icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SWAT Server Detection

Info

Synopsis

The remote host is running SWAT (Samba Web Administration Tool).

Description

The remote host is running SWAT (Samba Web Administration Tool). SWAT allows Samba users to change their passwords and provides the system administrator with an easy-to-use web interface to configure Samba. It is not recommended to let SWAT be accessed by the world, as it allows an intruder to attempt to brute force some account passwords. In addition to this, the traffic between SWAT and the web client is not ciphered, so an eavesdropper can gain cleartext passwords easily.

Solution

Disable SWAT once your Samba server is configured.