Port Based Checks

What to check based on port and Service running

DNS

  • DNS Server Cache Snooping Remote Information Disclosure

  • DNS Server Dynamic Update Record Injection

  • DNS Server Recursive Query Cache Poisoning Weakness

  • DNS Server Spoofed Request Amplification DDoS

NTP

Network Time Protocol (NTP) Mode 6 Amplification Attack

IKE

Internet Key Exchange (IKE) Aggressive Mode With Pre-Shared Key

IPMI

IPMI v2.0 Password Hash Disclosure

SMB

Weak SMB Configuration

  • SMBv1 Enabled

  • Unauthenticated Shares Access

  • NULL Session Authentication

  • SMB Signing Not Required

  • SID Enumeration

  • User Enumeration

RDP

Weak RDP Configuration

SNMP

Weak SNMP Configuration

default community name "public"

FTP

SSH

SSH Crypto issues

password based authentication

PreviousFive Stages of Ethical HackingNextNMAP Scans

Last updated