Professional Documents
Culture Documents
1. Executive Summary
This report represents a security audit performed by InsightVM from Rapid7 LLC. It contains confidential information about the state of
your network. Access to this information by unauthorized personnel may allow them to compromise your network.
HN-INT-New Integration November 04, 2022 November 04, 2022 21 minutes Success
14:52, GMT 15:14, GMT
There is not enough historical data to display overall asset trend.
The audit was performed on 11 systems, 11 of which were found to be active and were scanned.
There were 25 vulnerabilities found during this scan. No critical vulnerabilities were found. Critical vulnerabilities require immediate
attention. They are relatively easy for attackers to exploit and may provide them with full control of the affected systems. 14
vulnerabilities were severe. Severe vulnerabilities are often harder to exploit and may not provide the same access to affected systems.
There were 11 moderate vulnerabilities discovered. These often provide information to attackers that may assist them in mounting
subsequent attacks on your network. These should also be fixed in a timely manner, but are not as urgent as the other vulnerabilities.
No critical vulnerabilities were found on any of the systems. 6 systems were found to have severe vulnerabilities. Moderate
vulnerabilities were found on 11 systems. No systems were free of vulnerabilities.
There were 11 occurrences of the unix-user-home-dir-mode vulnerability, making it the most common vulnerability. There were 12
vulnerability instances in the Network category, making it the most common vulnerability category.
Page 1
Audit Report
The certificate-common-name-mismatch vulnerability poses the highest risk to the organization with a risk score of 6,685. Risk scores
are based on the types and numbers of vulnerabilities on affected assets.
One operating system was identified during this scan.
There were 4 services found to be running during this scan.
The SNMP and SSH services were found on 11 systems, making them the most common services.
Page 2
Audit Report
2. Discovered Systems
Page 3
Audit Report
3.2.1. X.509 Certificate Subject CN Does Not Match the Entity Name (certificate-common-name-mismatch)
Description:
The subject common name (CN) field in the X.509 certificate does not match the name of the entity presenting the certificate.
Before issuing a certificate, a Certification Authority (CA) must check the identity of the entity requesting the certificate, as specified in
the CA's Certification Practice Statement (CPS). Thus, standard certificate validation procedures require the subject CN field of a
certificate to match the actual name of the entity presenting the certificate. For example, in a certificate presented by
"https://www.example.com/", the CN should be "www.example.com".
In order to detect and prevent active eavesdropping attacks, the validity of a certificate must be verified, or else an attacker could then
launch a man-in-the-middle attack and gain full control of the data stream. Of particular importance is the validity of the subject's CN,
that should match the name of the entity (hostname).
A CN mismatch most often occurs due to a configuration error, though it can also indicate that a man-in-the-middle attack is being
conducted.
Please note that this check may flag a false positive against servers that are properly configured using SNI.
Affected Nodes:
192.168.105.84:10250 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN srvpoclonginus03@1655746219 does not
match target name specified in the site.Subject CN
srvpoclonginus03@1655746219 could not be resolved to an IP address via
DNS lookupSubject Alternative Name srvpoclonginus03 does not match target
name specified in the site.
192.168.105.89:4118 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN ds_agent does not match target name
specified in the site.Subject CN ds_agent could not be resolved to an IP
address via DNS lookup
192.168.105.89:10250 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN srvpoclonginus08@1661794211 does not
match target name specified in the site.Subject CN
Page 4
Audit Report
192.168.105.90:10250 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN srvpoclonginus09@1661794208 does not
match target name specified in the site.Subject CN
srvpoclonginus09@1661794208 could not be resolved to an IP address via
DNS lookupSubject Alternative Name srvpoclonginus09 does not match target
name specified in the site.
192.168.105.91:10250 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN srvpoclonginus10@1661794246 does not
match target name specified in the site.Subject CN
srvpoclonginus10@1661794246 could not be resolved to an IP address via
DNS lookupSubject Alternative Name srvpoclonginus10 does not match target
name specified in the site.
192.168.105.92:4118 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN ds_agent does not match target name
specified in the site.Subject CN ds_agent could not be resolved to an IP
address via DNS lookup
192.168.105.92:10250 The subject common name found in the X.509 certificate does not seem to
match the scan target:Subject CN srvpockongapigtw@1661794242 does not
match target name specified in the site.Subject CN
srvpockongapigtw@1661794242 could not be resolved to an IP address via
DNS lookupSubject Alternative Name srvpockongapigtw does not match target
name specified in the site.
References:
None
Vulnerability Solution:
The subject's common name (CN) field in the X.509 certificate should be fixed to reflect the name of the entity presenting the certificate
(e.g., the hostname). This is done by generating a new certificate usually signed by a Certification Authority (CA) trusted by both the
client and server.
Description:
The server's TLS/SSL certificate is signed by a Certification Authority (CA) that is not well-known or trusted. This could happen if: the
chain/intermediate certificate is missing, expired or has been revoked; the server hostname does not match that configured in the
certificate; the time/date is incorrect; or a self-signed certificate is being used. The use of a self-signed certificate is not recommended
Page 5
Audit Report
Affected Nodes:
References:
Source Reference
URL http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
URL http://nginx.org/en/docs/http/configuring_https_servers.html
URL https://support.microsoft.com/en-us/kb/954755
Vulnerability Solution:
Ensure the common name (CN) reflects the name of the entity presenting the certificate (e.g., the hostname). If the certificate(s) or any
of the chain certificate(s) have expired or been revoked, obtain a new certificate from your Certificate Authority (CA) by following their
documentation. If a self-signed certificate is being used, consider obtaining a signed certificate from a CA.
References: Mozilla: Connection Untrusted ErrorSSLShopper: SSL Certificate Not Trusted ErrorWindows/IIS certificate chain config
Apache SSL configNginx SSL configWhat's My Chain Cert?
Description:
Page 6
Audit Report
The server's TLS/SSL certificate is self-signed. Self-signed certificates cannot be trusted by default, especially because TLS/SSL man-
in-the-middle attacks typically use self-signed certificates to eavesdrop on TLS/SSL connections.
Affected Nodes:
References:
None
Vulnerability Solution:
Obtain a new TLS/SSL server certificate that is NOT self-signed and install it on the server. The exact instructions for obtaining a new
certificate depend on your organization's requirements. Generally, you will need to generate a certificate request and save the request
as a file. This file is then sent to a Certificate Authority (CA) for processing. Your organization may have its own internal Certificate
Authority. If not, you may have to pay for a certificate from a trusted external Certificate Authority, such as Thawte or Verisign.
Description:
A user's home directory was found to have a permission mode which is more permissive than 750 (Owner=READ/WRITE/EXECUTE,
Group=READ/EXECUTE, Other=NONE). "Group" or "Other" WRITE permissions means that a malicious user may gain complete
access to user data by escalating privileges. In addition "read" and "execute" access for "Other" should always be disabled (sensitive
data access).
Affected Nodes:
192.168.105.82 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.83 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.84 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.85 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.86 The permissions for home directory of user tlog was found to be 755 which is
Page 7
Audit Report
192.168.105.88 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.89 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.90 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.91 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
192.168.105.92 The permissions for home directory of user tlog was found to be 755 which is
more permissive than 750.
References:
None
Vulnerability Solution:
Restrict the user home directory mode to at most 750 using the command:
chmod 750 userDir
Page 8
Audit Report
4. Discovered Services
4.1. <unknown>
Page 9
Audit Report
4.2. HTTPS
HTTPS, the HyperText Transfer Protocol over TLS/SSL, is used to exchange multimedia content on the World Wide Web using
encrypted (TLS/SSL) connections. Once the TLS/SSL connection is established, the standard HTTP protocol is used. The multimedia
files commonly used with HTTP include text, sound, images and video.
Page 10
Audit Report
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
192.168.105.85 tcp 10250 1 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn:
CN=192.168.105.85-ca@1655936082
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Thu, 22 Jun
2023 21:14:42 UTC
•ssl.cert.not.valid.before: Wed, 22 Jun
2022 21:14:42 UTC
•ssl.cert.selfsigned: false
•ssl.cert.serial.number: 2
•ssl.cert.sha1.fingerprint:
b3efa1e89c510165641de96e8c1da85
21129db7c
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.alt.name-1:
192.168.105.85
•ssl.cert.subject.alt.name-count: 1
•ssl.cert.subject.dn:
CN=192.168.105.85@1655936082
•ssl.cert.validchain: false
•ssl.cert.version: 3
Page 11
Audit Report
•ssl.protocols: tlsv1_2,tlsv1_3
•ssl.supportsInsecureRenegotiation:
true
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
192.168.105.89 tcp 4118 3 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Wed, 09 Jul
2031 21:16:36 UTC
•ssl.cert.not.valid.before: Thu, 14 Jul
2011 21:16:36 UTC
•ssl.cert.selfsigned: true
•ssl.cert.serial.number:
14775941190782584593
•ssl.cert.sha1.fingerprint:
d068de481bdc4d0089077f851520c59
011eb566a
•ssl.cert.sig.alg.name:
Page 12
Audit Report
SHA256withRSA
•ssl.cert.subject.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.validchain: false
•ssl.cert.validsignature: true
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_256_
GCM_SHA384,TLS_ECDHE_RSA_WI
TH_AES_128_GCM_SHA256
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: false
192.168.105.89 tcp 10250 2 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn:
CN=srvpoclonginus08-
ca@1661794211
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Tue, 29 Aug
2023 16:30:11 UTC
•ssl.cert.not.valid.before: Mon, 29 Aug
2022 16:30:11 UTC
•ssl.cert.selfsigned: false
•ssl.cert.serial.number: 2
•ssl.cert.sha1.fingerprint:
63ac6ea7e917fa4348e946b381386e3
679b64262
•ssl.cert.sig.alg.name:
SHA256withRSA
Page 13
Audit Report
•ssl.cert.subject.alt.name-1:
srvpoclonginus08
•ssl.cert.subject.alt.name-count: 1
•ssl.cert.subject.dn:
CN=srvpoclonginus08@1661794211
•ssl.cert.validchain: false
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2,tlsv1_3
•ssl.supportsInsecureRenegotiation:
true
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
192.168.105.90 tcp 4118 3 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Wed, 09 Jul
2031 21:16:36 UTC
•ssl.cert.not.valid.before: Thu, 14 Jul
2011 21:16:36 UTC
Page 14
Audit Report
•ssl.cert.selfsigned: true
•ssl.cert.serial.number:
14775941190782584593
•ssl.cert.sha1.fingerprint:
d068de481bdc4d0089077f851520c59
011eb566a
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.validchain: false
•ssl.cert.validsignature: true
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_256_
GCM_SHA384,TLS_ECDHE_RSA_WI
TH_AES_128_GCM_SHA256
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: false
192.168.105.90 tcp 10250 2 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn:
CN=srvpoclonginus09-
ca@1661794207
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Tue, 29 Aug
2023 16:30:07 UTC
•ssl.cert.not.valid.before: Mon, 29 Aug
2022 16:30:07 UTC
Page 15
Audit Report
•ssl.cert.selfsigned: false
•ssl.cert.serial.number: 2
•ssl.cert.sha1.fingerprint:
80280c47d8fb042536e92b4f5f1ce006f
dd0fb46
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.alt.name-1:
srvpoclonginus09
•ssl.cert.subject.alt.name-count: 1
•ssl.cert.subject.dn:
CN=srvpoclonginus09@1661794208
•ssl.cert.validchain: false
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2,tlsv1_3
•ssl.supportsInsecureRenegotiation:
true
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
192.168.105.91 tcp 10250 2 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn:
Page 16
Audit Report
CN=srvpoclonginus10-
ca@1661794246
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Tue, 29 Aug
2023 16:30:46 UTC
•ssl.cert.not.valid.before: Mon, 29 Aug
2022 16:30:46 UTC
•ssl.cert.selfsigned: false
•ssl.cert.serial.number: 2
•ssl.cert.sha1.fingerprint:
84fefe77ef1adc13e4d044efc74ee9f05
33c44f5
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.alt.name-1:
srvpoclonginus10
•ssl.cert.subject.alt.name-count: 1
•ssl.cert.subject.dn:
CN=srvpoclonginus10@1661794246
•ssl.cert.validchain: false
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2,tlsv1_3
•ssl.supportsInsecureRenegotiation:
true
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
Page 17
Audit Report
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
192.168.105.92 tcp 4118 3 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Wed, 09 Jul
2031 21:16:36 UTC
•ssl.cert.not.valid.before: Thu, 14 Jul
2011 21:16:36 UTC
•ssl.cert.selfsigned: true
•ssl.cert.serial.number:
14775941190782584593
•ssl.cert.sha1.fingerprint:
d068de481bdc4d0089077f851520c59
011eb566a
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.dn: CN=ds_agent,
O=Trend Micro
•ssl.cert.validchain: false
•ssl.cert.validsignature: true
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_256_
GCM_SHA384,TLS_ECDHE_RSA_WI
TH_AES_128_GCM_SHA256
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
Page 18
Audit Report
FORMATS
•tlsv1_3: false
192.168.105.92 tcp 10250 2 •ssl: true
•ssl.cert.chainerror: [Path does not
chain with any of the trust anchors]
•ssl.cert.issuer.dn:
CN=srvpockongapigtw-
ca@1661794242
•ssl.cert.key.alg.name: RSA
•ssl.cert.key.rsa.modulusBits: 2048
•ssl.cert.not.valid.after: Tue, 29 Aug
2023 16:30:42 UTC
•ssl.cert.not.valid.before: Mon, 29 Aug
2022 16:30:42 UTC
•ssl.cert.selfsigned: false
•ssl.cert.serial.number: 2
•ssl.cert.sha1.fingerprint:
286b09d5815280d9dcc7f440272d3ac
efb6b2f4e
•ssl.cert.sig.alg.name:
SHA256withRSA
•ssl.cert.subject.alt.name-1:
srvpockongapigtw
•ssl.cert.subject.alt.name-count: 1
•ssl.cert.subject.dn:
CN=srvpockongapigtw@1661794242
•ssl.cert.validchain: false
•ssl.cert.version: 3
•ssl.protocols: tlsv1_2,tlsv1_3
•ssl.supportsInsecureRenegotiation:
true
•sslv2: false
•sslv3: false
•tlsv1_0: false
•tlsv1_1: false
•tlsv1_2: true
•tlsv1_2.ciphers:
TLS_ECDHE_RSA_WITH_AES_128_
GCM_SHA256,TLS_ECDHE_RSA_WI
Page 19
Audit Report
TH_AES_256_GCM_SHA384
•tlsv1_2.extensions:
RENEGOTIATION_INFO,EC_POINT_
FORMATS
•tlsv1_3: true
•tlsv1_3.ciphers:
TLS_AES_128_GCM_SHA256,TLS_C
HACHA20_POLY1305_SHA256,TLS_
AES_256_GCM_SHA384
•tlsv1_3.extensions:
4.3. SNMP
Simple Network Management Protocol (SNMP), like the name implies, is a simple protocol used to manage networking appliances by
remote clients. It is primarily UDP-based and uses trivial authentication by means of a secret community name.
4.4. SSH
SSH, or Secure SHell, is designed to be a replacement for the aging Telnet protocol. It primarily adds encryption and data integrity to
Telnet, but can also provide superior authentication mechanisms such as public key authentication.
Page 20
Audit Report
none,zlib@openssh.com
•ssh.algorithms.encryption: aes256-
ctr,aes192-ctr,aes128-ctr
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
192.168.105.83 tcp 22 0 •OpenBSD OpenSSH 8.0
•ssh.algorithms.compression:
none,zlib@openssh.com
•ssh.algorithms.encryption: aes256-
ctr,aes192-ctr,aes128-ctr
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
Page 21
Audit Report
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
192.168.105.85 tcp 22 0 •OpenBSD OpenSSH 8.0
•ssh.algorithms.compression:
none,zlib@openssh.com
•ssh.algorithms.encryption: aes256-
ctr,aes192-ctr,aes128-ctr
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
Page 22
Audit Report
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
192.168.105.87 tcp 22 0 •OpenBSD OpenSSH 8.0
•ssh.algorithms.compression:
none,zlib@openssh.com
•ssh.algorithms.encryption: aes256-
ctr,aes192-ctr,aes128-ctr
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
Page 23
Audit Report
Page 24
Audit Report
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
192.168.105.92 tcp 22 0 •OpenBSD OpenSSH 8.0
•ssh.algorithms.compression:
none,zlib@openssh.com
•ssh.algorithms.encryption: aes256-
ctr,aes192-ctr,aes128-ctr
•ssh.algorithms.hostkey: rsa-sha2-
512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-
nistp256,ssh-ed25519
•ssh.algorithms.kex: curve25519-
sha256@libssh.org,ecdh-sha2-
nistp521,ecdh-sha2-nistp384,ecdh-
sha2-nistp256,diffie-hellman-group-
exchange-sha256
•ssh.algorithms.mac: hmac-sha2-
256,hmac-sha2-512
•ssh.banner: SSH-2.0-OpenSSH_8.0
•ssh.protocol.version: 2.0
Page 25
Audit Report
5.1. System
5.1.1. 192.168.105.82
Page 26
Audit Report
•password: x
•user-id: 995
•userDir: /nonexisting
cockpit-wsinstance Group •group-id: 989
Page 27
Audit Report
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
root Group
Page 28
Audit Report
•password: x
•user-id: 6
•userDir: /sbin
ssh_keys Group •group-id: 997
Page 29
Audit Report
•userDir: /home/tigoadmin
tlog Group •group-id: 987
5.1.2. 192.168.105.83
Page 30
Audit Report
Page 31
Audit Report
•user-id: 7
•userDir: /sbin
input Group •group-id: 999
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
Page 32
Audit Report
•userDir: /
postdrop Group •group-id: 90
root Group
Page 33
Audit Report
•loginShell: /sbin/nologin
•password: x
•user-id: 192
•userDir: /
systemd-resolve User •full-name: systemd Resolver
•gid: 193
•loginShell: /sbin/nologin
•password: x
•user-id: 193
•userDir: /
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
Page 34
Audit Report
•loginShell: /sbin/nologin
•password: x
•user-id: 996
•userDir: /etc/unbound
users Group •group-id: 100
5.1.3. 192.168.105.84
Page 35
Audit Report
•password: x
•user-id: 991
•userDir: /var/cache/clevis
cockpit-ws Group •group-id: 990
Page 36
Audit Report
•userDir: /usr/games
halt User •gid: 0
•loginShell: /sbin/halt
•password: x
•user-id: 7
•userDir: /sbin
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
root User
Page 37
Audit Report
•gid: 0
•loginShell: /bin/bash
•password: x
•userDir: /root
Page 38
Audit Report
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
5.1.4. 192.168.105.85
Page 39
Audit Report
lp Group •group-id: 7
Page 40
Audit Report
root Group
Page 41
Audit Report
Page 42
Audit Report
•userDir: /
systemd-resolve Group •group-id: 193
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
5.1.5. 192.168.105.86
Page 43
Audit Report
•userDir: /var/adm
ansible Group •group-id: 1004
Page 44
Audit Report
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
mem Group
Page 45
Audit Report
•group-id: 8
Page 46
Audit Report
Page 47
Audit Report
5.1.6. 192.168.105.87
Page 48
Audit Report
•user-id: 995
•userDir: /nonexisting
cockpit-wsinstance User •full-name: User for cockpit-ws instances
•gid: 989
•loginShell: /sbin/nologin
•password: x
•user-id: 994
•userDir: /nonexisting
Page 49
Audit Report
•password: x
•user-id: 1000
•userDir: /home/isotester
kmem Group •group-id: 9
lp Group •group-id: 7
Page 50
Audit Report
•gid: 32
•loginShell: /sbin/nologin
•password: x
•user-id: 32
•userDir: /var/lib/rpcbind
rpcuser User •full-name: RPC Service User
•gid: 29
•loginShell: /sbin/nologin
•password: x
•user-id: 29
•userDir: /var/lib/nfs
Page 51
Audit Report
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
Page 52
Audit Report
5.1.7. 192.168.105.88
Page 53
Audit Report
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
Page 54
Audit Report
Page 55
Audit Report
•password: x
•user-id: 5
•userDir: /sbin
sys Group •group-id: 3
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
Page 56
Audit Report
5.1.8. 192.168.105.89
Page 57
Audit Report
•userDir: /
dialout Group •group-id: 18
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
Page 58
Audit Report
Page 59
Audit Report
•userDir: /var/lib/nfs
setroubleshoot Group •group-id: 985
Page 60
Audit Report
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
5.1.9. 192.168.105.90
Page 61
Audit Report
Page 62
Audit Report
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
Page 63
Audit Report
•password: x
•user-id: 998
•userDir: /
render Group •group-id: 998
root Group
Page 64
Audit Report
5.1.10. 192.168.105.91
Page 65
Audit Report
Page 66
Audit Report
lp Group •group-id: 7
root Group
Page 67
Audit Report
•loginShell: /sbin/shutdown
•password: x
•user-id: 6
•userDir: /sbin
ssh_keys Group •group-id: 994
Page 68
Audit Report
•user-id: 991
•userDir: /var/run/tlog
tss Group •group-id: 59
5.1.11. 192.168.105.92
Page 69
Audit Report
Page 70
Audit Report
lp User •gid: 7
•loginShell: /sbin/nologin
•password: x
•user-id: 4
•userDir: /var/spool/lpd
rpc Group
Page 71
Audit Report
•group-id: 32
Page 72
Audit Report
•userDir: /home/tigoadmin
tlog User •full-name: Tlog terminal I/O logger
•gid: 989
•loginShell: /sbin/nologin
•password: x
•user-id: 992
•userDir: /var/run/tlog
tss User •full-name: Account used by the trousers package to sandbox the tcsd
daemon
•gid: 59
•loginShell: /sbin/nologin
•password: x
•user-id: 59
•userDir: /dev/null
Page 73
Audit Report
6. Discovered Databases
No database information was discovered during the scan.
Page 74
Audit Report
Page 75
Audit Report
8. Policy Evaluations
No policy evaluations were performed.
Page 76
Audit Report
Page 77