","","None","11.1.65.20","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","8901","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 8901/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","8999","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 8999/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","9001","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 9001/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","9002","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 9002/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","9090","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 9090/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","9091","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 9091/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.20","tcp","9990","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 9990/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"15901","","5.0","Medium","11.1.65.20","tcp","443","SSL Certificate Expiry","The remote server's SSL certificate has already expired.","This plugin checks expiry dates of certificates associated with SSL-
enabled services on the target and reports whether any have already
expired.","Purchase or generate a new SSL certificate to replace the existing
one.","","
The SSL certificate has already expired :
Subject : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Issuer : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Not valid before : May 20 01:48:07 2021 GMT
Not valid after : May 19 01:48:07 2024 GMT
","","5.3","","","Medium","","","","2004/12/03","2021/02/03","","",""
"15901","","5.0","Medium","11.1.65.20","tcp","8901","SSL Certificate Expiry","The remote server's SSL certificate has already expired.","This plugin checks expiry dates of certificates associated with SSL-
enabled services on the target and reports whether any have already
expired.","Purchase or generate a new SSL certificate to replace the existing
one.","","
The SSL certificate has already expired :
Subject : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Issuer : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Not valid before : May 20 01:48:07 2021 GMT
Not valid after : May 19 01:48:07 2024 GMT
","","5.3","","","Medium","","","","2004/12/03","2021/02/03","","",""
"15901","","5.0","Medium","11.1.65.20","tcp","9090","SSL Certificate Expiry","The remote server's SSL certificate has already expired.","This plugin checks expiry dates of certificates associated with SSL-
enabled services on the target and reports whether any have already
expired.","Purchase or generate a new SSL certificate to replace the existing
one.","","
The SSL certificate has already expired :
Subject : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Issuer : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Not valid before : May 20 01:48:07 2021 GMT
Not valid after : May 19 01:48:07 2024 GMT
","","5.3","","","Medium","","","","2004/12/03","2021/02/03","","",""
"15901","","5.0","Medium","11.1.65.20","tcp","9091","SSL Certificate Expiry","The remote server's SSL certificate has already expired.","This plugin checks expiry dates of certificates associated with SSL-
enabled services on the target and reports whether any have already
expired.","Purchase or generate a new SSL certificate to replace the existing
one.","","
The SSL certificate has already expired :
Subject : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Issuer : C=CHINA, ST=BEIJING, L=BEIJING, O=H3C SecCenter CSAP, OU=H3C SecCenter CSAP, CN=H3C
Not valid before : May 20 01:48:07 2021 GMT
Not valid after : May 19 01:48:07 2024 GMT
","","5.3","","","Medium","","","","2004/12/03","2021/02/03","","",""
"21643","","","None","11.1.65.20","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"21643","","","None","11.1.65.20","tcp","8901","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"21643","","","None","11.1.65.20","tcp","9002","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"21643","","","None","11.1.65.20","tcp","9090","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"21643","","","None","11.1.65.20","tcp","9091","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
SSL Version : TLSv11
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
SSL Version : TLSv1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.20","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","8901","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","8901","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","8999","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9002","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9002","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9090","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9090","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9091","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9091","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.20","tcp","9990","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.20","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 200 OK
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:09 GMT
Content-Type: text/html
Content-Length: 1645
Last-Modified: Thu, 29 Jun 2023 07:06:05 GMT
Connection: keep-alive
ETag: ""649d2d5d-66d""
Accept-Ranges: bytes
Response Body :
<!DOCTYPE html>
<html lang=""en"">
<head>
<meta charset=""UTF-8"" />
<link rel=""icon"" href=""/favicon.ico"" />
<meta name=""viewport"" content=""width=device-width, initial-scale=1.0"" />
<script src=""./ipconfig.js""></script>
<title>北望</title>
<script type=""module"" crossorigin src=""./assets/index.c87ba758.js""></script>
<link rel=""stylesheet"" href=""./assets/index.0f4d8614.css"">
<script type=""module"">try{import(""_"").catch(()=>1);}catch(e){}window.__vite_is_dynamic_import_support=true;</script>
<script type=""module"">!function(){if(window.__vite_is_dynamic_import_support)return;console.warn(""vite: loading legacy build because dynamic import is unsupported, syntax error above should be ignored"");var e=document.getElementById(""vite-legacy-polyfill""),n=document.createElement(""script"");n.src=e.src,n.onload=function(){System.import(document.getElementById('vite-legacy-entry').getAttribute('data-src'))},document.body.appendChild(n)}();</script>
</head>
<body>
<div id=""app""></div>
<script nomodule>!function(){var e=document,t=e.createElement(""script"");if(!(""noModule""in t)&&""onbeforeload""in t){var n=!1;e.addEventListener(""beforeload"",(function(e){if(e.target===t)n=!0;else if(!e.target.hasAttribute(""nomodule"")||!n)return;e.preventDefault()}),!0),t.type=""module"",t.src=""."",e.head.appendChild(t),t.remove()}}();</script>
<script nomodule id=""vite-legacy-polyfill"" src=""./assets/polyfills-legacy.9defa0b1.js""></script>
<script nomodule id=""vite-legacy-entry"" data-src=""./assets/index-legacy.771b4edd.js"">System.import(document.getElementById('vite-legacy-entry').getAttribute('data-src'))</script>
</body>
</html>","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","8901","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 307 Temporary Redirect
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 59
Connection: keep-alive
Location: http://11.1.65.20:25003
Vary: Origin
Response Body :
<a href=""http://11.1.65.20:25003"">Temporary Redirect</a>.
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","8999","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 404 Not Found
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:09 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 57
Connection: keep-alive
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","9002","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 403 Forbidden
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Content-Type: text/plain; charset=UTF-8
Response Body :
Failure: 403 Forbidden","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","9090","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 200 OK
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:08 GMT
Content-Type: text/html
Content-Length: 1096
Connection: keep-alive
Last-Modified: Tue, 28 Dec 2021 01:52:11 GMT
ETag: ""61ca6dcb-448""
Expires: Thu, 27 Feb 2025 16:11:19 GMT
Cache-Control: no-cache
Accept-Ranges: bytes
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Response Body :
<!DOCTYPE html><html lang=cn><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content=""IE=edge""><meta name=viewport content=""width=device-width,initial-scale=1""><meta http-equiv=pragma content=no-cache><meta http-equiv=content-type content=""no-cache, must-revalidate""><link rel=icon href=../favicon.ico><title>安全知识大脑深度威胁检测平台</title><link href=../css/name.8c1fe428.css rel=prefetch><link href=../js/name.47c60c19.js rel=prefetch><link href=../css/app.3739875f.css rel=preload as=style><link href=../css/chunk-vendors.53794358.css rel=preload as=style><link href=../js/app.7a055239.js rel=preload as=script><link href=../js/chunk-vendors.85b51cb3.js rel=preload as=script><link href=../css/chunk-vendors.53794358.css rel=stylesheet><link href=../css/app.3739875f.css rel=stylesheet></head><body><noscript><strong>We're sorry but dtd doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id=app></div><script src=../js/chunk-vendors.85b51cb3.js></script><script src=../js/app.7a055239.js></script></body></html>","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","9091","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 200
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:09 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: rememberMe=deleteMe; Path=/; Max-Age=0; Expires=Wed, 26-Feb-2025 16:10:42 GMT; SameSite=lax
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Response Body :
<script language='javascript'>if (window != top){top.location.href = '/toLogin?forceLogout=1';}else{window.location.href = '/toLogin?forceLogout=1';}</script>","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.20","tcp","9990","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 404
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:23:08 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"32318","","","None","11.1.65.20","tcp","8901","Web Site Cross-Domain Policy File Detection","The remote web server contains a 'crossdomain.xml' file.","The remote web server contains a cross-domain policy file. This is a
simple XML file used by Adobe's Flash Player to allow access to data
that resides outside the exact web domain from which a Flash movie
file originated.","Review the contents of the policy file carefully. Improper policies,
especially an unrestricted one with just '*', could allow for cross-
site request forgery and cross-site scripting attacks against the web
server.","http://www.nessus.org/u?8a58aa76
http://kb2.adobe.com/cps/142/tn_14213.html
http://www.nessus.org/u?74a6a9a5
http://www.nessus.org/u?acb70df2","
Nessus was able to obtain a cross-domain policy file from the remote
host using the following URL :
https://11.1.65.20:8901/crossdomain.xml
","","","","","None","","","","2008/05/15","2022/04/11","","",""
"39520","","","None","11.1.65.20","tcp","22","Backported Security Patch Detection (SSH)","Security patches are backported.","Security patches may have been 'backported' to the remote SSH server
without changing its version number.
Banner-based checks have been disabled to avoid false positives.
Note that this test is informational only and does not denote any
security problem.","n/a","https://access.redhat.com/security/updates/backporting/?sc_cid=3093","
Give Nessus credentials to perform local checks.
","","","","","None","","","","2009/06/25","2015/07/07","","",""
"42822","","","None","11.1.65.20","tcp","9090","Strict Transport Security (STS) Detection","The remote web server implements Strict Transport Security.","The remote web server implements Strict Transport Security (STS).
The goal of STS is to make sure that a user does not accidentally
downgrade the security of his or her browser.
All unencrypted HTTP connections are redirected to HTTPS. The browser
is expected to treat all cookies as 'secure' and to close the
connection in the event of potentially insecure situations.","n/a","http://www.nessus.org/u?2fb3aca6","
The STS header line is :
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
","","","","","None","","","","2009/11/16","2019/11/22","","",""
"42822","","","None","11.1.65.20","tcp","9091","Strict Transport Security (STS) Detection","The remote web server implements Strict Transport Security.","The remote web server implements Strict Transport Security (STS).
The goal of STS is to make sure that a user does not accidentally
downgrade the security of his or her browser.
All unencrypted HTTP connections are redirected to HTTPS. The browser
is expected to treat all cookies as 'secure' and to close the
connection in the event of potentially insecure situations.","n/a","http://www.nessus.org/u?2fb3aca6","
The STS header line is :
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
","","","","","None","","","","2009/11/16","2019/11/22","","",""
"45590","","","None","11.1.65.20","tcp","0","Common Platform Enumeration (CPE)","It was possible to enumerate CPE names that matched on the remote
system.","By using information obtained from a Nessus scan, this plugin reports
CPE (Common Platform Enumeration) matches for various hardware and
software products found on a host.
Note that if an official CPE is not available for the product, this
plugin computes the best possible CPE based on the information
available from the scan.","n/a","http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe","
Following application CPE's matched on the remote system :
cpe:/a:apache:shiro -> Apache Software Foundation Shiro
cpe:/a:openbsd:openssh:9.6 -> OpenBSD OpenSSH
cpe:/a:pivotal_software:redis -> Piviotal Software Redis
","","","","","None","","","","2010/04/21","2024/11/22","","",""
"50845","","","None","11.1.65.20","tcp","9091","OpenSSL Detection","The remote service appears to use OpenSSL to encrypt traffic.","Based on its response to a TLS request with a specially crafted
server name extension, it seems that the remote service is using the
OpenSSL library to encrypt traffic.
Note that this plugin can only detect OpenSSL implementations that
have enabled support for TLS extensions (RFC 4366).","n/a","https://www.openssl.org/","","","","","","None","","","","2010/11/30","2020/06/12","","",""
"51192","","6.4","Medium","11.1.65.20","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was part of the certificate chain
sent by the remote host, but it has expired :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Not After : May 19 01:48:07 2024 GMT
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Issuer : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"51192","","6.4","Medium","11.1.65.20","tcp","8901","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was part of the certificate chain
sent by the remote host, but it has expired :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Not After : May 19 01:48:07 2024 GMT
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Issuer : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"51192","","6.4","Medium","11.1.65.20","tcp","9002","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=86/ST=Anhui/L=Hefei/O=H3C/OU=H3C/CN=cyber
|-Issuer : C=86/ST=Anhui/L=Hefei/O=H3C/OU=H3C/CN=cyber
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"51192","","6.4","Medium","11.1.65.20","tcp","9090","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was part of the certificate chain
sent by the remote host, but it has expired :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Not After : May 19 01:48:07 2024 GMT
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Issuer : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"51192","","6.4","Medium","11.1.65.20","tcp","9091","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was part of the certificate chain
sent by the remote host, but it has expired :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Not After : May 19 01:48:07 2024 GMT
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
|-Issuer : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.20","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"56984","","","None","11.1.65.20","tcp","8901","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"56984","","","None","11.1.65.20","tcp","9002","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"56984","","","None","11.1.65.20","tcp","9090","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"56984","","","None","11.1.65.20","tcp","9091","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.0/TLSv1.1/TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.20","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57041","","","None","11.1.65.20","tcp","8901","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57041","","","None","11.1.65.20","tcp","9002","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57041","","","None","11.1.65.20","tcp","9090","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57041","","","None","11.1.65.20","tcp","9091","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.20","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"57582","","6.4","Medium","11.1.65.20","tcp","8901","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"57582","","6.4","Medium","11.1.65.20","tcp","9002","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=86/ST=Anhui/L=Hefei/O=H3C/OU=H3C/CN=cyber
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"57582","","6.4","Medium","11.1.65.20","tcp","9090","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"57582","","6.4","Medium","11.1.65.20","tcp","9091","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=CHINA/ST=BEIJING/L=BEIJING/O=H3C SecCenter CSAP/OU=H3C SecCenter CSAP/CN=H3C
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"70544","","","None","11.1.65.20","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"70544","","","None","11.1.65.20","tcp","8901","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"70544","","","None","11.1.65.20","tcp","9090","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"70544","","","None","11.1.65.20","tcp","9091","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"84502","","","None","11.1.65.20","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 27 Feb 2025 16:22:50 GMT
Content-Type: text/html
Content-Length: 1645
Last-Modified: Thu, 29 Jun 2023 07:06:05 GMT
Connection: close
ETag: ""649d2d5d-66d""
Accept-Ranges: bytes
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84502","","","None","11.1.65.20","tcp","8901","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Thu, 27 Feb 2025 16:22:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 59
Connection: close
Location: http://11.1.65.20:25003
Vary: Origin
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84502","","","None","11.1.65.20","tcp","9002","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 403 Forbidden
Content-Type: text/plain; charset=UTF-8
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84821","","","None","11.1.65.20","tcp","443","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"84821","","","None","11.1.65.20","tcp","8901","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"84821","","","None","11.1.65.20","tcp","9090","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"100635","","","None","11.1.65.20","tcp","6379","Redis Server Detection","A document-oriented database system is running on the remote host.","Redis, a document-oriented database system, is running on the remote
host.","n/a","https://redis.io","
Version : unknown
","","","","","None","","","","2017/06/06","2024/11/22","","",""
"100669","","","None","11.1.65.20","tcp","443","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","8901","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","8999","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","9002","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","9090","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","9091","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"100669","","","None","11.1.65.20","tcp","9990","Web Application Cookies Are Expired","HTTP cookies have an 'Expires' attribute that is set with a past date
or time.","The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.","Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.","https://tools.ietf.org/html/rfc6265","
The following cookie is expired :
Name : rememberMe
Path : /
Value : deleteMe
Domain :
Version : 1
Expires : Wed, 26-Feb-2025 16:10:25 GMT
Comment :
Secure : 0
Httponly : 0
Port :
","","","","","None","","","","2017/06/07","2021/12/20","","",""
"104743","","6.1","Medium","11.1.65.20","tcp","9091","TLS Version 1.0 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a
number of cryptographic design flaws. Modern implementations of TLS 1.0
mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are
designed against these flaws and should be used whenever possible.
As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30,
2018, except for POS POI terminals (and the SSL/TLS termination
points to which they connect) that can be verified as not being
susceptible to any known exploits.","Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00","TLSv1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2017/11/22","2023/04/19","","",""
"121010","","","None","11.1.65.20","tcp","9091","TLS Version 1.1 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1.
TLS 1.1 lacks support for current and recommended cipher suites.
Ciphers that support encryption before MAC computation, and
authenticated encryption modes such as GCM cannot be used with
TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","","","","None","","CWE:327","","2019/01/08","2023/04/19","","",""
"136318","","","None","11.1.65.20","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"136318","","","None","11.1.65.20","tcp","8901","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"136318","","","None","11.1.65.20","tcp","9002","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"136318","","","None","11.1.65.20","tcp","9090","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"136318","","","None","11.1.65.20","tcp","9091","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"149334","","","None","11.1.65.20","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.20","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"156899","","","None","11.1.65.20","tcp","8901","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"156899","","","None","11.1.65.20","tcp","9090","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"156899","","","None","11.1.65.20","tcp","9091","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"157288","","6.1","Medium","11.1.65.20","tcp","9091","TLS Version 1.1 Deprecated Protocol","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended
cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM
cannot be used with TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major
web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://datatracker.ietf.org/doc/html/rfc8996
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2022/04/04","2024/05/14","","",""
"159843","","","None","11.1.65.20","tcp","9091","Apache Shiro HTTP Detection","Apache Shiro was detected on the remote host.","Apache Shiro was detected on the remote host.","n/a","https://shiro.apache.org/","
URL : https://11.1.65.20:9091/
Version : unknown
","","","","","None","","","","2022/04/18","2024/11/22","","",""
"181418","","","None","11.1.65.20","tcp","22","OpenSSH Detection","An OpenSSH-based SSH server was detected on the remote host.","An OpenSSH-based SSH server was detected on the remote host.","n/a","https://www.openssh.com/","
Service : ssh
Version : 9.6
Banner : SSH-2.0-OpenSSH_9.6
","","","","","None","","","","2023/09/14","2024/12/18","","",""
"185519","","","None","11.1.65.20","udp","161","SNMP Server Detection","An SNMP server is listening on the remote host.","The remote service is an SNMP agent which provides management data about the device.","Disable this service if it is not needed or restrict access to
internal hosts only if the service is available externally.","https://en.wikipedia.org/wiki/Simple_Network_Management_Protocol","Nessus detected the following SNMP versions:
- SNMPv3
","","","","","None","","","","2023/11/14","2023/11/14","","",""
"10092","","","None","11.1.65.21","tcp","21","FTP Server Detection","An FTP server is listening on a remote port.","It is possible to obtain the banner of the remote FTP server by
connecting to a remote port.","n/a","","
The remote FTP banner is :
220 FTP service ready.
","","","","","None","","IAVT:0001-T-0030;IAVT:0001-T-0943","","1999/10/12","2023/08/17","","",""
"10107","","","None","11.1.65.21","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.21","tcp","443","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.21","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Comware-7.1.064
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.21","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.21 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10863","","","None","11.1.65.21","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Common Name: HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
Issuer Name:
Common Name: HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
Serial Number: 00
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Apr 07 09:44:11 2022 GMT
Not Valid After: Apr 02 09:44:11 2042 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 1024 bits
Public Key: 00 A4 B5 1E FD FB E9 49 F6 11 D8 86 54 D0 61 EB BE 49 2D 08
05 17 BF B8 13 5B F3 27 1F 90 ED B6 37 3E 74 FD CA C4 FA 39
C4 FD 53 AB EA 5A E4 20 EA B2 05 02 ED 89 D2 5C 73 00 20 E0
11 5B DF DF 68 6A F0 FE 45 1D 7E E9 C7 58 DA A6 61 54 3E 6E
E4 7E D2 63 05 05 52 E5 BA 13 5D 84 43 0E 33 B9 45 14 30 69
0A 81 7F B8 AD 08 54 F7 E0 A3 29 FF 90 AC 9A A7 A4 31 46 AA
02 2A DB F1 3B 7F D6 1D 4D
Exponent: 01 00 01
Signature Length: 128 bytes / 1024 bits
Signature: 00 08 7D B5 4A D6 0D A8 AA 06 C4 FE C2 C7 B1 D5 B6 33 09 36
D3 58 59 38 8D 69 E7 93 36 76 BB ED C5 9C 5F 96 FE F4 79 3A
F0 DA 70 18 DF 24 50 45 85 97 4A C9 89 F9 E6 33 EA DE B7 9B
44 AE 0D E8 5D 0B B9 DF 98 D8 72 A6 E2 B5 EF 76 DD 75 7F 51
6D AB A9 E3 99 E1 12 CB F0 BE D6 C7 00 F7 07 97 D1 C1 03 1E
68 83 E7 34 D9 37 19 1F 09 AC 90 6B 1B 57 3F 12 CE 18 E0 2B
D8 84 CD E1 0B 27 55 92 4F
Extension: Basic Constraints (2.5.29.19)
Critical: 0
Fingerprints :
SHA-256 Fingerprint: ED A8 78 76 B2 E4 DB 99 AF E1 39 A7 77 B1 BB E9 21 F1 A8 FF
79 35 EF 43 06 5F 9D D5 A3 4E 3F B5
SHA-1 Fingerprint: 4D 2E 3D A0 9D 72 E7 29 E4 04 85 29 4E CE 91 70 E0 26 9C C3
MD5 Fingerprint: CD 47 71 CB FB 32 D6 20 02 8F 72 1B EE 87 25 29
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIB9TCCAV6gAwIBAgIBADANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5IVFRQUy1TZWxmLVNpZ25lZC1DZXJ0aWZpY2F0ZS1iYmEwYmIyZTUyNTRmZTZmMB4XDTIyMDQwNzA5NDQxMVoXDTQyMDQwMjA5NDQxMVowOTE3MDUGA1UEAxMuSFRUUFMtU2VsZi1TaWduZWQtQ2VydGlmaWNhdGUtYmJhMGJiMmU1MjU0ZmU2ZjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApLUe/fvpSfYR2IZU0GHrvkktCAUXv7gTW/MnH5Dttjc+dP3KxPo5xP1Tq+pa5CDqsgUC7YnSXHMAIOARW9/faGrw/kUdfunHWNqmYVQ+buR+0mMFBVLluhNdhEMOM7lFFDBpCoF/uK0IVPfgoyn/kKyap6QxRqoCKtvxO3/WHU0CAwEAAaMNMAswCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOBgQAIfbVK1g2oqgbE/sLHsdW2Mwk201hZOI1p55M2drvtxZxflv70eTrw2nAY3yRQRYWXSsmJ+eYz6t63m0SuDehdC7nfmNhypuK173bddX9Rbaup45nhEsvwvtbHAPcHl9HBAx5og+c02TcZHwmskGsbVz8SzhjgK9iEzeELJ1WSTw==
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10881","","","None","11.1.65.21","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"11219","","","None","11.1.65.21","tcp","21","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 21/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.21","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.21","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.21","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11936","","","None","11.1.65.21","tcp","0","OS Identification","It is possible to guess the remote operating system.","Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP,
SNMP, etc.), it is possible to guess the name of the remote operating
system in use. It is also possible sometimes to guess the version of
the operating system.","n/a","","
Remote operating system : HP Switch
Confidence level : 85
Method : SSH
The remote host is running HP Switch","","","","","None","","","","2003/12/09","2024/10/14","","",""
"21643","","","None","11.1.65.21","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
SSL Version : TLSv11
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
SSL Version : TLSv1
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.21","tcp","21","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An FTP server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.21","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.21","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.21","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.21","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.21","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Thu, 27 Feb 2025 16:25:33 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.21","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Thu, 27 Feb 2025 16:25:41 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"26928","","4.3","Medium","11.1.65.21","tcp","443","SSL Weak Cipher Suites Supported","The remote service supports the use of weak SSL ciphers.","The remote host supports the use of SSL ciphers that offer weak
encryption.
Note: This is considerably easier to exploit if the attacker is on the
same physical network.","Reconfigure the affected application, if possible to avoid the use of
weak ciphers.","http://www.nessus.org/u?6527892d","
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","5.3","","","Medium","","CWE:326;CWE:327;CWE:720;CWE:753;CWE:803;CWE:928;CWE:934","","2007/10/08","2021/02/03","","",""
"42149","","","None","11.1.65.21","tcp","21","FTP Service AUTH TLS Command Support","The remote directory service supports encrypting traffic.","The remote FTP service supports the use of the 'AUTH TLS' command to
switch from a cleartext to an encrypted communications channel.","n/a","https://en.wikipedia.org/wiki/STARTTLS
https://tools.ietf.org/html/rfc4217","
The remote FTP service responded to the 'AUTH TLS' command with a
'234' response code, suggesting that it supports that command. However,
Nessus failed to negotiate a TLS connection or get the associated SSL
certificate, perhaps because of a network connectivity problem or the
service requires a peer certificate as part of the negotiation.","","","","","None","","","","2009/10/15","2024/01/16","","",""
"42873","CVE-2016-2183","5.0","Medium","11.1.65.21","tcp","443","SSL Medium Strength Cipher Suites Supported (SWEET32)","The remote service supports the use of medium strength SSL ciphers.","The remote host supports the use of SSL ciphers that offer medium
strength encryption. Nessus regards medium strength as any encryption
that uses key lengths at least 64 bits and less than 112 bits, or
else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength
encryption if the attacker is on the same physical network.","Reconfigure the affected application if possible to avoid use of
medium strength ciphers.","https://www.openssl.org/blog/blog/2016/08/24/sweet32/
https://sweet32.info","
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","7.5","","","Medium","","","","2009/11/23","2021/02/03","","",""
"50845","","","None","11.1.65.21","tcp","443","OpenSSL Detection","The remote service appears to use OpenSSL to encrypt traffic.","Based on its response to a TLS request with a specially crafted
server name extension, it seems that the remote service is using the
OpenSSL library to encrypt traffic.
Note that this plugin can only detect OpenSSL implementations that
have enabled support for TLS extensions (RFC 4366).","n/a","https://www.openssl.org/","","","","","","None","","","","2010/11/30","2020/06/12","","",""
"51192","","6.4","Medium","11.1.65.21","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : CN=HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
|-Issuer : CN=HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"54615","","","None","11.1.65.21","tcp","0","Device Type","It is possible to guess the remote device type.","Based on the remote operating system, it is possible to determine
what the remote system type is (eg: a printer, router, general-purpose
computer, etc).","n/a","","Remote device type : switch
Confidence level : 85
","","","","","None","","","","2011/05/23","2022/09/09","","",""
"56984","","","None","11.1.65.21","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.0/TLSv1.1/TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.21","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.21","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : CN=HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"65821","CVE-2013-2566","4.3","Medium","11.1.65.21","tcp","443","SSL RC4 Cipher Suites Supported (Bar Mitzvah)","The remote service supports the use of the RC4 cipher.","The remote host supports the use of RC4 in one or more cipher suites.
The RC4 cipher is flawed in its generation of a pseudo-random stream
of bytes so that a wide variety of small biases are introduced into
the stream, decreasing its randomness.
If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an
attacker is able to obtain many (i.e., tens of millions) ciphertexts,
the attacker may be able to derive the plaintext.","Reconfigure the affected application, if possible, to avoid use of RC4
ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser
and web server support.","https://www.rc4nomore.com/
http://www.nessus.org/u?ac7327a0
http://cr.yp.to/talks/2013.03.12/slides.pdf
http://www.isg.rhul.ac.uk/tls/
https://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf","
List of RC4 cipher suites supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","5.9","3.7","5.4","Medium","58796;73684","","","2013/04/05","2021/02/03","","",""
"65821","CVE-2015-2808","4.3","Medium","11.1.65.21","tcp","443","SSL RC4 Cipher Suites Supported (Bar Mitzvah)","The remote service supports the use of the RC4 cipher.","The remote host supports the use of RC4 in one or more cipher suites.
The RC4 cipher is flawed in its generation of a pseudo-random stream
of bytes so that a wide variety of small biases are introduced into
the stream, decreasing its randomness.
If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an
attacker is able to obtain many (i.e., tens of millions) ciphertexts,
the attacker may be able to derive the plaintext.","Reconfigure the affected application, if possible, to avoid use of RC4
ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser
and web server support.","https://www.rc4nomore.com/
http://www.nessus.org/u?ac7327a0
http://cr.yp.to/talks/2013.03.12/slides.pdf
http://www.isg.rhul.ac.uk/tls/
https://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf","
List of RC4 cipher suites supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","5.9","3.7","5.4","Medium","58796;73684","","","2013/04/05","2021/02/03","","",""
"69551","","","Low","11.1.65.21","tcp","443","SSL Certificate Chain Contains RSA Keys Less Than 2048 bits","The X.509 certificate chain used by this service contains certificates
with RSA keys shorter than 2048 bits.","At least one of the X.509 certificates sent by the remote host has a
key that is shorter than 2048 bits. According to industry standards
set by the Certification Authority/Browser (CA/B) Forum, certificates
issued after January 1, 2014 must be at least 2048 bits.
Some browser SSL implementations may reject keys less than 2048 bits
after January 1, 2014. Additionally, some SSL certificate vendors may
revoke certificates less than 2048 bits before January 1, 2014.
Note that Nessus will not flag root certificates with RSA keys less
than 2048 bits if they were issued prior to December 31, 2010, as the
standard considers them exempt.","Replace the certificate in the chain with the RSA key less than 2048
bits in length with a longer key, and reissue any certificates signed
by the old certificate.","https://www.cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf","
The following certificates were part of the certificate chain
sent by the remote host, but contain RSA keys that are considered
to be weak :
|-Subject : CN=HTTPS-Self-Signed-Certificate-bba0bb2e5254fe6f
|-RSA Key Length : 1024 bits
","","","","","Low","","","","2013/09/03","2018/11/15","","",""
"70544","","","None","11.1.65.21","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"81606","CVE-2015-0204","4.3","Medium","11.1.65.21","tcp","443","SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK)","The remote host supports a set of weak ciphers.","The remote host supports EXPORT_RSA cipher suites with keys less than
or equal to 512 bits. An attacker can factor a 512-bit RSA modulus in
a short amount of time.
A man-in-the middle attacker may be able to downgrade the session to
use EXPORT_RSA cipher suites (e.g. CVE-2015-0204). Thus, it is
recommended to remove support for weak cipher suites.","Reconfigure the service to remove support for EXPORT_RSA cipher
suites.","https://www.smacktls.com/#freak
https://www.openssl.org/news/secadv/20150108.txt
http://www.nessus.org/u?b78da2c4","
EXPORT_RSA cipher suites supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","3.2","","Medium","71936","CERT:243585","","2015/03/04","2021/02/03","","",""
"83875","CVE-2015-4000","2.6","Low","11.1.65.21","tcp","443","SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)","The remote host allows SSL/TLS connections with one or more
Diffie-Hellman moduli less than or equal to 1024 bits.","The remote host allows SSL/TLS connections with one or more
Diffie-Hellman moduli less than or equal to 1024 bits. Through
cryptanalysis, a third party may be able to find the shared secret in
a short amount of time (depending on modulus size and attacker
resources). This may allow an attacker to recover the plaintext or
potentially violate the integrity of connections.","Reconfigure the service to use a unique Diffie-Hellman moduli of 2048
bits or greater.","https://weakdh.org/","
Vulnerable connection combinations :
SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.1
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA
Diffie-Hellman MODP size (bits) : 1024
Warning - This is a known static Oakley Group2 modulus. This may make
the remote host more vulnerable to the Logjam attack.
Logjam attack difficulty : Hard (would require nation-state resources)
","","3.7","1.9","3.2","Low","74733","CEA-ID:CEA-2021-0004","","2015/05/28","2024/09/11","","",""
"84502","","","None","11.1.65.21","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 301 Moved Permanently
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Thu, 27 Feb 2025 16:24:56 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"104743","","6.1","Medium","11.1.65.21","tcp","443","TLS Version 1.0 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a
number of cryptographic design flaws. Modern implementations of TLS 1.0
mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are
designed against these flaws and should be used whenever possible.
As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30,
2018, except for POS POI terminals (and the SSL/TLS termination
points to which they connect) that can be verified as not being
susceptible to any known exploits.","Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00","TLSv1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2017/11/22","2023/04/19","","",""
"110723","","","None","11.1.65.21","tcp","0","Target Credential Status by Authentication Protocol - No Credentials Provided","Nessus was able to find common ports used for local checks,
however, no credentials were provided in the scan policy.","Nessus was not able to successfully authenticate directly to the
remote target on an available authentication protocol. Nessus was
able to connect to the remote port and identify that the service
running on the port supports an authentication protocol, but Nessus
failed to authenticate to the remote service using the provided
credentials. There may have been a protocol failure that prevented
authentication from being attempted or all of the provided credentials
for the authentication protocol may be invalid. See plugin output for
error details.
Please note the following :
- This plugin reports per protocol, so it is possible for
valid credentials to be provided for one protocol and not
another. For example, authentication may succeed via SSH
but fail via SMB, while no credentials were provided for
an available SNMP service.
- Providing valid credentials for all available
authentication protocols may improve scan coverage, but
the value of successful authentication for a given
protocol may vary from target to target depending upon
what data (if any) is gathered from the target via that
protocol. For example, successful authentication via SSH
is more valuable for Linux targets than for Windows
targets, and likewise successful authentication via SMB
is more valuable for Windows targets than for Linux
targets.","n/a","","SSH was detected on port 22 but no credentials were provided.
SSH local checks were not enabled.
","","","","","None","","IAVB:0001-B-0504","","2018/06/27","2024/04/19","","",""
"117886","","","None","11.1.65.21","tcp","0","OS Security Patch Assessment Not Available","OS Security Patch Assessment is not available.","OS Security Patch Assessment is not available on the remote host.
This does not necessarily indicate a problem with the scan.
Credentials may not have been provided, OS security patch assessment
may not be supported for the target, the target may not have been
identified, or another issue may have occurred that prevented OS
security patch assessment from being available. See plugin output for
details.
This plugin reports non-failure information impacting the availability
of OS Security Patch Assessment. Failure information is reported by
plugin 21745 : 'OS Security Patch Assessment failed'. If a target
host is not supported for OS Security Patch Assessment, plugin
110695 : 'OS Security Patch Assessment Checks Not Supported' will
report concurrently with this plugin.","n/a","","
The following issues were reported :
- Plugin : no_local_checks_credentials.nasl
Plugin ID : 110723
Plugin Name : Target Credential Status by Authentication Protocol - No Credentials Provided
Message :
Credentials were not provided for detected SSH service.
","","","","","None","","IAVB:0001-B-0515","","2018/10/02","2021/07/12","","",""
"121010","","","None","11.1.65.21","tcp","443","TLS Version 1.1 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1.
TLS 1.1 lacks support for current and recommended cipher suites.
Ciphers that support encryption before MAC computation, and
authenticated encryption modes such as GCM cannot be used with
TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","","","","None","","CWE:327","","2019/01/08","2023/04/19","","",""
"149334","","","None","11.1.65.21","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.21","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
EXP-RC4-MD5 0x00, 0x03 RSA(512) RSA RC4(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
RC4-MD5 0x00, 0x04 RSA RSA RC4(128) MD5
RC4-SHA 0x00, 0x05 RSA RSA RC4(128) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"157288","","6.1","Medium","11.1.65.21","tcp","443","TLS Version 1.1 Deprecated Protocol","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended
cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM
cannot be used with TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major
web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://datatracker.ietf.org/doc/html/rfc8996
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2022/04/04","2024/05/14","","",""
"10107","","","None","11.1.65.22","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.22","tcp","443","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
nginx","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.22","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-TERM-SSHD
SSH supported authentication : password,keyboard-interactive,publickey
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.22","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.22 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10386","","","None","11.1.65.22","tcp","80","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 302
rather than 404. The requested URL was :
http://11.1.65.22/6YBbkNJjBRak.html
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10863","","","None","11.1.65.22","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: CN
State/Province: Zhejiang
Locality: Hangzhou
Organization: My Org
Organization Unit: My Org Unit
Common Name: unis-node01
Issuer Name:
Country: CN
State/Province: Zhejiang
Locality: Hangzhou
Organization: My Org
Organization Unit: My Org Unit
Common Name: unis-node01
Serial Number: 61 36 A9 B5 00 A7 C0 00
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Jul 14 17:39:47 2022 GMT
Not Valid After: Jul 14 17:39:47 2042 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 EA D2 07 08 D5 70 3A B2 1E 95 0F C6 B8 AA B7 D8 F6 22 AE
32 DB AC 5E CD AB 7E 4E CA B0 8E 0B 10 1C FA FB 86 7E E7 E0
E0 FD 6D 33 02 45 C4 56 86 6D 41 16 BC 46 D6 F8 67 E4 CA 0B
E5 C8 8D 03 B6 D9 AD DA BA 2C 74 48 08 0E C7 69 7D 4C EC 3B
0A D2 DD A5 E2 34 12 94 46 08 41 EF 7A 56 FC 7F 36 6B AE 53
58 6E 30 30 ED E8 12 4C BF 76 49 6E 03 B3 5B B3 D2 EE A7 92
62 12 AC 9F 64 0E 06 6D 6C F7 50 ED 47 EB 04 4A 36 B0 76 D3
C3 B7 80 89 1F C5 0A 81 3E 26 F2 76 1A B8 76 72 A8 96 88 5D
8B BA 10 F5 69 34 B4 7E A4 AE E4 74 DA 47 29 1D FE 3F 76 29
15 C4 F6 2C DA A9 A6 6E F8 9E 02 70 26 F1 39 2A 85 C5 F8 94
6C F3 26 D1 58 98 61 0D 95 D8 E8 1A 74 CB E4 FD 7B F7 E5 7C
0D DE A7 2B A4 66 80 09 C2 7D 77 E2 2F 39 0F C6 F4 DD 88 21
D1 2E 18 84 21 07 87 F7 1A C3 7C B2 2F 74 D7 53 0B
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 CD 6A F6 53 43 2F 8B F9 32 C3 35 91 43 93 95 C8 8E 1F 86
DF 6D 98 CB B9 2D F6 D1 32 89 C5 45 5D B8 6A 6F C5 E9 CF F7
11 72 17 4C F3 F8 1C 70 CE 9C 85 84 4B E2 31 F1 93 9E 7B 97
68 E6 8A 44 D1 85 01 B1 91 EC 5A 63 73 CD B6 6B A8 9E 17 2D
4F 09 AD 3B E2 5E 00 8D 3B B7 C7 92 89 DA 6A 56 00 AD 2A 1E
E1 3A 6B B4 59 2E 2D C4 76 19 47 60 06 2F DF F9 59 77 22 3A
6D F9 81 46 84 99 C4 60 C2 63 75 FB EF 57 71 53 35 B1 54 43
32 C5 9A 49 F5 CF 7C AF DE 2F 18 F6 C1 2A A6 C2 37 BF F1 FE
39 18 53 CC FF 52 CA EE 4C C9 E9 87 AC E2 71 9D B0 19 BF C6
1E D2 C9 42 BD 9A 77 27 5B 03 2D 25 82 10 E7 9D F4 A2 7D B9
D8 54 45 6C C0 A5 6A E1 F1 EC 8F 03 E1 30 A7 01 94 96 A8 EF
E3 EF 32 1E 3A 41 D1 B2 7B A1 21 58 AE D2 E8 98 F5 36 67 D7
0B 32 69 EE AF 6D 65 44 36 22 46 E9 D7 8F 6E C5 9F
Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 0A 4F 96 5A 54 17 65 BB E0 D2 4F F2 0E 36 78 A0 D6 D8 73 C6
Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 0A 4F 96 5A 54 17 65 BB E0 D2 4F F2 0E 36 78 A0 D6 D8 73 C6
Fingerprints :
SHA-256 Fingerprint: 9D 6B 82 1E C8 F2 7C 52 3C 55 55 86 34 C8 D9 57 8A BA C4 AF
5F 5E 1B 58 50 29 70 E5 D9 0A 32 FE
SHA-1 Fingerprint: C2 83 C5 34 E2 07 35 C4 98 8B B3 23 38 95 5E 24 8B 33 19 53
MD5 Fingerprint: 42 53 01 65 3D 7A 79 A7 26 7D 4B 18 EE 31 3A A5
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDsjCCApqgAwIBAgIIYTaptQCnwAAwDQYJKoZIhvcNAQELBQAwcDELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFpoZWppYW5nMREwDwYDVQQHDAhIYW5nemhvdTEPMA0GA1UECgwGTXkgT3JnMRQwEgYDVQQLDAtNeSBPcmcgVW5pdDEUMBIGA1UEAwwLdW5pcy1ub2RlMDEwHhcNMjIwNzE0MTczOTQ3WhcNNDIwNzE0MTczOTQ3WjBwMQswCQYDVQQGEwJDTjERMA8GA1UECAwIWmhlamlhbmcxETAPBgNVBAcMCEhhbmd6aG91MQ8wDQYDVQQKDAZNeSBPcmcxFDASBgNVBAsMC015IE9yZyBVbml0MRQwEgYDVQQDDAt1bmlzLW5vZGUwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOrSBwjVcDqyHpUPxriqt9j2Iq4y26xezat+TsqwjgsQHPr7hn7n4OD9bTMCRcRWhm1BFrxG1vhn5MoL5ciNA7bZrdq6LHRICA7HaX1M7DsK0t2l4jQSlEYIQe96Vvx/NmuuU1huMDDt6BJMv3ZJbgOzW7PS7qeSYhKsn2QOBm1s91DtR+sESjawdtPDt4CJH8UKgT4m8nYauHZyqJaIXYu6EPVpNLR+pK7kdNpHKR3+P3YpFcT2LNqppm74ngJwJvE5KoXF+JRs8ybRWJhhDZXY6Bp0y+T9e/flfA3epyukZoAJwn134i85D8b03Ygh0S4YhCEHh/caw3yyL3TXUwsCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUCk+WWlQXZbvg0k/yDjZ4oNbYc8YwHwYDVR0jBBgwFoAUCk+WWlQXZbvg0k/yDjZ4oNbYc8YwDQYJKoZIhvcNAQELBQADggEBAM1q9lNDL4v5MsM1kUOTlciOH4bfbZjLuS320TKJxUVduGpvxenP9xFyF0zz+BxwzpyFhEviMfGTnnuXaOaKRNGFAbGR7Fpjc822a6ieFy1PCa074l4AjTu3x5KJ2mpWAK0qHuE6a7RZLi3EdhlHYAYv3/lZdyI6bfmBRoSZxGDCY3X771dxUzWxVEMyxZpJ9c98r94vGPbBKqbCN7/x/jkYU8z/UsruTMnph6zicZ2wGb/GHtLJQr2adydbAy0lghDnnfSifbnYVEVswKVq4fHsjwPhMKcBlJao7+PvMh46QdGye6EhWK7S6Jj1NmfXCzJp7q9tZUQ2Ikbp149uxZ8=
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10940","","","None","11.1.65.22","tcp","3389","Remote Desktop Protocol Service Detection","The remote host has an remote desktop protocol service enabled.","The Remote Desktop Protocol allows a user to remotely obtain a graphical
login (and therefore act as a local user on the remote host).
If an attacker gains a valid login and password, this service could be
used to gain further access on the remote host. An attacker may also
use this service to mount a dictionary attack against the remote host
to try to log in remotely.
Note that RDP (the Remote Desktop Protocol) is vulnerable to
Man-in-the-middle attacks, making it easy for attackers to steal the
credentials of legitimate users by impersonating the Windows server.","Disable the service if you do not use it, and do not allow this
service to run across the Internet.","","","","","","","None","","","","2002/04/20","2023/08/21","","",""
"11219","","","None","11.1.65.22","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","1433","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 1433/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","1521","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 1521/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","3306","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 3306/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.22","tcp","3389","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 3389/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"21643","","","None","11.1.65.22","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.22","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","1433","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","1521","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.22","tcp","3306","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.22","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 302 Moved Temporarily
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:47:40 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://11.1.65.22/
Response Body :
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.22","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 302 Moved Temporarily
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: nginx
Date: Thu, 27 Feb 2025 16:47:41 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: https://11.1.65.22/webui
X-Frame-Options: SAMEORIGIN
Response Body :
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"51192","","6.4","Medium","11.1.65.22","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=CN/ST=Zhejiang/L=Hangzhou/O=My Org/OU=My Org Unit/CN=unis-node01
|-Issuer : C=CN/ST=Zhejiang/L=Hangzhou/O=My Org/OU=My Org Unit/CN=unis-node01
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.22","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.22","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.22","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=CN/ST=Zhejiang/L=Hangzhou/O=My Org/OU=My Org Unit/CN=unis-node01
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"62564","","","None","11.1.65.22","tcp","443","TLS Next Protocols Supported","The remote service advertises one or more protocols as being supported
over TLS.","This script detects which protocols are advertised by the remote
service to be encapsulated by TLS connections.
Note that Nessus did not attempt to negotiate TLS sessions with the
protocols shown. The remote service may be falsely advertising these
protocols and / or failing to advertise other supported protocols.","n/a","https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04
https://technotes.googlecode.com/git/nextprotoneg.html","
The target advertises that the following protocols are
supported over SSL / TLS:
http/1.1
","","","","","None","","","","2012/10/16","2022/04/11","","",""
"70544","","","None","11.1.65.22","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"84502","","","None","11.1.65.22","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 27 Feb 2025 16:47:29 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://11.1.65.22/webui
X-Frame-Options: SAMEORIGIN
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84821","","","None","11.1.65.22","tcp","443","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"87242","","","None","11.1.65.22","tcp","443","TLS NPN Supported Protocol Enumeration","The remote host supports the TLS NPN extension.","The remote host supports the TLS NPN (Transport Layer Security Next
Protocol Negotiation) extension. This plugin enumerates the protocols
the extension supports.","n/a","https://tools.ietf.org/id/draft-agl-tls-nextprotoneg-03.html","
NPN Supported Protocols:
http/1.1
","","","","","None","","","","2015/12/08","2024/09/11","","",""
"94761","","","None","11.1.65.22","tcp","443","SSL Root Certification Authority Certificate Information","A root Certification Authority certificate was found at the top of the
certificate chain.","The remote service uses an SSL certificate chain that contains a
self-signed root Certification Authority certificate at the top of the
chain.","Ensure that use of this root Certification Authority certificate
complies with your organization's acceptable use and security
policies.","https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc778623(v=ws.10)","
The following root Certification Authority certificate was found :
|-Subject : C=CN/ST=Zhejiang/L=Hangzhou/O=My Org/OU=My Org Unit/CN=unis-node01
|-Issuer : C=CN/ST=Zhejiang/L=Hangzhou/O=My Org/OU=My Org Unit/CN=unis-node01
|-Valid From : Jul 14 17:39:47 2022 GMT
|-Valid To : Jul 14 17:39:47 2042 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption
","","","","","None","","","","2016/11/14","2018/11/15","","",""
"136318","","","None","11.1.65.22","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"149334","","","None","11.1.65.22","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.22","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DHE-RSA-AES128-SHA256 0x00, 0x9E DH RSA AES-GCM(128) SHA256
DHE-RSA-AES256-SHA384 0x00, 0x9F DH RSA AES-GCM(256) SHA384
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
DHE-RSA-AES128-SHA 0x00, 0x33 DH RSA AES-CBC(128) SHA1
DHE-RSA-AES256-SHA 0x00, 0x39 DH RSA AES-CBC(256) SHA1
DHE-RSA-CAMELLIA128-SHA 0x00, 0x45 DH RSA Camellia-CBC(128) SHA1
DHE-RSA-CAMELLIA256-SHA 0x00, 0x88 DH RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
DHE-RSA-AES128-SHA256 0x00, 0x67 DH RSA AES-CBC(128) SHA256
DHE-RSA-AES256-SHA256 0x00, 0x6B DH RSA AES-CBC(256) SHA256
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"10287","","","None","11.1.65.23","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.23 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.24","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.24 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10107","","","None","11.1.65.25","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
openresty","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.25","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-OpenSSH_8.8
SSH supported authentication : publickey,password,keyboard-interactive
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.25","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.25 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10386","","","None","11.1.65.25","tcp","80","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 301
rather than 404. The requested URL was :
http://11.1.65.25/Pg9oq22M43X3.html
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10386","","","None","11.1.65.25","tcp","443","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 302
rather than 404. The requested URL was :
https://11.1.65.25/Pg9oq22M43X3.html
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10863","","","None","11.1.65.25","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Issuer Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Serial Number: 00 83 29 7F A3 7E FB 23 58
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Feb 16 08:37:00 2017 GMT
Not Valid After: Nov 03 08:37:00 2036 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D3 EC C0 54 5A 27 31 21 13 00 A3 B2 2B D5 D2 B6 EB D0 05
0C 5C 77 B4 BE C1 ED F3 D2 A1 7F 31 2A 6C 87 2F 52 41 B1 BB
B5 A2 12 90 94 E2 E0 A3 57 69 70 C7 3D B4 7A B0 31 74 9E 0F
F8 43 3D 5A E3 DB D2 E5 71 C8 72 0C BB B7 2A AE D6 3B 81 D3
FD 51 11 04 36 C7 6A 5B 5C D5 A1 65 7D 40 5E 1E C3 C5 33 42
A5 06 74 32 FF A5 25 25 C2 28 F2 CF 1A F4 32 5C E0 46 F2 53
96 C8 0D 95 69 5F 34 FA BC B2 26 B2 24 12 D1 A9 F2 1E 25 76
BE 5F C7 38 40 C6 17 7D 2C 01 F7 71 F2 0F 49 69 C5 1A E2 D0
85 FD 58 2B 1B 88 C9 AA B9 2B 37 51 1C 0A CA 88 11 21 23 8A
4D 1A 92 C2 34 22 99 14 B6 14 AD 86 B0 5D B4 0F 31 B0 83 C5
A1 12 3A 7B 36 80 CA D9 32 AA BF 9A B4 49 B9 98 6F 6F BD 23
48 EB CF F5 F7 1F CE 59 FA AF 56 AD 4A B4 D6 1E D0 31 5A F0
4C 69 9B 7F C2 7F D3 89 AC 9F 89 D2 AB CB 55 3D 39
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 3A D5 E7 F9 63 CF 54 22 1F 27 1E 19 06 05 A1 17 61 AD 5D
36 4D DD 0A 10 FF 5A 86 F2 50 D1 B9 FA B1 C4 19 85 A7 30 C0
43 C8 85 3A 55 C2 21 0C D0 45 AD B6 9B 36 36 1D 39 1E 2C 92
5E 85 2D BE E5 60 88 A3 70 65 9E 08 84 32 47 F4 CD 39 5D DC
07 05 96 84 CF 82 AE 34 D5 91 69 C1 1C B9 50 D1 C7 04 94 03
C6 BB EE 4B 45 CD 73 C4 E7 37 1C 29 DD 22 1D 9B E9 D6 B3 FA
82 76 D1 CD 5F 5F 6B A2 36 E6 23 20 16 C9 CC 9D 8D 37 63 0E
90 E6 33 A5 6D AF 2C 08 85 22 F4 0C 79 E7 7D DC D1 62 4F 30
39 45 22 80 8B DA 00 4A 2C 6B FA 8A BE 38 0A C7 39 64 48 F4
D3 10 9F A0 4D 6E 1B 26 9E 82 1C 18 A4 FD E7 54 6A 54 43 6F
03 AC C3 13 D9 14 D5 09 E2 52 BA BC 9B 1F CC CE 78 23 9B 9A
EA 68 72 15 25 E2 C9 E5 8E A3 A9 75 2F 94 30 AE 00 7A 0F 2C
8A A1 0B ED CF 4C 28 3B 4D E4 86 A4 92 59 E7 6D 6E
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE
Fingerprints :
SHA-256 Fingerprint: 92 12 E4 0F A2 EF AC 9B D1 7A A3 2A AF CF A4 C7 BD CC 0A E9
27 B1 E6 89 0A 86 ED B6 DD A1 FF 61
SHA-1 Fingerprint: 43 CB CF E9 5D 25 05 F5 AA C4 77 E5 10 A6 66 B6 70 08 74 E9
MD5 Fingerprint: E8 82 AE C1 8A 95 92 49 78 9A 66 53 5F F8 55 C1
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIJAIMpf6N++yNYMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMTcwMjE2MDgzNzAwWhcNMzYxMTAzMDgzNzAwWjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+zAVFonMSETAKOyK9XStuvQBQxcd7S+we3z0qF/MSpshy9SQbG7taISkJTi4KNXaXDHPbR6sDF0ng/4Qz1a49vS5XHIcgy7tyqu1juB0/1REQQ2x2pbXNWhZX1AXh7DxTNCpQZ0Mv+lJSXCKPLPGvQyXOBG8lOWyA2VaV80+ryyJrIkEtGp8h4ldr5fxzhAxhd9LAH3cfIPSWnFGuLQhf1YKxuIyaq5KzdRHArKiBEhI4pNGpLCNCKZFLYUrYawXbQPMbCDxaESOns2gMrZMqq/mrRJuZhvb70jSOvP9fcfzln6r1atSrTWHtAxWvBMaZt/wn/TiayfidKry1U9OQIDAQABo1AwTjAdBgNVHQ4EFgQUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwHwYDVR0jBBgwFoAUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOtXn+WPPVCIfJx4ZBgWhF2GtXTZN3QoQ/1qG8lDRufqxxBmFpzDAQ8iFOlXCIQzQRa22mzY2HTkeLJJehS2+5WCIo3BlngiEMkf0zTld3AcFloTPgq401ZFpwRy5UNHHBJQDxrvuS0XNc8TnNxwp3SIdm+nWs/qCdtHNX19rojbmIyAWycydjTdjDpDmM6VtrywIhSL0DHnnfdzRYk8wOUUigIvaAEosa/qKvjgKxzlkSPTTEJ+gTW4bJp6CHBik/edUalRDbwOswxPZFNUJ4lK6vJsfzM54I5ua6mhyFSXiyeWOo6l1L5QwrgB6DyyKoQvtz0woO03khqSSWedtbg==
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10881","","","None","11.1.65.25","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"11219","","","None","11.1.65.25","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.25","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.25","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"21643","","","None","11.1.65.25","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-CHACHA20-POLY1305 0xCC, 0xA8 ECDH RSA ChaCha20-Poly1305(256) SHA256
RSA-AES-128-CCM-AEAD 0xC0, 0x9C RSA RSA AES-CCM(128) AEAD
RSA-AES-128-CCM8-AEAD 0xC0, 0xA0 RSA RSA AES-CCM8(128) AEAD
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES-256-CCM-AEAD 0xC0, 0x9D RSA RSA AES-CCM(256) AEAD
RSA-AES-256-CCM8-AEAD 0xC0, 0xA1 RSA RSA AES-CCM8(256) AEAD
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.25","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.25","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.25","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.25","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.25","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: openresty
Date: Thu, 27 Feb 2025 17:08:28 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://11.1.65.25/
Response Body :
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.25","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 302 Moved Temporarily
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Date: Thu, 27 Feb 2025 17:08:28 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: /index.jsp
Access-Control-Allow-Origin: *
Response Body :
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>openresty</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"45590","","","None","11.1.65.25","tcp","0","Common Platform Enumeration (CPE)","It was possible to enumerate CPE names that matched on the remote
system.","By using information obtained from a Nessus scan, this plugin reports
CPE (Common Platform Enumeration) matches for various hardware and
software products found on a host.
Note that if an official CPE is not available for the product, this
plugin computes the best possible CPE based on the information
available from the scan.","n/a","http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe","
Following application CPE matched on the remote system :
cpe:/a:openbsd:openssh:8.8 -> OpenBSD OpenSSH
","","","","","None","","","","2010/04/21","2024/11/22","","",""
"51192","","6.4","Medium","11.1.65.25","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
|-Issuer : C=XX/L=Default City/O=Default Company Ltd
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.25","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.25","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-CHACHA20-POLY1305 0xCC, 0xA8 ECDH RSA ChaCha20-Poly1305(256) SHA256
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.25","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"62564","","","None","11.1.65.25","tcp","443","TLS Next Protocols Supported","The remote service advertises one or more protocols as being supported
over TLS.","This script detects which protocols are advertised by the remote
service to be encapsulated by TLS connections.
Note that Nessus did not attempt to negotiate TLS sessions with the
protocols shown. The remote service may be falsely advertising these
protocols and / or failing to advertise other supported protocols.","n/a","https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04
https://technotes.googlecode.com/git/nextprotoneg.html","
The target advertises that the following protocols are
supported over SSL / TLS:
http/1.1
","","","","","None","","","","2012/10/16","2022/04/11","","",""
"70544","","","None","11.1.65.25","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"84502","","","None","11.1.65.25","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 302 Moved Temporarily
Date: Thu, 27 Feb 2025 17:08:20 GMT
Content-Type: text/html
Content-Length: 142
Connection: close
Location: /index.jsp
Access-Control-Allow-Origin: *
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84821","","","None","11.1.65.25","tcp","443","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"87242","","","None","11.1.65.25","tcp","443","TLS NPN Supported Protocol Enumeration","The remote host supports the TLS NPN extension.","The remote host supports the TLS NPN (Transport Layer Security Next
Protocol Negotiation) extension. This plugin enumerates the protocols
the extension supports.","n/a","https://tools.ietf.org/id/draft-agl-tls-nextprotoneg-03.html","
NPN Supported Protocols:
http/1.1
","","","","","None","","","","2015/12/08","2024/09/11","","",""
"94761","","","None","11.1.65.25","tcp","443","SSL Root Certification Authority Certificate Information","A root Certification Authority certificate was found at the top of the
certificate chain.","The remote service uses an SSL certificate chain that contains a
self-signed root Certification Authority certificate at the top of the
chain.","Ensure that use of this root Certification Authority certificate
complies with your organization's acceptable use and security
policies.","https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc778623(v=ws.10)","
The following root Certification Authority certificate was found :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
|-Issuer : C=XX/L=Default City/O=Default Company Ltd
|-Valid From : Feb 16 08:37:00 2017 GMT
|-Valid To : Nov 03 08:37:00 2036 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption
","","","","","None","","","","2016/11/14","2018/11/15","","",""
"136318","","","None","11.1.65.25","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"149334","","","None","11.1.65.25","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.25","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
RSA-AES-128-CCM-AEAD 0xC0, 0x9C RSA RSA AES-CCM(128) AEAD
RSA-AES-128-CCM8-AEAD 0xC0, 0xA0 RSA RSA AES-CCM8(128) AEAD
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES-256-CCM-AEAD 0xC0, 0x9D RSA RSA AES-CCM(256) AEAD
RSA-AES-256-CCM8-AEAD 0xC0, 0xA1 RSA RSA AES-CCM8(256) AEAD
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"159544","","","None","11.1.65.25","tcp","443","SSL Certificate with no Common Name","Checks for an SSL certificate with no Common Name","The remote system is providing an SSL/TLS certificate without a subject common name field. While this is not required
in all cases, it is recommended to ensure broad compatibility.","n/a","https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6","Subject Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Issuer Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Serial Number: 00 83 29 7F A3 7E FB 23 58
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Feb 16 08:37:00 2017 GMT
Not Valid After: Nov 03 08:37:00 2036 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D3 EC C0 54 5A 27 31 21 13 00 A3 B2 2B D5 D2 B6 EB D0 05
0C 5C 77 B4 BE C1 ED F3 D2 A1 7F 31 2A 6C 87 2F 52 41 B1 BB
B5 A2 12 90 94 E2 E0 A3 57 69 70 C7 3D B4 7A B0 31 74 9E 0F
F8 43 3D 5A E3 DB D2 E5 71 C8 72 0C BB B7 2A AE D6 3B 81 D3
FD 51 11 04 36 C7 6A 5B 5C D5 A1 65 7D 40 5E 1E C3 C5 33 42
A5 06 74 32 FF A5 25 25 C2 28 F2 CF 1A F4 32 5C E0 46 F2 53
96 C8 0D 95 69 5F 34 FA BC B2 26 B2 24 12 D1 A9 F2 1E 25 76
BE 5F C7 38 40 C6 17 7D 2C 01 F7 71 F2 0F 49 69 C5 1A E2 D0
85 FD 58 2B 1B 88 C9 AA B9 2B 37 51 1C 0A CA 88 11 21 23 8A
4D 1A 92 C2 34 22 99 14 B6 14 AD 86 B0 5D B4 0F 31 B0 83 C5
A1 12 3A 7B 36 80 CA D9 32 AA BF 9A B4 49 B9 98 6F 6F BD 23
48 EB CF F5 F7 1F CE 59 FA AF 56 AD 4A B4 D6 1E D0 31 5A F0
4C 69 9B 7F C2 7F D3 89 AC 9F 89 D2 AB CB 55 3D 39
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 3A D5 E7 F9 63 CF 54 22 1F 27 1E 19 06 05 A1 17 61 AD 5D
36 4D DD 0A 10 FF 5A 86 F2 50 D1 B9 FA B1 C4 19 85 A7 30 C0
43 C8 85 3A 55 C2 21 0C D0 45 AD B6 9B 36 36 1D 39 1E 2C 92
5E 85 2D BE E5 60 88 A3 70 65 9E 08 84 32 47 F4 CD 39 5D DC
07 05 96 84 CF 82 AE 34 D5 91 69 C1 1C B9 50 D1 C7 04 94 03
C6 BB EE 4B 45 CD 73 C4 E7 37 1C 29 DD 22 1D 9B E9 D6 B3 FA
82 76 D1 CD 5F 5F 6B A2 36 E6 23 20 16 C9 CC 9D 8D 37 63 0E
90 E6 33 A5 6D AF 2C 08 85 22 F4 0C 79 E7 7D DC D1 62 4F 30
39 45 22 80 8B DA 00 4A 2C 6B FA 8A BE 38 0A C7 39 64 48 F4
D3 10 9F A0 4D 6E 1B 26 9E 82 1C 18 A4 FD E7 54 6A 54 43 6F
03 AC C3 13 D9 14 D5 09 E2 52 BA BC 9B 1F CC CE 78 23 9B 9A
EA 68 72 15 25 E2 C9 E5 8E A3 A9 75 2F 94 30 AE 00 7A 0F 2C
8A A1 0B ED CF 4C 28 3B 4D E4 86 A4 92 59 E7 6D 6E
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIJAIMpf6N++yNYMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMTcwMjE2MDgzNzAwWhcNMzYxMTAzMDgzNzAwWjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+zAVFonMSETAKOyK9XStuvQBQxcd7S+we3z0qF/MSpshy9SQbG7taISkJTi4KNXaXDHPbR6sDF0ng/4Qz1a49vS5XHIcgy7tyqu1juB0/1REQQ2x2pbXNWhZX1AXh7DxTNCpQZ0Mv+lJSXCKPLPGvQyXOBG8lOWyA2VaV80+ryyJrIkEtGp8h4ldr5fxzhAxhd9LAH3cfIPSWnFGuLQhf1YKxuIyaq5KzdRHArKiBEhI4pNGpLCNCKZFLYUrYawXbQPMbCDxaESOns2gMrZMqq/mrRJuZhvb70jSOvP9fcfzln6r1atSrTWHtAxWvBMaZt/wn/TiayfidKry1U9OQIDAQABo1AwTjAdBgNVHQ4EFgQUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwHwYDVR0jBBgwFoAUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOtXn+WPPVCIfJx4ZBgWhF2GtXTZN3QoQ/1qG8lDRufqxxBmFpzDAQ8iFOlXCIQzQRa22mzY2HTkeLJJehS2+5WCIo3BlngiEMkf0zTld3AcFloTPgq401ZFpwRy5UNHHBJQDxrvuS0XNc8TnNxwp3SIdm+nWs/qCdtHNX19rojbmIyAWycydjTdjDpDmM6VtrywIhSL0DHnnfdzRYk8wOUUigIvaAEosa/qKvjgKxzlkSPTTEJ+gTW4bJp6CHBik/edUalRDbwOswxPZFNUJ4lK6vJsfzM54I5ua6mhyFSXiyeWOo6l1L5QwrgB6DyyKoQvtz0woO03khqSSWedtbg==
-----END CERTIFICATE-----","","","","","None","","","","2022/04/06","2022/11/30","","",""
"181418","","","None","11.1.65.25","tcp","22","OpenSSH Detection","An OpenSSH-based SSH server was detected on the remote host.","An OpenSSH-based SSH server was detected on the remote host.","n/a","https://www.openssh.com/","
Service : ssh
Version : 8.8
Banner : SSH-2.0-OpenSSH_8.8
","","","","","None","","","","2023/09/14","2024/12/18","","",""
"10107","","","None","11.1.65.26","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
openresty","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10287","","","None","11.1.65.26","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.26 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10386","","","None","11.1.65.26","tcp","80","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 301
rather than 404. The requested URL was :
http://11.1.65.26/V9snQ4_XqmiO.html
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10386","","","None","11.1.65.26","tcp","443","Web Server No 404 Error Code Check","The remote web server does not return 404 error codes.","The remote web server is configured such that it does not return '404
Not Found' error codes when a nonexistent file is requested, perhaps
returning instead a site map, search page or authentication page.
Nessus has enabled some counter measures for this. However, they
might be insufficient. If a great number of security holes are
produced for this port, they might not all be accurate.","n/a","","
CGI scanning will be disabled for this host because the host responds
to requests for non-existent URLs with HTTP code 302
rather than 404. The requested URL was :
https://11.1.65.26/V9snQ4_XqmiO.html
","","","","","None","","","","2000/04/28","2022/06/17","","",""
"10863","","","None","11.1.65.26","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Issuer Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Serial Number: 00 83 29 7F A3 7E FB 23 58
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Feb 16 08:37:00 2017 GMT
Not Valid After: Nov 03 08:37:00 2036 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D3 EC C0 54 5A 27 31 21 13 00 A3 B2 2B D5 D2 B6 EB D0 05
0C 5C 77 B4 BE C1 ED F3 D2 A1 7F 31 2A 6C 87 2F 52 41 B1 BB
B5 A2 12 90 94 E2 E0 A3 57 69 70 C7 3D B4 7A B0 31 74 9E 0F
F8 43 3D 5A E3 DB D2 E5 71 C8 72 0C BB B7 2A AE D6 3B 81 D3
FD 51 11 04 36 C7 6A 5B 5C D5 A1 65 7D 40 5E 1E C3 C5 33 42
A5 06 74 32 FF A5 25 25 C2 28 F2 CF 1A F4 32 5C E0 46 F2 53
96 C8 0D 95 69 5F 34 FA BC B2 26 B2 24 12 D1 A9 F2 1E 25 76
BE 5F C7 38 40 C6 17 7D 2C 01 F7 71 F2 0F 49 69 C5 1A E2 D0
85 FD 58 2B 1B 88 C9 AA B9 2B 37 51 1C 0A CA 88 11 21 23 8A
4D 1A 92 C2 34 22 99 14 B6 14 AD 86 B0 5D B4 0F 31 B0 83 C5
A1 12 3A 7B 36 80 CA D9 32 AA BF 9A B4 49 B9 98 6F 6F BD 23
48 EB CF F5 F7 1F CE 59 FA AF 56 AD 4A B4 D6 1E D0 31 5A F0
4C 69 9B 7F C2 7F D3 89 AC 9F 89 D2 AB CB 55 3D 39
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 3A D5 E7 F9 63 CF 54 22 1F 27 1E 19 06 05 A1 17 61 AD 5D
36 4D DD 0A 10 FF 5A 86 F2 50 D1 B9 FA B1 C4 19 85 A7 30 C0
43 C8 85 3A 55 C2 21 0C D0 45 AD B6 9B 36 36 1D 39 1E 2C 92
5E 85 2D BE E5 60 88 A3 70 65 9E 08 84 32 47 F4 CD 39 5D DC
07 05 96 84 CF 82 AE 34 D5 91 69 C1 1C B9 50 D1 C7 04 94 03
C6 BB EE 4B 45 CD 73 C4 E7 37 1C 29 DD 22 1D 9B E9 D6 B3 FA
82 76 D1 CD 5F 5F 6B A2 36 E6 23 20 16 C9 CC 9D 8D 37 63 0E
90 E6 33 A5 6D AF 2C 08 85 22 F4 0C 79 E7 7D DC D1 62 4F 30
39 45 22 80 8B DA 00 4A 2C 6B FA 8A BE 38 0A C7 39 64 48 F4
D3 10 9F A0 4D 6E 1B 26 9E 82 1C 18 A4 FD E7 54 6A 54 43 6F
03 AC C3 13 D9 14 D5 09 E2 52 BA BC 9B 1F CC CE 78 23 9B 9A
EA 68 72 15 25 E2 C9 E5 8E A3 A9 75 2F 94 30 AE 00 7A 0F 2C
8A A1 0B ED CF 4C 28 3B 4D E4 86 A4 92 59 E7 6D 6E
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE
Fingerprints :
SHA-256 Fingerprint: 92 12 E4 0F A2 EF AC 9B D1 7A A3 2A AF CF A4 C7 BD CC 0A E9
27 B1 E6 89 0A 86 ED B6 DD A1 FF 61
SHA-1 Fingerprint: 43 CB CF E9 5D 25 05 F5 AA C4 77 E5 10 A6 66 B6 70 08 74 E9
MD5 Fingerprint: E8 82 AE C1 8A 95 92 49 78 9A 66 53 5F F8 55 C1
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIJAIMpf6N++yNYMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMTcwMjE2MDgzNzAwWhcNMzYxMTAzMDgzNzAwWjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+zAVFonMSETAKOyK9XStuvQBQxcd7S+we3z0qF/MSpshy9SQbG7taISkJTi4KNXaXDHPbR6sDF0ng/4Qz1a49vS5XHIcgy7tyqu1juB0/1REQQ2x2pbXNWhZX1AXh7DxTNCpQZ0Mv+lJSXCKPLPGvQyXOBG8lOWyA2VaV80+ryyJrIkEtGp8h4ldr5fxzhAxhd9LAH3cfIPSWnFGuLQhf1YKxuIyaq5KzdRHArKiBEhI4pNGpLCNCKZFLYUrYawXbQPMbCDxaESOns2gMrZMqq/mrRJuZhvb70jSOvP9fcfzln6r1atSrTWHtAxWvBMaZt/wn/TiayfidKry1U9OQIDAQABo1AwTjAdBgNVHQ4EFgQUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwHwYDVR0jBBgwFoAUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOtXn+WPPVCIfJx4ZBgWhF2GtXTZN3QoQ/1qG8lDRufqxxBmFpzDAQ8iFOlXCIQzQRa22mzY2HTkeLJJehS2+5WCIo3BlngiEMkf0zTld3AcFloTPgq401ZFpwRy5UNHHBJQDxrvuS0XNc8TnNxwp3SIdm+nWs/qCdtHNX19rojbmIyAWycydjTdjDpDmM6VtrywIhSL0DHnnfdzRYk8wOUUigIvaAEosa/qKvjgKxzlkSPTTEJ+gTW4bJp6CHBik/edUalRDbwOswxPZFNUJ4lK6vJsfzM54I5ua6mhyFSXiyeWOo6l1L5QwrgB6DyyKoQvtz0woO03khqSSWedtbg==
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"11219","","","None","11.1.65.26","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.26","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"21643","","","None","11.1.65.26","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-CHACHA20-POLY1305 0xCC, 0xA8 ECDH RSA ChaCha20-Poly1305(256) SHA256
RSA-AES-128-CCM-AEAD 0xC0, 0x9C RSA RSA AES-CCM(128) AEAD
RSA-AES-128-CCM8-AEAD 0xC0, 0xA0 RSA RSA AES-CCM8(128) AEAD
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES-256-CCM-AEAD 0xC0, 0x9D RSA RSA AES-CCM(256) AEAD
RSA-AES-256-CCM8-AEAD 0xC0, 0xA1 RSA RSA AES-CCM8(256) AEAD
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.26","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.26","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1.2 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.26","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.2.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.26","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Server: openresty
Date: Thu, 27 Feb 2025 16:39:50 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://11.1.65.26/
Response Body :
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>openresty</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.26","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 302 Moved Temporarily
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Date: Thu, 27 Feb 2025 16:39:50 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: /index.jsp
Access-Control-Allow-Origin: *
Response Body :
<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>openresty</center>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"51192","","6.4","Medium","11.1.65.26","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
|-Issuer : C=XX/L=Default City/O=Default Company Ltd
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.26","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.26","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-CHACHA20-POLY1305 0xCC, 0xA8 ECDH RSA ChaCha20-Poly1305(256) SHA256
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.26","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"62564","","","None","11.1.65.26","tcp","443","TLS Next Protocols Supported","The remote service advertises one or more protocols as being supported
over TLS.","This script detects which protocols are advertised by the remote
service to be encapsulated by TLS connections.
Note that Nessus did not attempt to negotiate TLS sessions with the
protocols shown. The remote service may be falsely advertising these
protocols and / or failing to advertise other supported protocols.","n/a","https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04
https://technotes.googlecode.com/git/nextprotoneg.html","
The target advertises that the following protocols are
supported over SSL / TLS:
http/1.1
","","","","","None","","","","2012/10/16","2022/04/11","","",""
"70544","","","None","11.1.65.26","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"84502","","","None","11.1.65.26","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 302 Moved Temporarily
Date: Thu, 27 Feb 2025 16:39:42 GMT
Content-Type: text/html
Content-Length: 142
Connection: close
Location: /index.jsp
Access-Control-Allow-Origin: *
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"84821","","","None","11.1.65.26","tcp","443","TLS ALPN Supported Protocol Enumeration","The remote host supports the TLS ALPN extension.","The remote host supports the TLS ALPN extension. This plugin
enumerates the protocols the extension supports.","n/a","https://tools.ietf.org/html/rfc7301","
http/1.1","","","","","None","","","","2015/07/17","2024/09/11","","",""
"87242","","","None","11.1.65.26","tcp","443","TLS NPN Supported Protocol Enumeration","The remote host supports the TLS NPN extension.","The remote host supports the TLS NPN (Transport Layer Security Next
Protocol Negotiation) extension. This plugin enumerates the protocols
the extension supports.","n/a","https://tools.ietf.org/id/draft-agl-tls-nextprotoneg-03.html","
NPN Supported Protocols:
http/1.1
","","","","","None","","","","2015/12/08","2024/09/11","","",""
"94761","","","None","11.1.65.26","tcp","443","SSL Root Certification Authority Certificate Information","A root Certification Authority certificate was found at the top of the
certificate chain.","The remote service uses an SSL certificate chain that contains a
self-signed root Certification Authority certificate at the top of the
chain.","Ensure that use of this root Certification Authority certificate
complies with your organization's acceptable use and security
policies.","https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc778623(v=ws.10)","
The following root Certification Authority certificate was found :
|-Subject : C=XX/L=Default City/O=Default Company Ltd
|-Issuer : C=XX/L=Default City/O=Default Company Ltd
|-Valid From : Feb 16 08:37:00 2017 GMT
|-Valid To : Nov 03 08:37:00 2036 GMT
|-Signature Algorithm : SHA-256 With RSA Encryption
","","","","","None","","","","2016/11/14","2018/11/15","","",""
"136318","","","None","11.1.65.26","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"156899","","","None","11.1.65.26","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-CAMELLIA-CBC-128 0xC0, 0x76 ECDH RSA Camellia-CBC(128) SHA256
ECDHE-RSA-CAMELLIA-CBC-256 0xC0, 0x77 ECDH RSA Camellia-CBC(256) SHA384
RSA-AES-128-CCM-AEAD 0xC0, 0x9C RSA RSA AES-CCM(128) AEAD
RSA-AES-128-CCM8-AEAD 0xC0, 0xA0 RSA RSA AES-CCM8(128) AEAD
RSA-AES128-SHA256 0x00, 0x9C RSA RSA AES-GCM(128) SHA256
RSA-AES-256-CCM-AEAD 0xC0, 0x9D RSA RSA AES-CCM(256) AEAD
RSA-AES-256-CCM8-AEAD 0xC0, 0xA1 RSA RSA AES-CCM8(256) AEAD
RSA-AES256-SHA384 0x00, 0x9D RSA RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA 0xC0, 0x13 ECDH RSA AES-CBC(128) SHA1
ECDHE-RSA-AES256-SHA 0xC0, 0x14 ECDH RSA AES-CBC(256) SHA1
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
CAMELLIA128-SHA 0x00, 0x41 RSA RSA Camellia-CBC(128) SHA1
CAMELLIA256-SHA 0x00, 0x84 RSA RSA Camellia-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
RSA-CAMELLIA128-SHA256 0x00, 0xBA RSA RSA Camellia-CBC(128) SHA256
RSA-CAMELLIA256-SHA256 0x00, 0xC0 RSA RSA Camellia-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"159544","","","None","11.1.65.26","tcp","443","SSL Certificate with no Common Name","Checks for an SSL certificate with no Common Name","The remote system is providing an SSL/TLS certificate without a subject common name field. While this is not required
in all cases, it is recommended to ensure broad compatibility.","n/a","https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6","Subject Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Issuer Name:
Country: XX
Locality: Default City
Organization: Default Company Ltd
Serial Number: 00 83 29 7F A3 7E FB 23 58
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Feb 16 08:37:00 2017 GMT
Not Valid After: Nov 03 08:37:00 2036 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 2048 bits
Public Key: 00 D3 EC C0 54 5A 27 31 21 13 00 A3 B2 2B D5 D2 B6 EB D0 05
0C 5C 77 B4 BE C1 ED F3 D2 A1 7F 31 2A 6C 87 2F 52 41 B1 BB
B5 A2 12 90 94 E2 E0 A3 57 69 70 C7 3D B4 7A B0 31 74 9E 0F
F8 43 3D 5A E3 DB D2 E5 71 C8 72 0C BB B7 2A AE D6 3B 81 D3
FD 51 11 04 36 C7 6A 5B 5C D5 A1 65 7D 40 5E 1E C3 C5 33 42
A5 06 74 32 FF A5 25 25 C2 28 F2 CF 1A F4 32 5C E0 46 F2 53
96 C8 0D 95 69 5F 34 FA BC B2 26 B2 24 12 D1 A9 F2 1E 25 76
BE 5F C7 38 40 C6 17 7D 2C 01 F7 71 F2 0F 49 69 C5 1A E2 D0
85 FD 58 2B 1B 88 C9 AA B9 2B 37 51 1C 0A CA 88 11 21 23 8A
4D 1A 92 C2 34 22 99 14 B6 14 AD 86 B0 5D B4 0F 31 B0 83 C5
A1 12 3A 7B 36 80 CA D9 32 AA BF 9A B4 49 B9 98 6F 6F BD 23
48 EB CF F5 F7 1F CE 59 FA AF 56 AD 4A B4 D6 1E D0 31 5A F0
4C 69 9B 7F C2 7F D3 89 AC 9F 89 D2 AB CB 55 3D 39
Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits
Signature: 00 3A D5 E7 F9 63 CF 54 22 1F 27 1E 19 06 05 A1 17 61 AD 5D
36 4D DD 0A 10 FF 5A 86 F2 50 D1 B9 FA B1 C4 19 85 A7 30 C0
43 C8 85 3A 55 C2 21 0C D0 45 AD B6 9B 36 36 1D 39 1E 2C 92
5E 85 2D BE E5 60 88 A3 70 65 9E 08 84 32 47 F4 CD 39 5D DC
07 05 96 84 CF 82 AE 34 D5 91 69 C1 1C B9 50 D1 C7 04 94 03
C6 BB EE 4B 45 CD 73 C4 E7 37 1C 29 DD 22 1D 9B E9 D6 B3 FA
82 76 D1 CD 5F 5F 6B A2 36 E6 23 20 16 C9 CC 9D 8D 37 63 0E
90 E6 33 A5 6D AF 2C 08 85 22 F4 0C 79 E7 7D DC D1 62 4F 30
39 45 22 80 8B DA 00 4A 2C 6B FA 8A BE 38 0A C7 39 64 48 F4
D3 10 9F A0 4D 6E 1B 26 9E 82 1C 18 A4 FD E7 54 6A 54 43 6F
03 AC C3 13 D9 14 D5 09 E2 52 BA BC 9B 1F CC CE 78 23 9B 9A
EA 68 72 15 25 E2 C9 E5 8E A3 A9 75 2F 94 30 AE 00 7A 0F 2C
8A A1 0B ED CF 4C 28 3B 4D E4 86 A4 92 59 E7 6D 6E
Extension: Subject Key Identifier (2.5.29.14)
Critical: 0
Subject Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Authority Key Identifier (2.5.29.35)
Critical: 0
Key Identifier: 27 E4 F0 65 B3 8B 20 9F 17 74 6D 6D 6B 9F DC 49 FC 39 B5 46
Extension: Basic Constraints (2.5.29.19)
Critical: 0
CA: TRUE
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIDVzCCAj+gAwIBAgIJAIMpf6N++yNYMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlhYMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQgQ29tcGFueSBMdGQwHhcNMTcwMjE2MDgzNzAwWhcNMzYxMTAzMDgzNzAwWjBCMQswCQYDVQQGEwJYWDEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENvbXBhbnkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+zAVFonMSETAKOyK9XStuvQBQxcd7S+we3z0qF/MSpshy9SQbG7taISkJTi4KNXaXDHPbR6sDF0ng/4Qz1a49vS5XHIcgy7tyqu1juB0/1REQQ2x2pbXNWhZX1AXh7DxTNCpQZ0Mv+lJSXCKPLPGvQyXOBG8lOWyA2VaV80+ryyJrIkEtGp8h4ldr5fxzhAxhd9LAH3cfIPSWnFGuLQhf1YKxuIyaq5KzdRHArKiBEhI4pNGpLCNCKZFLYUrYawXbQPMbCDxaESOns2gMrZMqq/mrRJuZhvb70jSOvP9fcfzln6r1atSrTWHtAxWvBMaZt/wn/TiayfidKry1U9OQIDAQABo1AwTjAdBgNVHQ4EFgQUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwHwYDVR0jBBgwFoAUJ+TwZbOLIJ8XdG1ta5/cSfw5tUYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAOtXn+WPPVCIfJx4ZBgWhF2GtXTZN3QoQ/1qG8lDRufqxxBmFpzDAQ8iFOlXCIQzQRa22mzY2HTkeLJJehS2+5WCIo3BlngiEMkf0zTld3AcFloTPgq401ZFpwRy5UNHHBJQDxrvuS0XNc8TnNxwp3SIdm+nWs/qCdtHNX19rojbmIyAWycydjTdjDpDmM6VtrywIhSL0DHnnfdzRYk8wOUUigIvaAEosa/qKvjgKxzlkSPTTEJ+gTW4bJp6CHBik/edUalRDbwOswxPZFNUJ4lK6vJsfzM54I5ua6mhyFSXiyeWOo6l1L5QwrgB6DyyKoQvtz0woO03khqSSWedtbg==
-----END CERTIFICATE-----","","","","","None","","","","2022/04/06","2022/11/30","","",""
"10287","","","None","11.1.65.27","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.27 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.28","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.28 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.29","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.29 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.3","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.3","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.3 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.3","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.3","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.3","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.3","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.3","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.3","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.749, rootdisp=4.652, refid=11.1.80.193,
reftime=0xeb6ae37f.66d50499, clock=0xeb6ae3a3.2097a954, peer=26524,
tc=6, mintc=3, offset=0.042, frequency=17.300, sys_jitter=0.025,
clk_jitter=0.013, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.3","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.30","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.30 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"11154","","","None","11.1.65.30","tcp","4001","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4001
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 32 20 55 6E 69 73 79 2015-2022 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 50 53 57 2D 31 2D 41 **......<PSW-1-A
0x01A0: 30 35 2D 37 55 2D 44 54 58 43 59 3E 25 46 65 62 05-7U-DTXCY>%Feb
0x01B0: 20 32 38 20 30 31 3A 34 33 3A 30 33 3A 36 38 37 28 01:43:03:687
0x01C0: 20 32 30 32 35 20 50 53 57 2D 31 2D 41 30 35 2D 2025 PSW-1-A05-
0x01D0: 37 55 2D 44 54 58 43 59 20 53 48 45 4C 4C 2F 35 7U-DTXCY SHELL/5
0x01E0: 2F 53 48 45 4C 4C 5F 4C 4F 47 49 4E 3A 20 2D 4D /SHELL_LOGIN: -M
0x01F0: 44 43 3D 31 3B 20 43 6F 6E 73 6F 6C 65 20 6C 6F DC=1; Console lo
0x0200: 67 67 65 64 20 69 6E 20 66 72 6F 6D 20 63 6F 6E gged in from con
0x0210: 30 2E 0D 0D 0A 0....
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4002","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4002
Type : spontaneous
Banner :
0x00: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x10: 20 20 20 20 31 31 2E 31 2E 36 38 2E 33 32 20 20 11.1.68.32
0x20: 20 20 20 20 46 47 45 30 2F 30 2F 32 0D 0D 0A 31 FGE0/0/2...1
0x30: 31 2E 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 1...............
0x40: 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A ................
0x50: 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D ................
0x60: 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D ................
0x70: 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 4C 69 6E 65 20 63 ..........Line c
0x80: 6F 6E 30 20 69 73 20 61 76 61 69 6C 61 62 6C 65 on0 is available
0x90: 2E 0D 0D 0A 0D 0D 0A 0D 0D 0A 50 72 65 73 73 20 ..........Press
0xA0: 45 4E 54 45 52 20 74 6F 20 67 65 74 20 73 74 61 ENTER to get sta
0xB0: 72 74 65 64 2E 0D 0D 0A rted....
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4003","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4003
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 32 20 55 6E 69 73 79 2015-2022 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 49 53 57 31 2D 41 30 **......<ISW1-A0
0x01A0: 35 2D 34 31 55 2D 5A 57 57 2D 33 30 31 2D 64 74 5-41U-ZWW-301-dt
0x01B0: 63 6C 6F 75 64 32 3E 25 46 65 62 20 32 38 20 30 cloud2>%Feb 28 0
0x01C0: 31 3A 34 34 3A 35 39 3A 36 38 35 20 32 30 32 35 1:44:59:685 2025
0x01D0: 20 49 53 57 31 2D 41 30 35 2D 34 31 55 2D 5A 57 ISW1-A05-41U-ZW
0x01E0: 57 2D 33 30 31 2D 64 74 63 6C 6F 75 64 32 20 53 W-301-dtcloud2 S
0x01F0: 48 45 4C 4C 2F 35 2F 53 48 45 4C 4C 5F 4C 4F 47 HELL/5/SHELL_LOG
0x0200: 49 4E 3A 20 43 6F 6E 73 6F 6C 65 20 6C 6F 67 67 IN: Console logg
0x0210: 65 64 20 69 6E 20 66 72 6F 6D 20 63 6F 6E 30 2E ed in from con0.
0x0220: 0D 0D 0A ...
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4004","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4004
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 32 20 55 6E 69 73 79 2015-2022 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 49 53 57 32 2D 41 30 **......<ISW2-A0
0x01A0: 36 2D 34 31 55 2D 5A 57 57 2D 33 30 31 2D 64 74 6-41U-ZWW-301-dt
0x01B0: 63 6C 6F 75 64 32 3E 25 46 65 62 20 32 38 20 30 cloud2>%Feb 28 0
0x01C0: 31 3A 34 35 3A 31 30 3A 36 38 35 20 32 30 32 35 1:45:10:685 2025
0x01D0: 20 49 53 57 32 2D 41 30 36 2D 34 31 55 2D 5A 57 ISW2-A06-41U-ZW
0x01E0: 57 2D 33 30 31 2D 64 74 63 6C 6F 75 64 32 20 53 W-301-dtcloud2 S
0x01F0: 48 45 4C 4C 2F 35 2F 53 48 45 4C 4C 5F 4C 4F 47 HELL/5/SHELL_LOG
0x0200: 49 4E 3A 20 43 6F 6E 73 6F 6C 65 20 6C 6F 67 67 IN: Console logg
0x0210: 65 64 20 69 6E 20 66 72 6F 6D 20 63 6F 6E 30 2E ed in from con0.
0x0220: 0D 0D 0A ...
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4006","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4006
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 32 20 55 6E 69 73 79 2015-2022 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 53 53 57 2D 32 2D 41 **......<SSW-2-A
0x01A0: 30 36 2D 33 38 55 2D 44 54 58 43 59 3E 25 46 65 06-38U-DTXCY>%Fe
0x01B0: 62 20 32 38 20 30 31 3A 34 37 3A 31 33 3A 38 35 b 28 01:47:13:85
0x01C0: 39 20 32 30 32 35 20 53 53 57 2D 32 2D 41 30 36 9 2025 SSW-2-A06
0x01D0: 2D 33 38 55 2D 44 54 58 43 59 20 53 48 45 4C 4C -38U-DTXCY SHELL
0x01E0: 2F 35 2F 53 48 45 4C 4C 5F 4C 4F 47 49 4E 3A 20 /5/SHELL_LOGIN:
0x01F0: 43 6F 6E 73 6F 6C 65 20 6C 6F 67 67 65 64 20 69 Console logged i
0x0200: 6E 20 66 72 6F 6D 20 63 6F 6E 30 2E 0D 0D 0A n from con0....
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4015","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4015
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 31 20 55 6E 69 73 79 2015-2021 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 41 31 32 2D 34 35 55 **......<A12-45U
0x01A0: 2D 4F 41 53 57 33 3E 25 41 75 67 20 20 34 20 31 -OASW3>%Aug 4 1
0x01B0: 33 3A 33 30 3A 33 35 3A 30 30 39 20 32 30 31 33 3:30:35:009 2013
0x01C0: 20 41 31 32 2D 34 35 55 2D 4F 41 53 57 33 20 53 A12-45U-OASW3 S
0x01D0: 48 45 4C 4C 2F 35 2F 53 48 45 4C 4C 5F 4C 4F 47 HELL/5/SHELL_LOG
0x01E0: 49 4E 3A 20 43 6F 6E 73 6F 6C 65 20 6C 6F 67 67 IN: Console logg
0x01F0: 65 64 20 69 6E 20 66 72 6F 6D 20 63 6F 6E 30 2E ed in from con0.
0x0200: 0D 0D 0A ...
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4016","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4016
Type : get_http
Banner :
0x0000: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0040: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 0D 0D **************..
0x0050: 0A 2A 20 43 6F 70 79 72 69 67 68 74 20 28 63 29 .* Copyright (c)
0x0060: 20 32 30 31 35 2D 32 30 32 32 20 55 6E 69 73 79 2015-2022 Unisy
0x0070: 75 65 20 54 65 63 68 6E 6F 6C 6F 67 69 65 73 20 ue Technologies
0x0080: 43 6F 2E 2C 20 4C 74 64 2E 20 20 20 20 20 20 20 Co., Ltd.
0x0090: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A 0D *.
0x00A0: 0D 0A 2A 20 57 69 74 68 6F 75 74 20 74 68 65 20 ..* Without the
0x00B0: 6F 77 6E 65 72 27 73 20 70 72 69 6F 72 20 77 72 owner's prior wr
0x00C0: 69 74 74 65 6E 20 63 6F 6E 73 65 6E 74 2C 20 20 itten consent,
0x00D0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x00E0: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2A *
0x00F0: 0D 0D 0A 2A 20 6E 6F 20 64 65 63 6F 6D 70 69 6C ...* no decompil
0x0100: 69 6E 67 20 6F 72 20 72 65 76 65 72 73 65 2D 65 ing or reverse-e
0x0110: 6E 67 69 6E 65 65 72 69 6E 67 20 73 68 61 6C 6C ngineering shall
0x0120: 20 62 65 20 61 6C 6C 6F 77 65 64 2E 20 20 20 20 be allowed.
0x0130: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0x0140: 2A 0D 0D 0A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A *...************
0x0150: 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A 2A ****************
*
0x0190: 2A 2A 0D 0D 0A 0D 0D 0A 3C 41 30 35 2D 33 35 55 **......<A05-35U
0x01A0: 2D 4F 53 57 2D 4E 3E 25 41 75 67 20 31 32 20 30 -OSW-N>%Aug 12 0
0x01B0: 39 3A 33 36 3A 30 36 3A 32 39 38 20 32 30 31 33 9:36:06:298 2013
0x01C0: 20 41 30 35 2D 33 35 55 2D 4F 53 57 2D 4E 20 53 A05-35U-OSW-N S
0x01D0: 48 45 4C 4C 2F 35 2F 53 48 45 4C 4C 5F 4C 4F 47 HELL/5/SHELL_LOG
0x01E0: 49 4E 3A 20 43 6F 6E 73 6F 6C 65 20 6C 6F 67 67 IN: Console logg
0x01F0: 65 64 20 69 6E 20 66 72 6F 6D 20 63 6F 6E 30 2E ed in from con0.
0x0200: 0D 0D 0A ...
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4017","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4017
Type : spontaneous
Banner :
0x00: 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A ................
0x10: 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D 0D 0A 0D ................
0x20: 0D 0A 0D 0D 0A 4C 69 6E 65 20 63 6F 6E 30 20 69 .....Line con0 i
0x30: 73 20 61 76 61 69 6C 61 62 6C 65 2E 0D 0D 0A 0D s available.....
0x40: 0D 0A 0D 0D 0A 50 72 65 73 73 20 45 4E 54 45 52 .....Press ENTER
0x50: 20 74 6F 20 67 65 74 20 73 74 61 72 74 65 64 2E to get started.
0x60: 0D 0D 0A ...
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4018","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4018
Type : get_http
Banner :
0x00: 47 45 54 20 2F 20 48 54 54 50 2F 31 2E 30 0D 0D GET / HTTP/1.0..
0x10: 0A 0D 0A 0D 0A 50 61 73 73 77 6F 72 64 3A 20 0D .....Password: .
0x20: 0A 41 41 41 20 61 75 74 68 65 6E 74 69 63 61 74 .AAA authenticat
0x30: 69 6F 6E 20 66 61 69 6C 65 64 2E 0D 0D 0A 4C 6F ion failed....Lo
0x40: 67 69 6E 3A 20 0D 0D 0A 4C 6F 67 69 6E 3A 20 gin: ...Login:
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4019","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4019
Type : get_http
Banner :
0x00: 0D 0A 41 41 41 20 61 75 74 68 65 6E 74 69 63 61 ..AAA authentica
0x10: 74 69 6F 6E 20 66 61 69 6C 65 64 2E 0D 0D 0A 4C tion failed....L
0x20: 6F 67 69 6E 3A 20 0D 0D 0A 4C 6F 67 69 6E 3A 20 ogin: ...Login:
0x30: 0D 0D 0A 4C 6F 67 69 6E 3A 20 ...Login:
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4025","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4025
Type : spontaneous
Banner :
0x0000: 00 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 .#.='-7.9!%%=#7.
0x0010: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0020: EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF .3....3....3....
0x0030: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0040: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0050: BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 ....3....m#.='-7
0x0060: BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 .9!%%=#7...m#.='
0x0070: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0080: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x0090: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x00A0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x00B0: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x00C0: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x00D0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x00E0: 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 3....3....3.....
0x00F0: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0100: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0110: E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF ...3....m#.='-7.
0x0120: 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 9!%%=#7...m#.='-
0x0130: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0140: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0150: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0160: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0170: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0180: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0190: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x01A0: 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 33 17 ....3....3....3.
0x01B0: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x01C0: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x01D0: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x01E0: BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x01F0: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0200: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0210: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x0220: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0230: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0240: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0250: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0260: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0270: 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0280: 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 7...m#.='-7.9!%%
0x0290: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x02A0: 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D .....3....m#.='-
0x02B0: 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 7.9!%%=#7...m#.=
0x02C0: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x02D0: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 .....3....3.....
0x02E0: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x02F0: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0300: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F ...3....3....3..
0x0310: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0320: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0330: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 ......3....m#.='
0x0340: 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 -7.9!%%=#7...m#.
0x0350: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0360: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0370: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0380: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0390: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x03A0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x03B0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x03C0: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 ..3....3....3...
0x03D0: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x03E0: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x03F0: 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D .....3....m#.='-
0x0400: 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 7.9!%%=#7...m#.=
0x0410: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x0420: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 .....3....3.....
0x0430: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0440: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0450: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0460: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0470: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0480: EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF .3....3....3....
0x0490: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x04A0: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x04B0: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x04C0: E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF ...3....m#.='-7.
0x04D0: 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 9!%%=#7...m#.='-
0x04E0: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x04F0: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0500: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0510: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0520: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0530: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0540: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x0550: 17 1F 83 BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 ....3....m#.='-7
0x0560: BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 .9!%%=#7...m#.='
0x0570: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0580: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x0590: BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x05A0: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x05B0: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x05C0: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x05D0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x05E0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x05F0: 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D ....3.......m#.=
0x0600: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x0610: 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F .....3.......3..
0x0620: 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0630: 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 7...m#.='-7.9!%%
0x0640: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0650: 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D ..3.......m#.='-
0x0660: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0670: E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF ...3.......3....
0x0680: 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 3.......m#.='-7.
0x0690: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x06A0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x06B0: 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x06C0: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x06D0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x06E0: EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x06F0: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x0700: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0710: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0720: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0730: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x0740: 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D ....3.......m#.=
0x0750: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x0760: 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F .....3.......3..
0x0770: 83 BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 ..3....m#.='-7.9
0x0780: 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 !%%=#7...m#.='-7
0x0790: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x07A0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x07B0: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x07C0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x07D0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x07E0: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x07F0: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0800: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0810: 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D ..3.......m#.='-
0x0820: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0830: E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF ...3.......3....
0x0840: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0850: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0860: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0870: 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 3.......m#.='-7.
0x0880: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0890: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x08A0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x08B0: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x08C0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x08D0: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x08E0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x08F0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x0900: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x0910: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0920: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0930: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0940: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0950: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0960: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0970: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0980: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0990: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x09A0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x09B0: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x09C0: 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x09D0: 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 #7...m#.='-7.9!%
0x09E0: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x09F0: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x0A00: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0A10: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x0A20: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x0A30: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0A40: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0A50: 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0A60: 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 =#7...m#.='-7.9!
0x0A70: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x0A80: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D .......3....m#.=
0x0A90: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 '-7.9!%%=#7...m#
0x0AA0: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0AB0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x0AC0: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0AD0: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0AE0: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 .....3....3....3
0x0AF0: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0B00: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0B10: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3.......3....m#.
0x0B20: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D ='-7.9!%%=#7...m
0x0B30: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0B40: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0B50: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0B60: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0B70: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0B80: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0B90: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0BA0: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 ....3....3....3.
0x0BB0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x0BC0: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x0BD0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D .......3....m#.=
0x0BE0: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 '-7.9!%%=#7...m#
0x0BF0: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0C00: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x0C10: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0C20: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0C30: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 .....3....3.....
0x0C40: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0C50: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0C60: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F ...3....3....3..
0x0C70: 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 ..3....3....3...
0x0C80: BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x0C90: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x0CA0: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0CB0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 .3.......3....m#
0x0CC0: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB .='-7.9!%%=#7...
0x0CD0: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0CE0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x0CF0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x0D00: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x0D10: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x0D20: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0D30: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0D40: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 6D .....3....3....m
0x0D50: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x0D60: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0D70: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x0D80: E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 ..3....m#.='-7.9
0x0D90: 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 !%%=#7...m#.='-7
0x0DA0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0DB0: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x0DC0: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0DD0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0DE0: 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 3....3....3.....
0x0DF0: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0E00: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0E10: E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF ...3....m#.='-7.
0x0E20: 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 9!%%=#7...m#.='-
0x0E30: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0E40: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0E50: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0E60: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0E70: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0E80: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0E90: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x0EA0: 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x0EB0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0EC0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x0ED0: E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 ..3....m#.='-7.9
0x0EE0: 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 !%%=#7...m#.='-7
0x0EF0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0F00: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x0F10: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0F20: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0F30: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x0F40: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0F50: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x0F60: 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 6D 23 13 ...3....3....m#.
0x0F70: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D ='-7.9!%%=#7...m
0x0F80: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0F90: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0FA0: 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 3....m#.='-7.9!%
0x0FB0: 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 %=#7...m#.='-7.9
0x0FC0: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0FD0: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x0FE0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0FF0: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x1000: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x1010: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x1020: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x1030: BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x1040: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x1050: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x1060: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 .3.......3....m#
0x1070: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB .='-7.9!%%=#7...
0x1080: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x1090: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x10A0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x10B0: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x10C0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x10D0: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x10E0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x10F0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x1100: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x1110: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x1120: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x1130: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x1140: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x1150: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x1160: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x1170: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x1180: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x1190: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x11A0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x11B0: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x11C0: 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x11D0: 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 #7...m#.='-7.9!%
0x11E0: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x11F0: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x1200: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x1210: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x1220: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x1230: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x1240: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x1250: 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x1260: 3D 23 37 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 =#7='-7.9!%%=#7.
0x1270: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ..m#.='-7.9!
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11154","","","None","11.1.65.30","tcp","4027","Unknown Service Detection: Banner Retrieval","There is an unknown service running on the remote host.","Nessus was unable to identify a service on the remote host even though
it returned a banner of some type.","n/a","","
If you know what this service is and think the banner could be used to
identify it, please send a description of the service along with the
following output to svc-signatures@nessus.org :
Port : 4027
Type : spontaneous
Banner :
0x0000: 00 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0010: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x0020: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0030: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0040: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x0050: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0060: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x0070: 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 6D 23 13 ...3....3....m#.
0x0080: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D ='-7.9!%%=#7...m
0x0090: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x00A0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x00B0: 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 3....m#.='-7.9!%
0x00C0: 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 %=#7...m#.='-7.9
0x00D0: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x00E0: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x00F0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0100: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x0110: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x0120: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0130: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x0140: BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x0150: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x0160: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0170: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 .3.......3....m#
0x0180: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB .='-7.9!%%=#7...
0x0190: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x01A0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x01B0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x01C0: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x01D0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x01E0: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x01F0: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0200: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x0210: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x0220: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0230: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0240: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0250: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0260: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0270: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0280: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0290: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x02A0: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x02B0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x02C0: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x02D0: 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x02E0: 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 #7...m#.='-7.9!%
0x02F0: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0300: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x0310: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0320: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x0330: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x0340: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0350: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0360: 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0370: 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 =#7...m#.='-7.9!
0x0380: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x0390: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D .......3....m#.=
0x03A0: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 '-7.9!%%=#7...m#
0x03B0: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x03C0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x03D0: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x03E0: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x03F0: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 .....3....3....3
0x0400: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0410: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0420: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3.......3....m#.
0x0430: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D ='-7.9!%%=#7...m
0x0440: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0450: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0460: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0470: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0480: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0490: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x04A0: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x04B0: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 ....3....3....3.
0x04C0: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x04D0: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x04E0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D .......3....m#.=
0x04F0: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 '-7.9!%%=#7...m#
0x0500: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0510: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x0520: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x0530: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0540: 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 .....3....3.....
0x0550: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0560: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0570: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F ...3....3....3..
0x0580: 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D ..3.......m#.='-
0x0590: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x05A0: E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF ...3.......3....
0x05B0: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x05C0: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x05D0: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x05E0: 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 3.......m#.='-7.
0x05F0: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0600: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x0610: 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 ......m#.='-7.9!
0x0620: 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 %%=#7..3.......3
0x0630: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 .......3....3...
0x0640: BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0650: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0660: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0670: BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 ....3....m#.='-7
0x0680: BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 .9!%%=#7...m#.='
0x0690: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x06A0: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x06B0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x06C0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x06D0: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 ..3....3....3...
0x06E0: BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 ....m#.='-7.9!%%
0x06F0: 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F =#7..3.......3..
0x0700: 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D .....3....m#.='-
0x0710: 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 7.9!%%=#7...m#.=
0x0720: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x0730: 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D ..3.......m#.='-
0x0740: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0750: E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF ...3.......3....
0x0760: 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 3.......m#.='-7.
0x0770: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0780: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 .3.......3....3.
0x0790: 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 ...3.......m#.='
0x07A0: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x07B0: BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 ....3.......3...
0x07C0: BF 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x07D0: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x07E0: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x07F0: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x0800: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0810: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0820: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0830: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0840: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0850: 83 BF 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 ..3....m#.='-7.9
0x0860: 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 !%%=#7...m#.='-7
0x0870: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0880: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x0890: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x08A0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x08B0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x08C0: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x08D0: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x08E0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x08F0: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0900: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0910: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0920: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0930: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0940: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0950: E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF ...3....m#.='-7.
0x0960: 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 9!%%=#7...m#.='-
0x0970: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0980: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0990: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x09A0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x09B0: EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF .3....3....3....
0x09C0: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x09D0: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x09E0: BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 ....3....m#.='-7
0x09F0: BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 .9!%%=#7...m#.='
0x0A00: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0A10: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x0A20: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0A30: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x0A40: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x0A50: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0A60: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0A70: 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 33 3....3....3....3
0x0A80: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0A90: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0AA0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3.......3....m#.
0x0AB0: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB 6D ='-7.9!%%=#7...m
0x0AC0: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0AD0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0AE0: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0AF0: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0B00: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0B10: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0B20: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0B30: BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF 6D 23 ....3....3....m#
0x0B40: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 EB .='-7.9!%%=#7...
0x0B50: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0B60: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0B70: EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x0B80: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x0B90: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0BA0: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0BB0: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0BC0: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x0BD0: 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 ....3....3......
0x0BE0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0BF0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 ..3.......3.....
0x0C00: E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 ..3....m#.='-7.9
0x0C10: 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 !%%=#7...m#.='-7
0x0C20: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0C30: E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D ..3....3.......m
0x0C40: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB #.='-7.9!%%=#7..
0x0C50: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 3.......3.......
0x0C60: 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3....3.......m#.
0x0C70: 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 ='-7.9!%%=#7..3.
0x0C80: 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 ......3.......3.
0x0C90: 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0CA0: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0CB0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0CC0: EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF 39 21 .3....m#.='-7.9!
0x0CD0: 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 37 BF %%=#7...m#.='-7.
0x0CE0: 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 9!%%=#7..3......
0x0CF0: EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 .3....3.......m#
0x0D00: 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 .='-7.9!%%=#7..3
0x0D10: 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 .......3.......3
0x0D20: 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D ....3.......m#.=
0x0D30: 27 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F '-7.9!%%=#7..3..
0x0D40: 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F .....3.......3..
0x0D50: 83 BF 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 ..3....3....3...
0x0D60: BF 33 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 .3.......m#.='-7
0x0D70: BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 .9!%%=#7..3.....
0x0D80: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 6D ..3.......3....m
0x0D90: 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 E5 #.='-7.9!%%=#7..
0x0DA0: EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 .m#.='-7.9!%%=#7
0x0DB0: E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 ..3.......3....3
0x0DC0: 17 1F 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 .......m#.='-7.9
0x0DD0: 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB !%%=#7..3.......
0x0DE0: 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 3.......3....3..
0x0DF0: 83 BF E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 .....m#.='-7.9!%
0x0E00: 25 3D 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 %=#7..3.......3.
0x0E10: 1F 83 BF E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF ......3....3....
0x0E20: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0E30: E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 ..m#.='-7.9!%%=#
0x0E40: 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF 7..3.......3....
0x0E50: E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 BF ...3....m#.='-7.
0x0E60: 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 2D 9!%%=#7...m#.='-
0x0E70: 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 BF 7.9!%%=#7..3....
0x0E80: E5 E5 EB 33 17 1F 83 BF 33 17 1F 83 BF E5 E5 EB ...3....3.......
0x0E90: 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D 23 37 E5 m#.='-7.9!%%=#7.
0x0EA0: EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 BF E5 E5 .3.......3......
0x0EB0: EB 33 17 1F 83 BF 33 17 1F 83 BF 33 17 1F 83 BF .3....3....3....
0x0EC0: E5 E5 EB 6D 23 13 3D 27 2D 37 BF 39 21 25 25 3D ...m#.='-7.9!%%=
0x0ED0: 23 37 E5 EB 33 17 1F 83 BF E5 E5 EB 33 17 1F 83 #7..3.......3...
0x0EE0: BF E5 E5 EB 33 17 1F 83 BF 6D 23 13 3D 27 2D 37 ....3....m#.='-7
0x0EF0: BF 39 21 25 25 3D 23 37 E5 E5 EB 6D 23 13 3D 27 .9!%%=#7...m#.='
0x0F00: 2D 37 BF 39 21 25 25 3D 23 37 E5 EB 33 17 1F 83 -7.9!%%=#7..3...
0x0F10: BF .
","","","","","None","","","","2002/11/18","2022/07/26","","",""
"11219","","","None","11.1.65.30","tcp","53","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 53/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4001","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4001/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4002","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4002/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4003","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4003/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4004","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4004/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4005","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4005/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4006","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4006/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4007","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4007/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4008","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4008/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4009","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4009/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4010","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4010/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4011","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4011/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4012","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4012/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4013","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4013/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4014","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4014/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4015","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4015/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4016","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4016/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4017","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4017/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4018","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4018/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4019","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4019/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4020","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4020/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4021","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4021/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4022","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4022/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4023","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4023/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4024","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4024/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4025","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4025/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4026","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4026/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4027","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4027/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4028","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4028/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4029","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4029/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4030","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4030/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4031","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4031/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.30","tcp","4032","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 4032/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11936","","","None","11.1.65.30","tcp","0","OS Identification","It is possible to guess the remote operating system.","Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP,
SNMP, etc.), it is possible to guess the name of the remote operating
system in use. It is also possible sometimes to guess the version of
the operating system.","n/a","","
Remote operating system : OpenWrt
Confidence level : 90
Method : OpenWrt
The remote host is running OpenWrt","","","","","None","","","","2003/12/09","2024/10/14","","",""
"22964","","","None","11.1.65.30","tcp","53","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.30","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.30","tcp","4010","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.30","tcp","4021","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","The service closed the connection without sending any data.
It might be protected by some sort of TCP wrapper.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.30","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 200 OK
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : yes
Options allowed : (Not implemented)
Headers :
Connection: Keep-Alive
Keep-Alive: timeout=20
ETag: ""521-20c-5fac4516""
Last-Modified: Wed, 11 Nov 2020 20:09:58 GMT
Date: Wed, 07 Jun 2023 04:04:12 GMT
Content-Type: text/html
Content-Length: 524
Response Body :
<?xml version=""1.0"" encoding=""utf-8""?>
<!DOCTYPE html PUBLIC ""-//W3C//DTD XHTML 1.1//EN"" ""http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"">
<html xmlns=""http://www.w3.org/1999/xhtml"">
<head>
<meta http-equiv=""Cache-Control"" content=""no-cache, no-store, must-revalidate"" />
<meta http-equiv=""refresh"" content=""0; URL=/cgi-bin/luci/"" />
</head>
<body style=""background-color: white"">
<a style=""color: black; font-family: arial, helvetica, sans-serif;"" href=""/cgi-bin/luci/"">LuCI - Lua Configuration Interface</a>
</body>
</html>
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"45590","","","None","11.1.65.30","tcp","0","Common Platform Enumeration (CPE)","It was possible to enumerate CPE names that matched on the remote
system.","By using information obtained from a Nessus scan, this plugin reports
CPE (Common Platform Enumeration) matches for various hardware and
software products found on a host.
Note that if an official CPE is not available for the product, this
plugin computes the best possible CPE based on the information
available from the scan.","n/a","http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe","
The remote operating system matched the following CPE :
cpe:/o:openwrt:openwrt -> OpenWrt
","","","","","None","","","","2010/04/21","2024/11/22","","",""
"54615","","","None","11.1.65.30","tcp","0","Device Type","It is possible to guess the remote device type.","Based on the remote operating system, it is possible to determine
what the remote system type is (eg: a printer, router, general-purpose
computer, etc).","n/a","","Remote device type : router
Confidence level : 90
","","","","","None","","","","2011/05/23","2022/09/09","","",""
"143481","","","None","11.1.65.30","tcp","80","OpenWrt Web UI Detection.","The Web User Interface for OpenWrt was detected on the remote host.","OpenWrt web user interface detected on remote host.","n/a","","
URL : http://11.1.65.30/cgi-bin/luci
Version : unknown
","","","","","None","","","","2020/12/04","2024/11/22","","",""
"10107","","","None","11.1.65.31","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.31","tcp","443","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.31","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.064
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.31","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.31 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10863","","","None","11.1.65.31","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Common Name: HTTPS-Self-Signed-Certificate-9a748f262c82334d
Issuer Name:
Common Name: HTTPS-Self-Signed-Certificate-9a748f262c82334d
Serial Number: 00
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Oct 20 13:44:07 2021 GMT
Not Valid After: Oct 15 13:44:07 2041 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 1024 bits
Public Key: 00 B9 A7 21 7D C7 66 5A 65 1A 48 86 47 43 05 63 90 02 E3 57
CA EF 37 EE 87 99 F7 DB A3 E9 63 59 0C E8 B0 7D 56 AA 17 A1
DB C8 60 0B 46 AE 0F F1 45 54 12 D2 99 F6 B9 FA 58 28 84 D5
A3 67 02 A5 63 D1 77 1F 98 BF FF 06 01 77 25 34 8C CF C5 B6
A0 95 B1 66 E6 14 44 33 A6 6C 1D 65 59 C2 57 48 63 84 96 23
4E 28 CE 2F 08 36 69 57 EB 20 E1 4D 1F BF EE D8 B9 FC 42 73
17 66 79 99 09 12 5B 69 21
Exponent: 01 00 01
Signature Length: 128 bytes / 1024 bits
Signature: 00 59 A6 6B 0E C7 56 7C C4 9F 5F 43 54 93 9C 67 89 EA 58 54
16 9F E2 CE 28 4F 05 11 B8 B5 B8 98 46 B6 48 B4 05 40 FB 94
B0 34 A6 FC 1C 27 D4 91 C1 F0 9D E2 F8 BB C8 63 EE 9A 4D BB
06 46 66 6E 29 ED 95 6E C4 3A EA 8D 40 4A D9 92 19 10 E8 30
11 B0 BA EE 02 FD 6D 03 2F 31 A4 D8 92 C3 60 1E 0D 6A 56 75
D6 78 F6 AB 6E 03 00 25 8F 43 B6 0F E9 F8 FF BB 74 5C 38 52
47 65 ED 39 8A A2 7D 9B 1E
Extension: Basic Constraints (2.5.29.19)
Critical: 0
Fingerprints :
SHA-256 Fingerprint: 35 13 D3 7F CB 28 74 9A B3 15 20 21 40 94 06 0E 3C 8F 1D AB
67 E8 F0 54 01 04 7F 4A 82 8E A9 39
SHA-1 Fingerprint: 1E B2 03 8C DA C5 EF E3 D4 DA 93 85 50 00 EF C6 4F FB 17 60
MD5 Fingerprint: 4E 43 9F AC 3A B3 A8 2D C1 2F 96 67 9A F1 D7 9B
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIB9TCCAV6gAwIBAgIBADANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5IVFRQUy1TZWxmLVNpZ25lZC1DZXJ0aWZpY2F0ZS05YTc0OGYyNjJjODIzMzRkMB4XDTIxMTAyMDEzNDQwN1oXDTQxMTAxNTEzNDQwN1owOTE3MDUGA1UEAxMuSFRUUFMtU2VsZi1TaWduZWQtQ2VydGlmaWNhdGUtOWE3NDhmMjYyYzgyMzM0ZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuachfcdmWmUaSIZHQwVjkALjV8rvN+6Hmffbo+ljWQzosH1Wqheh28hgC0auD/FFVBLSmfa5+lgohNWjZwKlY9F3H5i//wYBdyU0jM/FtqCVsWbmFEQzpmwdZVnCV0hjhJYjTijOLwg2aVfrIOFNH7/u2Ln8QnMXZnmZCRJbaSECAwEAAaMNMAswCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOBgQBZpmsOx1Z8xJ9fQ1STnGeJ6lhUFp/izihPBRG4tbiYRrZItAVA+5SwNKb8HCfUkcHwneL4u8hj7ppNuwZGZm4p7ZVuxDrqjUBK2ZIZEOgwEbC67gL9bQMvMaTYksNgHg1qVnXWeParbgMAJY9Dtg/p+P+7dFw4Ukdl7TmKon2bHg==
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"10881","","","None","11.1.65.31","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"11219","","","None","11.1.65.31","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.31","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.31","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"21643","","","None","11.1.65.31","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
SSL Version : TLSv11
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
SSL Version : TLSv1
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.31","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.31","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.31","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.31","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.31","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:37:22 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.31","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:37:30 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"26928","","4.3","Medium","11.1.65.31","tcp","443","SSL Weak Cipher Suites Supported","The remote service supports the use of weak SSL ciphers.","The remote host supports the use of SSL ciphers that offer weak
encryption.
Note: This is considerably easier to exploit if the attacker is on the
same physical network.","Reconfigure the affected application, if possible to avoid the use of
weak ciphers.","http://www.nessus.org/u?6527892d","
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","5.3","","","Medium","","CWE:326;CWE:327;CWE:720;CWE:753;CWE:803;CWE:928;CWE:934","","2007/10/08","2021/02/03","","",""
"42873","CVE-2016-2183","5.0","Medium","11.1.65.31","tcp","443","SSL Medium Strength Cipher Suites Supported (SWEET32)","The remote service supports the use of medium strength SSL ciphers.","The remote host supports the use of SSL ciphers that offer medium
strength encryption. Nessus regards medium strength as any encryption
that uses key lengths at least 64 bits and less than 112 bits, or
else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength
encryption if the attacker is on the same physical network.","Reconfigure the affected application if possible to avoid use of
medium strength ciphers.","https://www.openssl.org/blog/blog/2016/08/24/sweet32/
https://sweet32.info","
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","7.5","","","Medium","","","","2009/11/23","2021/02/03","","",""
"50845","","","None","11.1.65.31","tcp","443","OpenSSL Detection","The remote service appears to use OpenSSL to encrypt traffic.","Based on its response to a TLS request with a specially crafted
server name extension, it seems that the remote service is using the
OpenSSL library to encrypt traffic.
Note that this plugin can only detect OpenSSL implementations that
have enabled support for TLS extensions (RFC 4366).","n/a","https://www.openssl.org/","","","","","","None","","","","2010/11/30","2020/06/12","","",""
"51192","","6.4","Medium","11.1.65.31","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : CN=HTTPS-Self-Signed-Certificate-9a748f262c82334d
|-Issuer : CN=HTTPS-Self-Signed-Certificate-9a748f262c82334d
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.31","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.0/TLSv1.1/TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.31","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.31","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : CN=HTTPS-Self-Signed-Certificate-9a748f262c82334d
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"69551","","","Low","11.1.65.31","tcp","443","SSL Certificate Chain Contains RSA Keys Less Than 2048 bits","The X.509 certificate chain used by this service contains certificates
with RSA keys shorter than 2048 bits.","At least one of the X.509 certificates sent by the remote host has a
key that is shorter than 2048 bits. According to industry standards
set by the Certification Authority/Browser (CA/B) Forum, certificates
issued after January 1, 2014 must be at least 2048 bits.
Some browser SSL implementations may reject keys less than 2048 bits
after January 1, 2014. Additionally, some SSL certificate vendors may
revoke certificates less than 2048 bits before January 1, 2014.
Note that Nessus will not flag root certificates with RSA keys less
than 2048 bits if they were issued prior to December 31, 2010, as the
standard considers them exempt.","Replace the certificate in the chain with the RSA key less than 2048
bits in length with a longer key, and reissue any certificates signed
by the old certificate.","https://www.cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf","
The following certificates were part of the certificate chain
sent by the remote host, but contain RSA keys that are considered
to be weak :
|-Subject : CN=HTTPS-Self-Signed-Certificate-9a748f262c82334d
|-RSA Key Length : 1024 bits
","","","","","Low","","","","2013/09/03","2018/11/15","","",""
"70544","","","None","11.1.65.31","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"81606","CVE-2015-0204","4.3","Medium","11.1.65.31","tcp","443","SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK)","The remote host supports a set of weak ciphers.","The remote host supports EXPORT_RSA cipher suites with keys less than
or equal to 512 bits. An attacker can factor a 512-bit RSA modulus in
a short amount of time.
A man-in-the middle attacker may be able to downgrade the session to
use EXPORT_RSA cipher suites (e.g. CVE-2015-0204). Thus, it is
recommended to remove support for weak cipher suites.","Reconfigure the service to remove support for EXPORT_RSA cipher
suites.","https://www.smacktls.com/#freak
https://www.openssl.org/news/secadv/20150108.txt
http://www.nessus.org/u?b78da2c4","
EXPORT_RSA cipher suites supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","3.2","","Medium","71936","CERT:243585","","2015/03/04","2021/02/03","","",""
"84502","","","None","11.1.65.31","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 301 Moved Permanently
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:36:58 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"104743","","6.1","Medium","11.1.65.31","tcp","443","TLS Version 1.0 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a
number of cryptographic design flaws. Modern implementations of TLS 1.0
mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are
designed against these flaws and should be used whenever possible.
As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30,
2018, except for POS POI terminals (and the SSL/TLS termination
points to which they connect) that can be verified as not being
susceptible to any known exploits.","Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00","TLSv1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2017/11/22","2023/04/19","","",""
"121010","","","None","11.1.65.31","tcp","443","TLS Version 1.1 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1.
TLS 1.1 lacks support for current and recommended cipher suites.
Ciphers that support encryption before MAC computation, and
authenticated encryption modes such as GCM cannot be used with
TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","","","","None","","CWE:327","","2019/01/08","2023/04/19","","",""
"136318","","","None","11.1.65.31","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"149334","","","None","11.1.65.31","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.31","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"157288","","6.1","Medium","11.1.65.31","tcp","443","TLS Version 1.1 Deprecated Protocol","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended
cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM
cannot be used with TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major
web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://datatracker.ietf.org/doc/html/rfc8996
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2022/04/04","2024/05/14","","",""
"10107","","","None","11.1.65.32","tcp","80","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10107","","","None","11.1.65.32","tcp","443","HTTP Server Type and Version","A web server is running on the remote host.","This plugin attempts to determine the type and the version of the
remote web server.","n/a","","The remote web server type is :
HTTPD","","","","","None","","IAVT:0001-T-0931","","2000/01/04","2020/10/30","","",""
"10267","","","None","11.1.65.32","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.064
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.32","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.32 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10863","","","None","11.1.65.32","tcp","443","SSL Certificate Information","This plugin displays the SSL certificate.","This plugin connects to every SSL-related port and attempts to
extract and dump the X.509 certificate.","n/a","","Subject Name:
Common Name: HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
Issuer Name:
Common Name: HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
Serial Number: 00
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Oct 20 08:46:39 2021 GMT
Not Valid After: Oct 15 08:46:39 2041 GMT
Public Key Info:
Algorithm: RSA Encryption
Key Length: 1024 bits
Public Key: 00 AB 32 A8 0D 10 C1 FE 35 B8 5F E8 F2 7C AD 61 FF FA 95 99
9B E8 59 73 3D 6C A0 54 F9 23 5D DF 55 02 6D 06 53 10 DB 83
56 97 3D 68 FA 59 53 5E 1B E7 E6 DB D8 BB 17 C0 2E 58 5A E5
59 DF D2 0D F9 7A A3 5F B6 11 C6 F5 0F DF 13 55 7B AA 72 BD
D6 3F BF 2B E7 07 9E C9 4E 03 40 C7 6B FC 62 A8 01 3E B5 E1
56 E8 27 BD C7 EE F2 27 4D 98 57 BE A4 8E A3 44 07 CF 96 E7
C5 6E CC A5 B3 F0 0E 34 87
Exponent: 01 00 01
Signature Length: 128 bytes / 1024 bits
Signature: 00 1B 21 B7 6B 2E 50 52 FE 35 FF F2 C6 AA 91 8A B1 77 44 B4
99 33 1B F8 25 09 80 F7 90 7B 5A 5C A6 8B B0 E5 F9 59 89 C4
C9 DA 06 2D 4A 4D 11 DD 75 07 24 3B 1F 32 E5 8E C5 EF F8 B8
8B 5B 6D 26 58 06 45 9E 7C AD 05 36 BD BC B8 33 19 2D 6A C6
3A 9C 0A C4 FD 40 72 70 26 DC 7A EF 6E 6D AE 0A BF AA 03 21
B1 F4 C6 3E F3 53 64 AC 33 51 8F 09 0C D5 1B 43 36 8B 08 9F
BC B3 83 4E 8D E8 86 3E 4B
Extension: Basic Constraints (2.5.29.19)
Critical: 0
Fingerprints :
SHA-256 Fingerprint: 1E 5D 06 03 61 B4 02 78 56 BC ED B5 A0 81 1F 08 95 49 DB CE
1E 4A BB 1D 55 6E C4 7C D5 CE ED E2
SHA-1 Fingerprint: 2D A2 2F 57 E4 C5 58 87 37 1A 1B 8C F1 D0 95 7D 63 EB 1B 82
MD5 Fingerprint: B6 36 EC 8D 9B B5 E2 60 CD BC 62 C5 CB 5C 0F D1
PEM certificate :
-----BEGIN CERTIFICATE-----
MIIB9TCCAV6gAwIBAgIBADANBgkqhkiG9w0BAQsFADA5MTcwNQYDVQQDEy5IVFRQUy1TZWxmLVNpZ25lZC1DZXJ0aWZpY2F0ZS0xZDM0MjEzNzZlMGUzMmQ3MB4XDTIxMTAyMDA4NDYzOVoXDTQxMTAxNTA4NDYzOVowOTE3MDUGA1UEAxMuSFRUUFMtU2VsZi1TaWduZWQtQ2VydGlmaWNhdGUtMWQzNDIxMzc2ZTBlMzJkNzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqzKoDRDB/jW4X+jyfK1h//qVmZvoWXM9bKBU+SNd31UCbQZTENuDVpc9aPpZU14b5+bb2LsXwC5YWuVZ39IN+XqjX7YRxvUP3xNVe6pyvdY/vyvnB57JTgNAx2v8YqgBPrXhVugnvcfu8idNmFe+pI6jRAfPlufFbsyls/AONIcCAwEAAaMNMAswCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOBgQAbIbdrLlBS/jX/8saqkYqxd0S0mTMb+CUJgPeQe1pcpouw5flZicTJ2gYtSk0R3XUHJDsfMuWOxe/4uItbbSZYBkWefK0FNr28uDMZLWrGOpwKxP1AcnAm3Hrvbm2uCr+qAyGx9MY+81NkrDNRjwkM1RtDNosIn7yzg06N6IY+Sw==
-----END CERTIFICATE-----","","","","","None","","","","2008/05/19","2021/02/03","","",""
"11219","","","None","11.1.65.32","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.32","tcp","80","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 80/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"11219","","","None","11.1.65.32","tcp","443","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 443/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"21643","","","None","11.1.65.32","tcp","443","SSL Cipher Suites Supported","The remote service encrypts communications using SSL.","This plugin detects which SSL ciphers are supported by the remote
service for encrypting communications.","n/a","https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
http://www.nessus.org/u?e17ffced","
Here is the list of SSL ciphers supported by the remote server :
Each group is reported per SSL Version.
SSL Version : TLSv12
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
SSL Version : TLSv11
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
SSL Version : TLSv1
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2006/06/05","2024/09/11","","",""
"22964","","","None","11.1.65.32","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.32","tcp","80","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.32","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A TLSv1 server answered on this port.
","","","","","None","","","","2007/08/19","2024/03/26","","",""
"22964","","","None","11.1.65.32","tcp","443","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","A web server is running on this port through TLSv1.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"24260","","","None","11.1.65.32","tcp","80","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : no
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:40:36 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"24260","","","None","11.1.65.32","tcp","443","HyperText Transfer Protocol (HTTP) Information","Some information about the remote HTTP configuration can be extracted.","This test gives some information about the remote HTTP protocol - the
version used, whether HTTP Keep-Alive is enabled, etc...
This test is informational only and does not denote any security
problem.","n/a","","
Response Code : HTTP/1.1 301 Moved Permanently
Protocol version : HTTP/1.1
HTTP/2 TLS Support: No
HTTP/2 Cleartext Support: No
SSL : yes
Keep-Alive : no
Options allowed : (Not implemented)
Headers :
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:40:44 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
Response Body :
","","","","","None","","","","2007/01/30","2024/02/26","","",""
"26928","","4.3","Medium","11.1.65.32","tcp","443","SSL Weak Cipher Suites Supported","The remote service supports the use of weak SSL ciphers.","The remote host supports the use of SSL ciphers that offer weak
encryption.
Note: This is considerably easier to exploit if the attacker is on the
same physical network.","Reconfigure the affected application, if possible to avoid the use of
weak ciphers.","http://www.nessus.org/u?6527892d","
Here is the list of weak SSL ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","5.3","","","Medium","","CWE:326;CWE:327;CWE:720;CWE:753;CWE:803;CWE:928;CWE:934","","2007/10/08","2021/02/03","","",""
"42873","CVE-2016-2183","5.0","Medium","11.1.65.32","tcp","443","SSL Medium Strength Cipher Suites Supported (SWEET32)","The remote service supports the use of medium strength SSL ciphers.","The remote host supports the use of SSL ciphers that offer medium
strength encryption. Nessus regards medium strength as any encryption
that uses key lengths at least 64 bits and less than 112 bits, or
else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength
encryption if the attacker is on the same physical network.","Reconfigure the affected application if possible to avoid use of
medium strength ciphers.","https://www.openssl.org/blog/blog/2016/08/24/sweet32/
https://sweet32.info","
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","7.5","","","Medium","","","","2009/11/23","2021/02/03","","",""
"50845","","","None","11.1.65.32","tcp","443","OpenSSL Detection","The remote service appears to use OpenSSL to encrypt traffic.","Based on its response to a TLS request with a specially crafted
server name extension, it seems that the remote service is using the
OpenSSL library to encrypt traffic.
Note that this plugin can only detect OpenSSL implementations that
have enabled support for TLS extensions (RFC 4366).","n/a","https://www.openssl.org/","","","","","","None","","","","2010/11/30","2020/06/12","","",""
"51192","","6.4","Medium","11.1.65.32","tcp","443","SSL Certificate Cannot Be Trusted","The SSL certificate for this service cannot be trusted.","The server's X.509 certificate cannot be trusted. This situation can
occur in three different ways, in which the chain of trust can be
broken, as stated below :
- First, the top of the certificate chain sent by the
server might not be descended from a known public
certificate authority. This can occur either when the
top of the chain is an unrecognized, self-signed
certificate, or when intermediate certificates are
missing that would connect the top of the certificate
chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate
that is not valid at the time of the scan. This can
occur either when the scan occurs before one of the
certificate's 'notBefore' dates, or after one of the
certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature
that either didn't match the certificate's information
or could not be verified. Bad signatures can be fixed by
getting the certificate with the bad signature to be
re-signed by its issuer. Signatures that could not be
verified are the result of the certificate's issuer
using a signing algorithm that Nessus either does not
support or does not recognize.
If the remote host is a public host in production, any break in the
chain makes it more difficult for users to verify the authenticity and
identity of the web server. This could make it easier to carry out
man-in-the-middle attacks against the remote host.","Purchase or generate a proper SSL certificate for this service.","https://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509","
The following certificate was at the top of the certificate
chain sent by the remote host, but it is signed by an unknown
certificate authority :
|-Subject : CN=HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
|-Issuer : CN=HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
","","6.5","","","Medium","","","","2010/12/15","2020/04/27","","",""
"56984","","","None","11.1.65.32","tcp","443","SSL / TLS Versions Supported","The remote service encrypts communications.","This plugin detects which SSL and TLS versions are supported by the
remote service for encrypting communications.","n/a","","
This port supports TLSv1.0/TLSv1.1/TLSv1.2.
","","","","","None","","","","2011/12/01","2023/07/10","","",""
"57041","","","None","11.1.65.32","tcp","443","SSL Perfect Forward Secrecy Cipher Suites Supported","The remote service supports the use of SSL Perfect Forward Secrecy
ciphers, which maintain confidentiality even if the key is stolen.","The remote host supports the use of SSL ciphers that offer Perfect
Forward Secrecy (PFS) encryption. These cipher suites ensure that
recorded SSL traffic cannot be broken at a future date if the server's
private key is compromised.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
https://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
https://en.wikipedia.org/wiki/Perfect_forward_secrecy","
Here is the list of SSL PFS ciphers supported by the remote server :
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
ECDHE-RSA-AES128-SHA256 0xC0, 0x2F ECDH RSA AES-GCM(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x30 ECDH RSA AES-GCM(256) SHA384
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2011/12/07","2021/03/09","","",""
"57582","","6.4","Medium","11.1.65.32","tcp","443","SSL Self-Signed Certificate","The SSL certificate chain for this service ends in an unrecognized
self-signed certificate.","The X.509 certificate chain for this service is not signed by a
recognized certificate authority. If the remote host is a public host
in production, this nullifies the use of SSL as anyone could establish
a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end
in a certificate that is not self-signed, but is signed by an
unrecognized certificate authority.","Purchase or generate a proper SSL certificate for this service.","","
The following certificate was found at the top of the certificate
chain sent by the remote host, but is self-signed and was not
found in the list of known certificate authorities :
|-Subject : CN=HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
","","6.5","","","Medium","","","","2012/01/17","2022/06/14","","",""
"69551","","","Low","11.1.65.32","tcp","443","SSL Certificate Chain Contains RSA Keys Less Than 2048 bits","The X.509 certificate chain used by this service contains certificates
with RSA keys shorter than 2048 bits.","At least one of the X.509 certificates sent by the remote host has a
key that is shorter than 2048 bits. According to industry standards
set by the Certification Authority/Browser (CA/B) Forum, certificates
issued after January 1, 2014 must be at least 2048 bits.
Some browser SSL implementations may reject keys less than 2048 bits
after January 1, 2014. Additionally, some SSL certificate vendors may
revoke certificates less than 2048 bits before January 1, 2014.
Note that Nessus will not flag root certificates with RSA keys less
than 2048 bits if they were issued prior to December 31, 2010, as the
standard considers them exempt.","Replace the certificate in the chain with the RSA key less than 2048
bits in length with a longer key, and reissue any certificates signed
by the old certificate.","https://www.cabforum.org/wp-content/uploads/Baseline_Requirements_V1.pdf","
The following certificates were part of the certificate chain
sent by the remote host, but contain RSA keys that are considered
to be weak :
|-Subject : CN=HTTPS-Self-Signed-Certificate-1d3421376e0e32d7
|-RSA Key Length : 1024 bits
","","","","","Low","","","","2013/09/03","2018/11/15","","",""
"70544","","","None","11.1.65.32","tcp","443","SSL Cipher Block Chaining Cipher Suites Supported","The remote service supports the use of SSL Cipher Block Chaining
ciphers, which combine previous blocks with subsequent ones.","The remote host supports the use of SSL ciphers that operate in Cipher
Block Chaining (CBC) mode. These cipher suites offer additional
security over Electronic Codebook (ECB) mode, but have the potential to
leak information if used improperly.","n/a","https://www.openssl.org/docs/manmaster/man1/ciphers.html
http://www.nessus.org/u?cc4a822a
https://www.openssl.org/~bodo/tls-cbc.txt","
Here is the list of SSL CBC ciphers supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2013/10/22","2021/02/03","","",""
"81606","CVE-2015-0204","4.3","Medium","11.1.65.32","tcp","443","SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK)","The remote host supports a set of weak ciphers.","The remote host supports EXPORT_RSA cipher suites with keys less than
or equal to 512 bits. An attacker can factor a 512-bit RSA modulus in
a short amount of time.
A man-in-the middle attacker may be able to downgrade the session to
use EXPORT_RSA cipher suites (e.g. CVE-2015-0204). Thus, it is
recommended to remove support for weak cipher suites.","Reconfigure the service to remove support for EXPORT_RSA cipher
suites.","https://www.smacktls.com/#freak
https://www.openssl.org/news/secadv/20150108.txt
http://www.nessus.org/u?b78da2c4","
EXPORT_RSA cipher suites supported by the remote server :
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","3.2","","Medium","71936","CERT:243585","","2015/03/04","2021/02/03","","",""
"84502","","","None","11.1.65.32","tcp","443","HSTS Missing From HTTPS Server","The remote web server is not enforcing HSTS.","The remote HTTPS server is not enforcing HTTP Strict Transport Security (HSTS).
HSTS is an optional response header that can be configured on the server to instruct
the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks,
SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.","Configure the remote web server to use HSTS.","https://tools.ietf.org/html/rfc6797","
HTTP/1.1 301 Moved Permanently
Location: /web/index.html
Content-Length: 0
Server: HTTPD
Date: Fri, 28 Feb 2025 01:39:41 GMT
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode-block
X-Content-Type-Options: nosniff
The remote HTTPS server does not send the HTTP
""Strict-Transport-Security"" header.
","","","","","None","","","","2015/07/02","2024/08/09","","",""
"104743","","6.1","Medium","11.1.65.32","tcp","443","TLS Version 1.0 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.0. TLS 1.0 has a
number of cryptographic design flaws. Modern implementations of TLS 1.0
mitigate these problems, but newer versions of TLS like 1.2 and 1.3 are
designed against these flaws and should be used whenever possible.
As of March 31, 2020, Endpoints that aren’t enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.
PCI DSS v3.2 requires that TLS 1.0 be disabled entirely by June 30,
2018, except for POS POI terminals (and the SSL/TLS termination
points to which they connect) that can be verified as not being
susceptible to any known exploits.","Enable support for TLS 1.2 and 1.3, and disable support for TLS 1.0.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00","TLSv1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2017/11/22","2023/04/19","","",""
"121010","","","None","11.1.65.32","tcp","443","TLS Version 1.1 Protocol Detection","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1.
TLS 1.1 lacks support for current and recommended cipher suites.
Ciphers that support encryption before MAC computation, and
authenticated encryption modes such as GCM cannot be used with
TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2
and higher will no longer function properly with major web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-00
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","","","","None","","CWE:327","","2019/01/08","2023/04/19","","",""
"136318","","","None","11.1.65.32","tcp","443","TLS Version 1.2 Protocol Detection","The remote service encrypts traffic using a version of TLS.","The remote service accepts connections encrypted using TLS 1.2.","N/A","https://tools.ietf.org/html/rfc5246","TLSv1.2 is enabled and the server supports at least one cipher.","","","","","None","","","","2020/05/04","2020/05/04","","",""
"149334","","","None","11.1.65.32","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"156899","","","None","11.1.65.32","tcp","443","SSL/TLS Recommended Cipher Suites","The remote host advertises discouraged SSL/TLS ciphers.","The remote host has open SSL/TLS ports which advertise discouraged cipher suites. It is recommended to only enable
support for the following cipher suites:
TLSv1.3:
- 0x13,0x01 TLS13_AES_128_GCM_SHA256
- 0x13,0x02 TLS13_AES_256_GCM_SHA384
- 0x13,0x03 TLS13_CHACHA20_POLY1305_SHA256
TLSv1.2:
- 0xC0,0x2B ECDHE-ECDSA-AES128-GCM-SHA256
- 0xC0,0x2F ECDHE-RSA-AES128-GCM-SHA256
- 0xC0,0x2C ECDHE-ECDSA-AES256-GCM-SHA384
- 0xC0,0x30 ECDHE-RSA-AES256-GCM-SHA384
- 0xCC,0xA9 ECDHE-ECDSA-CHACHA20-POLY1305
- 0xCC,0xA8 ECDHE-RSA-CHACHA20-POLY1305
This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with
nearly every client released in the last five (or more) years.","Only enable support for recommened cipher suites.","https://wiki.mozilla.org/Security/Server_Side_TLS
https://ssl-config.mozilla.org/","The remote host has listening SSL/TLS ports which advertise the discouraged cipher suites outlined below:
Low Strength Ciphers (<= 64-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
EXP-DES-CBC-SHA 0x00, 0x08 RSA(512) RSA DES-CBC(40) SHA1 export
EXP-RC2-CBC-MD5 0x00, 0x06 RSA(512) RSA RC2-CBC(40) MD5 export
DES-CBC-SHA 0x00, 0x09 RSA RSA DES-CBC(56) SHA1
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
DES-CBC3-SHA 0x00, 0x0A RSA RSA 3DES-CBC(168) SHA1
High Strength Ciphers (>= 112-bit key)
Name Code KEX Auth Encryption MAC
---------------------- ---------- --- ---- --------------------- ---
AES128-SHA 0x00, 0x2F RSA RSA AES-CBC(128) SHA1
AES256-SHA 0x00, 0x35 RSA RSA AES-CBC(256) SHA1
ECDHE-RSA-AES128-SHA256 0xC0, 0x27 ECDH RSA AES-CBC(128) SHA256
ECDHE-RSA-AES256-SHA384 0xC0, 0x28 ECDH RSA AES-CBC(256) SHA384
RSA-AES128-SHA256 0x00, 0x3C RSA RSA AES-CBC(128) SHA256
RSA-AES256-SHA256 0x00, 0x3D RSA RSA AES-CBC(256) SHA256
The fields above are :
{Tenable ciphername}
{Cipher ID code}
Kex={key exchange}
Auth={authentication}
Encrypt={symmetric encryption method}
MAC={message authentication code}
{export flag}
","","","","","None","","","","2022/01/20","2024/02/12","","",""
"157288","","6.1","Medium","11.1.65.32","tcp","443","TLS Version 1.1 Deprecated Protocol","The remote service encrypts traffic using an older version of TLS.","The remote service accepts connections encrypted using TLS 1.1. TLS 1.1 lacks support for current and recommended
cipher suites. Ciphers that support encryption before MAC computation, and authenticated encryption modes such as GCM
cannot be used with TLS 1.1
As of March 31, 2020, Endpoints that are not enabled for TLS 1.2 and higher will no longer function properly with major
web browsers and major vendors.","Enable support for TLS 1.2 and/or 1.3, and disable support for TLS 1.1.","https://datatracker.ietf.org/doc/html/rfc8996
http://www.nessus.org/u?c8ae820d","TLSv1.1 is enabled and the server supports at least one cipher.","","6.5","","","Medium","","CWE:327","","2022/04/04","2024/05/14","","",""
"10287","","","None","11.1.65.33","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.33 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.34","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.34 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.35","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.35 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.36","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.36 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.37","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.37 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.38","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.38 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.39","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.39 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.4","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.4","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.4 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.4","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.4","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.4","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.4","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.4","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.4","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.698, rootdisp=2.342, refid=11.1.80.193,
reftime=0xeb6ae353.32bd2511, clock=0xeb6ae373.53dea1c5, peer=649, tc=6,
mintc=3, offset=-0.033, frequency=4.430, sys_jitter=0.042,
clk_jitter=0.008, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.4","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.40","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.40 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.41","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.41 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.42","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.42 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.43","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.43 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.44","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.44 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.45","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.45 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.46","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.46 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.47","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.47 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.48","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.48 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.49","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.49 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.5","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.5","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.5 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.5","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.5","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.5","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.5","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.5","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.5","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.731, rootdisp=3.405, refid=11.1.80.193,
reftime=0xeb6ae639.3041846e, clock=0xeb6ae65e.cac3da57, peer=55927,
tc=6, mintc=3, offset=0.006, frequency=4.505, sys_jitter=0.040,
clk_jitter=0.004, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.5","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.50","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.50 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.51","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.51 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.52","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.52 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.53","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.53 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.54","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.54 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.55","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.55 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.56","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.56 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.57","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.57 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.58","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.58 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.59","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.59 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.6","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.6","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.6 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.6","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.6","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.6","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.6","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.6","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.6","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.742, rootdisp=3.642, refid=11.1.80.193,
reftime=0xeb6ae638.917971f1, clock=0xeb6ae657.bacd9431, peer=52396,
tc=6, mintc=3, offset=-0.060, frequency=6.554, sys_jitter=0.133,
clk_jitter=0.017, clk_wander=0.000'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.6","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.60","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.60 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.61","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.61 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.62","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.62 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.63","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.63 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.64","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.64 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10267","","","None","11.1.65.65","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.65","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.65 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.65","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.65","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.65","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.65","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.65","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.65","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.458, rootdisp=5.629, refid=11.1.80.193,
reftime=0xeb6b7b36.9e606958, clock=0xeb6b7b71.234d342f, peer=45703,
tc=6, mintc=3, offset=0.208, frequency=15.907, sys_jitter=0.029,
clk_jitter=0.013, clk_wander=0.001'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.65","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10267","","","None","11.1.65.66","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.66","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.66 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10884","","","None","11.1.65.66","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"10919","","","None","11.1.65.66","tcp","0","Open Port Re-check","Previously open ports are now closed.","One of several ports that were previously open are now closed or
unresponsive.
There are several possible reasons for this :
- The scan may have caused a service to freeze or stop
running.
- An administrator may have stopped a particular service
during the scanning process.
This might be an availability problem related to the following :
- A network outage has been experienced during the scan,
and the remote network cannot be reached anymore by the
scanner.
- This scanner may has been blacklisted by the system
administrator or by an automatic intrusion detection /
prevention system that detected the scan.
- The remote host is now down, either because a user
turned it off during the scan or because a select denial
of service was effective.
In any case, the audit of the remote host might be incomplete and may
need to be done again.","Steps to resolve this issue include :
- Increase checks_read_timeout and/or reduce max_checks.
- Disable any IPS during the Nessus scan","","Port 22 was detected as being open but is now unresponsive
","","","","","None","","IAVB:0001-B-0509","","2002/03/19","2023/06/20","","",""
"11219","","","None","11.1.65.66","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.66","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.66","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.66","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.521, rootdisp=3.646, refid=11.1.80.193,
reftime=0xeb6b7cae.8fe80fe1, clock=0xeb6b7cb2.f069ad67, peer=46098,
tc=6, mintc=3, offset=0.266, frequency=5.073, sys_jitter=0.016,
clk_jitter=0.010, clk_wander=0.001'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.66","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10267","","","None","11.1.65.67","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.67","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.67 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.67","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.67","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.67","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.67","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.67","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.67","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.526, rootdisp=6.339, refid=11.1.80.193,
reftime=0xeb6b7da1.e1d73ae3, clock=0xeb6b7db9.8cd31723, peer=30854,
tc=6, mintc=3, offset=0.264, frequency=4.591, sys_jitter=0.174,
clk_jitter=0.010, clk_wander=0.001'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.67","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10267","","","None","11.1.65.68","tcp","22","SSH Server Type and Version Information","An SSH server is listening on this port.","It is possible to obtain information about the remote SSH server by
sending an empty authentication request.","n/a","","
SSH version : SSH-2.0-Uniware-7.1.070
SSH supported authentication : password
","","","","","None","","IAVT:0001-T-0933","","1999/10/12","2024/07/24","","",""
"10287","","","None","11.1.65.68","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.68 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10881","","","None","11.1.65.68","tcp","22","SSH Protocol Versions Supported","A SSH server is running on the remote host.","This plugin determines the versions of the SSH protocol supported by
the remote SSH daemon.","n/a","","The remote SSH daemon supports the following versions of the
SSH protocol :
- 1.99
- 2.0
","","","","","None","","","","2002/03/06","2024/07/24","","",""
"10884","","","None","11.1.65.68","udp","123","Network Time Protocol (NTP) Server Detection","An NTP server is listening on the remote host.","An NTP server is listening on port 123. If not securely configured,
it may provide information about its version, current date, current
time, and possibly system information.","n/a","http://www.ntp.org","
An NTP service has been discovered, listening on port 123.
Version : unknown
","","","","","None","","IAVT:0001-T-0934","","2015/03/20","2021/02/24","","",""
"11219","","","None","11.1.65.68","tcp","22","Nessus SYN scanner","It is possible to determine which TCP ports are open.","This plugin is a SYN 'half-open' port scanner. It shall be reasonably
quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans
against broken services, but they might cause problems for less robust
firewalls and also leave unclosed connections on the remote target, if
the network is loaded.","Protect your target with an IP filter.","","Port 22/tcp was found to be open","","","","","None","","","","2009/02/04","2024/05/20","","",""
"22964","","","None","11.1.65.68","tcp","22","Service Detection","The remote service could be identified.","Nessus was able to identify the remote service by its banner or by
looking at the error message it sends when it receives an HTTP
request.","n/a","","An SSH server is running on this port.","","","","","None","","","","2007/08/19","2024/03/26","","",""
"50350","","","None","11.1.65.68","tcp","0","OS Identification Failed","It was not possible to determine the remote operating system.","Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP,
etc), it was possible to gather one or more fingerprints from the
remote system. Unfortunately, though, Nessus does not currently know
how to use them to identify the overall system.","n/a","","
If you think that these signatures would help us improve OS fingerprinting,
please submit them by visiting https://www.tenable.com/research/submitsignatures.
NTP:!:/
SSH:!:SSH-2.0-Uniware-7.1.070
","","","","","None","","","","2010/10/26","2024/09/30","","",""
"97861","","5.0","Medium","11.1.65.68","udp","123","Network Time Protocol (NTP) Mode 6 Scanner","The remote NTP server responds to mode 6 queries.","The remote NTP server responds to mode 6 queries. Devices that respond
to these queries have the potential to be used in NTP amplification
attacks. An unauthenticated, remote attacker could potentially exploit
this, via a specially crafted mode 6 query, to cause a reflected
denial of service condition.","Restrict NTP mode 6 queries.","https://ntpscan.shadowserver.org","
Nessus elicited the following response from the remote
host by sending an NTP mode 6 query :
'processor, system=""/"", leap=0, stratum=2, precision=-23,
rootdelay=0.509, rootdisp=3.243, refid=11.1.80.193,
reftime=0xeb6b7e00.ce5e394f, clock=0xeb6b7e12.ea262ca4, peer=52326,
tc=6, mintc=3, offset=0.250, frequency=4.351, sys_jitter=0.052,
clk_jitter=0.008, clk_wander=0.001'","","5.8","","","Medium","","","","2017/03/21","2018/05/07","","",""
"149334","","","None","11.1.65.68","tcp","22","SSH Password Authentication Accepted","The SSH server on the remote host accepts password authentication.","The SSH server on the remote host accepts password authentication.","n/a","https://tools.ietf.org/html/rfc4252#section-8","","","","","","None","","","","2021/05/07","2021/05/07","","",""
"10287","","","None","11.1.65.69","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.69 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.7","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.7 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.70","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.70 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.71","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.71 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.72","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.72 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.73","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.73 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.8","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.8 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""
"10287","","","None","11.1.65.9","udp","0","Traceroute Information","It was possible to obtain traceroute information.","Makes a traceroute to the remote host.","n/a","","For your information, here is the traceroute from 11.1.2.201 to 11.1.65.9 :
11.1.2.201
ttl was greater than 50 - Completing Traceroute.
?
Hop Count: 1
An error was detected along the way.
","","","","","None","","","","1999/11/27","2023/12/04","","",""