icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Generic Shell Detection (Cisco Catalyst)

Low

Synopsis

The remote host is running an inherently insecure protocol or application.

Description

A Cisco shell server was noted on the host. Typically, shells are used by remote users to manage operating systems. Shells that pass traffic in plaintext introduce a risk to confidentiality and privacy. In addition, many shells are used by malicious individuals as part of a Trojan program or remote buffer overflow exploit.

Solution

Ensure that the remote shell is secured against data leakage and that it is a valid, approved means of managing the remote machine.