SWAT Server Detection
Info Nessus Network Monitor Plugin ID 1470
SynopsisThe remote host is running SWAT (Samba Web Administration Tool).
DescriptionThe remote host is running SWAT (Samba Web Administration Tool). SWAT allows Samba users to change their passwords and provides the system administrator with an easy-to-use web interface to configure Samba. It is not recommended to let SWAT be accessed by the world, as it allows an intruder to attempt to brute force some account passwords. In addition to this, the traffic between SWAT and the web client is not ciphered, so an eavesdropper can gain cleartext passwords easily.
SolutionDisable SWAT once your Samba server is configured.