Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
411412413414415416417418419420
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
414
Signature ID: 10155
Delta UPS Daemon Detection
Threat Level: Information
Nessus: 10876
Signature Description: The Delta UPS Daemon shows sensitive information, including OS type and version, internal
network addresses, internal numbers used for pager and encrypted password etc. It is recommanded to turn-off this
service
Signature ID: 10159
Access with Sun JavaServer Default Admin Password
Threat Level: Warning
Industry ID: CVE-1999-0508 CVE-1999-0508 Nessus: 10995,10747
Signature Description: Sun JavaServer server has the default username and password of admin. An attacker can use
this to gain complete control over the web server configuration and possibly execute commands. There has been an
attempt to access server with this password. Set the password value to complex one to disable this issue.
Signature ID: 10164
Access to Systat service
Threat Level: Information
Industry ID: CVE-1999-0637
Signature Description: The "systat" command provides information about the current utilization of resources on a Unix
system. Some operating systems are distributed with an Internet gateway to the "systat" command, allowing arbitrary
entities on the Internet to gather information. It is safe to disable this service for outside access.
Signature ID: 10166
Access to Ascend Administrative interface
Threat Level: Information
Signature Description: Ascend/Lucent provides networking equipment like IP routers and multi-protocol bridges which
connect over ISDN (switched-56 and frame relay, also). Recent versions of Ascend's access server add an option for
remote administration via TCP port 150, which could be used to gather sensitive information.
Signature ID: 10167
HP Printer is Running
Threat Level: Information
Industry ID: CVE-1999-1062 CVE-1999-0564 CVE-1999-1061 Nessus: 10104
Signature Description: HP printers, that are configured for remote network printing over IP, listen for requests on port
9099 and 9100. Unauthorized clients can send raw postscript files to these ports and cause their contents to be printed,
regardless of the permissions set. This is a threat, because an attacker may connect to this printer, force it to print pages
of garbage, and make it run out of resources.
Signature ID: 10173
UUCP Service is Running
Threat Level: Information
Signature Description: UUCP service is used to transfer data over TCP, especially when transferring large amount of
data such as Usenet news. It can also be used by ISP to queue outgoing mails. Many network connected systems are
shipped with the UUCP service enabled by default. This may open up potential security problems, as in the past many
vulnerabilities are reported in this service.