A
PPENDIX B
:
CC
-
SG AND NETWORK CONFIGURATION
235
Security and Open Port Scans
As part of the CC-SG Quality Assurance process, several open port scanners are applied to the
product and Raritan Computer makes certain that its product is not vulnerable to these known
attacks. All the open or filtered/blocked ports are listed in the above sections. Some of the more
common exposures are:
Issue ID
3
Synopsis
Comment
CVE-1999-0517
CVE-1999-0186
CVE-1999-0254
CVE-1999-0516
snmp (161/UDP) - the community
name of the remote SNMP server can
be guessed.
Default CC-SG SNMP community name is
“public”. Users are encouraged to change this
to the site-specific value (
Setup
Î
Configuration Manager
Î
SNMP
menu).
Please refer to the
CC-SG Administrator
Guide
for more additional information.
CVE-2000-0843 The remote telnet server shut the
connection abruptly when given a
long username followed by a
password.
Traditionally, port 23 is used for telnet services.
However, CC-SG uses this port for SSH V2
Diagnostic Console sessions. Users may change
the port and/or completely disable Diagnostic
Console from using the SSH Access method.
Please refer to the
CC-SG Administrator
Guide
for more additional information.
CVE-2004-0230 The remote host might be vulnerable
to a sequence number approximation
bug, which may allow an attacker to
send spoofed RST packets to the
remote host and close established
connections.
The underlying TCP/IP protocol stack used by
CC-SG has not been shown to be susceptible to
this exposure.
CVE-2004-0079
CVE-2004-0081
CVE-2004-0112
The remote host is using a version of
OpenSSL which is older than 0.9.6m
or 0.9.7d.
The following patches have been applied to
OpenSSL, therefore removing this exposure:
•
RHSA-2004:120
•
RHSA-2005:830.
•
RHSA-2003:101-01
3
CVEs can be found on
http://cve.mitre.org
.
Содержание Command Center CC-SG
Страница 2: ...This page intentionally left blank...
Страница 16: ......
Страница 34: ...18 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 64: ...48 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 122: ...106 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 168: ...152 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 252: ......
Страница 254: ...238 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 258: ...242 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 260: ...244 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE...
Страница 268: ...252 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE 255 80 5140 00...
Страница 269: ...APPENDIX G FAQS 253...