HIPAA Report

advertisement
HIPAA Report
HIPAA Report
I.T. Security:
Address:
Tel.:
Report Filter
Date:
Date from: 2015-01-01
Date to: 2015-06-09
Assets Selected:
All Assets
User: admin / 2015-06-09 15:28:22
2015-06-09 15:26:47
Page 1 / 20
HIPAA Report
HIPAA Report
The Health Insurance Portability & Accountability Act of 1996, Public Law 104-191 requires improved efficiency in
healthcare delivery by standardizing electronic data interchange, as well as the protection of confidentiality and security of
health data through setting and enforcing standards.
This report provides support for a systematic review of some of the HIPAA requirements.
Note: The asset configuration of the report should limited to healthcare data servers and security and network
devices involved in the healthcare data transmission.
User: admin / 2015-06-09 15:28:22
Page 2 / 20
HIPAA Report
SECTION I. Prevention and Detection
This section of the report is intended for an operational review of the security of the system to comply with HIPAA
164.308.1 and 164.308.1b requirement of implementing and reviewing detection and prevention security controls.
Review Review Metrics of the System
Risk Metrics for the period.
User: admin / 2015-06-09 15:28:22
Page 3 / 20
HIPAA Report
Alarms
Alarms summary for the period.
Alarms - Top 10 Alarms
Alarm
from: 2015-01-01
to: 2015-06-09
from: 2015-01-01
to: 2015-06-09
from: 2015-01-01
to: 2015-06-09
Occurrences
Exploitation & Installation — Malicious
website - Exploit Kit — Angler EK
4.686
Exploitation & Installation — Malicious
website — Suspicious Java followed by an
executable
1.673
Exploitation & Installation — Malicious
website - Exploit Kit — FlashPack EK
1.509
Exploitation & Installation — Malicious
website - Exploit Kit — Java Rhino
1.337
Exploitation & Installation — Malicious
website - Exploit Kit — Nuclear EK
1.013
Exploitation & Installation — Malicious
website - Exploit Kit — Fiesta
663
Exploitation & Installation — Malicious
website - Exploit Kit — GoonEK
507
Delivery & Attack — Bruteforce
Authentication — SSH
416
System Compromise — Trojan infection —
Andromeda
370
snort: "ET TROJAN Java EXE Download
by Vulnerable Version - Likely Driveby"
370
Alarms - Top 10 Attacker hosts
Host
Occurrences
23.239.12.68
4.682
92.63.100.150
4.021
198.50.185.76
1.705
Gallium
1.262
31.31.196.12
1.169
Germanium
1.047
85.118.128.37
508
24.34.23.12
416
172.16.2.156
252
64.202.116.124
163
Alarms - Top 10 Attacked hosts
User: admin / 2015-06-09 15:28:22
Page 4 / 20
HIPAA Report
Host
Occurrences
Gallium
7.058
Germanium
4.021
172.16.2.156
1.169
64.202.116.124
713
0.0.0.0
416
74.220.215.57
386
193.107.17.249
385
188.72.243.72
380
46.165.222.218
185
173.194.77.104
166
Alarms - Top 10 Destination Ports
Port
Service
49387
unknown
3.657
1077
unknown
3.346
80
http
2.650
49374
unknown
1.713
49386
unknown
1.029
49199
unknown
839
1062
unknown
677
22
ssh
416
49163
unknown
340
49168
unknown
168
from: 2015-01-01
to: 2015-06-09
from: 2015-01-01
to: 2015-06-09
Occurrences
Alarms - Top 15 Alarms by Risk
User: admin / 2015-06-09 15:28:22
Page 5 / 20
HIPAA Report
Alarm
Risk
Exploitation & Installation — Malicious website - Exploit Kit — Blackhole
System Compromise — Trojan infection — Zeus
Exploitation & Installation — Malware infection — Exploit kit
8
Exploitation & Installation — Malicious website - Exploit Kit — Fiesta
8
Exploitation & Installation — Malicious website - Exploit Kit — Angler EK
8
Exploitation & Installation — Malicious website - Exploit Kit — GoonEK
8
Exploitation & Installation — Malicious website — Suspicious Java followed by an executable
8
Exploitation & Installation — Malicious website — Java Exploit
8
Exploitation & Installation — Malicious website - Exploit Kit — Nuclear EK
8
Exploitation & Installation — Malicious website - Exploit Kit — Fiesta/Phoenix
6
System Compromise — Trojan infection — Banload
4
System Compromise — Trojan infection — Glupteba
4
System Compromise — Fake Antivirus infection — Generic
4
System Compromise — Fake Antivirus infection — Generic FakeAV
4
System Compromise — Trojan infection — Banker
4
User: admin / 2015-06-09 15:28:22
Page 6 / 20
HIPAA Report
Logger
Logger storage summary.
Raw Logs - Events Trend
(*) Time UTC
User: admin / 2015-06-09 15:28:22
from: 2015-01-01
to: 2015-06-09
Page 7 / 20
HIPAA Report
SIEM
SIEM events summary.
Geographic - Top 20 Attacker Countries
Country
Attacks
%
China
9924
21.6%
United States
9915
21.6%
Turkey
8845
19.3%
France
2681
5.8%
Germany
2087
4.5%
Netherlands
1658
3.6%
Russian Federation
1475
3.2%
Korea, Republic of
1122
2.4%
Canada
1029
2.2%
1022
2.2%
United Kingdom
838
1.8%
Poland
819
1.8%
Brazil
688
1.5%
Taiwan
674
1.5%
Ukraine
649
1.4%
Japan
611
1.3%
India
512
1.1%
Italy
471
1%
Hong Kong
454
1%
Sweden
445
1%
Unknown
User: admin / 2015-06-09 15:28:22
from: 2015-01-01
to: 2015-06-09
Page 8 / 20
HIPAA Report
Security - Top 10 Events
Event
to: 2015-06-09
Occurrences
SSHd: Failed password
65.647
sudo: Command executed [USERNAME]
47.924
snort: "ET SMTP Spamcop.net Block
Message"
29.607
SSHd: Invalid user
20.195
snort: "ET SMTP Abuseat.org Block
Message"
17.728
Fortigate: traffic forward message
10.088
snort: "ET POLICY PE EXE or DLL
Windows file download"
7.892
Fortigate: negotiate IPsec phase 2 notif Log
7.566
Fortigate: Authentication timed out Log
7.566
snort: "ET INFO EXE - Served Inline HTTP"
5.640
User: admin / 2015-06-09 15:28:22
from: 2015-01-01
Page 9 / 20
HIPAA Report
Security Events - Top 10 Destination Ports
Port
Service
22
ssh
88.623
80
http
47.363
49386
unknown
8.460
1077
unknown
8.270
49387
unknown
8.231
500
isakmp
7.566
1043
unknown
7.332
161
snmp
5.044
49199
unknown
4.136
53
domain
3.917
from: 2015-01-01
to: 2015-06-09
from: 2015-01-01
to: 2015-06-09
Occurrences
Security Events - Top 15 Events by Priority
Event
Priority
snort: "ET TROJAN FakeAV Check-in purporting to be MSIE with invalid terse HTTP
headers"
5
AV Malware, trojan Banbra detected on SRC_IP
5
snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae Checkin"
5
snort: "ET TROJAN Bredolab Downloader Communicating With Controller (1)"
5
AV Malware, Miuref
5
snort: "ET TROJAN Java EXE Download by Vulnerable Version - Likely Driveby"
5
AV Malware, trojan Sality detected on SRC_IP
5
snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae User-Agent malware"
5
AV Malware, DDoS trojan Blackenergy detected on SRC_IP
5
AV Malware, Trojan Andromeda detected on SRC_IP
5
snort: "ET TROJAN Bredolab Downloader Response Binaries from Controller"
5
AV Malware, dropper trojan Banload detected on SRC_IP
5
AV Malware, SPAM bot trojan Tedroo detected on SRC_IP
5
snort: "ETPRO TROJAN Net-Worm.Win32.Koobface.jxs Checkin"
5
AV Attacks, Fiesta/Phoenix exploit kit
5
Security Events - Top 10 Attacker hosts
User: admin / 2015-06-09 15:28:22
from: 2015-01-01
to: 2015-06-09
Page 10 / 20
HIPAA Report
Host
Occurrences
USM
48.739
24.34.23.12
42.925
28.826
Germanium
23.239.12.68
11.457
92.63.100.150
9.776
9.197
Gallium
200.74.141.50
7.566
207.217.125.50
7.332
31.31.196.12
7.144
192.168.100.40
6.973
Security Events - Top 10 Attacked hosts
Host
66.513
USM
48.891
Gallium
21.038
Gallium
7.514
172.16.2.156
7.144
5.044
192.168.6.3
5.044
Germanium
4.514
64.202.116.124
Holmium
User: admin / 2015-06-09 15:28:22
to: 2015-06-09
Occurrences
Germanium
200.21.231.154
from: 2015-01-01
4.512
4.501
Page 11 / 20
HIPAA Report
SECTION II. Identify Security Incidents
This section of the report is intended for an operational review of the security of the system to comply with HIPAA
164.308.6 requirement of security incidents identification and mitigation.
Tickets Status - Tickets By Status (All Assets)
Ticket Status
from: 2015-01-01
to: 2015-06-09
Occurrences
Closed
1
Studying
1
Open
67
Tickets Status - Closed Tickets By Month (All Assets)
Tickets Status - Tickets By Type (All Assets)
User: admin / 2015-06-09 15:28:22
from: 2015-01-01
to: 2015-06-09
Page 12 / 20
HIPAA Report
Ticket Type
Occurrences
Anomalies
1
Generic
1
OpenVAS Vulnerability
66
Tickets Status - Ticket Resolution Time (All Assets)
from: 2015-01-01
to: 2015-06-09
Tickets Status - Tickets By User In Charge (All Assets)
from: 2015-01-01
to: 2015-06-09
User: admin / 2015-06-09 15:28:22
Page 13 / 20
HIPAA Report
User in charge
Occurrences
Unknown entity
66
admin
2
Tickets - Alarm (Status: Open)
from: 2015-01-01
to: 2015-06-09
from: 2015-01-01
to: 2015-06-09
No Alarms with this criteria
Tickets - Vulnerability (Status: Open)
Date
Vulnerability
Date
Vulnerability
2015-02-24 23:14:31
Vulnerability - TCP timestamps
2015-02-24 23:14:31
Vulnerability - Determine which version
of BIND name daemon is running
2015-02-24 23:14:31
Vulnerability - Check for ident Service
2015-02-24 23:14:32
Vulnerability - TCP timestamps
2015-02-24 23:14:34
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:38
Vulnerability - TCP timestamps
2015-02-24 23:14:41
Vulnerability - DCE Services
Enumeration
2015-02-24 23:14:41
Vulnerability - TCP timestamps
2015-02-24 23:14:46
Vulnerability - OpenVAS Manager
Authentication Bypass
2015-02-24 23:14:46
Vulnerability - Check for SSL Weak
Ciphers
2015-02-24 23:14:47
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:14:51
Vulnerability - Port TCP:0
2015-02-24 23:14:53
Vulnerability - Dnsmasq Remote Denial
of Service Vulnerability
2015-02-24 23:14:54
Vulnerability - Dnsmasq TFTP Service
multiple vulnerabilities
2015-02-24 23:14:54
Vulnerability - MiniUPnP Multiple Denial
of Service Vulnerabilities
2015-02-24 23:14:54
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:54
Vulnerability - TCP timestamps
2015-02-24 23:14:55
Vulnerability - Samba
'client/mount.cifs.c ' Remote Denial of
Service Vulnerability
2015-02-24 23:14:58
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:14:58
Vulnerability - TCP timestamps
User: admin / 2015-06-09 15:28:22
Page 14 / 20
HIPAA Report
2015-02-24 23:14:58
Vulnerability - Check for SSL Weak
Ciphers
2015-02-24 23:14:59
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:14:59
Vulnerability - robot(s).txt exists on the
Web Server
2015-02-24 23:15:03
Vulnerability - Samba
'CAP_DAC_OVERRIDE' File
Permissions Security Bypass
Vulnerability
2015-02-24 23:15:03
Vulnerability - NFS export
2015-02-24 23:15:04
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:04
Vulnerability - Check for SSL Weak
Ciphers
2015-02-24 23:15:04
Vulnerability - Samba Multiple Remote
Denial of Service Vulnerabilities
2015-02-24 23:15:04
Vulnerability - Samba
'client/mount.cifs.c ' Remote Denial of
Service Vulnerability
2015-02-24 23:15:04
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:15:14
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:15
Vulnerability - TCP timestamps
2015-02-24 23:15:18
Vulnerability - Unknown detail
2015-02-24 23:15:18
Vulnerability - Unknown detail
2015-02-24 23:15:18
Vulnerability - Unknown detail
2015-02-24 23:15:18
Vulnerability - Unknown detail
2015-02-24 23:15:18
Vulnerability - Unknown detail
2015-02-24 23:15:19
Vulnerability - Unknown detail
2015-02-24 23:15:19
Vulnerability - Unknown detail
2015-02-24 23:15:19
Vulnerability - TCP timestamps
2015-02-24 23:15:19
Vulnerability - OpenSSH Legacy
Certificate Signing Information
Disclosure Vulnerability
2015-02-24 23:15:19
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:15:23
Vulnerability - Squid
information-disclosu re vulnerability
2015-02-24 23:15:23
Vulnerability - MySQL Authentication
Error Message User Enumeration
Vulnerability
2015-02-24 23:15:23
Vulnerability - Squid External Auth
Header Parser DOS Vulnerabilities
2015-02-24 23:15:23
Vulnerability - Squid HTCP Packets
Processing Denial of Service
Vulnerability
2015-02-24 23:15:23
Vulnerability - Squid Header-Only
Packets Remote Denial of Service
Vulnerability
2015-02-24 23:15:23
Vulnerability - Check for SSL Weak
Ciphers
2015-02-24 23:15:23
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:15:27
Vulnerability - Unknown detail
2015-02-24 23:15:28
Vulnerability - Unknown detail
2015-02-24 23:15:28
Vulnerability - Unknown detail
2015-02-24 23:15:28
Vulnerability - TCP timestamps
2015-02-24 23:15:28
Vulnerability - OpenSSH Legacy
Certificate Signing Information
Disclosure Vulnerability
2015-02-24 23:15:28
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:15:29
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:29
Vulnerability - TCP timestamps
2015-02-24 23:15:29
Vulnerability - Check for SSL Weak
Ciphers
2015-02-24 23:15:29
Vulnerability - openssh-server Forced
Command Handling Information
Disclosure Vulnerability
2015-02-24 23:15:31
Vulnerability - NFS export
2015-02-24 23:15:31
Vulnerability - TCP Sequence Number
Approximation Reset Denial of Service
Vulnerability
2015-02-24 23:15:32
Vulnerability - TCP timestamps
User: admin / 2015-06-09 15:28:22
Page 15 / 20
HIPAA Report
2015-02-24 23:15:32
Vulnerability - Apache Web Server
ETag Header Information Disclosure
Weakness
2015-02-24 23:15:33
Vulnerability - robot(s).txt exists on the
Web Server
2015-02-24 23:15:34
Vulnerability - TCP timestamps
2015-02-24 23:15:34
Vulnerability - robot(s).txt exists on the
Web Server
User: admin / 2015-06-09 15:28:22
Page 16 / 20
HIPAA Report
Detail
Vulnerability - TCP timestamps
IP:
192.168.100.2
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Vulnerability - TCP timestamps
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
IP:
192.168.100.46
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
Open
5
IP:
192.168.100.45
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Vulnerability - TCP timestamps
IP:
192.168.100.47
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Vulnerability - TCP timestamps
IP:
192.168.100.52
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
IP:
192.168.100.55
Status:
Port:
Nessus ID:
In charge:
9390
103827
Unknown entity
Priority:
Vulnerability - Check for SSL Weak Ciphers
IP:
192.168.100.55
Status:
Port:
Nessus ID:
In charge:
9390
103440
Unknown entity
Priority:
IP:
192.168.100.55
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
Vulnerability - Dnsmasq Remote Denial of Service
Vulnerability
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
53
103509
Unknown entity
Priority:
Open
5
Vulnerability - MiniUPnP Multiple Denial of Service
Vulnerabilities
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
1900
103657
Unknown entity
Priority:
Open
5
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
53
100267
Unknown entity
Priority:
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
IP:
192.168.100.62
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
Open
5
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
192.168.100.62
Status:
Port:
Nessus ID:
In charge:
443
103440
Unknown entity
Priority:
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
445
100499
Unknown entity
Priority:
User: admin / 2015-06-09 15:28:22
Open
5
Vulnerability - TCP timestamps
IP:
192.168.100.62
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Open
5
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
Open
5
Open
5
Vulnerability - Samba 'client/mount.cifs.c' Remote
Denial of Service Vulnerability
Vulnerability - Check for SSL Weak Ciphers
IP:
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
Open
5
Open
5
Vulnerability - Dnsmasq TFTP Service multiple
vulnerabilities
Vulnerability - TCP timestamps
IP:
Open
5
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
Open
5
Open
5
Vulnerability - OpenVAS Manager Authentication
Bypass
Open
5
Open
5
IP:
192.168.100.62
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
Open
5
Page 17 / 20
HIPAA Report
Vulnerability - Samba 'CAP_DAC_OVERRIDE' File
Permissions Security Bypass Vulnerability
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
445
100522
Unknown entity
Priority:
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
Open
5
Vulnerability - NFS export
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
2049
102014
Unknown entity
Priority:
Vulnerability - Check for SSL Weak Ciphers
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
443
103440
Unknown entity
Priority:
Vulnerability - Samba Multiple Remote Denial of Service
Vulnerabilities
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
445
100644
Unknown entity
Priority:
Open
5
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
Open
5
192.168.100.67
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
IP:
192.168.100.64
Status:
Port:
Nessus ID:
In charge:
445
100499
Unknown entity
Priority:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
IP:
192.168.100.67
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
3306
802046
Unknown entity
Priority:
Open
5
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Open
5
Open
5
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
3128
800473
Unknown entity
Priority:
Open
5
IP:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
3128
100147
Unknown entity
Priority:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
9390
103440
Unknown entity
Priority:
IP:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
3128
101105
Unknown entity
Priority:
User: admin / 2015-06-09 15:28:22
Open
5
Vulnerability - Squid Header-Only Packets Remote
Denial of Service Vulnerability
IP:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
3128
100412
Unknown entity
Priority:
Open
5
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
Open
5
Open
5
Vulnerability - Squid External Auth Header Parser DOS
Vulnerabilities
Vulnerability - Check for SSL Weak Ciphers
IP:
Open
5
Vulnerability - Squid information-disclosure
vulnerability
Vulnerability - Squid HTCP Packets Processing Denial
of Service Vulnerability
IP:
Open
5
Vulnerability - TCP timestamps
Vulnerability - MySQL Authentication Error Message
User Enumeration Vulnerability
IP:
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
IP:
Open
5
Vulnerability - Samba 'client/mount.cifs.c' Remote
Denial of Service Vulnerability
Vulnerability - TCP timestamps
IP:
Open
5
IP:
192.168.100.71
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
Open
5
Page 18 / 20
HIPAA Report
Vulnerability - TCP timestamps
IP:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
IP:
192.168.100.74
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
Open
5
IP:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
Vulnerability - TCP timestamps
IP:
192.168.100.74
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Vulnerability - Check for SSL Weak Ciphers
IP:
192.168.100.74
Status:
Port:
Nessus ID:
In charge:
443
103440
Unknown entity
Priority:
Vulnerability - NFS export
IP:
192.168.100.76
Status:
Port:
Nessus ID:
In charge:
2049
102014
Unknown entity
Priority:
Open
5
IP:
192.168.100.74
Status:
Port:
Nessus ID:
In charge:
22
103503
Unknown entity
Priority:
192.168.100.76
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
IP:
192.168.100.76
Status:
Port:
Nessus ID:
In charge:
0
902815
Unknown entity
Priority:
Vulnerability - TCP timestamps
IP:
192.168.100.79
Status:
Port:
Nessus ID:
In charge:
0
80091
Unknown entity
Priority:
Open
5
IP:
192.168.100.76
Status:
Port:
Nessus ID:
In charge:
80
103122
Unknown entity
Priority:
192.168.100.62
Status:
Port:
Nessus ID:
In charge:
443
10302
Unknown entity
Priority:
Open
3
IP:
192.168.100.2
Status:
Port:
Nessus ID:
In charge:
53
10028
Unknown entity
Priority:
192.168.100.79
Status:
Port:
Nessus ID:
In charge:
80
10302
Unknown entity
Priority:
Open
3
192.168.100.76
Status:
Port:
Nessus ID:
In charge:
8000
10302
Unknown entity
Priority:
192.168.100.52
Status:
Port:
Nessus ID:
In charge:
135
10736
Unknown entity
Priority:
User: admin / 2015-06-09 15:28:22
Open
2
Open
3
Vulnerability - Check for ident Service
IP:
192.168.100.2
Status:
Port:
Nessus ID:
In charge:
113
100081
Unknown entity
Priority:
Vulnerability - DCE Services Enumeration
IP:
Open
4
Vulnerability - robot(s).txt exists on the Web Server
IP:
Vulnerability - robot(s).txt exists on the Web Server
IP:
Open
5
Vulnerability - Determine which version of BIND name
daemon is running
Vulnerability - robot(s).txt exists on the Web Server
IP:
Open
5
Vulnerability - Apache Web Server ETag Header
Information Disclosure Weakness
Open
5
Open
5
Vulnerability - TCP Sequence Number Approximation
Reset Denial of Service Vulnerability
Vulnerability - TCP timestamps
IP:
Open
5
Vulnerability - openssh-server Forced Command
Handling Information Disclosure Vulnerability
Open
5
Open
5
Open
2
Vulnerability - Port TCP:0
IP:
192.168.100.61
Status:
Port:
Nessus ID:
In charge:
0
18164
Unknown entity
Priority:
Open
2
Page 19 / 20
HIPAA Report
Vulnerability - OpenSSH Legacy Certificate Signing
Information Disclosure Vulnerability
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
22
103064
Unknown entity
Priority:
Open
2
Vulnerability - OpenSSH Legacy Certificate Signing
Information Disclosure Vulnerability
IP:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
22
103064
Unknown entity
Priority:
Vulnerability - Unknown detail
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103849
Unknown entity
Priority:
Vulnerability - Unknown detail
Open
1
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103847
Unknown entity
Priority:
Vulnerability - Unknown detail
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103850
Unknown entity
Priority:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103864
Unknown entity
Priority:
Open
1
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103848
Unknown entity
Priority:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103885
Unknown entity
Priority:
1
IP:
192.168.100.70
Status:
Port:
Nessus ID:
In charge:
0
103846
Unknown entity
Priority:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
0
103846
Unknown entity
Priority:
Open
1
Vulnerability - Unknown detail
Open
1
IP:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
0
103864
Unknown entity
Priority:
Vulnerability - Unknown detail
IP:
Open
1
Vulnerability - Unknown detail
Open
Vulnerability - Unknown detail
IP:
Open
1
Vulnerability - Unknown detail
Vulnerability - Unknown detail
IP:
Open
2
Open
1
Vulnerability - Unknown detail
Open
1
IP:
192.168.100.72
Status:
Port:
Nessus ID:
In charge:
0
103885
Unknown entity
Priority:
Tickets - Metric (Status: Open)
from: 2015-01-01
Open
1
to: 2015-06-09
No Metrics with this criteria
User: admin / 2015-06-09 15:28:22
Page 20 / 20
Download