Nmap/Zenmap Scan Of Corporation Techs Web Server Traffic

Submitted By rtucker1984
Words: 360
Pages: 2

This report is based on the analysis of the latest Nmap / Zenmap scan of Corporation Techs’ Web Server traffic. There is an extensive list of services that should be disabled when configuring a dedicated Web Server initially. During my analysis of the scan that was conducted on the network I found that only five of the services shown should actually be running on the company’s dedicated Web Server. The five that should be running are; Domain, SSH, TCPwrapped, SMTP, and HTTPS. The rest of the services listed pose security vulnerabilities and one in particular is a definite sign of a pre-attack probe on the network. That being said the services that should be disabled are the following; HTTP, Auth, MSRPC, NetBios-ssn, Microsoft-ds, unknown, and ftp. On a dedicated Web Server the HTTP protocol is an unnecessary service, if the administrator needs to he/she can run HTTPS with a SSL for security. The only Authentication Service that should be enabled is either Basic Authentication or Integrated Authentication, both Anonymous and Digest Authentication should be disabled. The MSRPC service that is listed is a sign of a pre-attack probe by an attacker. MSRPC is a null service that would give an attacker system level permissions and is usually done through NetBIOS over TCP/IP. The best protection for this is to remove all unnecessary shares, Anonymous connections, file and print shares, and disable NetBIOS over TCP/IP in the Network advanced TCP/IP settings. The other services that