Detections
Analytics

Arkoon Appliance Detection

low Nessus Plugin ID 14377

Language:

Synopsis

The remote host is a firewall.

Description

The remote host has the three TCP ports 822, 1750, 1751 open.

It's very likely that this host is an Arkoon security dedicated appliance with ports

 TCP/822 dedicated to ssh service TCP/1750 dedicated to Arkoon Manager TCP/1751 dedicated to Arkoon Monitoring

Letting attackers know that you are using an Arkoon appliance will help them to focus their attack or will make them change their strategy.

You should not let them know such information.

Solution

Do not allow any connection on the firewall itself, except for the firewall protocol, and allow that for trusted sources only.

If you have a router which performs packet filtering, then add ACL that disallows the connection to these ports for unauthorized systems.

See Also

http://www.arkoon.net/

Plugin Details

Severity: Low

ID: 14377

File Name: arkoon.nasl

Version: 1.9

Type: remote

Family: Firewalls

Published: 8/26/2004

Updated: 9/25/2019

Supported Sensors: Nessus

Vulnerability Information

CPE: x-cpe:/h:arkoon:firewall