je dois déployer un NAS, mais avant pour des raisons de sécurité, je dois corriger une vulnérabilité, à savoir bloquer un port udp:
j'ai testé ceci :
sbin/iptables -A INPUT -p udp --destination-port 5353 -j DROP
/sbin/service iptables save
j'obtiens ceci
sbin/iptables: No such file or directory
Merci de vos retours
le message exacte:
Synopsis
It is possible to obtain information about the remote host.
Description
The remote service understands the Bonjour (also known as ZeroConf or mDNS) protocol, which allows anyone to uncover information from the remote host such as its operating system type and exact version, its hostname, and the list of services it is running.
Solution
Filter incoming traffic to UDP port 5353 if desired.
Question
mo68
Bonjour à tous,
je dois déployer un NAS, mais avant pour des raisons de sécurité, je dois corriger une vulnérabilité, à savoir bloquer un port udp:
j'ai testé ceci :
sbin/iptables -A INPUT -p udp --destination-port 5353 -j DROP
/sbin/service iptables save
j'obtiens ceci
sbin/iptables: No such file or directory
Merci de vos retours
le message exacte:
Synopsis
It is possible to obtain information about the remote host.
Description
The remote service understands the Bonjour (also known as ZeroConf or mDNS) protocol, which allows anyone to uncover information from the remote host such as its operating system type and exact version, its hostname, and the list of services it is running.
Solution
Filter incoming traffic to UDP port 5353 if desired.
Risk Factor
Medium
CVSS Base Score
5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
Plugin Information:
Publication date: 2004/04/28, Modification date: 2012/01/25
Ports
udp/5353
Nessus was able to extract the following information :
- mDNS hostname : ts-412u-wxxx.local.
- Advertised services :
o Service name : ts-412u-wsxx [xxxxxx]._workstation._tcp.local.
Port number : 9
- CPU type : ARMV5TEL
- OS : LINUX
Lien vers le commentaire
Partager sur d’autres sites
4 réponses à cette question
Messages recommandés
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.