Arkoon Appliance Detection
Low Nessus Plugin ID 14377
SynopsisThe remote host is a firewall.
DescriptionThe remote host has the three TCP ports 822, 1750, 1751 open.
It's very likely that this host is an Arkoon security dedicated appliance with ports
TCP/822 dedicated to ssh service TCP/1750 dedicated to Arkoon Manager TCP/1751 dedicated to Arkoon Monitoring
Letting attackers know that you are using an Arkoon appliance will help them to focus their attack or will make them change their strategy.
You should not let them know such information.
SolutionDo not allow any connection on the firewall itself, except for the firewall protocol, and allow that for trusted sources only.
If you have a router which performs packet filtering, then add ACL that disallows the connection to these ports for unauthorized systems.