SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Soluciones de ciberseguridad Reporte técnico y recomendaciones
Lunes 8 Enero 2018 11:29:50
CONTENIDO
• Recomendaciones • Detalle de vulnerabilidades
Recomendaciones
Remediaciones sugeridas La toma de estas acciones en los cinco objetos analizados resolvería el 59% de las vulnerabilidades de la red.
Acción Vulnerabilidades Objetos
OpenSSH < 7.6: Actualizar a OpenSSH version 7.6 o mayor. 90 5
Apache 2.2.x < 2.2.34 Multiple Vulnerabilities: Actualizar a Apache version 2.2.34 o 34 1 mayor.
Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS: Actualizar a Squid version 3.5.15 / 6 1 4.0.7 o mayor. Adicionalmente, aplicar los parches distribuidos por el proveedor.
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Detalle de vulnerabilidades
97833 (3) - MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check) Synopsis The remote Windows host is affected by multiple vulnerabilities. Description The remote Windows host is affected by the following vulnerabilities :
- Multiple remote code execution vulnerabilities exist in Microsoft Server Message Block 1.0 (SMBv1) due to improper handling of certain requests. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted packet, to execute arbitrary code. (CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017- 0146, CVE-2017-0148)
- An information disclosure vulnerability exists in Microsoft Server Message Block 1.0 (SMBv1) due to improper handling of certain requests. An unauthenticated, remote attacker can exploit this, via a specially crafted packet, to disclose sensitive information. (CVE-2017-0147)
ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE, and ETERNALSYNERGY are four of multiple Equation Group vulnerabilities and exploits disclosed on 2017/04/14 by a group known as the Shadow Brokers. WannaCry / WannaCrypt is a ransomware program utilizing the ETERNALBLUE exploit, and EternalRocks is a worm that utilizes seven Equation Group vulnerabilities. Petya is a ransomware program that first utilizes CVE-2017-0199, a vulnerability in Microsoft Office, and then spreads via ETERNALBLUE. See Also
https://technet.microsoft.com/library/security/MS17-010
http://www.nessus.org/u?321523eb
http://www.nessus.org/u?7bec1941
http://www.nessus.org/u?d9f569cf
https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/
https://support.microsoft.com/en-us/kb/2696547
http://www.nessus.org/u?8dcab5e4
http://www.nessus.org/u?36fd3072
http://www.nessus.org/u?4c7e0cf3
https://github.com/stamparm/EternalRocks/
http://www.nessus.org/u?59db5b5b Solution Microsoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, 10, and 2016. Microsoft has also released emergency patches for Windows operating systems that are no longer supported, including Windows XP, 2003, and 8.
For unsupported Windows operating systems, e.g. Windows XP, Microsoft recommends that users discontinue the SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – use of SMBv1. SMBv1 lacks security features that were included in later SMB versions. SMBv1 can be disabled by following the vendor instructions provided in Microsoft KB2696547. Additionally, US-CERT recommends that users block SMB directly by blocking TCP port 445 on all network boundary devices. For SMB over the NetBIOS API, block TCP ports 137 / 139 and UDP ports 137 / 138 on all network boundary devices. Risk Factor Critical CVSS v3.0 Base Score 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS v3.0 Temporal Score 9.5 (CVSS:3.0/E:F/RL:U/RC:X) CVSS Base Score 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSS Temporal Score 9.5 (CVSS2#E:F/RL:U/RC:ND) STIG Severity I References
BID 96709
BID 96707
BID 96706
BID 96705
BID 96704
BID 96703
CVE CVE-2017-0148
CVE CVE-2017-0147
CVE CVE-2017-0146
CVE CVE-2017-0145
CVE CVE-2017-0144
CVE CVE-2017-0143
MSKB 4012598
MSKB 4013429
MSKB 4013198
MSKB 4012606
MSKB 4012217
MSKB 4012216
MSKB 4012215
MSKB 4012214
MSKB 4012213
MSKB 4012212 XREF IAVA:2017-A-0065 XREF MSFT:MS17-010 XREF EDB-ID:41987 XREF EDB-ID:41891 XREF OSVDB:155635 XREF OSVDB:155634 XREF OSVDB:155620 XREF OSVDB:153678 XREF OSVDB:153677 XREF OSVDB:153676 XREF OSVDB:153675 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
XREF OSVDB:153674 XREF OSVDB:153673 Exploitable With Core Impact (true) Metasploit (true) Plugin Information: Published: 2017/03/20, Modified: 2017/09/07 Plugin Output 192.168.1.79 (tcp/445) 192.168.1.113 (tcp/445)
192.168.1.114 (tcp/445)
53514 (2) - MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) (remote check) Synopsis Arbitrary code can be executed on the remote host through the installed Windows DNS client. Description A flaw in the way the installed Windows DNS client processes Link- local Multicast Name Resolution (LLMNR) queries can be exploited to execute arbitrary code in the context of the NetworkService account.
Note that Windows XP and 2003 do not support LLMNR and successful exploitation on those platforms requires local access and the ability to run a special application. On Windows Vista, 2008, 7, and 2008 R2, however, the issue can be exploited remotely. See Also
http://technet.microsoft.com/en-us/security/bulletin/ms11-030 Solution Microsoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2. Risk Factor Critical CVSS Base Score 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSS Temporal Score 7.8 (CVSS2#E:POC/RL:OF/RC:C) STIG Severity I References
BID 47242
CVE CVE-2011-0657
MSKB 2509553 XREF MSFT:MS11-030 XREF IAVA:2011-A-0039 XREF OSVDB:71780 Exploitable With SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Core Impact (true) Metasploit (true) Plugin Information: Published: 2011/04/21, Modified: 2017/08/30 Plugin Output 192.168.1.113 (udp/5355) 192.168.1.114 (udp/5355)
57750 (1) - Squid Unsupported Version Detection Synopsis The remote host contains an unsupported version of a caching proxy server. Description According to its self-reported version number, the installation of Squid running on the remote host is no longer supported.
Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. See Also
http://www.squid-cache.org/Versions/
http://www.nessus.org/u?b3f1e161 Solution Upgrade to a version of Squid that is currently supported. Risk Factor Critical CVSS v3.0 Base Score 10.0 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) CVSS Base Score 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) Plugin Information: Published: 2012/01/31, Modified: 2016/09/02 Plugin Output 192.168.1.39 (tcp/3128)
Source : Server: squid/3.1.23 Installed version : 3.1.23 End of support date : 2015/01/17 Announcement : http://www.nessus.org/u?b3f1e161 Supported versions : 3.5.x 93194 (3) - OpenSSH < 7.3 Multiple Vulnerabilities Synopsis The SSH server running on the remote host is affected by multiple vulnerabilities. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
According to its banner, the version of OpenSSH running on the remote host is prior to 7.3. It is, therefore, affected by multiple vulnerabilities :
- A flaw exists that is due to the program returning shorter response times for authentication requests with overly long passwords for invalid users than for valid users. This may allow a remote attacker to conduct a timing attack and enumerate valid usernames. (CVE-2016-6210)
- A denial of service vulnerability exists in the auth_password() function in auth-passwd.c due to a failure to limit password lengths for password authentication. An unauthenticated, remote attacker can exploit this, via a long string, to consume excessive CPU resources, resulting in a denial of service condition. (CVE-2016-6515)
- An unspecified flaw exists in the CBC padding oracle countermeasures that allows an unauthenticated, remote attacker to conduct a timing attack. (VulnDB 142343)
- A flaw exists due to improper operation ordering of MAC verification for Encrypt-then-MAC (EtM) mode transport MAC algorithms when verifying the MAC before decrypting any ciphertext. An unauthenticated, remote attacker can exploit this, via a timing attack, to disclose sensitive information. (VulnDB 142344)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
http://www.openssh.com/txt/release-7.3
https://marc.info/?l=openbsd-announce&m=147005433429403 Solution Upgrade to OpenSSH version 7.3 or later. Risk Factor High CVSS v3.0 Base Score 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSS v3.0 Temporal Score 6.9 (CVSS:3.0/E:F/RL:O/RC:X) CVSS Base Score 7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) CVSS Temporal Score 6.4 (CVSS2#E:F/RL:OF/RC:ND) References
BID 92212
CVE CVE-2016-6210
CVE CVE-2016-6515 XREF OSVDB:142344 XREF OSVDB:142343 XREF OSVDB:142342 XREF OSVDB:141586 Plugin Information: Published: 2016/08/29, Modified: 2016/12/07 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.3 192.168.1.72 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.2 Installed version : 7.2 Fixed version : 7.3 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.3 73079 (2) - OpenSSH < 6.6 Multiple Vulnerabilities Synopsis The SSH server on the remote host is affected by multiple vulnerabilities. Description According to its banner, the version of OpenSSH running on the remote host is prior to 6.6. It is, therefore, affected by the following vulnerabilities :
- A flaw exists due to a failure to initialize certain data structures when makefile.inc is modified to enable the J- PAKE protocol. An unauthenticated, remote attacker can exploit this to corrupt memory, resulting in a denial of service condition and potentially the execution of arbitrary code. (CVE-2014-1692)
- An error exists related to the 'AcceptEnv' configuration setting in sshd_config due to improper processing of wildcard characters. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to bypass intended environment restrictions. (CVE-2014-2532)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
http://www.openssh.com/txt/release-6.6
http://www.gossamer-threads.com/lists/openssh/dev/57663#57663 Solution Upgrade to OpenSSH version 6.6 or later. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Risk Factor High CVSS Base Score 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSS Temporal Score 6.5 (CVSS2#E:ND/RL:OF/RC:C) References
BID 66355
BID 65230
CVE CVE-2014-2532
CVE CVE-2014-1692 XREF OSVDB:104578 XREF OSVDB:102611 Plugin Information: Published: 2014/03/18, Modified: 2016/06/15 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.6 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.6 77531 (2) - Apache 2.2.x < 2.2.28 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.28. It is, therefore, affected by the following vulnerabilities :
- An flaw exists within the 'mod_headers' module which allows a remote attacker to inject arbitrary headers. This is done by placing a header in the trailer portion of data being sent using chunked transfer encoding. (CVE-2013-5704)
- An flaw exists within the 'mod_deflate' module when handling highly compressed bodies. Using a specially crafted request, a remote attacker can exploit this to cause a denial of service by exhausting memory and CPU resources. (CVE-2014-0118)
- The 'mod_status' module contains a race condition that can be triggered when handling the scoreboard. A SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – remote attacker can exploit this to cause a denial of service, execute arbitrary code, or obtain sensitive credential information. (CVE-2014-0226)
- The 'mod_cgid' module lacks a time out mechanism. Using a specially crafted request, a remote attacker can use this flaw to cause a denial of service by causing child processes to linger indefinitely, eventually filling up the scoreboard. (CVE-2014-0231)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
http://www.zerodayinitiative.com/advisories/ZDI-14-236/
https://archive.apache.org/dist/httpd/CHANGES_2.2.29
http://httpd.apache.org/security/vulnerabilities_22.html
http://martin.swende.se/blog/HTTPChunked.html Solution Upgrade to Apache version 2.2.29 or later.
Note that version 2.2.28 was never officially released. Risk Factor High CVSS Base Score 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSS Temporal Score 5.9 (CVSS2#E:POC/RL:OF/RC:C) References
BID 68745
BID 68742
BID 68678
BID 66550
CVE CVE-2014-0231
CVE CVE-2014-0226
CVE CVE-2014-0118
CVE CVE-2013-5704 XREF EDB-ID:34133 XREF OSVDB:109234 XREF OSVDB:109231 XREF OSVDB:109216 XREF OSVDB:105190 Plugin Information: Published: 2014/09/04, Modified: 2016/05/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Installed version : 2.2.15 Fixed version : 2.2.29 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.29 84638 (2) - OpenSSH < 6.9 Multiple Vulnerabilities Synopsis The SSH server running on the remote host is affected by multiple vulnerabilities. Description According to its banner, the version of OpenSSH running on the remote host is prior to 6.9. It is, therefore, affected by the following vulnerabilities :
- A flaw exists within the x11_open_helper() function in the 'channels.c' file that allows connections to be permitted after 'ForwardX11Timeout' has expired. A remote attacker can exploit this to bypass timeout checks and XSECURITY restrictions. (CVE-2015-5352)
- Various issues were addressed by fixing the weakness in agent locking by increasing the failure delay, storing the salted hash of the password, and using a timing-safe comparison function.
- An out-of-bounds read error exists when handling incorrect pattern lengths. A remote attacker can exploit this to cause a denial of service or disclose sensitive information in the memory.
- An out-of-bounds read error exists when parsing the 'EscapeChar' configuration option. See Also
http://www.openssh.com/txt/release-6.9
http://www.nessus.org/u?725c4682 Solution Upgrade to OpenSSH 6.9 or later. Risk Factor High CVSS Base Score 8.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C) CVSS Temporal Score 6.3 (CVSS2#E:U/RL:OF/RC:C) References
BID 75525
CVE CVE-2015-5352 XREF OSVDB:124019 XREF OSVDB:124008 Plugin Information: Published: 2015/07/09, Modified: 2015/07/10 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.9 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.9 85382 (2) - OpenSSH < 7.0 Multiple Vulnerabilities Synopsis The SSH server running on the remote host is affected by multiple vulnerabilities. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.0. It is, therefore, affected by the following vulnerabilities :
- A security bypass vulnerability exists in the kbdint_next_device() function in file auth2-chall.c that allows the circumvention of MaxAuthTries during keyboard-interactive authentication. A remote attacker can exploit this issue to force the same authentication method to be tried thousands of times in a single pass by using a crafted keyboard-interactive 'devices' string, thus allowing a brute-force attack or causing a denial of service. (CVE-2015- 5600)
- A security bypass vulnerability exists in sshd due to improper handling of username data in MONITOR_REQ_PAM_INIT_CTX requests. A local attacker can exploit this, by sending a MONITOR_REQ_PWNAM request, to conduct an impersonation attack. Note that this issue only affects Portable OpenSSH. (CVE-2015-6563)
- A privilege escalation vulnerability exists due to a use-after-free error in sshd that is triggered when handling a MONITOR_REQ_PAM_FREE_CTX request. A local attacker can exploit this to gain elevated privileges. Note that this issue only affects Portable OpenSSH. (CVE-2015-6564)
- A local command execution vulnerability exists in sshd due to setting insecure world-writable permissions for TTYs. A local attacker can exploit this, by injecting crafted terminal escape sequences, to execute commands for logged-in users. (CVE-2015-6565) See Also
http://www.openssh.com/txt/release-7.0 Solution Upgrade to OpenSSH 7.0 or later. Risk Factor High CVSS v3.0 Base Score SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
6.1 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H) CVSS v3.0 Temporal Score 5.6 (CVSS:3.0/E:F/RL:O/RC:X) CVSS Base Score 8.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C) CVSS Temporal Score 7.0 (CVSS2#E:F/RL:OF/RC:ND) References
BID 76497
BID 76317
BID 75990
CVE CVE-2015-6565
CVE CVE-2015-6564
CVE CVE-2015-6563
CVE CVE-2015-5600 XREF EDB-ID:41173 XREF OSVDB:126033 XREF OSVDB:126031 XREF OSVDB:126030 XREF OSVDB:124938 Plugin Information: Published: 2015/08/13, Modified: 2017/04/05 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.0 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.0 100995 (2) - Apache 2.2.x < 2.2.33-dev / 2.4.x < 2.4.26 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.33-dev or 2.4.x prior to 2.4.26. It is, therefore, affected by the following vulnerabilities :
- An authentication bypass vulnerability exists due to third-party modules using the ap_get_basic_auth_pw() function outside of the authentication phase. An unauthenticated, remote attacker can exploit this to bypass authentication requirements. (CVE-2017-3167) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
- A NULL pointer dereference flaw exists due to third-party module calls to the mod_ssl ap_hook_process_connection() function during an HTTP request to an HTTPS port. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2017-3169)
- A NULL pointer dereference flaw exists in mod_http2 that is triggered when handling a specially crafted HTTP/2 request. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. Note that this vulnerability does not affect 2.2.x. (CVE-2017-7659)
- An out-of-bounds read error exists in the ap_find_token() function due to improper handling of header sequences. An unauthenticated, remote attacker can exploit this, via a specially crafted header sequence, to cause a denial of service condition. (CVE-2017-7668)
- An out-of-bounds read error exists in mod_mime due to improper handling of Content-Type response headers. An unauthenticated, remote attacker can exploit this, via a specially crafted Content-Type response header, to cause a denial of service condition or the disclosure of sensitive information. (CVE-2017-7679)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.32
https://archive.apache.org/dist/httpd/CHANGES_2.4.26
https://httpd.apache.org/security/vulnerabilities_22.html
https://httpd.apache.org/security/vulnerabilities_24.html Solution Upgrade to Apache version 2.2.33-dev / 2.4.26 or later. Risk Factor High CVSS v3.0 Base Score 8.2 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H) CVSS v3.0 Temporal Score 7.5 (CVSS:3.0/E:F/RL:O/RC:X) CVSS Base Score 8.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C) CVSS Temporal Score 7.0 (CVSS2#E:F/RL:OF/RC:ND) References
BID 99170
BID 99137
BID 99135
BID 99134
BID 99132
CVE CVE-2017-7679
CVE CVE-2017-7668 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
CVE CVE-2017-7659
CVE CVE-2017-3169
CVE CVE-2017-3167 XREF OSVDB:159395 XREF OSVDB:159394 XREF OSVDB:159393 XREF OSVDB:159392 XREF OSVDB:159391 Plugin Information: Published: 2017/06/22, Modified: 2017/11/03 Plugin Output 192.168.1.39 (tcp/80)
Source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.33 192.168.1.39 (tcp/443)
Source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.33 101787 (2) - Apache 2.2.x < 2.2.34 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.34. It is, therefore, affected by the following vulnerabilities :
- An authentication bypass vulnerability exists in httpd due to third-party modules using the ap_get_basic_auth_pw() function outside of the authentication phase. An unauthenticated, remote attacker can exploit this to bypass authentication requirements. (CVE-2017-3167)
- A denial of service vulnerability exists in httpd due to a NULL pointer dereference flaw that is triggered when a third-party module calls the mod_ssl ap_hook_process_connection() function during an HTTP request to an HTTPS port. An unauthenticated, remote attacker can exploit this to cause a denial of service condition. (CVE-2017-3169)
- A denial of service vulnerability exists in httpd due to an out-of-bounds read error in the ap_find_token() function that is triggered when handling a specially crafted request header sequence. An unauthenticated, remote attacker can exploit this to crash the service or force ap_find_token() to return an incorrect value. (CVE-2017-7668)
- A denial of service vulnerability exists in httpd due to an out-of-bounds read error in the mod_mime that is triggered when handling a specially crafted Content-Type response header. An unauthenticated, remote attacker SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – can exploit this to disclose sensitive information or cause a denial of service condition. (CVE-2017-7679)
- A denial of service vulnerability exists in httpd due to a failure to initialize or reset the value placeholder in [Proxy-]Authorization headers of type 'Digest' before or between successive key=value assignments by mod_auth_digest. An unauthenticated, remote attacker can exploit this, by providing an initial key with no '=' assignment, to disclose sensitive information or cause a denial of service condition. (CVE-2017-9788)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.34
https://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.34 or later. Risk Factor High CVSS v3.0 Base Score 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS v3.0 Temporal Score 8.5 (CVSS:3.0/E:U/RL:O/RC:C) CVSS Base Score 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSS Temporal Score 5.5 (CVSS2#E:U/RL:OF/RC:C) STIG Severity I References
BID 99569
BID 99170
BID 99137
BID 99135
BID 99134
CVE CVE-2017-9788
CVE CVE-2017-7679
CVE CVE-2017-7668
CVE CVE-2017-3169
CVE CVE-2017-3167 XREF IAVA:2017-A-0214 XREF OSVDB:160954 XREF OSVDB:159395 XREF OSVDB:159394 XREF OSVDB:159392 XREF OSVDB:159391 Plugin Information: Published: 2017/07/18, Modified: 2017/10/09 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/80)
Source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.34 192.168.1.39 (tcp/443)
Source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.34 11580 (1) - Firewall UDP Packet Source Port 53 Ruleset Bypass Synopsis Firewall rulesets can be bypassed. Description It is possible to bypass the rules of the remote firewall by sending UDP packets with a source port equal to 53.
An attacker may use this flaw to inject UDP packets to the remote hosts, in spite of the presence of a firewall. See Also
http://seclists.org/fulldisclosure/2003/Apr/355
http://www.nessus.org/u?4368bb37 Solution Either contact the vendor for an update or review the firewall rules settings. Risk Factor High CVSS Base Score 7.5 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P) CVSS Temporal Score 7.5 (CVSS2#E:ND/RL:U/RC:ND) References
BID 11237
BID 7436
CVE CVE-2004-1473
CVE CVE-2003-1491
XREF CWE:94
XREF CWE:16 XREF OSVDB:60212 XREF OSVDB:10205 Plugin Information: Published: 2003/05/06, Modified: 2016/11/23 Plugin Output 192.168.1.114 (udp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
89080 (1) - Squid 3.x < 3.5.15 / 4.x < 4.0.7 Multiple DoS Synopsis The remote proxy server is potentially affected by multiple denial of service vulnerabilities. Description According to its banner, the version of Squid running on the remote host is 3.x prior to 3.5.15 or 4.x prior to 4.0.7. It is, therefore, potentially affected by multiple denial of service vulnerabilities :
- A flaw exists due to not properly appending data to String objects. A remote attacker can exploit this, via a crafted HTTP Vary header, to cause an assertion failure and daemon exit, resulting in a denial of service. (CVE- 2016-2569)
- A flaw exists in the Edge Side Includes (ESI) parser due to a failure to check buffer limits during XML parsing. A remote attacker can exploit this, via a crafted XML document, to cause an assertion failure and daemon exit, resulting in a denial of service. (CVE-2016-2570)
- A flaw exists in http.cc that allows the storage of certain data even after a response-parsing failure. A remote attacker can exploit this, via a malformed server response, to cause an assertion failure and daemon exit, resulting in a denial of service. CVE-2016-2571)
- A flaw exists in http.cc due to reliance on the HTTP status code even after a response-parsing failure. A remote attacker can exploit this, via a malformed server response, to cause an assertion failure and daemon exit, resulting in a denial of service. (CVE-2016-2572)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Furthermore, the patch released to address these issues does not update the version given in the banner. If the patch has been applied properly, and the service has been restarted, then consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2016_2.txt Solution Upgrade to Squid version 3.5.15 / 4.0.7 or later. Alternatively, apply the vendor-supplied patch. Risk Factor High CVSS Base Score 7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) CVSS Temporal Score 6.4 (CVSS2#E:F/RL:OF/RC:ND) References
CVE CVE-2016-2572
CVE CVE-2016-2571
CVE CVE-2016-2570
CVE CVE-2016-2569 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
XREF OSVDB:134901 XREF OSVDB:134900 Plugin Information: Published: 2016/03/02, Modified: 2016/04/29 Plugin Output 192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed versions : 3.5.15 51192 (8) - SSL Certificate Cannot Be Trusted Synopsis The SSL certificate for this service cannot be trusted. Description The server's X.509 certificate cannot be trusted. This situation can occur in three different ways, in which the chain of trust can be broken, as stated below :
- First, the top of the certificate chain sent by the server might not be descended from a known public certificate authority. This can occur either when the top of the chain is an unrecognized, self-signed certificate, or when intermediate certificates are missing that would connect the top of the certificate chain to a known public certificate authority.
- Second, the certificate chain may contain a certificate that is not valid at the time of the scan. This can occur either when the scan occurs before one of the certificate's 'notBefore' dates, or after one of the certificate's 'notAfter' dates.
- Third, the certificate chain may contain a signature that either didn't match the certificate's information or could not be verified. Bad signatures can be fixed by getting the certificate with the bad signature to be re-signed by its issuer. Signatures that could not be verified are the result of the certificate's issuer using a signing algorithm that Nessus either does not support or does not recognize.
If the remote host is a public host in production, any break in the chain makes it more difficult for users to verify the authenticity and identity of the web server. This could make it easier to carry out man-in-the-middle attacks against the remote host. See Also
http://www.itu.int/rec/T-REC-X.509/en
https://en.wikipedia.org/wiki/X.509 Solution Purchase or generate a proper certificate for this service. Risk Factor Medium CVSS v3.0 Base Score 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
CVSS Base Score 6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N) Plugin Information: Published: 2010/12/15, Modified: 2017/05/18 Plugin Output 192.168.1.39 (tcp/443)
The following certificate was part of the certificate chain sent by the remote host, but it has expired :
|-Subject : C=US/ST=Maryland/L=Baltimore/O=localhost/OU=Home/CN=dvwacentos.localhost.local |-Not After : Mar 02 21:23:17 2017 GMT
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : C=US/ST=Maryland/L=Baltimore/O=localhost/OU=Home/CN=dvwacentos.localhost.local |-Issuer : C=US/ST=Maryland/L=Baltimore/O=localhost/OU=Home/CN=dvwacentos.localhost.local 192.168.1.43 (tcp/9090)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local |-Issuer : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local 192.168.1.53 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : CN=win7x86-qa.localhost.local |-Issuer : CN=win7x86-qa.localhost.local 192.168.1.55 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority : SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
|-Subject : CN=server-2016.localhost.local |-Issuer : CN=server-2016.localhost.local 192.168.1.68 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : CN=win7patched.localhost.local |-Issuer : CN=win7patched.localhost.local 192.168.1.79 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : CN=win81hostagent2.localhost.local |-Issuer : CN=win81hostagent2.localhost.local 192.168.1.113 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : CN=2K8hostAGENT.localhost.local |-Issuer : CN=2K8hostAGENT.localhost.local 192.168.1.114 (tcp/3389)
The following certificate was at the top of the certificate chain sent by the remote host, but it is signed by an unknown certificate authority :
|-Subject : CN=win7hostagent.localhost.local |-Issuer : CN=win7hostagent.localhost.local 57582 (8) - SSL Self-Signed Certificate Synopsis The SSL certificate chain for this service ends in an unrecognized self-signed certificate. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.
Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority. Solution Purchase or generate a proper certificate for this service. Risk Factor Medium CVSS Base Score 6.4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N) Plugin Information: Published: 2012/01/17, Modified: 2016/12/14 Plugin Output 192.168.1.39 (tcp/443)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : C=US/ST=Maryland/L=Baltimore/O=localhost/OU=Home/CN=dvwacentos.localhost.local
192.168.1.43 (tcp/9090)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : O=5a4fa85e0277478f8c474a86c65f8daf/CN=fedora25.localhost.local 192.168.1.53 (tcp/3389)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=win7x86-qa.localhost.local 192.168.1.55 (tcp/3389) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=server-2016.localhost.local 192.168.1.68 (tcp/3389)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=win7patched.localhost.local 192.168.1.79 (tcp/3389)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=win81hostagent2.localhost.local 192.168.1.113 (tcp/3389)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=2K8hostAGENT.localhost.local 192.168.1.114 (tcp/3389)
The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities :
|-Subject : CN=win7hostagent.localhost.local 42873 (7) - SSL Medium Strength Cipher Suites Supported Synopsis The remote service supports the use of medium strength SSL ciphers. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The remote host supports the use of SSL ciphers that offer medium strength encryption. Nessus regards medium strength as any encryption that uses key lengths at least 64 bits and less than 112 bits, or else that uses the 3DES encryption suite.
Note that it is considerably easier to circumvent medium strength encryption if the attacker is on the same physical network. See Also
https://www.openssl.org/blog/blog/2016/08/24/sweet32/ Solution Reconfigure the affected application if possible to avoid use of medium strength ciphers. Risk Factor Medium CVSS v3.0 Base Score 5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) Plugin Information: Published: 2009/11/23, Modified: 2017/09/01 Plugin Output 192.168.1.39 (tcp/443)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.53 (tcp/3389)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.55 (tcp/3389)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.68 (tcp/3389)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.79 (tcp/3389) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag}
192.168.1.113 (tcp/3389)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.114 (tcp/3389)
Here is the list of medium strength SSL ciphers supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Mac={message authentication code} {export flag} 94437 (7) - SSL 64-bit Block Size Cipher Suites Supported (SWEET32) Synopsis The remote service supports the use of 64-bit block ciphers. Description The remote host supports the use of a block cipher with 64-bit blocks in one or more cipher suites. It is, therefore, affected by a vulnerability, known as SWEET32, due to the use of weak 64-bit block ciphers. A man-in-the-middle attacker who has sufficient resources can exploit this vulnerability, via a 'birthday' attack, to detect a collision that leaks the XOR between the fixed secret and a known plaintext, allowing the disclosure of the secret text, such as secure HTTPS cookies, and possibly resulting in the hijacking of an authenticated session.
Proof-of-concepts have shown that attackers can recover authentication cookies from an HTTPS session in as little as 30 hours.
Note that the ability to send a large number of requests over the same TLS connection between the client and server is an important requirement for carrying out this attack. If the number of requests allowed for a single connection were limited, this would mitigate the vulnerability. This plugin requires report paranoia as Nessus has not checked for such a mitigation. See Also
https://sweet32.info
https://www.openssl.org/blog/blog/2016/08/24/sweet32/ Solution Reconfigure the affected application, if possible, to avoid use of all 64-bit block ciphers. Alternatively, place limitations on the number of requests that are allowed to be processed over the same TLS connection to mitigate this vulnerability. Risk Factor Medium CVSS v3.0 Base Score 5.3 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) CVSS v3.0 Temporal Score 5.1 (CVSS:3.0/E:F/RL:X/RC:X) CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 4.8 (CVSS2#E:F/RL:ND/RC:ND) References
BID 92631
BID 92630
CVE CVE-2016-6329
CVE CVE-2016-2183 XREF OSVDB:143388 XREF OSVDB:143387 Plugin Information: Published: 2016/11/01, Modified: 2017/12/08 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/443)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.53 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.55 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.68 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.79 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.113 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.114 (tcp/3389)
List of 64-bit block cipher suites supported by the remote server :
Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 35291 (6) - SSL Certificate Signed Using Weak Hashing Algorithm Synopsis An SSL certificate in the certificate chain has been signed using a weak hash algorithm. Description The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.
Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.
Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored. See Also
https://tools.ietf.org/html/rfc3279
http://www.nessus.org/u?e120eea1
http://technet.microsoft.com/en-us/security/advisory/961509 Solution SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Contact the Certificate Authority to have the certificate reissued. Risk Factor Medium CVSS Base Score 4.0 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N) CVSS Temporal Score 3.5 (CVSS2#E:ND/RL:OF/RC:C) References
BID 33065
BID 11849
CVE CVE-2004-2761
XREF CWE:310 XREF CERT:836068 XREF OSVDB:45127 XREF OSVDB:45108 XREF OSVDB:45106 Plugin Information: Published: 2009/01/05, Modified: 2017/06/12 Plugin Output 192.168.1.39 (tcp/443)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
|-Subject : C=US/ST=Maryland/L=Baltimore/O=localhost/OU=Home/CN=dvwacentos.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Mar 02 21:23:17 2016 GMT |-Valid To : Mar 02 21:23:17 2017 GMT 192.168.1.53 (tcp/3389)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
|-Subject : CN=win7x86-qa.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Oct 14 14:57:33 2017 GMT |-Valid To : Apr 15 14:57:33 2018 GMT 192.168.1.68 (tcp/3389)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
|-Subject : CN=win7patched.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Dec 01 04:44:24 2017 GMT |-Valid To : Jun 02 04:44:24 2018 GMT 192.168.1.79 (tcp/3389)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
|-Subject : CN=win81hostagent2.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Oct 14 02:58:16 2017 GMT |-Valid To : Apr 15 02:58:16 2018 GMT 192.168.1.113 (tcp/3389)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
|-Subject : CN=2K8hostAGENT.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Oct 14 02:58:16 2017 GMT |-Valid To : Apr 15 02:58:16 2018 GMT 192.168.1.114 (tcp/3389)
The following certificates were part of the certificate chain sent by the remote host, but contain hashes that are considered to be weak.
|-Subject : CN=win7hostagent.localhost.local |-Signature Algorithm : SHA-1 With RSA Encryption |-Valid From : Oct 14 02:58:09 2017 GMT |-Valid To : Apr 15 02:58:09 2018 GMT 57608 (6) - SMB Signing Disabled Synopsis Signing is not required on the remote SMB server. Description Signing is not required on the remote SMB server. An unauthenticated, remote attacker can exploit this to conduct man-in-the-middle attacks against the SMB server. See Also
https://support.microsoft.com/en-us/kb/887429
http://technet.microsoft.com/en-us/library/cc731957.aspx
http://www.nessus.org/u?74b80723
http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
http://www.nessus.org/u?a3cac4ea Solution Enforce message signing in the host's configuration. On Windows, this is found in the policy setting 'Microsoft network server: Digitally sign communications (always)'. On Samba, the setting is called 'server signing'. See the 'see also' links for further details. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N) CVSS Temporal Score 3.7 (CVSS2#E:U/RL:OF/RC:C) Plugin Information: Published: 2012/01/19, Modified: 2016/12/09 Plugin Output
192.168.1.53 (tcp/445) 192.168.1.55 (tcp/445) 192.168.1.68 (tcp/445) 192.168.1.79 (tcp/445)
192.168.1.113 (tcp/445) 192.168.1.114 (tcp/445)
99359 (5) - OpenSSH < 7.5 Synopsis The SSH server running on the remote host is affected by an information disclosure vulnerability. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.5. It is, therefore, affected by an information disclosure vulnerability :
- An unspecified timing flaw exists in the CBC padding oracle countermeasures, within the ssh and sshd functions, that allows an unauthenticated, remote attacker to disclose potentially sensitive information. Note that the OpenSSH client disables CBC ciphers by default. However, sshd offers them as lowest-preference options, which will be removed by default in a future release. (VulnDB 144000)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
http://www.openssh.com/txt/release-7.5 Solution Upgrade to OpenSSH version 7.5 or later. Risk Factor Medium CVSS v3.0 Base Score 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS v3.0 Temporal Score 5.2 (CVSS:3.0/E:U/RL:O/RC:C) CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 3.7 (CVSS2#E:U/RL:OF/RC:C) References XREF OSVDB:144000 Plugin Information: Published: 2017/04/13, Modified: 2017/04/17 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.5 192.168.1.43 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.4 Installed version : 7.4 Fixed version : 7.5 192.168.1.72 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.2 Installed version : 7.2 Fixed version : 7.5 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.5 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.110 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.3p1 Ubuntu-1ubuntu0.1 Installed version : 7.3p1 Fixed version : 7.5 103781 (5) - OpenSSH < 7.6 Synopsis The SSH server running on the remote host is affected by a file creation restriction bypass vulnerability. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.6. It is, therefore, affected by a file creation restriction bypass vulnerability related to the 'process_open' function in the file 'sftp-server.c' that allows authenticated users to create zero-length files regardless of configuration.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
http://www.nessus.org/u?09ca048b
http://www.nessus.org/u?96a8ea52
http://www.openssh.com/txt/release-7.6 Solution Upgrade to OpenSSH version 7.6 or later. Risk Factor Medium CVSS v3.0 Base Score 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) CVSS v3.0 Temporal Score 3.8 (CVSS:3.0/E:U/RL:O/RC:C) CVSS Base Score 4.0 (CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N) CVSS Temporal Score 3.0 (CVSS2#E:U/RL:OF/RC:C) References XREF OSVDB:166706 Plugin Information: Published: 2017/10/11, Modified: 2017/10/12 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.6 192.168.1.43 (tcp/22) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Version source : SSH-2.0-OpenSSH_7.4 Installed version : 7.4 Fixed version : 7.6 192.168.1.72 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.2 Installed version : 7.2 Fixed version : 7.6 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.6 192.168.1.110 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.3p1 Ubuntu-1ubuntu0.1 Installed version : 7.3p1 Fixed version : 7.6 96151 (4) - OpenSSH < 7.4 Multiple Vulnerabilities Synopsis The SSH server running on the remote host is affected by multiple vulnerabilities. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.4. It is, therefore, affected by multiple vulnerabilities :
- A flaw exists in ssh-agent due to loading PKCS#11 modules from paths that are outside a trusted whitelist. A local attacker can exploit this, by using a crafted request to load hostile modules via agent forwarding, to execute arbitrary code. To exploit this vulnerability, the attacker would need to control the forwarded agent-socket (on the host running the sshd server) and the ability to write to the file system of the host running ssh-agent. (CVE-2016- 10009)
- A flaw exists in sshd due to creating forwarded Unix-domain sockets with 'root' privileges whenever privilege separation is disabled. A local attacker can exploit this to gain elevated privileges. (CVE-2016-10010)
- An information disclosure vulnerability exists in sshd within the realloc() function due leakage of key material to privilege-separated child processes when reading keys. A local attacker can possibly exploit this to disclose sensitive key material. Note that no such leak has been observed in practice for normal-sized keys, nor does a leak SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – to the child processes directly expose key material to unprivileged users. (CVE-2016-10011)
- A flaw exists in sshd within the shared memory manager used by pre-authenticating compression support due to a bounds check being elided by some optimizing compilers and due to the memory manager being incorrectly accessible when pre-authenticating compression is disabled. A local attacker can exploit this to gain elevated privileges. (CVE-2016-10012)
- A denial of service vulnerability exists in sshd when handling KEXINIT messages. An unauthenticated, remote attacker can exploit this, by sending multiple KEXINIT messages, to consume up to 128MB per connection. (VulnDB 148976)
- A flaw exists in sshd due to improper validation of address ranges by the AllowUser and DenyUsers directives at configuration load time. A local attacker can exploit this, via an invalid CIDR address range, to gain access to restricted areas. (VulnDB 148977)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
http://www.openssh.com/txt/release-7.4 Solution Upgrade to OpenSSH version 7.4 or later. Risk Factor Medium CVSS v3.0 Base Score 7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) CVSS v3.0 Temporal Score 6.4 (CVSS:3.0/E:F/RL:O/RC:X) CVSS Base Score 6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C) CVSS Temporal Score 5.7 (CVSS2#E:F/RL:OF/RC:ND) References
BID 94977
BID 94975
BID 94972
BID 94968
CVE CVE-2016-10012
CVE CVE-2016-10011
CVE CVE-2016-10010
CVE CVE-2016-10009 XREF EDB-ID:40962 XREF OSVDB:148977 XREF OSVDB:148976 XREF OSVDB:148975 XREF OSVDB:148968 XREF OSVDB:148967 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
XREF OSVDB:148966 Plugin Information: Published: 2016/12/27, Modified: 2016/12/29 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.4 192.168.1.72 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.2 Installed version : 7.2 Fixed version : 7.4 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.4 192.168.1.110 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.3p1 Ubuntu-1ubuntu0.1 Installed version : 7.3p1 Fixed version : 7.4 90023 (3) - OpenSSH < 7.2p2 X11Forwarding xauth Command Injection Synopsis The SSH server running on the remote host is affected by a security bypass vulnerability. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.2p2. It is, therefore, affected by a security bypass vulnerability due to improper sanitization of X11 authentication credentials. An authenticated, remote attacker can exploit this, via crafted credentials, to inject arbitrary xauth commands, resulting in gaining read and write access to arbitrary files, connecting to local ports, or performing further attacks on xauth itself. Note that exploiting this vulnerability requires X11Forwarding to have been enabled. See Also
http://www.openssh.com/txt/release-7.2p2
http://www.openssh.com/txt/x11fwd.adv Solution Upgrade to OpenSSH version 7.2p2 or later. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Risk Factor Medium CVSS Base Score 4.9 (CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:N) CVSS Temporal Score 4.0 (CVSS2#E:F/RL:OF/RC:ND) References
CVE CVE-2016-3115 XREF EDB-ID:39569 XREF OSVDB:135714 Plugin Information: Published: 2016/03/18, Modified: 2016/09/01 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.2p2 192.168.1.72 (tcp/22)
Version source : SSH-2.0-OpenSSH_7.2 Installed version : 7.2 Fixed version : 7.2p2 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.2p2 11213 (2) - HTTP TRACE / TRACK Methods Allowed Synopsis Debugging functions are enabled on the remote web server. Description The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. See Also
http://www.cgisecurity.com/whitehat-mirror/WH-WhitePaper_XST_ebook.pdf
http://www.apacheweek.com/issues/03-01-24
http://download.oracle.com/sunalerts/1000718.1.html Solution Disable these methods. Refer to the plugin output for more information. Risk Factor SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 4.3 (CVSS2#E:H/RL:OF/RC:C) References
BID 37995
BID 33374
BID 11604
BID 9561
BID 9506
CVE CVE-2010-0386
CVE CVE-2004-2320
CVE CVE-2003-1567
XREF CWE:200
XREF CWE:16 XREF CERT:867593 XREF CERT:288308 XREF OSVDB:50485 XREF OSVDB:11408 XREF OSVDB:5648 XREF OSVDB:3726 XREF OSVDB:877 Plugin Information: Published: 2003/01/23, Modified: 2016/11/23 Plugin Output 192.168.1.39 (tcp/80)
To disable these methods, add the following lines for each virtual host in your configuration file :
RewriteEngine on RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F]
Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2 support disabling the TRACE method natively via the 'TraceEnable' directive.
Nessus sent the following TRACE request :
------snip ------TRACE /Nessus421829402.html HTTP/1.1 Connection: Close Host: centos6dvwa.localhost.local Pragma: no-cache User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Accept-Language: en Accept-Charset: iso-8859-1,*,utf-8
------snip ------and received the following response from the remote server :
------snip ------HTTP/1.1 200 OK Date: Mon, 11 Dec 2017 15:18:41 GMT Server: Apache/2.2.15 (CentOS) Connection: close Transfer-Encoding: chunked Content-Type: message/http
TRACE /Nessus421829402.html HTTP/1.1 Connection: Close Host: centos6dvwa.localhost.local Pragma: no-cache User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* Accept-Language: en Accept-Charset: iso-8859-1,*,utf-8
------snip ------192.168.1.39 (tcp/443)
To disable these methods, add the following lines for each virtual host in your configuration file :
RewriteEngine on RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F]
Alternatively, note that Apache versions 1.3.34, 2.0.55, and 2.2 support disabling the TRACE method natively via the 'TraceEnable' directive.
Nessus sent the following TRACE request :
------snip ------TRACE /Nessus2067803009.html HTTP/1.1 Connection: Close Host: centos6dvwa.localhost.local Pragma: no-cache User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* Accept-Language: en SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Accept-Charset: iso-8859-1,*,utf-8
------snip ------and received the following response from the remote server :
------snip ------HTTP/1.0 200 OK Date: Mon, 11 Dec 2017 15:18:41 GMT Server: Apache/2.2.15 (CentOS) Connection: close Content-Type: message/http
TRACE /Nessus2067803009.html HTTP/1.1 Connection: Close Host: centos6dvwa.localhost.local Pragma: no-cache User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* Accept-Language: en Accept-Charset: iso-8859-1,*,utf-8
------snip ------44081 (2) - OpenSSH < 5.7 Multiple Vulnerabilities Synopsis The remote SSH service may be affected by multiple vulnerabilities. Description According to its banner, the version of OpenSSH running on the remote host is earlier than 5.7. Versions before 5.7 may be affected by the following vulnerabilities :
- A security bypass vulnerability because OpenSSH does not properly validate the public parameters in the J-PAKE protocol. This could allow an attacker to authenticate without the shared secret. Note that this issue is only exploitable when OpenSSH is built with J-PAKE support, which is currently experimental and disabled by default, and that Nessus has not checked whether J-PAKE support is indeed enabled. (CVE-2010-4478)
- The auth_parse_options function in auth-options.c in sshd provides debug messages containing authorized_keys command options, which allows remote, authenticated users to obtain potentially sensitive information by reading these messages. (CVE-2012-0814) See Also
http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5
http://www.nessus.org/u?3f1722f0 Solution Upgrade to OpenSSH 5.7 or later. Risk Factor Medium CVSS Base Score 6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
CVSS Temporal Score 5.9 (CVSS2#E:ND/RL:OF/RC:C) References
BID 51702
BID 45304
CVE CVE-2012-0814
CVE CVE-2010-4478 XREF OSVDB:78706 XREF OSVDB:69658 Plugin Information: Published: 2011/10/04, Modified: 2016/12/07 Plugin Output
192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 5.7 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 5.7 48205 (2) - Apache 2.2.x < 2.2.16 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.16. It is, therefore, potentially affected by multiple vulnerabilities :
- A denial of service vulnerability in mod_cache and mod_dav. (CVE-2010-1452) - An information disclosure vulnerability in mod_proxy_ajp, mod_reqtimeout, and mod_proxy_http relating to timeout conditions. Note that this issue only affects Apache on Windows, Netware, and OS/2. (CVE-2010-2068)
Note that the remote web server may not actually be affected by these vulnerabilities. Nessus did not try to determine whether the affected modules are in use or to check for the issues themselves. See Also
http://httpd.apache.org/security/vulnerabilities_22.html
https://issues.apache.org/bugzilla/show_bug.cgi?id=49246
https://issues.apache.org/bugzilla/show_bug.cgi?id=49417
http://www.nessus.org/u?ce8ac446 Solution Upgrade to Apache version 2.2.16 or later. Risk Factor SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 4.3 (CVSS2#E:ND/RL:OF/RC:C) References
BID 41963
BID 40827
CVE CVE-2010-2068
CVE CVE-2010-1452
XREF Secunia:40206 XREF OSVDB:66745 XREF OSVDB:65654 Plugin Information: Published: 2010/07/30, Modified: 2016/05/04 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.16 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.16 50070 (2) - Apache 2.2.x < 2.2.17 Multiple Vulnerabilities Synopsis The remote web server may be affected by several issues. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.17. It is, therefore, affected by the following vulnerabilities :
- Errors exist in the bundled expat library that may allow an attacker to crash the server when a buffer is over- read when parsing an XML document. (CVE-2009-3720 and CVE-2009-3560)
- An error exists in the 'apr_brigade_split_line' function in the bundled APR-util library. Carefully timed bytes in requests result in gradual memory increases leading to a denial of service. (CVE-2010-1623) Note that the remote web server may not actually be affected by these vulnerabilities. Nessus did not try to determine whether the affected modules are in use or to check for the issues themselves. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.17 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.17 or later. Alternatively, ensure that the affected modules are not in use. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSS Temporal Score 4.3 (CVSS2#E:ND/RL:OF/RC:C) References
BID 43673
BID 36097
BID 37203
CVE CVE-2010-1623
CVE CVE-2009-3720
CVE CVE-2009-3560
XREF CWE:119
XREF Secunia:41701 XREF OSVDB:68327 XREF OSVDB:60797 XREF OSVDB:59737 Plugin Information: Published: 2010/10/20, Modified: 2015/10/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.17 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.17 53896 (2) - Apache 2.2.x < 2.2.18 APR apr_fnmatch DoS Synopsis The remote web server may be affected by a denial of service vulnerability. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.18. It is, therefore, affected by a denial of service vulnerability due to an error in the apr_fnmatch() function of the bundled APR library.
If mod_autoindex is enabled and has indexed a directory containing files whose filenames are long, an attacker can SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – cause high CPU usage with a specially crafted request.
Note that the remote web server may not actually be affected by this vulnerability. Nessus did not try to determine whether the affected module is in use or to check for the issue itself. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.18
http://httpd.apache.org/security/vulnerabilities_22.html#2.2.18
http://securityreason.com/achievement_securityalert/98 Solution Upgrade to Apache version 2.2.18 or later. Alternatively, ensure that the 'IndexOptions' configuration option is set to 'IgnoreClient'. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSS Temporal Score 3.6 (CVSS2#E:F/RL:OF/RC:ND) References
BID 47820
CVE CVE-2011-0419
XREF Secunia:44574 XREF OSVDB:73388 Plugin Information: Published: 2011/05/13, Modified: 2016/05/04 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.18 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.18 56216 (2) - Apache 2.2.x < 2.2.21 mod_proxy_ajp DoS Synopsis The remote web server is affected by a denial of service vulnerability. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.21. It is, therefore, potentially affected by a denial of service vulnerability. An error exists in the 'mod_proxy_ajp' module that can allow specially crafted HTTP requests to cause a backend server to temporarily enter an error state. This SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – vulnerability only occurs when 'mod_proxy_ajp' is used along with 'mod_proxy_balancer'.
Note that Nessus did not actually test for the flaws but instead has relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.21
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.21 or later. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSS Temporal Score 3.7 (CVSS2#E:ND/RL:OF/RC:C) References
BID 49616
CVE CVE-2011-3348 XREF OSVDB:75647 Plugin Information: Published: 2011/09/16, Modified: 2017/01/30 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.21 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.21 57791 (2) - Apache 2.2.x < 2.2.22 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache 2.2.x installed on the remote host is prior to 2.2.22. It is, therefore, potentially affected by the following vulnerabilities :
- When configured as a reverse proxy, improper use of the RewriteRule and ProxyPassMatch directives could cause the web server to proxy requests to arbitrary hosts. This could allow a remote attacker to indirectly send requests to intranet servers. (CVE-2011-3368, CVE-2011-4317) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
- A heap-based buffer overflow exists when mod_setenvif module is enabled and both a maliciously crafted 'SetEnvIf' directive and a maliciously crafted HTTP request header are used. (CVE-2011-3607)
- A format string handling error can allow the server to be crashed via maliciously crafted cookies. (CVE-2012-0021)
- An error exists in 'scoreboard.c' that can allow local attackers to crash the server during shutdown. (CVE-2012-0031)
- An error exists in 'protocol.c' that can allow 'HTTPOnly' cookies to be exposed to attackers through the malicious use of either long or malformed HTTP headers. (CVE-2012-0053)
- An error in the mod_proxy_ajp module when used to connect to a backend server that takes an overly long time to respond could lead to a temporary denial of service. (CVE-2012-4557)
Note that Nessus did not actually test for these flaws, but instead has relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.22
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.22 or later. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 4.3 (CVSS2#E:ND/RL:OF/RC:C) References
BID 56753
BID 51706
BID 51705
BID 51407
BID 50802
BID 50494
BID 49957
CVE CVE-2012-4557
CVE CVE-2012-0053
CVE CVE-2012-0031
CVE CVE-2012-0021
CVE CVE-2011-4317
CVE CVE-2011-3607
CVE CVE-2011-3368 XREF OSVDB:89275 XREF OSVDB:78556 XREF OSVDB:78555 XREF OSVDB:78293 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
XREF OSVDB:77310 XREF OSVDB:76744 XREF OSVDB:76079 Plugin Information: Published: 2012/02/02, Modified: 2015/10/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.22 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.22 62101 (2) - Apache 2.2.x < 2.2.23 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.23. It is, therefore, potentially affected by the following vulnerabilities :
- The utility 'apachectl' can receive a zero-length directory name in the LD_LIBRARY_PATH via the 'envvars' file. A local attacker with access to that utility could exploit this to load a malicious Dynamic Shared Object (DSO), leading to arbitrary code execution. (CVE-2012-0883)
- An input validation error exists related to 'mod_negotiation', 'Multiviews' and untrusted uploads that can allow cross-site scripting attacks. (CVE-2012-2687)
Note that Nessus has not tested for these flaws but has instead relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.23
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.23 or later. Risk Factor Medium CVSS Base Score 6.9 (CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
CVSS Temporal Score 6.0 (CVSS2#E:ND/RL:OF/RC:C) References
BID 55131
BID 53046
CVE CVE-2012-2687
CVE CVE-2012-0883
XREF CWE:990
XREF CWE:931
XREF CWE:928
XREF CWE:900
XREF CWE:864
XREF CWE:811
XREF CWE:809
XREF CWE:801
XREF CWE:800
XREF CWE:751
XREF CWE:750
XREF CWE:725
XREF CWE:722
XREF CWE:712
XREF CWE:711
XREF CWE:629
XREF CWE:442
XREF CWE:79
XREF CWE:74
XREF CWE:20 XREF OSVDB:84818 XREF OSVDB:81359 Plugin Information: Published: 2012/09/14, Modified: 2015/10/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.23 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.23 64912 (2) - Apache 2.2.x < 2.2.24 Multiple XSS Vulnerabilities Synopsis The remote web server is affected by multiple cross-site scripting vulnerabilities. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.24. It is, therefore, potentially affected by the following cross-site scripting vulnerabilities :
- Errors exist related to the modules mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp and unescaped hostnames and URIs that could allow cross- site scripting attacks. (CVE-2012-3499)
- An error exists related to the mod_proxy_balancer module's manager interface that could allow cross-site scripting attacks. (CVE-2012-4558)
Note that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.24
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.24 or later. Alternatively, ensure that the affected modules are not in use. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSS Temporal Score 3.7 (CVSS2#E:ND/RL:OF/RC:C) References
BID 58165
CVE CVE-2012-4558
CVE CVE-2012-3499
XREF CWE:990
XREF CWE:931
XREF CWE:928
XREF CWE:900
XREF CWE:864
XREF CWE:811
XREF CWE:809
XREF CWE:801
XREF CWE:800
XREF CWE:751
XREF CWE:750
XREF CWE:725
XREF CWE:722
XREF CWE:712
XREF CWE:711
XREF CWE:629
XREF CWE:442
XREF CWE:79
XREF CWE:74
XREF CWE:20 XREF OSVDB:90557 XREF OSVDB:90556 Plugin Information: SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Published: 2013/02/27, Modified: 2015/10/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.24 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.24 67140 (2) - OpenSSH LoginGraceTime / MaxStartups DoS Synopsis The remote SSH service is susceptible to a remote denial of service attack. Description According to its banner, a version of OpenSSH earlier than version 6.2 is listening on this port. The default configuration of OpenSSH installs before 6.2 could allow a remote attacker to bypass the LoginGraceTime and MaxStartups thresholds by periodically making a large number of new TCP connections and thereby prevent legitimate users from gaining access to the service.
Note that this plugin has not tried to exploit the issue or detect whether the remote service uses a vulnerable configuration. Instead, it has simply checked the version of OpenSSH running on the remote host. See Also
http://www.openwall.com/lists/oss-security/2013/02/06/5
http://openssh.org/txt/release-6.2
https://tools.cisco.com/security/center/viewAlert.x?alertId=28883 Solution Upgrade to OpenSSH 6.2 and review the associated server configuration settings. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSS Temporal Score 4.3 (CVSS2#E:ND/RL:OF/RC:C) References
BID 58162
CVE CVE-2010-5107 XREF OSVDB:90007 Plugin Information: Published: 2013/07/03, Modified: 2017/06/12 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.2 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 6.2 68915 (2) - Apache 2.2.x < 2.2.25 Multiple Vulnerabilities Synopsis The remote web server may be affected by multiple cross-site scripting vulnerabilities. Description According to its banner, the version of Apache 2.2.x running on the remote host is prior to 2.2.25. It is, therefore, potentially affected by the following vulnerabilities :
- A flaw exists in the 'RewriteLog' function where it fails to sanitize escape sequences from being written to log files, making it potentially vulnerable to arbitrary command execution. (CVE-2013-1862)
- A denial of service vulnerability exists relating to the 'mod_dav' module as it relates to MERGE requests. (CVE-2013-1896)
Note that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.25
http://httpd.apache.org/security/vulnerabilities_22.html
http://www.nessus.org/u?f050c342 Solution Upgrade to Apache version 2.2.25 or later. Alternatively, ensure that the affected modules are not in use. Risk Factor Medium CVSS Base Score 5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSS Temporal Score 3.6 (CVSS2#E:U/RL:OF/RC:UR) References
BID 61129
BID 59826
CVE CVE-2013-1896
CVE CVE-2013-1862 XREF OSVDB:95498 XREF OSVDB:93366 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Plugin Information: Published: 2013/07/16, Modified: 2016/05/04 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.25 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.25 73405 (2) - Apache 2.2.x < 2.2.27 Multiple Vulnerabilities Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache 2.2.x running on the remote host is a version prior to 2.2.27. It is, therefore, potentially affected by the following vulnerabilities :
- A flaw exists with the 'mod_dav' module that is caused when tracking the length of CDATA that has leading white space. A remote attacker with a specially crafted DAV WRITE request can cause the service to stop responding. (CVE-2013-6438)
- A flaw exists in 'mod_log_config' module that is caused when logging a cookie that has an unassigned value. A remote attacker with a specially crafted request can cause the service to crash. (CVE-2014-0098)
Note that Nessus did not actually test for these issues, but instead has relied on the version in the server's banner. See Also
https://archive.apache.org/dist/httpd/CHANGES_2.2.27
http://httpd.apache.org/security/vulnerabilities_22.html Solution Upgrade to Apache version 2.2.27 or later. Alternatively, ensure that the affected modules are not in use. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSS Temporal Score 3.7 (CVSS2#E:ND/RL:OF/RC:C) References
BID 66303
CVE CVE-2014-0098 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
CVE CVE-2013-6438 XREF OSVDB:104580 XREF OSVDB:104579 Plugin Information: Published: 2014/04/08, Modified: 2015/10/19 Plugin Output 192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.27 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.27 88099 (2) - Web Server HTTP Header Information Disclosure Synopsis The remote web server discloses information via HTTP headers. Description The HTTP headers sent by the remote web server disclose information that can aid an attacker, such as the server version and languages used by the web server. Solution Modify the HTTP headers of the web server to not disclose detailed information about the underlying web server. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) Plugin Information: Published: 2016/01/22, Modified: 2016/02/02 Plugin Output 192.168.1.39 (tcp/80)
Server type : Apache Server version : 2.2.15 Source : 2.2.15 192.168.1.39 (tcp/443) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Server type : Apache Server version : 2.2.15 Source : 2.2.15 90022 (2) - OpenSSH < 7.2 Untrusted X11 Forwarding Fallback Security Bypass Synopsis The SSH server running on the remote host is affected by a security bypass vulnerability. Description According to its banner, the version of OpenSSH running on the remote host is prior to 7.2. It is, therefore, affected by a security bypass vulnerability due to a flaw in ssh(1) that is triggered when it falls back from untrusted X11 forwarding to trusted forwarding when the SECURITY extension is disabled by the X server. This can result in untrusted X11 connections that can be exploited by a remote attacker. See Also
http://www.openssh.com/txt/release-7.2 Solution Upgrade to OpenSSH version 7.2 or later. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N) CVSS Temporal Score 3.2 (CVSS2#E:U/RL:OF/RC:C) References XREF OSVDB:135128 Plugin Information: Published: 2016/03/18, Modified: 2016/04/28 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.2 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 7.2 90317 (2) - SSH Weak Algorithms Supported Synopsis The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Nessus has detected that the remote SSH server is configured to use the Arcfour stream cipher or no cipher at all. RFC 4253 advises against using Arcfour due to an issue with weak keys. See Also
https://tools.ietf.org/html/rfc4253#section-6.3 Solution Contact the vendor or consult product documentation to remove the weak ciphers. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) Plugin Information: Published: 2016/04/04, Modified: 2016/12/14 Plugin Output
192.168.1.39 (tcp/22)
The following weak server-to-client encryption algorithms are supported : arcfour arcfour128 arcfour256
The following weak client-to-server encryption algorithms are supported : arcfour arcfour128 arcfour256 192.168.1.85 (tcp/22)
The following weak server-to-client encryption algorithms are supported : arcfour arcfour128 arcfour256
The following weak client-to-server encryption algorithms are supported : arcfour arcfour128 arcfour256 90510 (2) - MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527) (Badlock) (uncredentialed check) Synopsis The remote Windows host is affected by an elevation of privilege vulnerability. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The remote Windows host is affected by an elevation of privilege vulnerability in the Security Account Manager (SAM) and Local Security Authority (Domain Policy) (LSAD) protocols due to improper authentication level negotiation over Remote Procedure Call (RPC) channels. A man-in-the-middle attacker able to intercept communications between a client and a server hosting a SAM database can exploit this to force the authentication level to downgrade, allowing the attacker to impersonate an authenticated user and access the SAM database. See Also
https://technet.microsoft.com/library/security/MS16-047
http://badlock.org/ Solution Microsoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 2012, 8.1, RT 8.1, 2012 R2, and 10. Risk Factor Medium CVSS Base Score 6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSS Temporal Score 5.6 (CVSS2#E:F/RL:OF/RC:ND) STIG Severity I References
BID 86002
CVE CVE-2016-0128
MSKB 3147458
MSKB 3147461
MSKB 3149090
MSKB 3148527 XREF IAVA:2016-A-0093 XREF CERT:813296 XREF MSFT:MS16-047 XREF OSVDB:136339 Plugin Information: Published: 2016/04/13, Modified: 2017/08/30 Plugin Output 192.168.1.113 (tcp/49153) 192.168.1.114 (tcp/49153)
96450 (2) - Apache 2.2.x < 2.2.32 Multiple Vulnerabilities (httpoxy) Synopsis The remote web server is affected by multiple vulnerabilities. Description According to its banner, the version of Apache running on the remote host is 2.2.x prior to 2.2.32. It is, therefore, affected by the following vulnerabilities :
- The Apache HTTP Server is affected by a man-in-the-middle vulnerability known as 'httpoxy' due to a failure to properly resolve namespace conflicts in accordance with RFC 3875 section 4.1.18. The HTTP_PROXY environment SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – variable is set based on untrusted user data in the 'Proxy' header of HTTP requests. The HTTP_PROXY environment variable is used by some web client libraries to specify a remote proxy server. An unauthenticated, remote attacker can exploit this, via a crafted 'Proxy' header in an HTTP request, to redirect an application's internal HTTP traffic to an arbitrary proxy server where it may be observed or manipulated. (CVE-2016-5387)
- A flaw exists due to improper handling of whitespace patterns in user-agent headers. An unauthenticated, remote attacker can exploit this, via a specially crafted user-agent header, to cause the program to incorrectly process sequences of requests, resulting in interpreting responses incorrectly, polluting the cache, or disclosing the content from one request to a second downstream user-agent. (CVE-2016-8743)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. See Also
https://httpd.apache.org/dev/dist/Announcement2.2.html
http://httpd.apache.org/security/vulnerabilities_22.html
https://github.com/apache/httpd/blob/2.2.x/CHANGES
https://www.apache.org/security/asf-httpoxy-response.txt
https://httpoxy.org Solution Upgrade to Apache version 2.2.32 or later.
Note that the 'httpoxy' vulnerability can be mitigated by applying the workarounds or patches as referenced in the vendor advisory asf-httpoxy-response.txt. Risk Factor Medium CVSS v3.0 Base Score 8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSS v3.0 Temporal Score 7.4 (CVSS:3.0/E:F/RL:O/RC:X) CVSS Base Score 5.1 (CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P) CVSS Temporal Score 4.2 (CVSS2#E:F/RL:OF/RC:ND) References
BID 95077
BID 91816
CVE CVE-2016-8743
CVE CVE-2016-5387 XREF CERT:797896 XREF OSVDB:149054 XREF OSVDB:141669 Plugin Information: Published: 2017/01/12, Modified: 2017/06/29 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/80)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.32 192.168.1.39 (tcp/443)
Version source : Server: Apache/2.2.15 Installed version : 2.2.15 Fixed version : 2.2.32 15901 (1) - SSL Certificate Expiry Synopsis The remote server's SSL certificate has already expired. Description This plugin checks expiry dates of certificates associated with SSL- enabled services on the target and reports whether any have already expired. Solution Purchase or generate a new SSL certificate to replace the existing one. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N) Plugin Information: Published: 2004/12/03, Modified: 2016/01/08 Plugin Output 192.168.1.39 (tcp/443)
The SSL certificate has already expired :
Subject : C=US, ST=Maryland, L=Baltimore, O=localhost, OU=Home, CN=dvwacentos.localhost.local Issuer : C=US, ST=Maryland, L=Baltimore, O=localhost, OU=Home, CN=dvwacentos.localhost.local Not valid before : Mar 2 21:23:17 2016 GMT Not valid after : Mar 2 21:23:17 2017 GMT 20007 (1) - SSL Version 2 and 3 Protocol Detection Synopsis The remote service encrypts traffic using a protocol with known weaknesses. Description The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws, including:
- An insecure padding scheme with CBC ciphers. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
- Insecure session renegotiation and resumption schemes.
An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients.
Although SSL/TLS has a secure means for choosing the highest supported version of the protocol (so that these versions will be used only if the client or server support nothing better), many web browsers implement this in an unsafe way that allows an attacker to downgrade a connection (such as in POODLE). Therefore, it is recommended that these protocols be disabled entirely.
NIST has determined that SSL 3.0 is no longer acceptable for secure communications. As of the date of enforcement found in PCI DSS v3.1, any version of SSL will not meet the PCI SSC's definition of 'strong cryptography'. See Also
https://www.schneier.com/academic/paperfiles/paper-ssl.pdf
http://www.nessus.org/u?0bb7b67d
http://www.nessus.org/u?247c4540
https://www.openssl.org/~bodo/ssl-poodle.pdf
http://www.nessus.org/u?5d15ba70
https://www.imperialviolet.org/2014/10/14/poodle.html
https://tools.ietf.org/html/rfc7507
https://tools.ietf.org/html/rfc7568 Solution Consult the application's documentation to disable SSL 2.0 and 3.0. Use TLS 1.1 (with approved cipher suites) or higher instead. Risk Factor Medium CVSS v3.0 Base Score 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) Plugin Information: Published: 2005/10/12, Modified: 2017/07/11 Plugin Output 192.168.1.39 (tcp/443)
- SSLv3 is enabled and the server supports at least one cipher. 69041 (1) - Squid 3.x < 3.2.12 / 3.3.x < 3.3.7 idnsALookup HTTP Request DoS Synopsis The remote proxy server is affected by a denial of service vulnerability. Description According to its banner, the version of Squid running on the remote host is 3.x prior to 3.2.12 or 3.3.x prior to 3.3.7 and is, therefore, affected by a denial of service vulnerability. A buffer overflow exists in the 'idnsALookup' SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – function in the file 'dns_internal.cc' that could allow specially crafted HTTP requests that could result in a denial of service.
Note that Nessus has relied only on the version in the proxy server's banner, which is not updated by the patch that the project has released to address this issue. If this patch has been applied properly and the service has been restarted, consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/SQUID-2013_2.txt
http://www.nessus.org/u?7d4a3221
http://www.nessus.org/u?01ebdd34
http://www.nessus.org/u?04f9aba0
http://www.nessus.org/u?89d9d13f Solution Either upgrade to Squid version 3.2.12 / 3.3.7 or later, or apply the vendor-supplied patch. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSS Temporal Score 3.7 (CVSS2#E:U/RL:OF/RC:C) References
BID 61111
CVE CVE-2013-4115 XREF OSVDB:95165 Plugin Information: Published: 2013/07/24, Modified: 2016/08/15 Plugin Output 192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed version : 3.2.12 / 3.3.7 73131 (1) - Squid 3.1.x < 3.3.12 / 3.4.4 HTTPS Request Handling DoS Synopsis The remote proxy server is affected by a denial of service vulnerability. Description According to its banner, the version of Squid running on the remote host is 3.x prior to 3.3.12 or 3.4.4 and is, therefore, affected by a denial of service vulnerability.
A flaw exists in SSL-Bump in regards to the state management when processing range requests. A remote attacker can cause the server to crash with specially crafted HTTPS requests.
Note that Nessus has relied only on the version in the proxy server's banner, which is not updated by the patch the SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – project has released to address the issue. If this patch has been applied properly and the service has been restarted, consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/SQUID-2014_1.txt
http://www.nessus.org/u?bf7922a2
http://www.nessus.org/u?13763a56 Solution Either upgrade to Squid version 3.3.12 / 3.4.4 or later, or apply the vendor-supplied patch. Risk Factor Medium CVSS Base Score 4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P) CVSS Temporal Score 3.6 (CVSS2#E:F/RL:OF/RC:ND) References
BID 66112
CVE CVE-2014-0128 XREF OSVDB:104375 Plugin Information: Published: 2014/03/21, Modified: 2016/05/12 Plugin Output 192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed version : 3.3.12 / 3.4.4 77985 (1) - Squid 3.x < 3.3.13 / 3.4.7 Request Processing DoS Synopsis The remote proxy server is affected by a denial of service vulnerability. Description According to its banner, the version of Squid running on the remote host is 3.x prior to 3.3.13 or 3.4.7. It is, therefore, affected by a denial of service vulnerability.
The flaw exists due to user-supplied input not being properly validated in request parsing. This allows a remote attacker to specially craft a request with Range headers with unidentifiable byte-range values to crash the application.
Note that Nessus has relied only on the version in the proxy server's banner. The patch released to address the issue does not update the version in the banner. If the patch has been applied properly, and the service has been restarted, consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/SQUID-2014_2.txt
http://www.nessus.org/u?b9a745a4
http://www.nessus.org/u?e2b5e3b7 Solution SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Upgrade to Squid version 3.3.13 / 3.4.7 or later, or apply the vendor-supplied patch. Risk Factor Medium CVSS Base Score 5.0 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSS Temporal Score 4.3 (CVSS2#E:ND/RL:OF/RC:C) References
BID 69453
CVE CVE-2014-3609 XREF OSVDB:110525 Plugin Information: Published: 2014/09/30, Modified: 2014/09/30 Plugin Output 192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed version : 3.3.13 / 3.4.7 79742 (1) - Squid 3.x < 3.4.8 Multiple Vulnerabilities Synopsis The remote proxy server may be affected by multiple vulnerabilities. Description According to its banner, the version of Squid running on the remote host is 3.x prior to 3.4.8. Therefore, it may be affected by the following vulnerabilities :
- A off-by-one overflow flaw exists within the SNMP processing component. By using a specially crafted UDP SNMP request, a remote attacker could exploit this to cause a denial of service or possibly execute arbitrary code. (CVE- 2014-6270)
- There exists an array indexing flaw in the node pinger that is triggered when parsing ICMP and ICMPv6 replies, which may allow a remote attacker to crash the pinger or obtain sensitive information. (CVE-2014-7141)
- The node pinger has a flaw in function 'Icmp4::Recv' in file 'icmp/Icmp4.cc.' that is triggered when parsing ICMP or ICMPv6 responses. A remote attacker could exploit this to crash the pinger or obtain sensitive information. (CVE-2014-7142)
Note that Nessus has relied only on the version in the proxy server's banner. The patch released to address the issue does not update the version in the banner. If the patch has been applied properly, and the service has been restarted, consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2014_3.txt
http://www.squid-cache.org/Advisories/SQUID-2014_4.txt SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
http://www.nessus.org/u?c9716bf4 Solution Upgrade to Squid version 3.4.8 or later, or apply the vendor-supplied patch. Risk Factor Medium CVSS Base Score 6.8 (CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P) CVSS Temporal Score 5.9 (CVSS2#E:ND/RL:OF/RC:C) References
BID 70022
BID 69688
BID 69686
CVE CVE-2014-7142
CVE CVE-2014-7141
CVE CVE-2014-6270 XREF OSVDB:112409 XREF OSVDB:111420 XREF OSVDB:111286 Plugin Information: Published: 2014/12/05, Modified: 2014/12/05 Plugin Output 192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed version : 3.4.8 65821 (7) - SSL RC4 Cipher Suites Supported (Bar Mitzvah) Synopsis The remote service supports the use of the RC4 cipher. Description The remote host supports the use of RC4 in one or more cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.
If plaintext is repeatedly encrypted (e.g., HTTP cookies), and an attacker is able to obtain many (i.e., tens of millions) ciphertexts, the attacker may be able to derive the plaintext. See Also
http://www.nessus.org/u?217a3666
http://cr.yp.to/talks/2013.03.12/slides.pdf
http://www.isg.rhul.ac.uk/tls/
http://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf Solution Reconfigure the affected application, if possible, to avoid use of RC4 ciphers. Consider using TLS 1.2 with AES-GCM suites subject to browser and web server support. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSS Temporal Score 2.2 (CVSS2#E:F/RL:TF/RC:ND) References
BID 73684
BID 58796
CVE CVE-2015-2808
CVE CVE-2013-2566 XREF OSVDB:117855 XREF OSVDB:91162 Plugin Information: Published: 2013/04/05, Modified: 2016/12/14 Plugin Output 192.168.1.39 (tcp/443)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.53 (tcp/3389)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.55 (tcp/3389)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.68 (tcp/3389)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.79 (tcp/3389)
List of RC4 cipher suites supported by the remote server : SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.113 (tcp/3389)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.114 (tcp/3389)
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Mac={message authentication code} {export flag} 83875 (3) - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) Synopsis The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Description The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Through cryptanalysis, a third party may be able to find the shared secret in a short amount of time (depending on modulus size and attacker resources). This may allow an attacker to recover the plaintext or potentially violate the integrity of connections. See Also
http://weakdh.org/ Solution Reconfigure the service to use a unique Diffie-Hellman moduli of 2048 bits or greater. Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N) References
BID 74733
CVE CVE-2015-4000 XREF OSVDB:122331 Plugin Information: Published: 2015/05/28, Modified: 2016/06/16 Plugin Output 192.168.1.53 (tcp/3389)
Vulnerable connection combinations :
SSL/TLS version : TLSv1.1 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.1 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources) 192.168.1.68 (tcp/3389)
Vulnerable connection combinations :
SSL/TLS version : TLSv1.1 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.1 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources) 192.168.1.79 (tcp/3389)
Vulnerable connection combinations :
SSL/TLS version : TLSv1.1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.1 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources)
SSL/TLS version : TLSv1.0 Cipher suite : TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA Diffie-Hellman MODP size (bits) : 1024 Warning - This is a known static Oakley Group2 modulus. This may make the remote host more vulnerable to the Logjam attack. Logjam attack difficulty : Hard (would require nation-state resources) 53841 (2) - Portable OpenSSH ssh-keysign ssh-rand-helper Utility File Descriptor Leak Local Information Disclosure Synopsis Local attackers may be able to access sensitive information. Description According to its banner, the version of OpenSSH running on the remote host is earlier than 5.8p2. Such versions may be affected by a local information disclosure vulnerability that could allow the contents of the host's private key to be accessible by locally tracing the execution of the ssh-keysign utility. Having the host's private key may allow the impersonation of the host.
Note that installations are only vulnerable if ssh-rand-helper was enabled during the build process, which is not the case for *BSD, OS X, Cygwin and Linux. See Also
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
http://www.openssh.com/txt/release-5.8p2 Solution Upgrade to Portable OpenSSH 5.8p2 or later. Risk Factor Low CVSS Base Score 2.1 (CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N) CVSS Temporal Score 1.6 (CVSS2#E:U/RL:OF/RC:C) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
References
BID 47691
CVE CVE-2011-4327
XREF Secunia:44347 XREF OSVDB:72183 Plugin Information: Published: 2011/05/09, Modified: 2016/12/07 Plugin Output 192.168.1.39 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 5.8p2 192.168.1.85 (tcp/22)
Version source : SSH-2.0-OpenSSH_5.3 Installed version : 5.3 Fixed version : 5.8p2 70658 (2) - SSH Server CBC Mode Ciphers Enabled Synopsis The SSH server is configured to use Cipher Block Chaining. Description The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext.
Note that this plugin only checks for the options of the SSH server and does not check for vulnerable software versions. Solution Contact the vendor or consult product documentation to disable CBC mode cipher encryption, and enable CTR or GCM cipher mode encryption. Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSS Temporal Score 2.6 (CVSS2#E:ND/RL:ND/RC:ND) References
BID 32319
CVE CVE-2008-5161
XREF CWE:200 XREF CERT:958563 XREF OSVDB:50036 XREF OSVDB:50035 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Plugin Information: Published: 2013/10/28, Modified: 2016/05/12 Plugin Output 192.168.1.39 (tcp/22)
The following client-to-server Cipher Block Chaining (CBC) algorithms are supported :
3des-cbc aes128-cbc aes192-cbc aes256-cbc blowfish-cbc cast128-cbc [email protected]
The following server-to-client Cipher Block Chaining (CBC) algorithms are supported :
3des-cbc aes128-cbc aes192-cbc aes256-cbc blowfish-cbc cast128-cbc [email protected] 192.168.1.85 (tcp/22)
The following client-to-server Cipher Block Chaining (CBC) algorithms are supported :
3des-cbc aes128-cbc aes192-cbc aes256-cbc blowfish-cbc cast128-cbc [email protected]
The following server-to-client Cipher Block Chaining (CBC) algorithms are supported :
3des-cbc aes128-cbc aes192-cbc aes256-cbc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización – blowfish-cbc cast128-cbc [email protected] 71049 (2) - SSH Weak MAC Algorithms Enabled Synopsis The remote SSH server is configured to allow MD5 and 96-bit MAC algorithms. Description The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak.
Note that this plugin only checks for the options of the SSH server, and it does not check for vulnerable software versions. Solution Contact the vendor or consult product documentation to disable MD5 and 96-bit MAC algorithms. Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) Plugin Information: Published: 2013/11/22, Modified: 2016/12/14 Plugin Output 192.168.1.39 (tcp/22)
The following client-to-server Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96
The following server-to-client Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96 192.168.1.85 (tcp/22)
The following client-to-server Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The following server-to-client Message Authentication Code (MAC) algorithms are supported : hmac-md5 hmac-md5-96 hmac-sha1-96 86328 (2) - SSH Diffie-Hellman Modulus <= 1024 Bits (Logjam) Synopsis The remote host allows SSH connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Description The remote SSH server allows connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits. Through cryptanalysis, a third party can find the shared secret in a short amount of time (depending on modulus size and attacker resources). This allows an attacker to recover the plaintext or potentially violate the integrity of connections. See Also
http://weakdh.org/
https://stribika.github.io/2015/01/04/secure-secure-shell.html Solution Reconfigure the service to use a unique Diffie-Hellman moduli of 2048 bits or greater. Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N) References
BID 74733
CVE CVE-2015-4000 XREF OSVDB:122331 Plugin Information: Published: 2015/10/09, Modified: 2017/05/30 Plugin Output 192.168.1.39 (tcp/22)
The SSH server is vulnerable to the Logjam attack because :
It supports diffie-hellman-group1-sha1 key exchange.
It supports diffie-hellman-group-exchange-sha1 key exchange and allows a moduli smaller than or equal to 1024.
Note that only an attacker with nation-state level resources can effectively make use of the vulnerability, and only against sessions where the vulnerable key exchange algorithms are used. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.85 (tcp/22)
The SSH server is vulnerable to the Logjam attack because :
It supports diffie-hellman-group1-sha1 key exchange.
It supports diffie-hellman-group-exchange-sha1 key exchange and allows a moduli smaller than or equal to 1024.
Note that only an attacker with nation-state level resources can effectively make use of the vulnerability, and only against sessions where the vulnerable key exchange algorithms are used. 84674 (1) - Squid < 3.5.6 Squid Cache Peer CONNECT Remote Access Bypass Synopsis The remote proxy server is potentially affected by an authentication bypass vulnerability. Description According to its banner, the version of Squid running on the remote host is prior to 3.5.6. It is, therefore, potentially affected by an authentication bypass vulnerability due to a flaw in file tunnel.cc, which is triggered whenever cache peer CONNECT responses are blindly forwarded in a hierarchy of two or more proxies, resulting in unrestricted access to a back-end proxy through its gateway proxy. A remote, unauthenticated attacker, using a specially crafted request, can exploit this vulnerability to bypass authentication or gain access to protected resources. This issue occurs in configurations with cache_peer enabled, and exploitation would require that the two proxies have differing levels of security.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. The patch released to address this issue does not update the version in the banner. If the patch has been applied properly, and the service has been restarted, consider this to be a false positive. See Also
http://www.squid-cache.org/Advisories/
http://www.squid-cache.org/Advisories/SQUID-2015_2.txt Solution Upgrade to Squid versions 3.5.6 or later, or apply the vendor-supplied patch. Risk Factor Low CVSS Base Score 2.6 (CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N) CVSS Temporal Score 1.9 (CVSS2#E:U/RL:OF/RC:C) References XREF OSVDB:124237 Plugin Information: Published: 2015/07/10, Modified: 2015/07/14 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/3128)
Version source : Server: squid/3.1.23 Installed version : 3.1.23 Fixed versions : 3.5.6 11219 (84) - Nessus SYN scanner Synopsis It is possible to determine which TCP ports are open. Description This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Note that SYN scans are less intrusive than TCP (full connect) scans against broken services, but they might cause problems for less robust firewalls and also leave unclosed connections on the remote target, if the network is loaded. Solution Protect your target with an IP filter. Risk Factor None Plugin Information: Published: 2009/02/04, Modified: 2017/05/22 Plugin Output
192.168.1.39 (tcp/22)
Port 22/tcp was found to be open 192.168.1.39 (tcp/80)
Port 80/tcp was found to be open 192.168.1.39 (tcp/443)
Port 443/tcp was found to be open 192.168.1.39 (tcp/3128)
Port 3128/tcp was found to be open 192.168.1.39 (tcp/3306)
Port 3306/tcp was found to be open SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.43 (tcp/22)
Port 22/tcp was found to be open 192.168.1.43 (tcp/111)
Port 111/tcp was found to be open 192.168.1.43 (tcp/9090)
Port 9090/tcp was found to be open 192.168.1.53 (tcp/135)
Port 135/tcp was found to be open 192.168.1.53 (tcp/139)
Port 139/tcp was found to be open 192.168.1.53 (tcp/445)
Port 445/tcp was found to be open 192.168.1.53 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.53 (tcp/5357)
Port 5357/tcp was found to be open 192.168.1.53 (tcp/49152)
Port 49152/tcp was found to be open 192.168.1.53 (tcp/49153)
Port 49153/tcp was found to be open 192.168.1.53 (tcp/49154) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Port 49154/tcp was found to be open 192.168.1.53 (tcp/49172)
Port 49172/tcp was found to be open 192.168.1.53 (tcp/49177)
Port 49177/tcp was found to be open 192.168.1.53 (tcp/49180)
Port 49180/tcp was found to be open 192.168.1.55 (tcp/135)
Port 135/tcp was found to be open 192.168.1.55 (tcp/139)
Port 139/tcp was found to be open
192.168.1.55 (tcp/445)
Port 445/tcp was found to be open 192.168.1.55 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.55 (tcp/5985)
Port 5985/tcp was found to be open 192.168.1.55 (tcp/47001)
Port 47001/tcp was found to be open 192.168.1.55 (tcp/49664)
Port 49664/tcp was found to be open SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.55 (tcp/49665)
Port 49665/tcp was found to be open 192.168.1.55 (tcp/49666)
Port 49666/tcp was found to be open 192.168.1.55 (tcp/49671)
Port 49671/tcp was found to be open 192.168.1.55 (tcp/49673)
Port 49673/tcp was found to be open 192.168.1.55 (tcp/49697)
Port 49697/tcp was found to be open 192.168.1.55 (tcp/49698)
Port 49698/tcp was found to be open 192.168.1.55 (tcp/49722)
Port 49722/tcp was found to be open 192.168.1.68 (tcp/135)
Port 135/tcp was found to be open 192.168.1.68 (tcp/139)
Port 139/tcp was found to be open 192.168.1.68 (tcp/445)
Port 445/tcp was found to be open 192.168.1.68 (tcp/2869) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Port 2869/tcp was found to be open 192.168.1.68 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.68 (tcp/5357)
Port 5357/tcp was found to be open 192.168.1.68 (tcp/49152)
Port 49152/tcp was found to be open 192.168.1.68 (tcp/49153)
Port 49153/tcp was found to be open 192.168.1.68 (tcp/49154)
Port 49154/tcp was found to be open
192.168.1.68 (tcp/49172)
Port 49172/tcp was found to be open 192.168.1.68 (tcp/49173)
Port 49173/tcp was found to be open 192.168.1.68 (tcp/49180)
Port 49180/tcp was found to be open 192.168.1.72 (tcp/22)
Port 22/tcp was found to be open 192.168.1.79 (tcp/135)
Port 135/tcp was found to be open SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.79 (tcp/139)
Port 139/tcp was found to be open 192.168.1.79 (tcp/445)
Port 445/tcp was found to be open 192.168.1.79 (tcp/554)
Port 554/tcp was found to be open 192.168.1.79 (tcp/2869)
Port 2869/tcp was found to be open 192.168.1.79 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.79 (tcp/10243)
Port 10243/tcp was found to be open 192.168.1.79 (tcp/49152)
Port 49152/tcp was found to be open 192.168.1.79 (tcp/49153)
Port 49153/tcp was found to be open 192.168.1.79 (tcp/49154)
Port 49154/tcp was found to be open 192.168.1.79 (tcp/49155)
Port 49155/tcp was found to be open 192.168.1.79 (tcp/49158) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Port 49158/tcp was found to be open 192.168.1.79 (tcp/49176)
Port 49176/tcp was found to be open 192.168.1.79 (tcp/49177)
Port 49177/tcp was found to be open 192.168.1.85 (tcp/22)
Port 22/tcp was found to be open 192.168.1.110 (tcp/22)
Port 22/tcp was found to be open 192.168.1.113 (tcp/135)
Port 135/tcp was found to be open
192.168.1.113 (tcp/139)
Port 139/tcp was found to be open 192.168.1.113 (tcp/445)
Port 445/tcp was found to be open 192.168.1.113 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.113 (tcp/47001)
Port 47001/tcp was found to be open 192.168.1.113 (tcp/49152)
Port 49152/tcp was found to be open SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.113 (tcp/49153)
Port 49153/tcp was found to be open 192.168.1.113 (tcp/49154)
Port 49154/tcp was found to be open 192.168.1.113 (tcp/49155)
Port 49155/tcp was found to be open 192.168.1.113 (tcp/49182)
Port 49182/tcp was found to be open 192.168.1.113 (tcp/49183)
Port 49183/tcp was found to be open 192.168.1.114 (tcp/135)
Port 135/tcp was found to be open 192.168.1.114 (tcp/139)
Port 139/tcp was found to be open 192.168.1.114 (tcp/445)
Port 445/tcp was found to be open 192.168.1.114 (tcp/3389)
Port 3389/tcp was found to be open 192.168.1.114 (tcp/5357)
Port 5357/tcp was found to be open 192.168.1.114 (tcp/49152) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Port 49152/tcp was found to be open 192.168.1.114 (tcp/49153)
Port 49153/tcp was found to be open 192.168.1.114 (tcp/49154)
Port 49154/tcp was found to be open 192.168.1.114 (tcp/49155)
Port 49155/tcp was found to be open 192.168.1.114 (tcp/49188)
Port 49188/tcp was found to be open 192.168.1.114 (tcp/49189)
Port 49189/tcp was found to be open 10736 (51) - DCE Services Enumeration Synopsis A DCE/RPC service is running on the remote host. Description By sending a Lookup request to the portmapper (TCP 135 or epmapper PIPE) it was possible to enumerate the Distributed Computing Environment (DCE) services running on the remote port. Using this information it is possible to connect and bind to each service by sending an RPC request to the remote port/pipe. Solution n/a Risk Factor None Plugin Information: Published: 2001/08/26, Modified: 2014/05/12 Plugin Output 192.168.1.53 (tcp/135)
The following DCERPC services are available locally :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : WindowsShutdown
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc05CFD0
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WindowsShutdown
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc05CFD0
Object UUID : 6d726574-7273-0076-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : LRPC-450203b573c6e8c63d
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000001 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc05E3D1
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : OLEC5A4386F731947C1A4C916F564E6
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0 Description : SSDP service Windows process : unknow Type : Local RPC service Named pipe : LRPC-0e4c0f81baf3131f6c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5C715B9A912D451D91E8EE622E1E SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : trkwks
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : RemoteDevicesLPC_API
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : TSUMRPD_PRINT_DRV_LPC_API
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : LRPC-7dcc1816148cbf2286
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : lsapolicylookup SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0 Description : IPsec Services (Windows XP & 2003) Windows process : lsass.exe Annotation : IPSec Policy agent endpoint Type : Local RPC service Named pipe : LRPC-52c06e0d24733125a6
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0 Description : Unknown RPC service Annotation : Base Firewall Engine API Type : Local RPC service Named pipe : LRPC-c304bad2a2a82f1b42
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-c304bad2a2a82f1b42
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-c304bad2a2a82f1b42
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : Spooler function endpoint Type : Local RPC service Named pipe : spoolss
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0 Description : Unknown RPC service Annotation : Spooler base remote object endpoint Type : Local RPC service Named pipe : spoolss
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0 Description : Unknown RPC service Annotation : Spooler function endpoint Type : Local RPC service Named pipe : spoolss
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0 Description : Unknown RPC service Annotation : NSI server endpoint Type : Local RPC service Named pipe : OLE2E1E3257131A47339079F4DD2DA4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0 Description : Unknown RPC service Annotation : NSI server endpoint Type : Local RPC service Named pipe : LRPC-a6cb3ac92a184769c3
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : OLE2E1E3257131A47339079F4DD2DA4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : LRPC-a6cb3ac92a184769c3
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : W32TIME_ALT SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 3bdb59a0-d736-4d44-9074-c1ee00000001 UUID : 24019106-a203-4642-b88d-82dae9158929, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-538989552105521739
Object UUID : 6c637067-6569-746e-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : LRPC-36a2de3107c001233f
Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601 UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-36a2de3107c001233f
Object UUID : 666f7270-6c69-7365-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 736e6573-0000-0000-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 736e6573-0000-0000-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 736e6573-0000-0000-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Local RPC service Named pipe : senssvc
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : senssvc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5095B7C1B0D14C88A965A9B3FD7C
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : dhcpcsvc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : AudioClientRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : Audiosrv
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Local RPC service Named pipe : dhcpcsvc6 192.168.1.53 (tcp/445)
The following DCERPC services are available remotely :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Remote RPC service Named pipe : \PIPE\InitShutdown Netbios name : \\WIN7X86-QA
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\InitShutdown Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b58aa02e-2884-4e97-8176-4ee06d794184, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\trkwks Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Remote RPC service Named pipe : \PIPE\protected_storage Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Remote RPC service Named pipe : \PIPE\W32TIME_ALT Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Windows process : svchost.exe Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Remote RPC service Named pipe : \PIPE\srvsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\srvsvc Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\WIN7X86-QA
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\WIN7X86-QA SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.53 (tcp/49152)
The following DCERPC services are available on TCP port 49152 :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49152 IP : 192.168.1.53 192.168.1.53 (tcp/49153)
The following DCERPC services are available on TCP port 49153 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Remote RPC service TCP Port : 49153 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Remote RPC service TCP Port : 49153 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Remote RPC service TCP Port : 49153 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Remote RPC service TCP Port : 49153 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 06bba54a-be05-49f9-b0a0-30f790261023, version 1.0 Description : Unknown RPC service Annotation : Security Center Type : Remote RPC service TCP Port : 49153 IP : 192.168.1.53 192.168.1.53 (tcp/49154)
The following DCERPC services are available on TCP port 49154 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49154 IP : 192.168.1.53 192.168.1.53 (tcp/49172)
The following DCERPC services are available on TCP port 49172 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 367abb81-9844-35f1-ad32-98f038001003, version 2.0 Description : Service Control Manager Windows process : svchost.exe Type : Remote RPC service TCP Port : 49172 IP : 192.168.1.53 192.168.1.53 (tcp/49177)
The following DCERPC services are available on TCP port 49177 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 6b5bdd1e-528c-422c-af8c-a4079be4fe48, version 1.0 Description : Unknown RPC service Annotation : Remote Fw APIs Type : Remote RPC service TCP Port : 49177 IP : 192.168.1.53
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0 Description : IPsec Services (Windows XP & 2003) Windows process : lsass.exe Annotation : IPSec Policy agent endpoint Type : Remote RPC service TCP Port : 49177 IP : 192.168.1.53 192.168.1.53 (tcp/49180)
The following DCERPC services are available on TCP port 49180 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Security Account Manager Windows process : lsass.exe Type : Remote RPC service TCP Port : 49180 IP : 192.168.1.53 192.168.1.55 (tcp/135)
The following DCERPC services are available locally :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WindowsShutdown
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc03E330
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WindowsShutdown
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc03E330
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : NETLOGON_LRPC
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : d2716e94-25cb-4820-bc15-537866578562, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5CDB3EC75FAD2F3E0D669868550D
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : d2716e94-25cb-4820-bc15-537866578562, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : LRPC-d9b18e0f513ea3de3d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0c53aa2e-fb1c-49c5-bfb6-c54f8e5857cd, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5CDB3EC75FAD2F3E0D669868550D
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0c53aa2e-fb1c-49c5-bfb6-c54f8e5857cd, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-d9b18e0f513ea3de3d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 923c9623-db7f-4b34-9e6d-e86580f8ca2a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE5CDB3EC75FAD2F3E0D669868550D
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 923c9623-db7f-4b34-9e6d-e86580f8ca2a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-d9b18e0f513ea3de3d
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : 8ec21e98-b5ce-4916-a3d6-449fa428a007, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEC392BC261B8968C68CDBD5FFE8EC
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : 8ec21e98-b5ce-4916-a3d6-449fa428a007, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-ffca622758cba13e5e
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : 0fc77b1a-95d8-4a2e-a0c0-cff54237462b, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEC392BC261B8968C68CDBD5FFE8EC
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : 0fc77b1a-95d8-4a2e-a0c0-cff54237462b, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-ffca622758cba13e5e
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : b1ef227e-dfa5-421e-82bb-67a6a129c496, version 0.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Type : Local RPC service Named pipe : OLEC392BC261B8968C68CDBD5FFE8EC
Object UUID : 00000002-0000-0000-0000-000000000000 UUID : b1ef227e-dfa5-421e-82bb-67a6a129c496, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-ffca622758cba13e5e
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000002 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc083EBE222
Object UUID : 52ef130c-08fd-4388-86b3-6edf00000002 UUID : 12e65dd8-887f-41ef-91bf-8d816c42c2e7, version 1.0 Description : Unknown RPC service Annotation : Secure Desktop LRPC interface Type : Local RPC service Named pipe : WMsgKRpc083EBE222
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 6b5bdd1e-528c-422c-af8c-a4079be4fe48, version 1.0 Description : Unknown RPC service Annotation : Remote Fw APIs Type : Local RPC service Named pipe : ipsec
Object UUID : 375ebf25-78de-42d1-8869-74de560e10cd UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0 Description : Distributed Transaction Coordinator Windows process : msdtc.exe Type : Local RPC service Named pipe : LRPC-839804191861f51320
Object UUID : 9f7b8a1e-3785-4ae5-bd00-c2de8627ecab UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0 Description : Distributed Transaction Coordinator Windows process : msdtc.exe Type : Local RPC service Named pipe : LRPC-839804191861f51320
Object UUID : 8942a4f9-4243-43b7-be7e-88a705fcd223 UUID : 906b0ce0-c70b-1067-b317-00dd010662da, version 1.0 Description : Distributed Transaction Coordinator Windows process : msdtc.exe Type : Local RPC service Named pipe : LRPC-839804191861f51320
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4b112204-0e19-11d3-b42b-0000f81feb9f, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : SSDP service Windows process : unknow Type : Local RPC service Named pipe : LRPC-76e477aeaf49d1a229
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4c9dbf19-d39e-4bb9-90ee-8f7179b20283, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-26c1a6c994662defff
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e38f5360-8572-473e-b696-1b46873beeab, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-26c1a6c994662defff
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1.0 Description : Unknown RPC service Annotation : XactSrv service Type : Local RPC service Named pipe : LRPC-d058ae8cbac2fd7fb4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1a0d010f-1c33-432c-b0f5-8cf4e8053099, version 1.0 Description : Unknown RPC service Annotation : IdSegSrv service Type : Local RPC service Named pipe : LRPC-d058ae8cbac2fd7fb4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0 Description : IPsec Services (Windows XP & 2003) Windows process : lsass.exe Type : Local RPC service Named pipe : LRPC-a1eb9a16c29074bdaa
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-a1eb9a16c29074bdaa
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-a1eb9a16c29074bdaa
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : LRPC-a1eb9a16c29074bdaa
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76f03f96-cdfd-44fc-a22c-64950a001209, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-a1eb9a16c29074bdaa
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f2c9b409-c1c9-4100-8639-d8ab1486694a, version 1.0 Description : Unknown RPC service Annotation : Witness Client Upcall Server Type : Local RPC service Named pipe : DNSResolver
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f2c9b409-c1c9-4100-8639-d8ab1486694a, version 1.0 Description : Unknown RPC service Annotation : Witness Client Upcall Server Type : Local RPC service Named pipe : nlaplg
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f2c9b409-c1c9-4100-8639-d8ab1486694a, version 1.0 Description : Unknown RPC service Annotation : Witness Client Upcall Server Type : Local RPC service Named pipe : nlaapi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : eb081a0d-10ee-478a-a1dd-50995283e7a8, version 3.0 Description : Unknown RPC service Annotation : Witness Client Test Interface Type : Local RPC service Named pipe : DNSResolver
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : eb081a0d-10ee-478a-a1dd-50995283e7a8, version 3.0 Description : Unknown RPC service Annotation : Witness Client Test Interface Type : Local RPC service Named pipe : nlaplg
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : eb081a0d-10ee-478a-a1dd-50995283e7a8, version 3.0 Description : Unknown RPC service Annotation : Witness Client Test Interface Type : Local RPC service Named pipe : nlaapi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f1343fe-50a9-4927-a778-0c5859517bac, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : DfsDs service Type : Local RPC service Named pipe : DNSResolver
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f1343fe-50a9-4927-a778-0c5859517bac, version 1.0 Description : Unknown RPC service Annotation : DfsDs service Type : Local RPC service Named pipe : nlaplg
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f1343fe-50a9-4927-a778-0c5859517bac, version 1.0 Description : Unknown RPC service Annotation : DfsDs service Type : Local RPC service Named pipe : nlaapi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : abfb6ca3-0c5e-4734-9285-0aee72fe8d1c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e72914679e23024d60
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b37f900a-eae4-4304-a2ab-12bb668c0188, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e72914679e23024d60
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b3781086-6a54-489b-91c8-51d067172ab7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e72914679e23024d60
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e7f76134-9ef5-4949-a2d6-3368cc0988f3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e72914679e23024d60
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7aeb6705-3ae6-471a-882d-f39c109edc12, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e72914679e23024d60
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f763c91c-2ab1-47fa-868f-7de7efd42194, version 1.0 Description : Unknown RPC service Annotation : VM Allow-List Provider RPC SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : OLEFFBA0A209868626826DC25F5D5CB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f763c91c-2ab1-47fa-868f-7de7efd42194, version 1.0 Description : Unknown RPC service Annotation : VM Allow-List Provider RPC Type : Local RPC service Named pipe : RdvVmAllowListRpc
Object UUID : 6c637067-6569-746e-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 666f7270-6c69-7365-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 24d1f7c7-76af-4f28-9ccd-7f6cb6468601 UUID : 2eb08e3e-639f-4fba-97b1-14f878961076, version 1.0 Description : Unknown RPC service Annotation : Group Policy RPC Interface Type : Local RPC service Named pipe : LRPC-620cb7ab59d0c9fd18
Object UUID : 736e6573-0000-0000-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 736e6573-0000-0000-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0a74ef1c-41a4-4e06-83ae-dc74fb1cdd53, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : senssvc
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 73736573-6f69-656e-6e76-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : senssvc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : SessEnvPrivateRpc
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : ubpmtaskhostchannel SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Annotation : UserMgrCli Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : SessEnvPrivateRpc
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : senssvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : IUserProfile2
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : senssvc
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEF3D3E88FB9470520B11DF54369DB
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e736df0e7ddd5cd25e
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : SessEnvPrivateRpc
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : ubpmtaskhostchannel
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-8a72ed6002aeaf96ae
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-298105dea9522b6422
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : DeviceSetupManager
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-014308ca6fa1f0432c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : df4df73a-c52d-4e3a-8003-8437fdf8302a, version 0.0 Description : Unknown RPC service Annotation : WM_WindowManagerRPC\Server Type : Local RPC service Named pipe : LRPC-f70195bf52be621155
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0 Description : Unknown RPC service Annotation : Base Firewall Engine API Type : Local RPC service Named pipe : LRPC-f70195bf52be621155 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : dd490425-5325-4565-b774-7e27d6c09c24, version 1.0 Description : Unknown RPC service Annotation : Base Firewall Engine API Type : Local RPC service Named pipe : LRPC-161dd518920bc4844d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-f70195bf52be621155
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-161dd518920bc4844d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f9d11bf-7fb9-436b-a812-b2d50c5d4c03, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-6a28e84eaf3b5984d5
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f47433c3-3e9d-4157-aad4-83aa1f5c2d4c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-f70195bf52be621155
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f47433c3-3e9d-4157-aad4-83aa1f5c2d4c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-161dd518920bc4844d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f47433c3-3e9d-4157-aad4-83aa1f5c2d4c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-6a28e84eaf3b5984d5
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-f70195bf52be621155
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-161dd518920bc4844d
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2fb92682-6599-42dc-ae13-bd2ca89bd11c, version 1.0 Description : Unknown RPC service Annotation : Fw APIs Type : Local RPC service Named pipe : LRPC-6a28e84eaf3b5984d5
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Local RPC service Named pipe : dhcpcsvc6
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : eventlog
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : dhcpcsvc6
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-7feacae53c56a9800a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-7feacae53c56a9800a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-21ed7ec0bdabfc5e21
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : LRPC-5fe15263aabba4daf4
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : eventlog
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : dhcpcsvc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : dhcpcsvc6
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : LRPC-7feacae53c56a9800a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Local RPC service Named pipe : LRPC-21ed7ec0bdabfc5e21
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7ea70bcf-48af-4f6a-8968-6a440754d5fa, version 1.0 Description : Unknown RPC service Annotation : NSI server endpoint Type : Local RPC service Named pipe : LRPC-2071a6fa8cd7c28813
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : LRPC-2071a6fa8cd7c28813
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : OLE645D0786E42F0A305F52327E8B4D SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service Type : Local RPC service Named pipe : W32TIME_ALT
Object UUID : 3bdb59a0-d736-4d44-9074-c1ee00000001 UUID : f3f09ffd-fbcf-4291-944d-70ad6e0e73bb, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3050fa9b756a467731
Object UUID : fdd099c6-df06-4904-83b4-a87a27903c70 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 5222821f-d5e2-4885-84f1-5f6185a0ec41, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint for NCB Reset module Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 5222821f-d5e2-4885-84f1-5f6185a0ec41, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint for NCB Reset module Type : Local RPC service Named pipe : LRPC-4a58d4e89487c1d93c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 880fd55e-43b9-11e0-b1a8-cf4edfd72085, version 1.0 Description : Unknown RPC service Annotation : KAPI Service endpoint Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 880fd55e-43b9-11e0-b1a8-cf4edfd72085, version 1.0 Description : Unknown RPC service Annotation : KAPI Service endpoint Type : Local RPC service Named pipe : LRPC-4a58d4e89487c1d93c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 880fd55e-43b9-11e0-b1a8-cf4edfd72085, version 1.0 Description : Unknown RPC service Annotation : KAPI Service endpoint Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : OLE55E464D0ADCD92154867EC60BFAE
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 880fd55e-43b9-11e0-b1a8-cf4edfd72085, version 1.0 Description : Unknown RPC service Annotation : KAPI Service endpoint Type : Local RPC service Named pipe : LRPC-08591fdddf7d2e0c7e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e40f7b57-7a25-4cd3-a135-7f7d3df9d16b, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e40f7b57-7a25-4cd3-a135-7f7d3df9d16b, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint Type : Local RPC service Named pipe : LRPC-4a58d4e89487c1d93c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e40f7b57-7a25-4cd3-a135-7f7d3df9d16b, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint Type : Local RPC service Named pipe : OLE55E464D0ADCD92154867EC60BFAE
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : e40f7b57-7a25-4cd3-a135-7f7d3df9d16b, version 1.0 Description : Unknown RPC service Annotation : Network Connection Broker server endpoint Type : Local RPC service Named pipe : LRPC-08591fdddf7d2e0c7e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0 Description : Unknown RPC service Annotation : PcaSvc Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0 Description : Unknown RPC service Annotation : PcaSvc Type : Local RPC service Named pipe : LRPC-4a58d4e89487c1d93c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : PcaSvc Type : Local RPC service Named pipe : OLE55E464D0ADCD92154867EC60BFAE
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0 Description : Unknown RPC service Annotation : PcaSvc Type : Local RPC service Named pipe : LRPC-08591fdddf7d2e0c7e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0767a036-0d22-48aa-ba69-b619480f38cb, version 1.0 Description : Unknown RPC service Annotation : PcaSvc Type : Local RPC service Named pipe : TSUMRPD_PRINT_DRV_LPC_API
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-d3d444c8f34249703a
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-4a58d4e89487c1d93c
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLE55E464D0ADCD92154867EC60BFAE
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-08591fdddf7d2e0c7e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : TSUMRPD_PRINT_DRV_LPC_API
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : trkwks
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-a538fee2bf2fe643bd
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000001 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : WMsgKRpc03E6D1
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4bec6bb8-b5c2-4b6f-b2c1-5da5cf92d0d9, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 085b0334-e454-4d91-9b8c-4134f9e793f3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 085b0334-e454-4d91-9b8c-4134f9e793f3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8782d3b9-ebbd-4644-a3d8-e8725381919b, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8782d3b9-ebbd-4644-a3d8-e8725381919b, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3b338d89-6cfa-44b8-847e-531531bc9992, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3b338d89-6cfa-44b8-847e-531531bc9992, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bdaa0970-413b-4a3e-9e5d-f6dc9d7e0760, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 5824833b-3c1a-4ad2-bdfd-c31d19e23ed2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 6d726574-7273-0076-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : umpo
Object UUID : 6d726574-7273-0076-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : actkernel
Object UUID : 6d726574-7273-0076-0000-000000000000 UUID : c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1.0 Description : Unknown RPC service Annotation : Impl friendly name Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2d98a740-581d-41b9-aa0d-a88b9d5ce938, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2d98a740-581d-41b9-aa0d-a88b9d5ce938, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2d98a740-581d-41b9-aa0d-a88b9d5ce938, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2d98a740-581d-41b9-aa0d-a88b9d5ce938, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0, version 1.0 Description : Unknown RPC service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c605f9fb-f0a3-4e2a-a073-73560f8d9e3e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c605f9fb-f0a3-4e2a-a073-73560f8d9e3e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c605f9fb-f0a3-4e2a-a073-73560f8d9e3e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c605f9fb-f0a3-4e2a-a073-73560f8d9e3e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e39c3514bcb6f08467
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e39c3514bcb6f08467
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-66353bbd809b84ac2b
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e39c3514bcb6f08467
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-66353bbd809b84ac2b
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : csebpub SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-e39c3514bcb6f08467
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-66353bbd809b84ac2b
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : csebpub
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : dabrpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-34a09d1a7755237ee9
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : umpo
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : actkernel
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-3009868dbe1a9c45ed
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LSMApi
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : OLEDCFCEC96B3BB06395E6413A32D5B
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-41e56cb12f7332285e
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : LRPC-e39c3514bcb6f08467
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-66353bbd809b84ac2b
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : csebpub
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : dabrpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Local RPC service Named pipe : LRPC-34a09d1a7755237ee9
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : lsacap
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : SidKey Local End Point
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Local RPC service Named pipe : samss lpc
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : audit
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : securityevent
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsacap
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsasspirpc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : protected_storage
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : SidKey Local End Point
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : samss lpc
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : NETLOGON_LRPC
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : audit
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : securityevent
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsacap
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : protected_storage
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : SidKey Local End Point
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : samss lpc
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Local RPC service Named pipe : NETLOGON_LRPC
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : lsacap
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : SidKey Local End Point
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Local RPC service Named pipe : NETLOGON_LRPC
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsacap
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : SidKey Local End Point
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : samss lpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : NETLOGON_LRPC
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : audit
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : securityevent
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSARPC_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsacap
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSA_IDPEXT_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : LSA_EAS_ENDPOINT
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsapolicylookup
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : lsasspirpc
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : protected_storage
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : SidKey Local End Point
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Local RPC service Named pipe : samss lpc 192.168.1.55 (tcp/445)
The following DCERPC services are available remotely :
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\InitShutdown Netbios name : \\SERVER-2016 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : b08669ee-8cb5-43a5-a017-84fe00000000 UUID : 76f226c3-ec14-4325-8a99-6a46348418af, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\InitShutdown Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 7f1343fe-50a9-4927-a778-0c5859517bac, version 1.0 Description : Unknown RPC service Annotation : DfsDs service Type : Remote RPC service Named pipe : \PIPE\wkssvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1ff70682-0a51-30e8-076d-740be8cee98b, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 378e52b0-c0a9-11cf-822d-00aa0051e40f, version 1.0 Description : Scheduler Service Windows process : svchost.exe Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc Netbios name : \\SERVER-2016
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \PIPE\atsvc Netbios name : \\SERVER-2016
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\SessEnvPublicRpc SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Remote RPC service Named pipe : \pipe\eventlog Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3473dd4d-2e88-4006-9cba-22570909dd10, version 5.0 Description : Unknown RPC service Annotation : WinHttp Auto-Proxy Service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Type : Remote RPC service Named pipe : \PIPE\W32TIME_ALT Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : bf4dc912-e52f-4904-8ebe-9317c1bdd497, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\trkwks Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2d98a740-581d-41b9-aa0d-a88b9d5ce938, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8bfc3be1-6def-4e2d-af74-7c47cd0ade4a, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1b37ca91-76b1-4f5e-a3c7-2abfc61f2bb0, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c605f9fb-f0a3-4e2a-a073-73560f8d9e3e, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3e2735-cea0-4ecc-a9e2-41a2d81aed4e, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2c7fd9ce-e706-4b40-b412-953107ef9bb0, version 0.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c521facf-09a9-42c5-b155-72388595cbf0, version 0.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 1832bcf6-cab8-41d4-85d2-c9410764f75a, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4dace966-a243-4450-ae3f-9b7bcb5315b8, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 55e6b932-1979-45d6-90c5-7f6270724112, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76c217bc-c8b4-4201-a745-373ad9032b1a, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 88abcbc3-34ea-76ae-8215-767520655a23, version 0.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2513bcbe-6cd4-4348-855e-7efb3c336dd3, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 20c40295-8dba-48e6-aebf-3e78ef3bb144, version 1.0 Description : Unknown RPC service Type : Remote RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b8cadbaf-e84b-46b9-84f2-6f71c03f9e55, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 857fb1be-084f-4fb5-b59c-4b2c4be5f0cf, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : db57eb61-1aa2-4906-9396-23e8b8024c32 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 697dcda9-3ba9-4eb2-9247-e11f1901b0d2, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 9e56cbc5-e634-4267-818e-ffa7dce1fa86 UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 9b008953-f195-4bf9-bde0-4471971e58ed, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : fc48cd89-98d6-4628-9839-86f7a3e4161a, version 1.0 Description : Unknown RPC service Type : Remote RPC service Named pipe : \pipe\LSM_API_service Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service Named pipe : \pipe\lsass Netbios name : \\SERVER-2016 192.168.1.55 (tcp/49664)
The following DCERPC services are available on TCP port 49664 : SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 765294ba-60bc-48b8-92e9-89fd77769d91 UUID : d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49664 IP : 192.168.1.55 192.168.1.55 (tcp/49665)
The following DCERPC services are available on TCP port 49665 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service TCP Port : 49665 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345778-1234-abcd-ef00-0123456789ac, version 1.0 Description : Security Account Manager Windows process : lsass.exe Type : Remote RPC service TCP Port : 49665 IP : 192.168.1.55
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service TCP Port : 49665 IP : 192.168.1.55
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service TCP Port : 49665 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Remote RPC service TCP Port : 49665 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service TCP Port : 49665 IP : 192.168.1.55 192.168.1.55 (tcp/49666)
The following DCERPC services are available on TCP port 49666 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1.0 Description : Unknown RPC service Annotation : Event log TCPIP Type : Remote RPC service TCP Port : 49666 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5, version 1.0 Description : DHCP Client Service Windows process : svchost.exe Annotation : DHCP Client LRPC Endpoint Type : Remote RPC service TCP Port : 49666 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6, version 1.0 Description : Unknown RPC service Annotation : DHCPv6 Client LRPC Endpoint Type : Remote RPC service TCP Port : 49666 IP : 192.168.1.55
Object UUID : b5ccd5ef-4238-440b-bba0-999f828f1cfe UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49666 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a500d4c6-0dd1-4543-bc0c-d5f93486eaf8, version 1.0 Description : Unknown RPC service Type : Remote RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
TCP Port : 49666 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1.0 Description : Unknown RPC service Annotation : NRP server endpoint Type : Remote RPC service TCP Port : 49666 IP : 192.168.1.55 192.168.1.55 (tcp/49671)
The following DCERPC services are available on TCP port 49671 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 29770a8f-829b-4158-90a2-78cd488501f7, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 33d84484-3626-47ee-8c6f-e7e98b113be1, version 2.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 86d35949-83c9-4044-b424-db363231fd0c, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 3a9ef155-691d-4449-8d05-09ad57031823, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b18fbab6-56f8-4702-84e0-41053293a869, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0d3c7f20-1c8d-4654-a1b3-51563b298bda, version 1.0 Description : Unknown RPC service Annotation : UserMgrCli Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1.0 Description : Unknown RPC service Annotation : IP Transition Configuration endpoint Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 2e6035b2-e8f1-41a7-a044-656b439c4c34, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager provider server endpoint Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c36be077-e14b-4fe9-8abc-e856ef4f048b, version 1.0 Description : Unknown RPC service Annotation : Proxy Manager client server endpoint Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : c49a5a70-8a7f-4e70-ba16-1e8f1f193ef1, version 1.0 Description : Unknown RPC service Annotation : Adh APIs Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1.0 Description : Unknown RPC service Annotation : IKE/Authip API Type : Remote RPC service TCP Port : 49671 IP : 192.168.1.55
Object UUID : 582a47b2-bcd8-4d3c-8acb-fe09d5bd6eec UUID : d09bdeb5-6171-4a34-bfe2-06fa82652568, version 1.0 Description : Unknown RPC service Type : Remote RPC service SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
TCP Port : 49671 IP : 192.168.1.55 192.168.1.55 (tcp/49673)
The following DCERPC services are available on TCP port 49673 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 51a227ae-825b-41f2-b4a9-1ac9557a1018, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service TCP Port : 49673 IP : 192.168.1.55
Object UUID : 5fc860e0-6f6e-4fc2-83cd-46324f25e90b UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service TCP Port : 49673 IP : 192.168.1.55
Object UUID : 9a81c2bd-a525-471d-a4ed-49907c0b23da UUID : 0b1c2170-5732-4e0e-8cd3-d9b16f3b84d7, version 0.0 Description : Unknown RPC service Annotation : RemoteAccessCheck Type : Remote RPC service TCP Port : 49673 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86, version 2.0 Description : Unknown RPC service Annotation : KeyIso Type : Remote RPC service TCP Port : 49673 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 8fb74744-b2ff-4c00-be0d-9ef9a191fe1b, version 1.0 Description : Unknown RPC service Annotation : Ngc Pop Key Service Type : Remote RPC service TCP Port : 49673 IP : 192.168.1.55 192.168.1.55 (tcp/49697) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The following DCERPC services are available on TCP port 49697 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 12345678-1234-abcd-ef00-0123456789ab, version 1.0 Description : IPsec Services (Windows XP & 2003) Windows process : lsass.exe Type : Remote RPC service TCP Port : 49697 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 0b6edbfa-4a24-4fc6-8a23-942b1eca65d1, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49697 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : ae33069b-a2a8-46ee-a235-ddfd339be281, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49697 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 4a452661-8290-4b36-8fbe-7f4093a94978, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49697 IP : 192.168.1.55
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 76f03f96-cdfd-44fc-a22c-64950a001209, version 1.0 Description : Unknown RPC service Type : Remote RPC service TCP Port : 49697 IP : 192.168.1.55 192.168.1.55 (tcp/49698)
The following DCERPC services are available on TCP port 49698 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 367abb81-9844-35f1-ad32-98f038001003, version 2.0 Description : Service Control Manager Windows process : svchost.exe Type : Remote RPC service TCP Port : 49698 IP : 192.168.1.55 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.55 (tcp/49722)
The following DCERPC services are available on TCP port 49722 :
Object UUID : 00000000-0000-0000-0000-000000000000 UUID : 6b5bdd1e-528c-422c-af8c-a4079be4fe48, version 1.0 Description : Unknown RPC service Annotation : Remote Fw APIs Type : Remote RPC service TCP Port : 49722 IP : 192.168.1.55 192.168.1.68 (tcp/135) report output too big - ending list here
22964 (21) - Service Detection Synopsis The remote service could be identified. Description Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it receives an HTTP request. Solution n/a Risk Factor None Plugin Information: Published: 2007/08/19, Modified: 2017/07/07 Plugin Output 192.168.1.39 (tcp/22)
An SSH server is running on this port. 192.168.1.39 (tcp/80)
A web server is running on this port. 192.168.1.39 (tcp/443)
A TLSv1 server answered on this port. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/443)
A web server is running on this port through TLSv1. 192.168.1.39 (tcp/3128)
A web server is running on this port. 192.168.1.39 (tcp/3128)
An HTTP proxy is running on this port. 192.168.1.39 (tcp/3306)
A MySQL server is running on this port. 192.168.1.43 (tcp/22)
An SSH server is running on this port. 192.168.1.43 (tcp/9090)
A TLSv1.1 server answered on this port. 192.168.1.43 (tcp/9090)
A web server is running on this port through TLSv1.1. 192.168.1.53 (tcp/5357)
A web server is running on this port. 192.168.1.55 (tcp/5985)
A web server is running on this port. 192.168.1.55 (tcp/47001)
A web server is running on this port. 192.168.1.68 (tcp/2869) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
A web server is running on this port. 192.168.1.68 (tcp/5357)
A web server is running on this port. 192.168.1.72 (tcp/22)
An SSH server is running on this port. 192.168.1.79 (tcp/10243)
A web server is running on this port. 192.168.1.85 (tcp/22)
An SSH server is running on this port. 192.168.1.110 (tcp/22)
An SSH server is running on this port.
192.168.1.113 (tcp/47001)
A web server is running on this port. 192.168.1.114 (tcp/5357)
A web server is running on this port. 10287 (12) - Traceroute Information Synopsis It was possible to obtain traceroute information. Description Makes a traceroute to the remote host. Solution n/a Risk Factor None Plugin Information: Published: 1999/11/27, Modified: 2017/08/22 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.39 : 192.168.1.108 192.168.1.39
Hop Count: 1 192.168.1.43 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.43 : 192.168.1.108 192.168.1.43
Hop Count: 1 192.168.1.53 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.53 : 192.168.1.108 192.168.1.53
Hop Count: 1 192.168.1.55 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.55 : 192.168.1.108 192.168.1.55
Hop Count: 1 192.168.1.68 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.68 : 192.168.1.108 192.168.1.68
Hop Count: 1 192.168.1.72 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.72 : 192.168.1.108 192.168.1.72 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Hop Count: 1 192.168.1.79 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.79 : 192.168.1.108 192.168.1.79
Hop Count: 1 192.168.1.85 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.85 : 192.168.1.108 192.168.1.85
Hop Count: 1 192.168.1.110 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.110 : 192.168.1.108 192.168.1.110
Hop Count: 1 192.168.1.112 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.112 : 192.168.1.108 192.168.1.112
Hop Count: 1 192.168.1.113 (udp/0)
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.113 : 192.168.1.108 192.168.1.113
Hop Count: 1 192.168.1.114 (udp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
For your information, here is the traceroute from 192.168.1.108 to 192.168.1.114 : 192.168.1.108 192.168.1.114
Hop Count: 1 11011 (12) - Microsoft Windows SMB Service Detection Synopsis A file / print sharing service is listening on the remote host. Description The remote service understands the CIFS (Common Internet File System) or Server Message Block (SMB) protocol, used to provide shared access to files, printers, etc between nodes on a network. Solution n/a Risk Factor None Plugin Information: Published: 2002/06/05, Modified: 2015/06/02 Plugin Output 192.168.1.53 (tcp/139)
An SMB server is running on this port. 192.168.1.53 (tcp/445)
A CIFS server is running on this port. 192.168.1.55 (tcp/139)
An SMB server is running on this port. 192.168.1.55 (tcp/445)
A CIFS server is running on this port. 192.168.1.68 (tcp/139)
An SMB server is running on this port. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.68 (tcp/445)
A CIFS server is running on this port. 192.168.1.79 (tcp/139)
An SMB server is running on this port. 192.168.1.79 (tcp/445)
A CIFS server is running on this port. 192.168.1.113 (tcp/139)
An SMB server is running on this port. 192.168.1.113 (tcp/445)
A CIFS server is running on this port. 192.168.1.114 (tcp/139)
An SMB server is running on this port. 192.168.1.114 (tcp/445)
A CIFS server is running on this port. 12053 (12) - Host Fully Qualified Domain Name (FQDN) Resolution Synopsis It was possible to resolve the name of the remote host. Description Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host. Solution n/a Risk Factor None Plugin Information: SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Published: 2004/02/11, Modified: 2017/04/14 Plugin Output 192.168.1.39 (tcp/0)
192.168.1.39 resolves as centos6dvwa.localhost.local. 192.168.1.43 (tcp/0)
192.168.1.43 resolves as fedora25.localhost.local. 192.168.1.53 (tcp/0)
192.168.1.53 resolves as win7x86-qa.localhost.local. 192.168.1.55 (tcp/0)
192.168.1.55 resolves as server-2016.localhost.local. 192.168.1.68 (tcp/0)
192.168.1.68 resolves as win7patched.localhost.local. 192.168.1.72 (tcp/0)
192.168.1.72 resolves as suse12.localhost.local. 192.168.1.79 (tcp/0)
192.168.1.79 resolves as win81hostagent2.localhost.local. 192.168.1.85 (tcp/0)
192.168.1.85 resolves as rhel6.localhost.local. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.110 (tcp/0)
192.168.1.110 resolves as ubuntu16hostagent.localhost.local. 192.168.1.112 (tcp/0)
192.168.1.112 resolves as win81hostagent.localhost.local. 192.168.1.113 (tcp/0)
192.168.1.113 resolves as 2k8hostagent.localhost.local. 192.168.1.114 (tcp/0)
192.168.1.114 resolves as win7hostagent.localhost.local. 19506 (12) - Nessus Scan Information Synopsis This plugin displays information about the Nessus scan. Description This plugin displays, for each tested host, information about the scan itself :
- The version of the plugin set. - The type of scanner (Nessus or Nessus Home). - The version of the Nessus Engine. - The port scanner(s) used. - The port range scanned. - Whether credentialed or third-party patch management checks are possible. - The date of the scan. - The duration of the scan. - The number of hosts scanned in parallel. - The number of checks done in parallel. Solution n/a Risk Factor None Plugin Information: Published: 2005/08/26, Modified: 2017/10/26 Plugin Output SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.39 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 184 sec 192.168.1.43 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 332 sec 192.168.1.53 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 190 sec 192.168.1.55 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 206 sec 192.168.1.68 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 182 sec 192.168.1.72 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 117 sec 192.168.1.79 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 376 sec 192.168.1.85 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 1106 sec 192.168.1.110 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 106 sec 192.168.1.112 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 221 sec 192.168.1.113 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 258 sec 192.168.1.114 (tcp/0)
Information about this scan :
Nessus version : 7.0.0 Plugin feed version : 201712110615 Scanner edition used : Nessus Scan type : Normal Scan policy used : Basic Network Scan Scanner IP : 192.168.1.108 Port scanner(s) : nessus_syn_scanner Port range : 1-65535 Thorough tests : no Experimental tests : no Paranoia level : 2 Report verbosity : 1 Safe checks : yes Optimize the test : yes Credentialed checks : no Patch management checks : None CGI scanning : disabled Web application tests : disabled Max hosts : 30 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Max checks : 4 Recv timeout : 5 Backports : None Allow post-scan editing: Yes Scan Start Date : 2017/12/11 10:16 Eastern Standard Time Scan duration : 254 sec 35716 (12) - Ethernet Card Manufacturer Detection Synopsis The manufacturer can be identified from the Ethernet OUI. Description Each ethernet MAC address starts with a 24-bit Organizationally Unique Identifier (OUI). These OUIs are registered by IEEE. See Also
http://standards.ieee.org/faqs/regauth.html
http://www.nessus.org/u?794673b4 Solution n/a Risk Factor None Plugin Information: Published: 2009/02/19, Modified: 2017/11/17 Plugin Output 192.168.1.39 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:49 : Microsoft Corporation 192.168.1.43 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:af : Microsoft Corporation 192.168.1.53 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:b5 : Microsoft Corporation 192.168.1.55 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The following card manufacturers were identified :
00:15:5d:0f:c6:dd : Microsoft Corporation 192.168.1.68 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:a4 : Microsoft Corporation 192.168.1.72 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:93 : Microsoft Corporation 192.168.1.79 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:a1 : Microsoft Corporation 192.168.1.85 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:b9 : Microsoft Corporation 192.168.1.110 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:b8 : Microsoft Corporation 192.168.1.112 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:aa : Microsoft Corporation SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.113 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:ab : Microsoft Corporation 192.168.1.114 (tcp/0)
The following card manufacturers were identified :
00:15:5d:0f:c6:a9 : Microsoft Corporation 84047 (12) - Hyper-V Virtual Machine Detection Synopsis The remote host is a Hyper-V virtual machine. Description According to the MAC address of its network adapter, the remote host is a Microsoft Hyper-V virtual machine. See Also
http://www.nessus.org/u?55895693
http://www.nessus.org/u?7ef0cc51 Solution Since it is physically accessible through the network, ensure that its configuration matches your organization's security policy. Risk Factor None Plugin Information: Published: 2015/06/09, Modified: 2017/11/20 Plugin Output 192.168.1.39 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.43 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.53 (tcp/0)
The remote host is a Hyper-V virtual machine. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.55 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.68 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.72 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.79 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.85 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.110 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.112 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.113 (tcp/0)
The remote host is a Hyper-V virtual machine. 192.168.1.114 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The remote host is a Hyper-V virtual machine. 10114 (11) - ICMP Timestamp Request Remote Date Disclosure Synopsis It is possible to determine the exact time set on the remote host. Description The remote host answers to an ICMP timestamp request. This allows an attacker to know the date that is set on the targeted machine, which may assist an unauthenticated, remote attacker in defeating time-based authentication protocols.
Timestamps returned from machines running Windows Vista / 7 / 2008 / 2008 R2 are deliberately incorrect, but usually within 1000 seconds of the actual system time. Solution Filter out the ICMP timestamp requests (13), and the outgoing ICMP timestamp replies (14). Risk Factor None References
CVE CVE-1999-0524
XREF CWE:200 XREF OSVDB:94 Plugin Information: Published: 1999/08/01, Modified: 2012/06/18 Plugin Output 192.168.1.39 (icmp/0)
The remote clock is synchronized with the local clock. 192.168.1.43 (icmp/0)
The remote clock is synchronized with the local clock. 192.168.1.53 (icmp/0)
This host returns non-standard timestamps (high bit is set) The ICMP timestamps might be in little endian format (not in network format) The difference between the local and remote clocks is 1 second. 192.168.1.55 (icmp/0)
The ICMP timestamps seem to be in little endian format (not in network format) The remote clock is synchronized with the local clock. 192.168.1.68 (icmp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
This host returns non-standard timestamps (high bit is set) The ICMP timestamps might be in little endian format (not in network format) The remote clock is synchronized with the local clock. 192.168.1.72 (icmp/0)
The remote clock is synchronized with the local clock. 192.168.1.79 (icmp/0)
The ICMP timestamps seem to be in little endian format (not in network format) The remote clock is synchronized with the local clock. 192.168.1.85 (icmp/0)
The remote clock is synchronized with the local clock. 192.168.1.110 (icmp/0)
The difference between the local and remote clocks is 151 seconds. 192.168.1.113 (icmp/0)
The ICMP timestamps seem to be in little endian format (not in network format) The difference between the local and remote clocks is -317 seconds. 192.168.1.114 (icmp/0)
This host returns non-standard timestamps (high bit is set) The ICMP timestamps might be in little endian format (not in network format) The difference between the local and remote clocks is -234 seconds. 25220 (11) - TCP/IP Timestamps Supported Synopsis The remote service implements TCP timestamps. Description The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the uptime of the remote host can sometimes be computed. See Also
http://www.ietf.org/rfc/rfc1323.txt Solution n/a Risk Factor None Plugin Information: SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Published: 2007/05/16, Modified: 2011/03/20 Plugin Output 192.168.1.39 (tcp/0)
192.168.1.43 (tcp/0) 192.168.1.53 (tcp/0)
192.168.1.55 (tcp/0) 192.168.1.68 (tcp/0) 192.168.1.72 (tcp/0)
192.168.1.79 (tcp/0) 192.168.1.85 (tcp/0) 192.168.1.110 (tcp/0)
192.168.1.113 (tcp/0) 192.168.1.114 (tcp/0)
45590 (11) - Common Platform Enumeration (CPE) Synopsis It was possible to enumerate CPE names that matched on the remote system. Description By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration) matches for various hardware and software products found on a host.
Note that if an official CPE is not available for the product, this plugin computes the best possible CPE based on the information available from the scan. See Also
http://cpe.mitre.org/
https://nvd.nist.gov/products/cpe Solution n/a Risk Factor SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
None Plugin Information: Published: 2010/04/21, Modified: 2017/06/06 Plugin Output 192.168.1.39 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:centos:centos:6 -> CentOS-6
Following application CPE's matched on the remote system : cpe:/a:openbsd:openssh:5.3 -> OpenBSD OpenSSH 5.3 cpe:/a:apache:http_server:2.2.15 -> Apache Software Foundation Apache HTTP Server 2.2.15 192.168.1.43 (tcp/0)
The remote operating system matched the following CPE's : cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel:3.13 cpe:/o:linux:linux_kernel:4.2 cpe:/o:linux:linux_kernel:4.8
Following application CPE matched on the remote system : cpe:/a:openbsd:openssh:7.4 192.168.1.53 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_7:::ultimate 192.168.1.55 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_server_2016:::datacenter 192.168.1.68 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_7:::ultimate 192.168.1.72 (tcp/0)
The remote operating system matched the following CPE's : cpe:/o:linux:linux_kernel:3.10 cpe:/o:linux:linux_kernel:3.13 cpe:/o:linux:linux_kernel:4.2 cpe:/o:linux:linux_kernel:4.8
Following application CPE matched on the remote system : cpe:/a:openbsd:openssh:7.2 192.168.1.79 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_8_1 192.168.1.85 (tcp/0)
Following application CPE matched on the remote system : cpe:/a:openbsd:openssh:5.3 -> OpenBSD OpenSSH 5.3 192.168.1.110 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:canonical:ubuntu_linux:16.10
Following application CPE matched on the remote system : cpe:/a:openbsd:openssh:7.3 192.168.1.113 (tcp/0) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_server_2008:r2:sp1:enterprise 192.168.1.114 (tcp/0)
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_7:::ultimate 11936 (10) - OS Identification Synopsis It is possible to guess the remote operating system. Description Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the name of the remote operating system in use. It is also possible sometimes to guess the version of the operating system. Solution n/a Risk Factor None Plugin Information: Published: 2003/12/09, Modified: 2017/08/29 Plugin Output 192.168.1.39 (tcp/0)
Remote operating system : Linux Kernel 2.6 on CentOS Linux release 6 Confidence level : 95 Method : HTTP
The remote host is running Linux Kernel 2.6 on CentOS Linux release 6 192.168.1.43 (tcp/0)
Remote operating system : Linux Kernel 3.10 Linux Kernel 3.13 Linux Kernel 4.2 Linux Kernel 4.8 Confidence level : 59 Method : SinFP
The remote host is running one of these operating systems : SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Linux Kernel 3.10 Linux Kernel 3.13 Linux Kernel 4.2 Linux Kernel 4.8 192.168.1.53 (tcp/0)
Remote operating system : Microsoft Windows 7 Ultimate Confidence level : 99 Method : MSRPC
The remote host is running Microsoft Windows 7 Ultimate 192.168.1.55 (tcp/0)
Remote operating system : Windows Server 2016 Datacenter 14393 Confidence level : 70 Method : smb
The remote host is running Windows Server 2016 Datacenter 14393 192.168.1.68 (tcp/0)
Remote operating system : Microsoft Windows 7 Ultimate Confidence level : 99 Method : MSRPC
The remote host is running Microsoft Windows 7 Ultimate 192.168.1.72 (tcp/0)
Remote operating system : Linux Kernel 3.10 Linux Kernel 3.13 Linux Kernel 4.2 Linux Kernel 4.8 Confidence level : 59 Method : SinFP
The remote host is running one of these operating systems : Linux Kernel 3.10 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Linux Kernel 3.13 Linux Kernel 4.2 Linux Kernel 4.8 192.168.1.79 (tcp/0)
Remote operating system : Microsoft Windows 8.1 Pro Confidence level : 99 Method : MSRPC
The remote host is running Microsoft Windows 8.1 Pro 192.168.1.110 (tcp/0)
Remote operating system : Linux Kernel 4.8 on Ubuntu 16.10 (yakkety) Confidence level : 95 Method : SSH
The remote host is running Linux Kernel 4.8 on Ubuntu 16.10 (yakkety) 192.168.1.113 (tcp/0)
Remote operating system : Microsoft Windows Server 2008 R2 Enterprise Service Pack 1 Confidence level : 99 Method : MSRPC
The remote host is running Microsoft Windows Server 2008 R2 Enterprise Service Pack 1 192.168.1.114 (tcp/0)
Remote operating system : Microsoft Windows 7 Ultimate Confidence level : 99 Method : MSRPC
The remote host is running Microsoft Windows 7 Ultimate 54615 (10) - Device Type Synopsis It is possible to guess the remote device type. Description SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer, router, general-purpose computer, etc). Solution n/a Risk Factor None Plugin Information: Published: 2011/05/23, Modified: 2011/05/23 Plugin Output 192.168.1.39 (tcp/0)
Remote device type : general-purpose Confidence level : 95 192.168.1.43 (tcp/0)
Remote device type : general-purpose Confidence level : 59 192.168.1.53 (tcp/0)
Remote device type : general-purpose Confidence level : 99 192.168.1.55 (tcp/0)
Remote device type : general-purpose Confidence level : 70 192.168.1.68 (tcp/0)
Remote device type : general-purpose Confidence level : 99 192.168.1.72 (tcp/0)
Remote device type : general-purpose Confidence level : 59 192.168.1.79 (tcp/0)
Remote device type : general-purpose Confidence level : 99 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.110 (tcp/0)
Remote device type : general-purpose Confidence level : 95 192.168.1.113 (tcp/0)
Remote device type : general-purpose Confidence level : 99 192.168.1.114 (tcp/0)
Remote device type : general-purpose Confidence level : 99 10863 (8) - SSL Certificate Information Synopsis This plugin displays the SSL certificate. Description This plugin connects to every SSL-related port and attempts to extract and dump the X.509 certificate. Solution n/a Risk Factor None Plugin Information: Published: 2008/05/19, Modified: 2015/12/30 Plugin Output 192.168.1.39 (tcp/443)
Subject Name:
Country: US State/Province: Maryland Locality: Baltimore Organization: localhost Organization Unit: Home Common Name: dvwacentos.localhost.local
Issuer Name:
Country: US State/Province: Maryland Locality: Baltimore Organization: localhost Organization Unit: Home Common Name: dvwacentos.localhost.local
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Serial Number: 00 89 09 BB 04 64 A1 77 99
Version: 1
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Mar 02 21:23:17 2016 GMT Not Valid After: Mar 02 21:23:17 2017 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 C2 C4 70 A9 9D 20 39 93 02 48 B2 8E 1B 9D F6 73 94 55 17 DD FA A2 DC 5A 13 0D 1B 02 32 56 28 F5 03 91 E6 7E 70 03 FE 34 E9 A9 17 DD 7D 89 C8 53 05 F9 5B 11 64 EE 7D 5A A2 24 D5 6A 22 22 B2 CC C9 3D 57 50 03 E7 19 F1 0F 57 1A 02 77 B7 53 AB 07 99 55 D3 3E B9 03 98 0C CA 64 FD 7D 63 63 DA 5D 61 8D 6E BF 62 6B 2C 35 F4 A8 40 CC 44 09 5D F3 5F 20 DC 62 EF F5 41 53 CA 59 E5 DD FC 03 0E 6B 99 AB 73 44 2A DE 14 BE F1 1D F5 43 50 3C BE 7B D2 9A C8 53 17 10 BE 62 39 7E 22 F5 86 4B DF AF 6C 87 E7 D2 65 93 79 B8 68 AD 5A 52 33 27 EF BB F1 5F 61 3F 17 E6 31 A0 A7 71 BE 4F 67 E1 81 95 84 AB 6B 9D C1 67 B2 AC 7C 85 D5 B6 45 C0 39 9D 48 F4 14 1D 4F 5C C8 61 8A 2E 1A FE B8 3F 76 C4 2E 09 69 5C 91 B6 B7 A6 E6 44 A4 ED 70 75 07 7C 5B 79 AD 95 97 2D D6 64 0B 17 A6 A6 30 23 C1 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 95 DF 9C 94 E1 B0 7C CF F9 7F 14 62 56 AE D0 46 80 34 75 C7 38 60 58 9B 7B 18 78 D9 0B DA 62 8D 65 FD 80 3C 15 71 6E D8 D1 95 D7 83 6B 3D 46 79 46 E1 2C E9 BE FD E4 95 9B 74 40 B5 EC 5D E2 DA 4C 24 7F E5 8A EE 80 4E AA 0E 7B A9 60 BC C3 B1 DA 49 9F 38 A3 C7 89 4F C0 BE 6E 11 59 84 06 28 6F 08 1D 2E 2C E4 2E 28 A2 25 B2 FC 55 7E 09 54 5E 95 2E B4 57 D8 BC D8 E2 32 D2 7B C4 AE 3D D2 BF E1 A1 EC 2D 4B D7 F1 A2 91 8D 24 95 69 C0 13 D5 08 53 F0 8D 8A EA B8 40 D7 3D 33 1E 21 14 F5 CC 19 56 E2 81 5F EB 1C 54 13 05 CA 1A 7F 3F EF E9 51 BE BF 02 C3 29 CD 20 06 D1 54 03 71 4E D6 75 92 EA 6B 71 79 C4 8C 04 F4 6D 2C D0 81 2A 19 B9 75 0F C7 23 F3 A4 09 A7 76 CC 5E 50 15 C4 40 ED DB 3E 65 1B 11 74 F8 C2 98 93 DF 54 74 90 02 83 9A 3E F4 C5 4F 15 54 BD FC 01 DE D9 AD FF 56
Fingerprints :
SHA-256 Fingerprint: 9E AE 34 9E 97 57 12 D3 22 DD 26 3E D6 69 6B 77 9B 87 24 E9 A5 B1 A5 42 CA 90 4A D3 CA FA BE 77 SHA-1 Fingerprint: FF F0 DA EB E2 46 4E AE E2 3A F1 C0 F3 FE 5F 37 50 89 17 22 MD5 Fingerprint: 3E 51 6E C8 76 4F A6 96 72 51 C0 17 9C 8F 3C E4 192.168.1.43 (tcp/9090) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Subject Name:
Organization: 5a4fa85e0277478f8c474a86c65f8daf Common Name: fedora25.localhost.local
Issuer Name:
Organization: 5a4fa85e0277478f8c474a86c65f8daf Common Name: fedora25.localhost.local
Serial Number: 00 BD 6A 1B A2 E7 DE C2 FD
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Jan 23 22:14:10 2017 GMT Not Valid After: Dec 30 22:14:10 2116 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 B3 DB DA F1 B5 67 78 01 05 62 28 49 C1 BA C6 AD B0 66 61 52 33 1C 5D 0A 6D A6 22 68 98 F6 C0 6B 08 6E 84 CF 62 33 84 8A 81 3E BE 73 C8 41 9C 4D B4 BD 6D 4B 01 A9 9A 06 98 A3 83 C8 39 78 49 8B BD 74 2B 08 69 86 8B B6 93 5F 34 2A 08 62 C4 31 0A 6E 58 AB B6 42 F5 C9 51 EA 0E F0 1B E4 32 8E 38 24 26 98 EE 1B B9 4E 81 81 F8 97 99 D6 F4 09 92 AC FF 33 A8 4C B2 0F 59 A0 2B E2 83 11 73 7B 41 6B D7 91 AB CE 57 89 E1 D1 47 0F 6B F6 43 B0 38 40 BC 15 E6 C0 65 91 CD 22 5E 63 78 AD 08 BA 8E C2 0F 16 EA 79 9F 8D 26 FC BD 9E AD C0 3B C4 24 F0 B3 0C 0F 2D 1E 48 E6 8E 31 DE CA 12 92 0E BB 21 62 20 36 91 57 C2 FC A1 B2 E5 33 D8 B4 55 9C AD E2 10 79 5A DB B0 7D F7 43 78 4C 9C 10 6B EF C2 13 36 CB 1F 19 CD 7B C8 F3 E2 4A 22 F2 B0 AD FE CB D1 75 FE E7 BF AF AD CC DE 44 38 47 63 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 20 13 4C B0 B9 27 91 F3 CF 9B 91 2C A0 4E BD 73 3C 7A 95 9A 4B 8D 2B 82 43 CE BA 9F 34 A7 18 5C 73 E5 95 58 69 DF 1F 2F EE 09 35 38 7A 6A 14 80 EB 22 1B 0D 2E 25 76 94 78 6C 01 88 AB BF 61 80 FD 8E 09 59 11 32 99 2E AA 8E 9A 06 43 6C CF BE A2 A0 78 40 94 C0 2B 92 1C 2E 61 7E 21 CB 33 91 12 4A EB 82 28 9A ED 57 B9 B5 5B BA 27 45 BD FC E0 04 F6 C4 42 76 21 96 EF 81 7B 2D A2 62 3A EA DD 5D C7 84 2A 9B C1 B2 05 53 A9 4D 04 4B 82 C0 DA 3F 79 E5 4F D4 CF AC 28 D1 56 7B E9 0A E0 EA 9A 81 70 FC 20 43 30 04 E5 BA 00 43 52 64 D0 98 5D EE 6F C6 41 BC F7 E8 6A F3 F5 B4 5B 23 2F 45 3C A3 CD E3 FD EE 3A 93 51 F3 50 C0 6D 4F DE C1 0F 11 B9 95 7A B7 75 CF 4F 1D 1B C1 70 4C 63 00 A0 60 92 AE DC 8E 48 D6 96 DD F3 54 C8 25 DF AA 56 84 65 5F DC CA 24 25 FF 1C DB 13 31 A4 99 29
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Extension: Subject Key Identifier (2.5.29.14) Critical: 0 Subject Key Identifier: 0F 08 88 F5 9F B0 D9 B2 87 52 DD 4A F6 BF 0D 5A 3D 17 34 A2
Extension: Authority Key Identifier (2.5.29.35) Critical: 0 Key Identifier: 0F 08 88 F5 9F B0 D9 B2 87 52 DD 4A F6 BF 0D 5A 3D 17 34 A2
Extension: Basic Constraints (2.5.29.19) Critical: 0 CA: TRUE
Fingerprints :
SHA-256 Fingerprint: D6 D4 38 10 1E CE C6 62 90 73 47 7E 70 E4 7A 38 6D 05 EB 26 B0 1B 53 9B 1F A4 53 E7 BF FC 9F 04 SHA-1 Fingerprint: 4C 71 6A 5B 8A D8 E9 81 60 3F 10 4B 3E 15 28 DB FE B7 ED 8D MD5 Fingerprint: 77 34 E7 47 80 6C 3D 67 75 94 57 51 41 65 3E BF 192.168.1.53 (tcp/3389)
Subject Name:
Common Name: win7x86-qa.localhost.local
Issuer Name:
Common Name: win7x86-qa.localhost.local
Serial Number: 5F DA 53 D0 14 30 18 A7 4E 59 53 77 35 E0 74 21
Version: 3
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Oct 14 14:57:33 2017 GMT Not Valid After: Apr 15 14:57:33 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 B9 49 89 9C 5B F7 CD AF B5 4D 1E BE 3B 08 96 67 AE 22 AD 55 77 9E 36 19 E2 01 D0 F1 CD 9B 0A 02 46 3A 66 58 94 79 20 72 47 26 D4 B3 86 FD 48 B6 BB 3C 48 EE 92 A4 0A AD 9F D3 A1 C3 28 C1 59 1F 3F F6 3D 9C 05 C0 CF 54 83 51 2A A5 79 33 A2 D0 D5 57 A8 79 D8 44 E4 30 3E 5A 38 82 53 9F 8F 4E 05 09 58 D4 25 95 A2 FC 1C 00 92 12 B2 E6 E8 C0 C4 8A 36 18 23 B1 25 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
D2 C0 B4 6E 58 64 BC 2C E9 F9 0C F3 CF CD 07 CE 48 33 26 99 28 43 67 04 5F D0 1E 73 B8 3C EB 53 66 D3 7F EF 97 68 A4 DA 6C 25 73 A2 44 98 30 8A 4D AF 60 A2 14 DB 62 F9 6B 44 73 F8 A8 9E EA 46 A5 25 61 73 9C 22 A6 DC BB 59 62 C5 A4 91 FE 88 43 79 A3 64 D9 A1 B6 CF FC E9 8A 34 6B E7 89 34 A7 C3 6E DB 0E E4 A9 2B B3 76 43 17 63 08 D7 FE 4E 0E E8 20 13 9F A6 48 7E C7 D2 5A 37 74 4B 89 B9 2C 90 5A 4F 67 D2 BA 95 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 7F 25 F5 2F 35 36 75 52 FA 84 23 91 7F D7 B3 87 89 F7 83 2B D8 DF 11 0F 57 3D FD D1 3E 4A 8A F7 95 59 D2 DE DA 0E 91 77 81 CA FE 22 3A 77 7A C6 C0 CA F2 95 BB 60 C6 0F 27 F7 0C BA 6E 22 35 21 40 93 07 50 77 07 80 41 DB 4B 56 81 FF 35 38 C9 46 23 1E 7C 54 14 DC 9C 9A EE A9 42 6C 64 C1 7A 26 DE 72 3B F5 71 4A 3C F9 D6 07 56 76 7E 6F 16 9E 28 25 FE 51 C4 5E 09 B0 25 34 E1 80 E5 FF 2F 82 46 91 F2 B9 B5 49 DC 84 66 AD C5 18 25 A9 E2 C6 04 E1 ED 1E A5 FD E3 6E FB 08 1E EA 91 5E C2 78 38 42 5C 74 B0 DC D9 06 46 19 A8 48 D2 C3 1A 79 4E 87 D4 EA 3A C0 B4 E8 BB 58 A6 82 EB 92 03 E7 90 6D 0C 69 5E A6 84 2D B6 81 3F 4F 5C 17 11 D1 5C C2 FE 4D AD 26 A5 E6 22 93 73 B2 F8 2E FC DE D3 EC A8 BB 37 B9 54 4A 17 0D ED FB D8 ED D7 98 17 85 7C E6 62 93 91 40 88 20 3F 46 D9 0E A8
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) Critical: 0 Key Usage: Key Encipherment, Data Encipherment
Fingerprints :
SHA-256 Fingerprint: A5 5C 0E F5 B8 EC 34 DD F2 63 84 6A 4F 91 1E 57 19 9B 06 4E D5 DA F8 24 61 E2 61 77 48 75 31 80 SHA-1 Fingerprint: A0 86 D2 5D 68 CA 4F 51 C7 FC 3E 0D 91 AB 6B C7 34 7E DE 5A MD5 Fingerprint: 62 17 5F CC E8 EB F4 0C 4F B5 67 09 15 F3 9C BD 192.168.1.55 (tcp/3389)
Subject Name:
Common Name: server-2016.localhost.local
Issuer Name:
Common Name: server-2016.localhost.local
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Serial Number: 46 97 C3 42 B8 E1 C7 8C 4A 29 BB 07 AC 4D E3 5C
Version: 3
Signature Algorithm: SHA-256 With RSA Encryption
Not Valid Before: Nov 12 18:00:02 2017 GMT Not Valid After: May 14 18:00:02 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 AD E3 D2 6A 98 E9 AF 79 24 F5 59 F3 43 D2 CF 13 D6 E8 FC 30 1F 0E 64 4B 89 9F D1 24 74 F0 D1 EB 6C 05 96 FA CE E8 EE A4 34 10 3C 1A 44 2B 14 09 28 A8 0E 40 27 84 FD DD 24 C7 D0 AF 3E 01 C5 22 A1 48 42 9C C0 1A 3A 8F AF 2D 41 B3 CA 36 29 7A E1 00 9F 3E 50 15 E2 22 35 D0 06 74 3B EE A5 D1 02 AC 41 DE 51 2C 70 A0 3B 12 75 11 01 25 6E C5 2C 01 E3 1B 95 38 40 F8 62 DA D6 43 8A 9E 13 D6 B2 3E A8 51 8B 43 6D B6 93 88 22 82 B6 EA DF 8E EF AB 0D 83 84 42 45 C6 50 1A EC 22 99 9C 99 6D 3A 47 43 82 99 D7 5C 9D F1 06 55 4E 8E F4 05 46 1A 58 8D BF AB DE 26 38 02 9E D4 6D FE 71 C0 88 4C 5B BF E2 88 6B 83 64 FA 41 F6 90 49 E7 C1 BE D9 21 40 AB AE 0A 87 90 31 02 EF 81 3F B7 D5 90 CD 68 B7 86 02 D1 5D 7E 09 33 04 70 08 3E B6 A3 B1 D0 51 F7 B1 21 E4 2F CD F9 81 FC BD D7 49 E3 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 06 89 B3 BA E8 FA 36 0A CA 41 B9 BE AF DF 9A 0E C9 9D C2 BE 1A D1 71 B4 9F 3D D7 17 EB 92 E5 1F 29 7C 77 1F 44 FF 31 96 94 4A 91 10 A1 5F 35 2E F6 04 6E 6F C5 58 02 4C 44 E4 A0 0E 24 8B 6D D3 8B A2 5B 98 80 FB 1F 8B 6B 72 BF 49 AF EA A9 D2 3E 5B 47 EC 2A 03 C4 17 29 1D 4F 70 A3 40 CB BA C2 EB 1D B2 AD 8F 66 CE 4A 51 6E FF 9C 22 78 5C 43 45 04 55 19 D4 D2 F4 4C 3C BC 65 0D FC 99 D5 44 1B 3B 94 C6 BE F2 B0 B1 55 D1 60 F8 F2 72 8B 8E 66 3E E0 BB EB 9F 6B 41 26 24 AE 36 E9 B0 74 2F 98 49 4A C1 C9 7E 12 F7 CE B9 04 14 3F 07 54 65 0C A6 32 6B D0 71 02 10 99 BC 53 69 0A 41 B3 E0 41 DA 9F BF 42 8E DF F9 DA 1B 88 62 E6 49 A7 26 7A 66 87 71 D0 E1 09 1C 4F FB F2 6F 5C 9A 71 24 43 92 F8 76 99 88 20 00 25 9D 4B BD 4D 6D AE 0D 73 54 2D 4E 5D 49 C7 DD 90 9D 53 B1 AB 3A CB
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) Critical: 0 Key Usage: Key Encipherment, Data Encipherment
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Fingerprints :
SHA-256 Fingerprint: 50 36 8E 3E 2A 78 0B CC FC B5 5C 1B 40 80 6A 27 65 B2 55 4E 6A DA D3 94 EE 7F 2D 9D 11 C5 7D BA SHA-1 Fingerprint: 11 95 4E 4E 07 BF DB 18 B2 31 97 7D 2F DE 42 28 AD 5C A0 99 MD5 Fingerprint: CB 5E B4 E5 F2 3B 0C 04 71 B3 B3 B3 10 36 27 66 192.168.1.68 (tcp/3389)
Subject Name:
Common Name: win7patched.localhost.local
Issuer Name:
Common Name: win7patched.localhost.local
Serial Number: 5C 47 9F 0E 38 E5 BC 8E 41 9E 6A 82 32 5C 0D 29
Version: 3
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Dec 01 04:44:24 2017 GMT Not Valid After: Jun 02 04:44:24 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 DA 5C 7C CA 61 19 E8 09 98 8C 52 2A 8F C1 91 C0 F1 0B 29 C2 46 69 8B 06 CC 58 D0 3F 8B DA A9 E3 7C F9 8F A1 3C DE A2 03 14 08 CB D3 3F DF 6A 8D BD F2 2A 58 E0 5E 65 A8 E6 D0 78 27 0D 0A 9C A0 C8 1D A0 63 2C 9B E5 55 33 5E 15 04 DE FD D8 01 8C 82 3A A3 6F E3 58 39 2C 44 2F 18 A7 C5 32 92 C6 AE 18 B6 4B 3C D2 F0 85 68 09 52 43 C5 31 7F 53 C9 87 CB D8 4E 85 F2 D4 2D 03 D3 87 A9 57 08 F6 7E B2 7C E3 D4 EE 25 8B 1E 6E 13 66 C2 FD DF 04 FE 6B DD 13 9D CC 6E FB DE DA 58 14 39 83 FB BE 1F D0 2E B6 23 E3 93 D1 AE 33 BA 96 A5 1F F3 FC DB F2 88 60 ED 24 40 B3 8B 78 21 75 A8 FD F3 33 E8 25 B3 7A 97 49 D6 EB 70 62 8D 53 6D 5C 7B 24 5C B4 A8 00 F1 BD 31 C5 02 81 13 22 E6 BD 4E 81 22 94 F5 62 D5 FA F1 E5 55 A7 5D 20 B3 4C 9F 55 0E CE 16 CD 34 2D 0D 85 C1 B8 E1 01 8F 0C CB Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 21 27 A6 92 96 23 57 10 41 8C 2D 87 23 B0 7F 66 E2 88 AC F1 2A 79 A9 EC 51 6B A2 78 72 37 0B A3 80 D2 5E 64 E3 72 23 D5 21 61 D6 51 8F 96 4A 4A 32 C0 C7 A5 8E A8 F5 8B 24 D2 16 3C DD 52 03 54 41 B5 87 5B AF 26 B7 5A E7 BB D2 83 2C F8 29 E9 0B 38 04 01 F4 A1 32 13 05 00 53 E4 D0 C4 C5 0E A4 78 F8 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
A9 B8 1C CB 7C B0 1C D7 97 54 52 DC 91 C6 8F D9 6A 2A 9B 86 A7 A1 3E 69 F8 B8 87 FF 4B A5 CB 41 CB BB 59 33 A4 96 BB 68 AF F5 52 08 9F 16 90 9F 72 A2 D1 0E 80 4C 13 A8 10 EA B6 3E 21 B1 CE 0B 1F 3B 55 28 93 4A 43 E8 80 39 E5 E5 72 A1 7E 1F A5 E7 14 E0 C4 15 68 7F 0F D2 69 41 C2 EE 07 E2 E3 BC 6E 0A 3F E1 BD 18 F3 51 D4 64 58 D8 8E 29 08 63 B1 8E 19 99 94 48 D1 0B EA 67 7C 9C 8A 9A 61 E2 2A 6B E0 9A 7E D5 C3 D7 21 22 CE 0B 87 EC 70 5C B9 BA A0 B9 91 B4 AB C1 10 1F 5E
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) Critical: 0 Key Usage: Key Encipherment, Data Encipherment
Fingerprints :
SHA-256 Fingerprint: 45 9A 39 D8 30 72 02 FD 59 68 97 B2 D8 9D D4 CA 0C 61 BC F4 3F 42 EE 9C ED 98 7A 8B 67 6B AE C9 SHA-1 Fingerprint: 2F 18 A8 CB 3A E9 3B 69 76 BA 35 8E 26 12 97 88 9A F9 B5 C8 MD5 Fingerprint: 1F 8C 9F E7 14 20 10 4C BC 5D 4C 6C 43 6C 9D 74 192.168.1.79 (tcp/3389)
Subject Name:
Common Name: win81hostagent2.localhost.local
Issuer Name:
Common Name: win81hostagent2.localhost.local
Serial Number: 4F 27 09 26 A0 04 CD A2 4A 5C F0 98 0E 8A 8E 31
Version: 3
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Oct 14 02:58:16 2017 GMT Not Valid After: Apr 15 02:58:16 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 BE 0A 16 9A CF 8B 30 1C 7A 3F 31 C4 F2 89 12 BA AA A7 50 06 50 3C 7C AD 81 6E B1 C2 28 08 6D DD A0 9C 76 B8 E2 74 90 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
54 89 16 96 C4 47 80 CA 51 CD 0F 92 95 52 DD 4B F3 37 B0 DB 0A ED 8E 79 81 19 B1 0E F8 28 9B 21 A1 1D 59 2D 4A 81 3F 1F 9E 84 69 F7 2E B5 08 57 F6 49 56 74 F4 58 CF 48 42 6A 66 C9 97 A6 EF 1B 2A 16 A9 11 37 6E 19 37 1A 3B E6 A7 04 E1 AD 49 88 E2 27 BB 36 4D 23 78 8E 75 7A 9D 5F EF F7 9E FB B6 A6 CA 55 A6 E8 83 BE 9F B5 5B 33 C8 20 12 73 16 7C 00 50 88 05 D9 E0 DD C8 54 D6 55 E7 45 99 9F 75 EA 9A D5 57 C6 CC 51 13 06 63 99 C2 06 8B 64 09 14 C6 83 01 41 B7 F9 C0 CB 70 D0 0A 12 08 06 24 EC E1 84 F7 EB 51 C6 85 C8 0D DE B1 3B 74 B4 8B DF 69 15 EC 74 B5 C4 1D 65 9F 32 AA F6 4D 14 21 29 AC FA 8B 01 32 22 8D F4 1E 4B D6 A7 8D 09 BF 1F 96 ED 09 B8 F5 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 8C 83 03 A6 75 BD CD C1 63 C7 72 79 20 C0 DF 89 92 8E C6 0A 15 51 CB 1C 60 BF 6B EE 9D 2D 3E FA E2 7C 21 A6 53 FA 34 87 11 02 AA CA 76 69 4E B6 97 6D 5A 31 00 2C 7B 3D 60 F1 AE E7 2E 2F AC 23 53 C2 19 70 DC AD 7F 64 30 15 42 61 29 52 2F 79 FE 62 00 2B 1C 1D 88 3E 3C A9 84 84 DE 51 E7 F7 38 79 41 BD 4A D1 B6 9B 1A AD 4A FB F7 4B FC 1C AA 71 2C 4C 14 9D 5B EB 43 3A D1 34 D1 76 3D 70 2A 02 18 10 2B 85 77 CD F6 86 F2 5F 4E 7A C1 80 E4 11 1A EF C5 0C D6 AC B2 F6 0E 0A 3C D6 C3 2C F4 0A E1 90 BE AB 5B 8A C2 CD CD F8 9A 19 10 CD C2 70 94 49 44 F8 2F 7E 87 F6 0E 95 30 FF 72 CA A0 56 6F 0A 97 06 92 F9 CB 67 AE E0 92 14 3F B1 06 33 10 29 7E A8 F3 20 07 B8 A3 82 FA BA 06 E6 09 E9 5B EB 0A C1 FC 85 F3 2D B8 F1 81 41 45 38 F0 05 D8 5D FC 1F F1 2B 36 B7 EA 58 8C 70 56 43
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) Critical: 0 Key Usage: Key Encipherment, Data Encipherment
Fingerprints :
SHA-256 Fingerprint: 47 3A C1 00 02 4C 4B 89 E8 85 05 3E F9 13 AE FF 87 C5 33 A9 91 C3 FD 43 B8 AC C9 7F 67 47 72 FF SHA-1 Fingerprint: 23 7C 73 EE CE C5 2C 77 F7 AA 31 04 93 4A BC BE 6A 6A 98 56 MD5 Fingerprint: 5F 8C F6 50 FB 73 25 4A AC 9B 5B 83 86 FB 3F 8E 192.168.1.113 (tcp/3389)
Subject Name:
Common Name: 2K8hostAGENT.localhost.local
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Issuer Name:
Common Name: 2K8hostAGENT.localhost.local
Serial Number: 1B 0B 4A 50 06 CE 0F 92 40 24 E9 53 20 45 33 0B
Version: 3
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Oct 14 02:58:16 2017 GMT Not Valid After: Apr 15 02:58:16 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 A7 3C BC AD 24 32 38 46 5C F8 71 B7 97 55 8B A0 BB AC C3 A4 89 C2 52 A0 87 4B BE E1 ED 85 6F 08 87 E4 52 99 95 03 53 85 E2 9F 18 C5 77 35 9F 45 B4 15 DB 29 10 7E 33 1A FC EA 80 82 99 BC A7 AB F7 D9 72 88 DB 8E 4F 54 4B 67 2F ED C2 1B 6F 12 DC EC 94 DA 99 28 36 0B B3 58 A7 45 9E 28 43 0F 9E 57 78 4A 95 69 4D CA E6 4B 37 9D D4 99 A0 DE 53 FB 2A A5 3C 67 68 D8 3B 78 72 25 DA 61 11 A8 9E 31 08 E8 92 C8 16 4E 93 D8 13 0F 9A 48 B4 B4 A8 15 F7 6C 0B CF CC C4 1C 63 FD 0B D0 77 0E B6 77 9E 27 74 B9 57 47 84 B9 B8 B2 5F 4C 8B AB 84 BC C4 85 00 EC A6 DB 81 35 F2 E9 92 57 4C 07 E5 43 BC A6 BA CE F7 91 BF 3A 7F 61 15 E8 7E F4 20 38 56 69 50 A0 34 83 2E BC D5 53 77 1D 5B 3A B5 A7 00 BB 84 6E 6B 39 3C 3D 15 03 83 00 18 4D 25 DB 2C 32 7B F5 54 14 DC BF 8F E2 F1 CE 46 B3 43 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 2D C1 7B BD 83 2E CB DE BD BF E3 CE 88 52 3F 59 B3 CF 4B C9 C2 B7 A5 E8 A3 E0 B3 91 DB C8 D5 1D 8B 5A 66 EC 79 CF 26 0F 5A C4 05 19 70 4E 29 CA FC AF 6D DC 64 A9 24 7C 94 40 E3 02 AD E0 82 48 65 FE 77 D9 80 6D 0E 52 16 32 04 9E 4E 7C 14 AB 81 A4 C2 8C 71 46 68 BB 3F 1E 04 7A 0A 78 BE 6E B9 6D FB D4 9A F3 78 C1 B9 96 FF A0 49 89 3C 6D B4 EF 4F 8E 8F 45 9D 5E 6C 5C 74 A1 FE 48 92 F6 06 EC 61 80 37 C9 FE 37 AD 83 95 AC 5B AC 9C 65 38 CD 42 B7 C5 89 6F 6E AC DB 10 79 C2 25 FD 80 EF C8 60 29 36 18 96 E4 81 8D AE EE 66 E8 54 8C AA 95 12 9A 0B 33 23 AF 5E 09 01 EE F2 2E 94 65 DA 86 74 94 35 1F BA C4 8E 65 F9 A9 DE 12 32 74 36 B3 59 F9 FF 25 BC 89 2A 15 C4 BA F0 21 7E 63 BC 23 2E 7F AC 03 A5 41 3E 90 9F 96 87 4B 28 69 DA DA 8A 47 F2 95 85 35 03 76 68 BC BB 4B F3 D1
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
Critical: 0 Key Usage: Key Encipherment, Data Encipherment
Fingerprints :
SHA-256 Fingerprint: 6F A6 83 3B D7 92 F8 C5 0F EC 56 86 7A 59 AE 4C 15 0C AA FE 09 E3 C6 4C 7B F8 08 C0 2A 72 DB 3E SHA-1 Fingerprint: 8B 30 4C A9 E6 9B 56 AA 90 F6 33 C7 56 16 12 27 2E 3D 16 DA MD5 Fingerprint: 70 27 26 53 52 14 4A F2 AE 5E EA F2 48 20 9C 4B 192.168.1.114 (tcp/3389)
Subject Name:
Common Name: win7hostagent.localhost.local
Issuer Name:
Common Name: win7hostagent.localhost.local
Serial Number: 19 1E 09 C1 BD 75 4F 93 48 C2 05 D0 0C 89 9A D5
Version: 3
Signature Algorithm: SHA-1 With RSA Encryption
Not Valid Before: Oct 14 02:58:09 2017 GMT Not Valid After: Apr 15 02:58:09 2018 GMT
Public Key Info:
Algorithm: RSA Encryption Key Length: 2048 bits Public Key: 00 AE CC 55 40 3C 4D D0 86 7F 3F 0F CA BA D3 13 47 31 05 32 B1 F3 1B 86 CE DA 22 0C 5A 70 BA 9E 1D 92 BB F9 4D 89 50 21 B7 45 02 17 67 7B 26 23 0B 51 E1 70 13 D5 5C 81 3C 10 FB F1 D3 57 3D A7 B7 27 C3 91 94 20 F5 02 9E 53 95 97 7D F3 9C 82 29 3E 24 5E 0B 18 E5 25 7D 29 F4 D8 40 19 24 4A 24 1A 02 D1 6D 9B 1D DC 40 B9 01 63 B8 F5 D7 0A 6F 27 43 DD 70 95 77 7E C0 AF 0B 70 E8 5E 51 16 D5 0F 10 9D A4 30 89 DE 36 92 A6 D9 C0 9C 02 D6 9A 11 33 3C 7D 0F B2 FE E2 28 CB CA 91 FD A5 29 7E 96 28 F3 78 BC BB AC 77 98 94 FF 6B 33 64 1B C5 18 52 10 0E 91 E3 38 EF 9E 51 39 5B 9A C0 01 4A B7 47 A5 34 A3 76 22 31 76 FC 57 12 98 B6 C1 36 47 D5 11 7F B2 AF 3C 2A D3 A1 17 B7 C3 1F F2 4B 04 EC CC 5B F3 47 F3 2A 29 F3 B6 6F 0A 2E FD E2 E8 71 CE 6B AF 65 9F E5 45 78 5D 6C D2 64 46 27 Exponent: 01 00 01
Signature Length: 256 bytes / 2048 bits Signature: 00 1A 86 98 5B 25 16 39 4E 8D BD 34 92 7F C9 A0 77 54 96 15 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
74 36 AA 97 43 E2 65 18 60 9A 48 07 08 37 E9 85 3D 87 6A E4 8A 06 3D 13 3B AC 84 73 50 BA B5 7A EB 51 AC 37 5F BF 35 F3 F2 9D 27 E2 97 11 5E BC CB 82 9C 16 C1 53 62 CE E9 E9 B6 11 56 A8 04 43 C3 3E 48 89 3F 6A A9 6E 20 83 F9 51 16 D6 A6 FF CA 86 31 E7 55 7B 04 0B E1 20 B0 2F A4 11 6F B4 A7 A5 8C D0 B4 36 E5 3E 99 AD 5B 11 AC D0 EC FC CD 8B 5A 2C FA 80 4F 3F 24 5B CF 6C 9C 12 7A 3E 8C 88 FC 46 5F 9E D5 A7 68 74 FC 5D 16 55 64 E2 25 5F A8 5D C4 1B 75 FC 0B 80 BF D9 EE AA 7E BC A5 12 44 02 D6 1A B6 FC 10 5C 62 A8 DF 53 F7 54 3D C8 05 56 38 38 95 B9 EE F8 0E 68 E1 ED 71 08 DB 50 7F 52 B3 4F 7E 90 01 0B F6 6B 18 23 14 1E D9 F5 E2 FD EB 0F 57 93 63 56 18 71 98 12 13 61 54 5C 35 D0 3C 3A E4 3D 9A 46 60 D4 E0
Extension: Extended Key Usage (2.5.29.37) Critical: 0 Purpose#1: Web Server Authentication (1.3.6.1.5.5.7.3.1)
Extension: Key Usage (2.5.29.15) Critical: 0 Key Usage: Key Encipherment, Data Encipherment
Fingerprints :
SHA-256 Fingerprint: BF 78 13 FF 37 67 70 E2 77 95 45 FB 82 FD F5 5E A9 25 73 1F A7 68 11 7F 34 62 76 A7 7B 4E 00 15 SHA-1 Fingerprint: 50 4A B4 D9 F8 3E 92 63 EF E2 E0 D1 90 9E E4 84 64 8F 84 AC MD5 Fingerprint: 2C 02 30 2D 3D 33 DF 5E 66 0D 03 BD D4 EE C4 15 21643 (8) - SSL Cipher Suites Supported Synopsis The remote service encrypts communications using SSL. Description This plugin detects which SSL ciphers are supported by the remote service for encrypting communications. See Also
https://www.openssl.org/docs/man1.1.0/apps/ciphers.html
http://www.nessus.org/u?3a040ada Solution n/a Risk Factor None Plugin Information: Published: 2006/06/05, Modified: 2017/11/13 Plugin Output 192.168.1.39 (tcp/443)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version. SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
SSL Version : TLSv12 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256 DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA256 DHE-RSA-AES256-SHA256 Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA256 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
SSL Version : TLSv11 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : SSLv3 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
EDH-RSA-DES-CBC3-SHA Kx=DH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 ECDHE-RSA-DES-CBC3-SHA Kx=ECDH Au=RSA Enc=3DES-CBC(168) Mac=SHA1 DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 DHE-RSA-CAMELLIA128-SHA Kx=DH Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 DHE-RSA-CAMELLIA256-SHA Kx=DH Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-RC4-SHA Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.43 (tcp/9090)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv12 High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384 ECDHE-RSA-CAMELLIA-CBC-128 Kx=ECDH Au=RSA Enc=Camellia-CBC(128) Mac=SHA256 ECDHE-RSA-CAMELLIA-GCM-128 Kx=ECDH Au=RSA Enc=Camellia-GCM(128) Mac=SHA256 ECDHE-RSA-CAMELLIA-CBC-256 Kx=ECDH Au=RSA Enc=Camellia-CBC(256) Mac=SHA384 ECDHE-RSA-CAMELLIA-GCM-256 Kx=ECDH Au=RSA Enc=Camellia-GCM(256) Mac=SHA384 ECDHE-RSA-CHACHA20-POLY1305 Kx=ECDH Au=RSA Enc=ChaCha20-Poly1305(256) Mac=SHA256 n/a Kx=RSA Au=RSA Enc=AES-CCM(128) Mac=AEAD RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 n/a Kx=RSA Au=RSA Enc=AES-CCM(256) Mac=AEAD RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-CAMELLIA-GCM-128 Kx=RSA Au=RSA Enc=Camellia-GCM(128) Mac=SHA256 RSA-CAMELLIA-GCM-256 Kx=RSA Au=RSA Enc=Camellia-GCM(256) Mac=SHA384 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256 RSA-CAMELLIA128-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA256 RSA-CAMELLIA256-SHA256 Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA256
SSL Version : TLSv11 High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 CAMELLIA128-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(128) Mac=SHA1 CAMELLIA256-SHA Kx=RSA Au=RSA Enc=Camellia-CBC(256) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.53 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv12 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256 DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
SSL Version : TLSv11 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.55 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv12 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-GCM(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
SSL Version : TLSv11 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are : SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.68 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv12 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256 DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
SSL Version : TLSv11 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.79 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv12 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA256 Kx=DH Au=RSA Enc=AES-GCM(128) Mac=SHA256 DHE-RSA-AES256-SHA384 Kx=DH Au=RSA Enc=AES-GCM(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-GCM(128) Mac=SHA256 RSA-AES256-SHA384 Kx=RSA Au=RSA Enc=AES-GCM(256) Mac=SHA384 DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 ECDHE-RSA-AES128-SHA256 Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA256 ECDHE-RSA-AES256-SHA384 Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA384 RSA-AES128-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA256 RSA-AES256-SHA256 Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA256
SSL Version : TLSv11 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
DHE-RSA-AES128-SHA Kx=DH Au=RSA Enc=AES-CBC(128) Mac=SHA1 DHE-RSA-AES256-SHA Kx=DH Au=RSA Enc=AES-CBC(256) Mac=SHA1 ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
192.168.1.113 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 192.168.1.114 (tcp/3389)
Here is the list of SSL ciphers supported by the remote server : Each group is reported per SSL Version.
SSL Version : TLSv1 Medium Strength Ciphers (> 64-bit and < 112-bit key, or 3DES)
DES-CBC3-SHA Kx=RSA Au=RSA Enc=3DES-CBC(168) Mac=SHA1
High Strength Ciphers (>= 112-bit key)
ECDHE-RSA-AES128-SHA Kx=ECDH Au=RSA Enc=AES-CBC(128) Mac=SHA1 ECDHE-RSA-AES256-SHA Kx=ECDH Au=RSA Enc=AES-CBC(256) Mac=SHA1 AES128-SHA Kx=RSA Au=RSA Enc=AES-CBC(128) Mac=SHA1 AES256-SHA Kx=RSA Au=RSA Enc=AES-CBC(256) Mac=SHA1 RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –
{OpenSSL ciphername} Kx={key exchange} Au={authentication} Enc={symmetric encryption method} Mac={message authentication code} {export flag} 24260 (8) - HyperText Transfer Protocol (HTTP) Information Synopsis Some information about the remote HTTP configuration can be extracted. Description This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc...
This test is informational only and does not denote any security problem. Solution n/a Risk Factor None Plugin Information: Published: 2007/01/30, Modified: 2017/11/13 Plugin Output 192.168.1.39 (tcp/80)
Response Code : HTTP/1.1 403 Forbidden
Protocol version : HTTP/1.1 SSL : no Keep-Alive : no Options allowed : (Not implemented) Headers :
Date: Mon, 11 Dec 2017 15:18:38 GMT Server: Apache/2.2.15 (CentOS) Accept-Ranges: bytes Content-Length: 4961 Connection: close Content-Type: text/html; charset=UTF-8
Response Body :
Apache 2 Test Page
powered by CentOS
This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page it means that the Apache HTTP server installed at this site is working properly.
If you are a member of the general public:
The fact that you are seeing this page indicates that the website you just visited is either experiencing problems or is undergoing routine maintenance.
If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail. In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person.
For example, if you experienced problems while visiting www.example.com, you should send e-mail to "[email protected]".
If you are the website administrator:
You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf.
You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS!
SUUM Technologies. Soluciones de ciberseguridad. INFORME EJEMPLO SIN VALIDEZ – NO DISTRIBUIR – Informe confidencial propiedad de ABC Inc. No distribuir sin autorización –About CentOS:
The Community ENTerprise Operating System (CentOS) Linux is a community-supported enterprise distribution derived from sources freely provided to the public by Red Hat. As such, CentOS Linux aims to be functionally compatible with Red Hat Enterprise Linux. The CentOS Project is the organization that builds CentOS. We mainly change packages to remove upstream vendor branding and artwork.For information on CentOS please visit the CentOS website.
Note:
CentOS is an Operating System and it is used to power this website; however, the webserver is owned by the domain owner and not the CentOS Project. If you have issues with the content of this site, contact the owner of the domain, not the CentOS Project.
Unless this server is on the centos.org domain, the CentOS Project doesn't have anything to do with the content on this webserver or any e-mails that directed you to this site.
For example, if this website is www.example.com, you would find the owner of the example.com domain at the following WHOIS server: