hipaa report - alienvault · exploitation & installation — malicious website - exploit kit...
TRANSCRIPT
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 1 / 20
HIPAA Report
I.T. Security:
Address:
Tel.: Date: 2015-06-09 15:26:47
Report Filter Date from: 2015-01-01 Date to: 2015-06-09
Assets Selected: All Assets
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 2 / 20
HIPAA Report
The Health Insurance Portability & Accountability Act of 1996, Public Law 104-191 requires improved efficiency inhealthcare delivery by standardizing electronic data interchange, as well as the protection of confidentiality and security ofhealth data through setting and enforcing standards.
This report provides support for a systematic review of some of the HIPAA requirements.
Note: The asset configuration of the report should limited to healthcare data servers and security and networkdevices involved in the healthcare data transmission.
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 3 / 20
SECTION I. Prevention and Detection
This section of the report is intended for an operational review of the security of the system to comply with HIPAA164.308.1 and 164.308.1b requirement of implementing and reviewing detection and prevention security controls.
Review Review Metrics of the System
Risk Metrics for the period.
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 4 / 20
Alarms
Alarms summary for the period.
Alarms - Top 10 Alarms from: 2015-01-01 to: 2015-06-09
Alarm Occurrences
Exploitation & Installation — Maliciouswebsite - Exploit Kit — Angler EK
4.686
Exploitation & Installation — Maliciouswebsite — Suspicious Java followed by anexecutable
1.673
Exploitation & Installation — Maliciouswebsite - Exploit Kit — FlashPack EK
1.509
Exploitation & Installation — Maliciouswebsite - Exploit Kit — Java Rhino
1.337
Exploitation & Installation — Maliciouswebsite - Exploit Kit — Nuclear EK
1.013
Exploitation & Installation — Maliciouswebsite - Exploit Kit — Fiesta
663
Exploitation & Installation — Maliciouswebsite - Exploit Kit — GoonEK
507
Delivery & Attack — BruteforceAuthentication — SSH
416
System Compromise — Trojan infection —Andromeda
370
snort: "ET TROJAN Java EXE Downloadby Vulnerable Version - Likely Driveby"
370
Alarms - Top 10 Attacker hosts from: 2015-01-01 to: 2015-06-09
Host Occurrences
23.239.12.68 4.682
92.63.100.150 4.021
198.50.185.76 1.705
Gallium 1.262
31.31.196.12 1.169
Germanium 1.047
85.118.128.37 508
24.34.23.12 416
172.16.2.156 252
64.202.116.124 163
Alarms - Top 10 Attacked hosts from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 5 / 20
Host Occurrences
Gallium 7.058
Germanium 4.021
172.16.2.156 1.169
64.202.116.124 713
0.0.0.0 416
74.220.215.57 386
193.107.17.249 385
188.72.243.72 380
46.165.222.218 185
173.194.77.104 166
Alarms - Top 10 Destination Ports from: 2015-01-01 to: 2015-06-09
Port Service Occurrences
49387 unknown 3.657
1077 unknown 3.346
80 http 2.650
49374 unknown 1.713
49386 unknown 1.029
49199 unknown 839
1062 unknown 677
22 ssh 416
49163 unknown 340
49168 unknown 168
Alarms - Top 15 Alarms by Risk from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 6 / 20
Alarm Risk
Exploitation & Installation — Malicious website - Exploit Kit — Blackhole 10
System Compromise — Trojan infection — Zeus 10
Exploitation & Installation — Malware infection — Exploit kit 8
Exploitation & Installation — Malicious website - Exploit Kit — Fiesta 8
Exploitation & Installation — Malicious website - Exploit Kit — Angler EK 8
Exploitation & Installation — Malicious website - Exploit Kit — GoonEK 8
Exploitation & Installation — Malicious website — Suspicious Java followed by an executable 8
Exploitation & Installation — Malicious website — Java Exploit 8
Exploitation & Installation — Malicious website - Exploit Kit — Nuclear EK 8
Exploitation & Installation — Malicious website - Exploit Kit — Fiesta/Phoenix 6
System Compromise — Trojan infection — Banload 4
System Compromise — Trojan infection — Glupteba 4
System Compromise — Fake Antivirus infection — Generic 4
System Compromise — Fake Antivirus infection — Generic FakeAV 4
System Compromise — Trojan infection — Banker 4
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 7 / 20
Logger
Logger storage summary.
Raw Logs - Events Trend (*) Time UTC
from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 8 / 20
SIEM
SIEM events summary.
Geographic - Top 20 Attacker Countries from: 2015-01-01 to: 2015-06-09
Country Attacks %
China 9924 21.6%
United States 9915 21.6%
Turkey 8845 19.3%
France 2681 5.8%
Germany 2087 4.5%
Netherlands 1658 3.6%
Russian Federation 1475 3.2%
Korea, Republic of 1122 2.4%
Canada 1029 2.2%
Unknown 1022 2.2%
United Kingdom 838 1.8%
Poland 819 1.8%
Brazil 688 1.5%
Taiwan 674 1.5%
Ukraine 649 1.4%
Japan 611 1.3%
India 512 1.1%
Italy 471 1%
Hong Kong 454 1%
Sweden 445 1%
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 9 / 20
Security - Top 10 Events from: 2015-01-01 to: 2015-06-09
Event Occurrences
SSHd: Failed password 65.647
sudo: Command executed [USERNAME] 47.924
snort: "ET SMTP Spamcop.net BlockMessage"
29.607
SSHd: Invalid user 20.195
snort: "ET SMTP Abuseat.org BlockMessage"
17.728
Fortigate: traffic forward message 10.088
snort: "ET POLICY PE EXE or DLLWindows file download"
7.892
Fortigate: negotiate IPsec phase 2 notif Log 7.566
Fortigate: Authentication timed out Log 7.566
snort: "ET INFO EXE - Served Inline HTTP" 5.640
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 10 / 20
Security Events - Top 10 Destination Ports from: 2015-01-01 to: 2015-06-09
Port Service Occurrences
22 ssh 88.623
80 http 47.363
49386 unknown 8.460
1077 unknown 8.270
49387 unknown 8.231
500 isakmp 7.566
1043 unknown 7.332
161 snmp 5.044
49199 unknown 4.136
53 domain 3.917
Security Events - Top 15 Events by Priority from: 2015-01-01 to: 2015-06-09
Event Priority
snort: "ET TROJAN FakeAV Check-in purporting to be MSIE with invalid terse HTTPheaders"
5
AV Malware, trojan Banbra detected on SRC_IP 5
snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae Checkin" 5
snort: "ET TROJAN Bredolab Downloader Communicating With Controller (1)" 5
AV Malware, Miuref 5
snort: "ET TROJAN Java EXE Download by Vulnerable Version - Likely Driveby" 5
AV Malware, trojan Sality detected on SRC_IP 5
snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae User-Agent malware" 5
AV Malware, DDoS trojan Blackenergy detected on SRC_IP 5
AV Malware, Trojan Andromeda detected on SRC_IP 5
snort: "ET TROJAN Bredolab Downloader Response Binaries from Controller" 5
AV Malware, dropper trojan Banload detected on SRC_IP 5
AV Malware, SPAM bot trojan Tedroo detected on SRC_IP 5
snort: "ETPRO TROJAN Net-Worm.Win32.Koobface.jxs Checkin" 5
AV Attacks, Fiesta/Phoenix exploit kit 5
Security Events - Top 10 Attacker hosts from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 11 / 20
Host Occurrences
USM 48.739
24.34.23.12 42.925
Germanium 28.826
23.239.12.68 11.457
92.63.100.150 9.776
Gallium 9.197
200.74.141.50 7.566
207.217.125.50 7.332
31.31.196.12 7.144
192.168.100.40 6.973
Security Events - Top 10 Attacked hosts from: 2015-01-01 to: 2015-06-09
Host Occurrences
Germanium 66.513
USM 48.891
Gallium 21.038
Gallium 7.514
172.16.2.156 7.144
200.21.231.154 5.044
192.168.6.3 5.044
Germanium 4.514
64.202.116.124 4.512
Holmium 4.501
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 12 / 20
SECTION II. Identify Security Incidents
This section of the report is intended for an operational review of the security of the system to comply with HIPAA164.308.6 requirement of security incidents identification and mitigation.
Tickets Status - Tickets By Status (All Assets) from: 2015-01-01 to: 2015-06-09
Ticket Status Occurrences
Closed 1
Studying 1
Open 67
Tickets Status - Closed Tickets By Month (All Assets)
Tickets Status - Tickets By Type (All Assets) from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 13 / 20
Ticket Type Occurrences
Anomalies 1
Generic 1
OpenVAS Vulnerability 66
Tickets Status - Ticket Resolution Time (All Assets) from: 2015-01-01 to: 2015-06-09
Tickets Status - Tickets By User In Charge (All Assets) from: 2015-01-01 to: 2015-06-09
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 14 / 20
User in charge Occurrences
Unknown entity 66
admin 2
Tickets - Alarm (Status: Open) from: 2015-01-01 to: 2015-06-09
No Alarms with this criteria
Tickets - Vulnerability (Status: Open) from: 2015-01-01 to: 2015-06-09
Date Vulnerability Date Vulnerability
2015-02-24 23:14:31 Vulnerability - TCP timestamps 2015-02-24 23:14:31 Vulnerability - Determine which versionof BIND name daemon is running
2015-02-24 23:14:31 Vulnerability - Check for ident Service 2015-02-24 23:14:32 Vulnerability - TCP timestamps
2015-02-24 23:14:34 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:38 Vulnerability - TCP timestamps
2015-02-24 23:14:41 Vulnerability - DCE ServicesEnumeration
2015-02-24 23:14:41 Vulnerability - TCP timestamps
2015-02-24 23:14:46 Vulnerability - OpenVAS ManagerAuthentication Bypass
2015-02-24 23:14:46 Vulnerability - Check for SSL WeakCiphers
2015-02-24 23:14:47 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:14:51 Vulnerability - Port TCP:0
2015-02-24 23:14:53 Vulnerability - Dnsmasq Remote Denialof Service Vulnerability
2015-02-24 23:14:54 Vulnerability - Dnsmasq TFTP Servicemultiple vulnerabilities
2015-02-24 23:14:54 Vulnerability - MiniUPnP Multiple Denialof Service Vulnerabilities
2015-02-24 23:14:54 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:54 Vulnerability - TCP timestamps 2015-02-24 23:14:55 Vulnerability - Samba'client/mount.cifs.c ' Remote Denial of
Service Vulnerability
2015-02-24 23:14:58 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:58 Vulnerability - TCP timestamps
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 15 / 20
2015-02-24 23:14:58 Vulnerability - Check for SSL WeakCiphers
2015-02-24 23:14:59 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:14:59 Vulnerability - robot(s).txt exists on theWeb Server
2015-02-24 23:15:03 Vulnerability - Samba'CAP_DAC_OVERRIDE' FilePermissions Security Bypass
Vulnerability
2015-02-24 23:15:03 Vulnerability - NFS export 2015-02-24 23:15:04 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:04 Vulnerability - Check for SSL WeakCiphers
2015-02-24 23:15:04 Vulnerability - Samba Multiple RemoteDenial of Service Vulnerabilities
2015-02-24 23:15:04 Vulnerability - Samba'client/mount.cifs.c ' Remote Denial of
Service Vulnerability
2015-02-24 23:15:04 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:15:14 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:15 Vulnerability - TCP timestamps
2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail
2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail
2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:19 Vulnerability - Unknown detail
2015-02-24 23:15:19 Vulnerability - Unknown detail 2015-02-24 23:15:19 Vulnerability - TCP timestamps
2015-02-24 23:15:19 Vulnerability - OpenSSH LegacyCertificate Signing Information
Disclosure Vulnerability
2015-02-24 23:15:19 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:15:23 Vulnerability - Squidinformation-disclosu re vulnerability
2015-02-24 23:15:23 Vulnerability - MySQL AuthenticationError Message User Enumeration
Vulnerability
2015-02-24 23:15:23 Vulnerability - Squid External AuthHeader Parser DOS Vulnerabilities
2015-02-24 23:15:23 Vulnerability - Squid HTCP PacketsProcessing Denial of Service
Vulnerability
2015-02-24 23:15:23 Vulnerability - Squid Header-OnlyPackets Remote Denial of Service
Vulnerability
2015-02-24 23:15:23 Vulnerability - Check for SSL WeakCiphers
2015-02-24 23:15:23 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:15:27 Vulnerability - Unknown detail
2015-02-24 23:15:28 Vulnerability - Unknown detail 2015-02-24 23:15:28 Vulnerability - Unknown detail
2015-02-24 23:15:28 Vulnerability - TCP timestamps 2015-02-24 23:15:28 Vulnerability - OpenSSH LegacyCertificate Signing Information
Disclosure Vulnerability
2015-02-24 23:15:28 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:15:29 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:29 Vulnerability - TCP timestamps 2015-02-24 23:15:29 Vulnerability - Check for SSL WeakCiphers
2015-02-24 23:15:29 Vulnerability - openssh-server ForcedCommand Handling Information
Disclosure Vulnerability
2015-02-24 23:15:31 Vulnerability - NFS export
2015-02-24 23:15:31 Vulnerability - TCP Sequence NumberApproximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:32 Vulnerability - TCP timestamps
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 16 / 20
2015-02-24 23:15:32 Vulnerability - Apache Web ServerETag Header Information Disclosure
Weakness
2015-02-24 23:15:33 Vulnerability - robot(s).txt exists on theWeb Server
2015-02-24 23:15:34 Vulnerability - TCP timestamps 2015-02-24 23:15:34 Vulnerability - robot(s).txt exists on theWeb Server
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 17 / 20
Detail
Vulnerability - TCP timestampsIP: 192.168.100.2 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.45 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.46 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.47 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.52 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - OpenVAS Manager AuthenticationBypass
IP: 192.168.100.55 Status: OpenPort: 9390 Priority: 5Nessus ID: 103827In charge: Unknown entity
Vulnerability - Check for SSL Weak CiphersIP: 192.168.100.55 Status: OpenPort: 9390 Priority: 5Nessus ID: 103440In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.55 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
Vulnerability - Dnsmasq Remote Denial of ServiceVulnerability
IP: 192.168.100.61 Status: OpenPort: 53 Priority: 5Nessus ID: 103509In charge: Unknown entity
Vulnerability - Dnsmasq TFTP Service multiplevulnerabilities
IP: 192.168.100.61 Status: OpenPort: 53 Priority: 5Nessus ID: 100267In charge: Unknown entity
Vulnerability - MiniUPnP Multiple Denial of ServiceVulnerabilities
IP: 192.168.100.61 Status: OpenPort: 1900 Priority: 5Nessus ID: 103657In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.61 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.61 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - Samba 'client/mount.cifs.c' RemoteDenial of Service Vulnerability
IP: 192.168.100.61 Status: OpenPort: 445 Priority: 5Nessus ID: 100499In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.62 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.62 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - Check for SSL Weak CiphersIP: 192.168.100.62 Status: OpenPort: 443 Priority: 5Nessus ID: 103440In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.62 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 18 / 20
Vulnerability - Samba 'CAP_DAC_OVERRIDE' FilePermissions Security Bypass Vulnerability
IP: 192.168.100.64 Status: OpenPort: 445 Priority: 5Nessus ID: 100522In charge: Unknown entity
Vulnerability - NFS exportIP: 192.168.100.64 Status: OpenPort: 2049 Priority: 5Nessus ID: 102014In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.64 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - Check for SSL Weak CiphersIP: 192.168.100.64 Status: OpenPort: 443 Priority: 5Nessus ID: 103440In charge: Unknown entity
Vulnerability - Samba Multiple Remote Denial of ServiceVulnerabilities
IP: 192.168.100.64 Status: OpenPort: 445 Priority: 5Nessus ID: 100644In charge: Unknown entity
Vulnerability - Samba 'client/mount.cifs.c' RemoteDenial of Service Vulnerability
IP: 192.168.100.64 Status: OpenPort: 445 Priority: 5Nessus ID: 100499In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.64 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.67 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.67 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.70 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.70 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
Vulnerability - Squid information-disclosurevulnerability
IP: 192.168.100.71 Status: OpenPort: 3128 Priority: 5Nessus ID: 100147In charge: Unknown entity
Vulnerability - MySQL Authentication Error MessageUser Enumeration Vulnerability
IP: 192.168.100.71 Status: OpenPort: 3306 Priority: 5Nessus ID: 802046In charge: Unknown entity
Vulnerability - Squid External Auth Header Parser DOSVulnerabilities
IP: 192.168.100.71 Status: OpenPort: 3128 Priority: 5Nessus ID: 101105In charge: Unknown entity
Vulnerability - Squid HTCP Packets Processing Denialof Service Vulnerability
IP: 192.168.100.71 Status: OpenPort: 3128 Priority: 5Nessus ID: 800473In charge: Unknown entity
Vulnerability - Squid Header-Only Packets RemoteDenial of Service Vulnerability
IP: 192.168.100.71 Status: OpenPort: 3128 Priority: 5Nessus ID: 100412In charge: Unknown entity
Vulnerability - Check for SSL Weak CiphersIP: 192.168.100.71 Status: OpenPort: 9390 Priority: 5Nessus ID: 103440In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.71 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 19 / 20
Vulnerability - TCP timestampsIP: 192.168.100.72 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.72 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.74 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.74 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - Check for SSL Weak CiphersIP: 192.168.100.74 Status: OpenPort: 443 Priority: 5Nessus ID: 103440In charge: Unknown entity
Vulnerability - openssh-server Forced CommandHandling Information Disclosure Vulnerability
IP: 192.168.100.74 Status: OpenPort: 22 Priority: 5Nessus ID: 103503In charge: Unknown entity
Vulnerability - NFS exportIP: 192.168.100.76 Status: OpenPort: 2049 Priority: 5Nessus ID: 102014In charge: Unknown entity
Vulnerability - TCP Sequence Number ApproximationReset Denial of Service Vulnerability
IP: 192.168.100.76 Status: OpenPort: 0 Priority: 5Nessus ID: 902815In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.76 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - Apache Web Server ETag HeaderInformation Disclosure Weakness
IP: 192.168.100.76 Status: OpenPort: 80 Priority: 5Nessus ID: 103122In charge: Unknown entity
Vulnerability - TCP timestampsIP: 192.168.100.79 Status: OpenPort: 0 Priority: 5Nessus ID: 80091In charge: Unknown entity
Vulnerability - Determine which version of BIND namedaemon is running
IP: 192.168.100.2 Status: OpenPort: 53 Priority: 4Nessus ID: 10028In charge: Unknown entity
Vulnerability - robot(s).txt exists on the Web ServerIP: 192.168.100.62 Status: OpenPort: 443 Priority: 3Nessus ID: 10302In charge: Unknown entity
Vulnerability - robot(s).txt exists on the Web ServerIP: 192.168.100.76 Status: OpenPort: 8000 Priority: 3Nessus ID: 10302In charge: Unknown entity
Vulnerability - robot(s).txt exists on the Web ServerIP: 192.168.100.79 Status: OpenPort: 80 Priority: 3Nessus ID: 10302In charge: Unknown entity
Vulnerability - Check for ident ServiceIP: 192.168.100.2 Status: OpenPort: 113 Priority: 2Nessus ID: 100081In charge: Unknown entity
Vulnerability - DCE Services EnumerationIP: 192.168.100.52 Status: OpenPort: 135 Priority: 2Nessus ID: 10736In charge: Unknown entity
Vulnerability - Port TCP:0IP: 192.168.100.61 Status: OpenPort: 0 Priority: 2Nessus ID: 18164In charge: Unknown entity
HIPAA Report
User: admin / 2015-06-09 15:28:22 Page 20 / 20
Vulnerability - OpenSSH Legacy Certificate SigningInformation Disclosure Vulnerability
IP: 192.168.100.70 Status: OpenPort: 22 Priority: 2Nessus ID: 103064In charge: Unknown entity
Vulnerability - OpenSSH Legacy Certificate SigningInformation Disclosure Vulnerability
IP: 192.168.100.72 Status: OpenPort: 22 Priority: 2Nessus ID: 103064In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103849In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103847In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103850In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103848In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103864In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103846In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.70 Status: OpenPort: 0 Priority: 1Nessus ID: 103885In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.72 Status: OpenPort: 0 Priority: 1Nessus ID: 103864In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.72 Status: OpenPort: 0 Priority: 1Nessus ID: 103846In charge: Unknown entity
Vulnerability - Unknown detailIP: 192.168.100.72 Status: OpenPort: 0 Priority: 1Nessus ID: 103885In charge: Unknown entity
Tickets - Metric (Status: Open) from: 2015-01-01 to: 2015-06-09
No Metrics with this criteria