Hello Friends,
I need your help!
The Software Qualys reported some vulnerabilities that need to be corrected in a server being:
Title: Open TCP Services List
QID: 82023
Port IANA Assigned Ports / Services Description Service Redirected Port Detected On OS
22 ssh SSH Remote Login Protocol ssh
23 telnet telnet Telnet
MSRPC-135 DCE endpoint resolution EPMAP EPMAP DCERPC Endpoint Mapper
445 microsoft-ds Microsoft-DS microsoft-ds
513 login remote login a la telnet unknown
3389 ms-wbt-server MS WBT Server remote desk win
And to complement the information:
One or more of the Following services on the ports listed
must be stopped on server: rlogin on port 513/tcp
rsh on 514/tcpVNC port on port 5800/tcp
VNC on port 5801/tcp
VNC on port 5900/tcp
VNC port on 5901/tcpirc on port 6665/tcp
irc on port 6666/tcp
irc on port 6667/tcp
irc on port 6668/tcp
irc on port 6669/tcp
The problem is that I could not find a solution to this vulnerability, remembering that it's server is runing Windows Server 2003.
Thank you for a brief return, thanks!
Hi,
QID 82023 is not a vulnerability but rather an Information Gathered QID, which reports any TCP port(s) we detected during the scan. If one or more of these ports should not be detected, I would assume that you would need to disable the service that is associated with the TCP port or block access to the port.
For example, in your results we detected TCP 3389, which is the Windows Remote Desktop service. If policy dictates that RDC should not be available, you would need to disable the service on the target system or block access to the port from unauthorized IPs.
Please let me know if this does not answer your question and we can continue to discuss further or you can contact Technical Support to open a case.