icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Network Query Tool Detection

Medium

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host is running the Network Query Tool CGI script. This script allows anonymous, remote users to perform port scans, whois, DNS queries, ping, traceroute, and more via a web interface. An attacker coming upon this application would be able to use the script to perform discovery scanning against any range of addresses. This would include, but not be limited to, internal IP ranges.

Solution

Ensure that this application is valid with respect to corporate policies and guidelines. If the application is required, consider using Access Control Lists (ACLs) or other security measures to block unauthorized usage.