Report de 72.55.148.11<br><br>Porta 6669<br>Reported by NVT "Trojan horses" (1.3.6.1.4.1.25623.1.0.11157):<br><br>An unknown service runs on this port.<br>It is sometimes opened by this/these Trojan horse(s):<br>
Host Control<br> Vampire<br><br>Unless you know for sure what is behind it, you'd better<br>check your system<br><br>*** Anyway, don't panic, Nessus only found an open port. It may<br>*** have been dynamically allocated to some service (RPC...)<br>
<br>Solution: if a trojan horse is running, run a good antivirus scanner<br>Risk factor : Low<br><br>Porta 111<br>The RPC portmapper is running on this port.<br><br>An attacker may use it to enumerate your list<br>of RPC services. We recommend you filter traffic<br>
going to this port.<br><br>Risk factor : Low<br>CVE : CAN-1999-0632, CVE-1999-0189<br>BID : 205<br><br>Porta 22<br>Reported by NVT "SSH Server type and version" (1.3.6.1.4.1.25623.1.0.10267):<br><br>Remote SSH version : SSH-2.0-OpenSSH_4.5p1 FreeBSD-20061110<br>
<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>An ssh server is running on this port<br><br>porta 25<br>smtpscan was not able to reliably identify this server. It might be:<br>
Qmail 1.0.3<br>The fingerprint differs from these known signatures on 1 point(s)<br><br>If you known precisely what it is, please send this fingerprint<br>to <a href="mailto:smtp-signatures@nessus.org">smtp-signatures@nessus.org</a> :<br>
:250:250:250:250:250:553:553:214:252:502:502:502:502:250:250<br><br>====================================================================<br>Reported by NVT "SMTP Server type and version" (1.3.6.1.4.1.25623.1.0.10263):<br>
<br>Remote SMTP server banner :<br>220 <a href="http://mail.thewebsilo.com">mail.thewebsilo.com</a> ESMTP SPF1
<br><br><br><br>This is probably: Qmail<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>An SMTP server is running on this port<br>
Here is its banner : <br>220 <a href="http://mail.thewebsilo.com">mail.thewebsilo.com</a> ESMTP SPF1
<br><br>====================================================================<br>Reported by NVT "Identifies services like FTP, SMTP, NNTP..." (1.3.6.1.4.1.25623.1.0.14773):<br><br>A SMTP server is running on this port<br>
<br>porta 995<br>A pop3 server is running on this port<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>A TLSv1 server answered on this port<br>
<br>Porta 6667<br>An unknown service runs on this port.<br>It is sometimes opened by this/these Trojan horse(s):<br> Dark FTP<br> EGO<br> Maniac rootkit<br> Moses<br> ScheduleAgent<br> SubSeven<br> Subseven 2.1.4 DefCon 8<br>
The Thing (modified)<br> Trinity<br> WinSatan<br><br>Here is the service banner:<br>:<a href="http://irc.thewebsilo.com">irc.thewebsilo.com</a> NOTICE AUTH :*** Looking up your hostname...
<br><br><br>Unless you know for sure what is behind it, you'd better<br>check your system<br><br>*** Anyway, don't panic, Nessus only found an open port. It may<br>*** have been dynamically allocated to some service (RPC...)<br>
<br>Solution: if a trojan horse is running, run a good antivirus scanner<br>Risk factor : Low<br><br>====================================================================<br>Reported by NVT "Unknown services banners" (1.3.6.1.4.1.25623.1.0.11154):<br>
<br>An unknown server is running on this port.<br><br>Porta 6668<br>An unknown server is running on this port.<br>If you know what it is, please send this banner to the Nessus team:<br>0x00: 3A 69 72 63 2E 74 68 65 77 65 62 73 69 6C 6F 2E :irc.thewebsilo.<br>
0x10: 63 6F 6D 20 4E 4F 54 49 43 45 20 41 55 54 48 20 com NOTICE AUTH <br>0x20: 3A 2A 2A 2A 20 4C 6F 6F 6B 69 6E 67 20 75 70 20 :*** Looking up <br>0x30: 79 6F 75 72 20 68 6F 73 74 6E 61 6D 65 2E 2E 2E your hostname...<br>
0x40: 0D 0A .. <br><br>Porta 9993<br>The remote imap server banner is :<br>* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=PLAIN ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
<br>Versions and types should be omitted where possible.<br>Change the imap banner to something generic.<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br>
<br>An IMAP server is running on this port through SSL<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>A TLSv1 server answered on this port<br>
<br>Porta 143<br>The remote imap server banner is :<br>* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
<br>Versions and types should be omitted where possible.<br>Change the imap banner to something generic.<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br>
<br>An IMAP server is running on this port<br><br>porta 113<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>An identd server is running on this port<br><br><br>General UDP<br>Reported by NVT "Traceroute" (1.3.6.1.4.1.25623.1.0.10287):<br>
<br>For your information, here is the traceroute to 72.55.148.11 : <br>192.168.1.128<br>192.168.1.1<br>201.21.160.1<br>189.4.0.98<br>201.64.76.1<br>200.244.168.150<br>200.230.251.70<br>200.230.251.78<br>4.71.230.5<br>4.68.16.62<br>
4.69.134.113<br>4.69.141.5<br>4.59.176.10<br><br>porta 21<br>Remote FTP server banner :<br>220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
<br><br>====================================================================<br>Reported by NVT "Services" (1.3.6.1.4.1.25623.1.0.10330):<br><br>An FTP server is running on this port.<br>Here is its banner : <br>
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
<br><br>====================================================================<br>Reported by NVT "Identifies services like FTP, SMTP, NNTP..." (1.3.6.1.4.1.25623.1.0.14773):<br><br>A SMTP server is running on this port<br>
<br>porta 53<br>Reported by NVT "DNS Server Detection" (1.3.6.1.4.1.25623.1.0.11002):<br><br><br>A DNS server is running on this port. If you do not use it, disable it.<br><br>Risk factor : Low<br><br><br><br>QUE MACARRONADA DE SERVIÇOS<br>
<br><br>=p<br><br>