HIPAA Report HIPAA Report I.T. Security: Address: Tel.: Report Filter Date: Date from: 2015-01-01 Date to: 2015-06-09 Assets Selected: All Assets User: admin / 2015-06-09 15:28:22 2015-06-09 15:26:47 Page 1 / 20 HIPAA Report HIPAA Report The Health Insurance Portability & Accountability Act of 1996, Public Law 104-191 requires improved efficiency in healthcare delivery by standardizing electronic data interchange, as well as the protection of confidentiality and security of health data through setting and enforcing standards. This report provides support for a systematic review of some of the HIPAA requirements. Note: The asset configuration of the report should limited to healthcare data servers and security and network devices involved in the healthcare data transmission. User: admin / 2015-06-09 15:28:22 Page 2 / 20 HIPAA Report SECTION I. Prevention and Detection This section of the report is intended for an operational review of the security of the system to comply with HIPAA 164.308.1 and 164.308.1b requirement of implementing and reviewing detection and prevention security controls. Review Review Metrics of the System Risk Metrics for the period. User: admin / 2015-06-09 15:28:22 Page 3 / 20 HIPAA Report Alarms Alarms summary for the period. Alarms - Top 10 Alarms Alarm from: 2015-01-01 to: 2015-06-09 from: 2015-01-01 to: 2015-06-09 from: 2015-01-01 to: 2015-06-09 Occurrences Exploitation & Installation — Malicious website - Exploit Kit — Angler EK 4.686 Exploitation & Installation — Malicious website — Suspicious Java followed by an executable 1.673 Exploitation & Installation — Malicious website - Exploit Kit — FlashPack EK 1.509 Exploitation & Installation — Malicious website - Exploit Kit — Java Rhino 1.337 Exploitation & Installation — Malicious website - Exploit Kit — Nuclear EK 1.013 Exploitation & Installation — Malicious website - Exploit Kit — Fiesta 663 Exploitation & Installation — Malicious website - Exploit Kit — GoonEK 507 Delivery & Attack — Bruteforce Authentication — SSH 416 System Compromise — Trojan infection — Andromeda 370 snort: "ET TROJAN Java EXE Download by Vulnerable Version - Likely Driveby" 370 Alarms - Top 10 Attacker hosts Host Occurrences 23.239.12.68 4.682 92.63.100.150 4.021 198.50.185.76 1.705 Gallium 1.262 31.31.196.12 1.169 Germanium 1.047 85.118.128.37 508 24.34.23.12 416 172.16.2.156 252 64.202.116.124 163 Alarms - Top 10 Attacked hosts User: admin / 2015-06-09 15:28:22 Page 4 / 20 HIPAA Report Host Occurrences Gallium 7.058 Germanium 4.021 172.16.2.156 1.169 64.202.116.124 713 0.0.0.0 416 74.220.215.57 386 193.107.17.249 385 188.72.243.72 380 46.165.222.218 185 173.194.77.104 166 Alarms - Top 10 Destination Ports Port Service 49387 unknown 3.657 1077 unknown 3.346 80 http 2.650 49374 unknown 1.713 49386 unknown 1.029 49199 unknown 839 1062 unknown 677 22 ssh 416 49163 unknown 340 49168 unknown 168 from: 2015-01-01 to: 2015-06-09 from: 2015-01-01 to: 2015-06-09 Occurrences Alarms - Top 15 Alarms by Risk User: admin / 2015-06-09 15:28:22 Page 5 / 20 HIPAA Report Alarm Risk Exploitation & Installation — Malicious website - Exploit Kit — Blackhole System Compromise — Trojan infection — Zeus Exploitation & Installation — Malware infection — Exploit kit 8 Exploitation & Installation — Malicious website - Exploit Kit — Fiesta 8 Exploitation & Installation — Malicious website - Exploit Kit — Angler EK 8 Exploitation & Installation — Malicious website - Exploit Kit — GoonEK 8 Exploitation & Installation — Malicious website — Suspicious Java followed by an executable 8 Exploitation & Installation — Malicious website — Java Exploit 8 Exploitation & Installation — Malicious website - Exploit Kit — Nuclear EK 8 Exploitation & Installation — Malicious website - Exploit Kit — Fiesta/Phoenix 6 System Compromise — Trojan infection — Banload 4 System Compromise — Trojan infection — Glupteba 4 System Compromise — Fake Antivirus infection — Generic 4 System Compromise — Fake Antivirus infection — Generic FakeAV 4 System Compromise — Trojan infection — Banker 4 User: admin / 2015-06-09 15:28:22 Page 6 / 20 HIPAA Report Logger Logger storage summary. Raw Logs - Events Trend (*) Time UTC User: admin / 2015-06-09 15:28:22 from: 2015-01-01 to: 2015-06-09 Page 7 / 20 HIPAA Report SIEM SIEM events summary. Geographic - Top 20 Attacker Countries Country Attacks % China 9924 21.6% United States 9915 21.6% Turkey 8845 19.3% France 2681 5.8% Germany 2087 4.5% Netherlands 1658 3.6% Russian Federation 1475 3.2% Korea, Republic of 1122 2.4% Canada 1029 2.2% 1022 2.2% United Kingdom 838 1.8% Poland 819 1.8% Brazil 688 1.5% Taiwan 674 1.5% Ukraine 649 1.4% Japan 611 1.3% India 512 1.1% Italy 471 1% Hong Kong 454 1% Sweden 445 1% Unknown User: admin / 2015-06-09 15:28:22 from: 2015-01-01 to: 2015-06-09 Page 8 / 20 HIPAA Report Security - Top 10 Events Event to: 2015-06-09 Occurrences SSHd: Failed password 65.647 sudo: Command executed [USERNAME] 47.924 snort: "ET SMTP Spamcop.net Block Message" 29.607 SSHd: Invalid user 20.195 snort: "ET SMTP Abuseat.org Block Message" 17.728 Fortigate: traffic forward message 10.088 snort: "ET POLICY PE EXE or DLL Windows file download" 7.892 Fortigate: negotiate IPsec phase 2 notif Log 7.566 Fortigate: Authentication timed out Log 7.566 snort: "ET INFO EXE - Served Inline HTTP" 5.640 User: admin / 2015-06-09 15:28:22 from: 2015-01-01 Page 9 / 20 HIPAA Report Security Events - Top 10 Destination Ports Port Service 22 ssh 88.623 80 http 47.363 49386 unknown 8.460 1077 unknown 8.270 49387 unknown 8.231 500 isakmp 7.566 1043 unknown 7.332 161 snmp 5.044 49199 unknown 4.136 53 domain 3.917 from: 2015-01-01 to: 2015-06-09 from: 2015-01-01 to: 2015-06-09 Occurrences Security Events - Top 15 Events by Priority Event Priority snort: "ET TROJAN FakeAV Check-in purporting to be MSIE with invalid terse HTTP headers" 5 AV Malware, trojan Banbra detected on SRC_IP 5 snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae Checkin" 5 snort: "ET TROJAN Bredolab Downloader Communicating With Controller (1)" 5 AV Malware, Miuref 5 snort: "ET TROJAN Java EXE Download by Vulnerable Version - Likely Driveby" 5 AV Malware, trojan Sality detected on SRC_IP 5 snort: "ETPRO TROJAN Trojan.Win32.Riancon.ae User-Agent malware" 5 AV Malware, DDoS trojan Blackenergy detected on SRC_IP 5 AV Malware, Trojan Andromeda detected on SRC_IP 5 snort: "ET TROJAN Bredolab Downloader Response Binaries from Controller" 5 AV Malware, dropper trojan Banload detected on SRC_IP 5 AV Malware, SPAM bot trojan Tedroo detected on SRC_IP 5 snort: "ETPRO TROJAN Net-Worm.Win32.Koobface.jxs Checkin" 5 AV Attacks, Fiesta/Phoenix exploit kit 5 Security Events - Top 10 Attacker hosts User: admin / 2015-06-09 15:28:22 from: 2015-01-01 to: 2015-06-09 Page 10 / 20 HIPAA Report Host Occurrences USM 48.739 24.34.23.12 42.925 28.826 Germanium 23.239.12.68 11.457 92.63.100.150 9.776 9.197 Gallium 200.74.141.50 7.566 207.217.125.50 7.332 31.31.196.12 7.144 192.168.100.40 6.973 Security Events - Top 10 Attacked hosts Host 66.513 USM 48.891 Gallium 21.038 Gallium 7.514 172.16.2.156 7.144 5.044 192.168.6.3 5.044 Germanium 4.514 64.202.116.124 Holmium User: admin / 2015-06-09 15:28:22 to: 2015-06-09 Occurrences Germanium 200.21.231.154 from: 2015-01-01 4.512 4.501 Page 11 / 20 HIPAA Report SECTION II. Identify Security Incidents This section of the report is intended for an operational review of the security of the system to comply with HIPAA 164.308.6 requirement of security incidents identification and mitigation. Tickets Status - Tickets By Status (All Assets) Ticket Status from: 2015-01-01 to: 2015-06-09 Occurrences Closed 1 Studying 1 Open 67 Tickets Status - Closed Tickets By Month (All Assets) Tickets Status - Tickets By Type (All Assets) User: admin / 2015-06-09 15:28:22 from: 2015-01-01 to: 2015-06-09 Page 12 / 20 HIPAA Report Ticket Type Occurrences Anomalies 1 Generic 1 OpenVAS Vulnerability 66 Tickets Status - Ticket Resolution Time (All Assets) from: 2015-01-01 to: 2015-06-09 Tickets Status - Tickets By User In Charge (All Assets) from: 2015-01-01 to: 2015-06-09 User: admin / 2015-06-09 15:28:22 Page 13 / 20 HIPAA Report User in charge Occurrences Unknown entity 66 admin 2 Tickets - Alarm (Status: Open) from: 2015-01-01 to: 2015-06-09 from: 2015-01-01 to: 2015-06-09 No Alarms with this criteria Tickets - Vulnerability (Status: Open) Date Vulnerability Date Vulnerability 2015-02-24 23:14:31 Vulnerability - TCP timestamps 2015-02-24 23:14:31 Vulnerability - Determine which version of BIND name daemon is running 2015-02-24 23:14:31 Vulnerability - Check for ident Service 2015-02-24 23:14:32 Vulnerability - TCP timestamps 2015-02-24 23:14:34 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:14:38 Vulnerability - TCP timestamps 2015-02-24 23:14:41 Vulnerability - DCE Services Enumeration 2015-02-24 23:14:41 Vulnerability - TCP timestamps 2015-02-24 23:14:46 Vulnerability - OpenVAS Manager Authentication Bypass 2015-02-24 23:14:46 Vulnerability - Check for SSL Weak Ciphers 2015-02-24 23:14:47 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:14:51 Vulnerability - Port TCP:0 2015-02-24 23:14:53 Vulnerability - Dnsmasq Remote Denial of Service Vulnerability 2015-02-24 23:14:54 Vulnerability - Dnsmasq TFTP Service multiple vulnerabilities 2015-02-24 23:14:54 Vulnerability - MiniUPnP Multiple Denial of Service Vulnerabilities 2015-02-24 23:14:54 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:14:54 Vulnerability - TCP timestamps 2015-02-24 23:14:55 Vulnerability - Samba 'client/mount.cifs.c ' Remote Denial of Service Vulnerability 2015-02-24 23:14:58 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:14:58 Vulnerability - TCP timestamps User: admin / 2015-06-09 15:28:22 Page 14 / 20 HIPAA Report 2015-02-24 23:14:58 Vulnerability - Check for SSL Weak Ciphers 2015-02-24 23:14:59 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:14:59 Vulnerability - robot(s).txt exists on the Web Server 2015-02-24 23:15:03 Vulnerability - Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability 2015-02-24 23:15:03 Vulnerability - NFS export 2015-02-24 23:15:04 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:15:04 Vulnerability - Check for SSL Weak Ciphers 2015-02-24 23:15:04 Vulnerability - Samba Multiple Remote Denial of Service Vulnerabilities 2015-02-24 23:15:04 Vulnerability - Samba 'client/mount.cifs.c ' Remote Denial of Service Vulnerability 2015-02-24 23:15:04 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:15:14 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:15:15 Vulnerability - TCP timestamps 2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:18 Vulnerability - Unknown detail 2015-02-24 23:15:19 Vulnerability - Unknown detail 2015-02-24 23:15:19 Vulnerability - Unknown detail 2015-02-24 23:15:19 Vulnerability - TCP timestamps 2015-02-24 23:15:19 Vulnerability - OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability 2015-02-24 23:15:19 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:15:23 Vulnerability - Squid information-disclosu re vulnerability 2015-02-24 23:15:23 Vulnerability - MySQL Authentication Error Message User Enumeration Vulnerability 2015-02-24 23:15:23 Vulnerability - Squid External Auth Header Parser DOS Vulnerabilities 2015-02-24 23:15:23 Vulnerability - Squid HTCP Packets Processing Denial of Service Vulnerability 2015-02-24 23:15:23 Vulnerability - Squid Header-Only Packets Remote Denial of Service Vulnerability 2015-02-24 23:15:23 Vulnerability - Check for SSL Weak Ciphers 2015-02-24 23:15:23 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:15:27 Vulnerability - Unknown detail 2015-02-24 23:15:28 Vulnerability - Unknown detail 2015-02-24 23:15:28 Vulnerability - Unknown detail 2015-02-24 23:15:28 Vulnerability - TCP timestamps 2015-02-24 23:15:28 Vulnerability - OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability 2015-02-24 23:15:28 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:15:29 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:15:29 Vulnerability - TCP timestamps 2015-02-24 23:15:29 Vulnerability - Check for SSL Weak Ciphers 2015-02-24 23:15:29 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability 2015-02-24 23:15:31 Vulnerability - NFS export 2015-02-24 23:15:31 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability 2015-02-24 23:15:32 Vulnerability - TCP timestamps User: admin / 2015-06-09 15:28:22 Page 15 / 20 HIPAA Report 2015-02-24 23:15:32 Vulnerability - Apache Web Server ETag Header Information Disclosure Weakness 2015-02-24 23:15:33 Vulnerability - robot(s).txt exists on the Web Server 2015-02-24 23:15:34 Vulnerability - TCP timestamps 2015-02-24 23:15:34 Vulnerability - robot(s).txt exists on the Web Server User: admin / 2015-06-09 15:28:22 Page 16 / 20 HIPAA Report Detail Vulnerability - TCP timestamps IP: 192.168.100.2 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Vulnerability - TCP timestamps Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability IP: 192.168.100.46 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: Open 5 IP: 192.168.100.45 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Vulnerability - TCP timestamps IP: 192.168.100.47 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Vulnerability - TCP timestamps IP: 192.168.100.52 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: IP: 192.168.100.55 Status: Port: Nessus ID: In charge: 9390 103827 Unknown entity Priority: Vulnerability - Check for SSL Weak Ciphers IP: 192.168.100.55 Status: Port: Nessus ID: In charge: 9390 103440 Unknown entity Priority: IP: 192.168.100.55 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: Vulnerability - Dnsmasq Remote Denial of Service Vulnerability IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 53 103509 Unknown entity Priority: Open 5 Vulnerability - MiniUPnP Multiple Denial of Service Vulnerabilities IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 1900 103657 Unknown entity Priority: Open 5 192.168.100.61 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 53 100267 Unknown entity Priority: Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability IP: 192.168.100.62 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: Open 5 IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: 192.168.100.62 Status: Port: Nessus ID: In charge: 443 103440 Unknown entity Priority: IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 445 100499 Unknown entity Priority: User: admin / 2015-06-09 15:28:22 Open 5 Vulnerability - TCP timestamps IP: 192.168.100.62 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Open 5 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability Open 5 Open 5 Vulnerability - Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability Vulnerability - Check for SSL Weak Ciphers IP: Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability Open 5 Open 5 Vulnerability - Dnsmasq TFTP Service multiple vulnerabilities Vulnerability - TCP timestamps IP: Open 5 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability Open 5 Open 5 Vulnerability - OpenVAS Manager Authentication Bypass Open 5 Open 5 IP: 192.168.100.62 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: Open 5 Page 17 / 20 HIPAA Report Vulnerability - Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 445 100522 Unknown entity Priority: Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: Open 5 Vulnerability - NFS export IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 2049 102014 Unknown entity Priority: Vulnerability - Check for SSL Weak Ciphers IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 443 103440 Unknown entity Priority: Vulnerability - Samba Multiple Remote Denial of Service Vulnerabilities IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 445 100644 Unknown entity Priority: Open 5 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: Open 5 192.168.100.67 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: IP: 192.168.100.64 Status: Port: Nessus ID: In charge: 445 100499 Unknown entity Priority: 192.168.100.70 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: IP: 192.168.100.67 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: 192.168.100.71 Status: Port: Nessus ID: In charge: 3306 802046 Unknown entity Priority: Open 5 IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Open 5 Open 5 192.168.100.71 Status: Port: Nessus ID: In charge: 3128 800473 Unknown entity Priority: Open 5 IP: 192.168.100.71 Status: Port: Nessus ID: In charge: 3128 100147 Unknown entity Priority: 192.168.100.71 Status: Port: Nessus ID: In charge: 9390 103440 Unknown entity Priority: IP: 192.168.100.71 Status: Port: Nessus ID: In charge: 3128 101105 Unknown entity Priority: User: admin / 2015-06-09 15:28:22 Open 5 Vulnerability - Squid Header-Only Packets Remote Denial of Service Vulnerability IP: 192.168.100.71 Status: Port: Nessus ID: In charge: 3128 100412 Unknown entity Priority: Open 5 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability Open 5 Open 5 Vulnerability - Squid External Auth Header Parser DOS Vulnerabilities Vulnerability - Check for SSL Weak Ciphers IP: Open 5 Vulnerability - Squid information-disclosure vulnerability Vulnerability - Squid HTCP Packets Processing Denial of Service Vulnerability IP: Open 5 Vulnerability - TCP timestamps Vulnerability - MySQL Authentication Error Message User Enumeration Vulnerability IP: Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability IP: Open 5 Vulnerability - Samba 'client/mount.cifs.c' Remote Denial of Service Vulnerability Vulnerability - TCP timestamps IP: Open 5 IP: 192.168.100.71 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: Open 5 Page 18 / 20 HIPAA Report Vulnerability - TCP timestamps IP: 192.168.100.72 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability IP: 192.168.100.74 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability Open 5 IP: 192.168.100.72 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: Vulnerability - TCP timestamps IP: 192.168.100.74 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Vulnerability - Check for SSL Weak Ciphers IP: 192.168.100.74 Status: Port: Nessus ID: In charge: 443 103440 Unknown entity Priority: Vulnerability - NFS export IP: 192.168.100.76 Status: Port: Nessus ID: In charge: 2049 102014 Unknown entity Priority: Open 5 IP: 192.168.100.74 Status: Port: Nessus ID: In charge: 22 103503 Unknown entity Priority: 192.168.100.76 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: IP: 192.168.100.76 Status: Port: Nessus ID: In charge: 0 902815 Unknown entity Priority: Vulnerability - TCP timestamps IP: 192.168.100.79 Status: Port: Nessus ID: In charge: 0 80091 Unknown entity Priority: Open 5 IP: 192.168.100.76 Status: Port: Nessus ID: In charge: 80 103122 Unknown entity Priority: 192.168.100.62 Status: Port: Nessus ID: In charge: 443 10302 Unknown entity Priority: Open 3 IP: 192.168.100.2 Status: Port: Nessus ID: In charge: 53 10028 Unknown entity Priority: 192.168.100.79 Status: Port: Nessus ID: In charge: 80 10302 Unknown entity Priority: Open 3 192.168.100.76 Status: Port: Nessus ID: In charge: 8000 10302 Unknown entity Priority: 192.168.100.52 Status: Port: Nessus ID: In charge: 135 10736 Unknown entity Priority: User: admin / 2015-06-09 15:28:22 Open 2 Open 3 Vulnerability - Check for ident Service IP: 192.168.100.2 Status: Port: Nessus ID: In charge: 113 100081 Unknown entity Priority: Vulnerability - DCE Services Enumeration IP: Open 4 Vulnerability - robot(s).txt exists on the Web Server IP: Vulnerability - robot(s).txt exists on the Web Server IP: Open 5 Vulnerability - Determine which version of BIND name daemon is running Vulnerability - robot(s).txt exists on the Web Server IP: Open 5 Vulnerability - Apache Web Server ETag Header Information Disclosure Weakness Open 5 Open 5 Vulnerability - TCP Sequence Number Approximation Reset Denial of Service Vulnerability Vulnerability - TCP timestamps IP: Open 5 Vulnerability - openssh-server Forced Command Handling Information Disclosure Vulnerability Open 5 Open 5 Open 2 Vulnerability - Port TCP:0 IP: 192.168.100.61 Status: Port: Nessus ID: In charge: 0 18164 Unknown entity Priority: Open 2 Page 19 / 20 HIPAA Report Vulnerability - OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 22 103064 Unknown entity Priority: Open 2 Vulnerability - OpenSSH Legacy Certificate Signing Information Disclosure Vulnerability IP: 192.168.100.72 Status: Port: Nessus ID: In charge: 22 103064 Unknown entity Priority: Vulnerability - Unknown detail IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103849 Unknown entity Priority: Vulnerability - Unknown detail Open 1 IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103847 Unknown entity Priority: Vulnerability - Unknown detail IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103850 Unknown entity Priority: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103864 Unknown entity Priority: Open 1 IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103848 Unknown entity Priority: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103885 Unknown entity Priority: 1 IP: 192.168.100.70 Status: Port: Nessus ID: In charge: 0 103846 Unknown entity Priority: 192.168.100.72 Status: Port: Nessus ID: In charge: 0 103846 Unknown entity Priority: Open 1 Vulnerability - Unknown detail Open 1 IP: 192.168.100.72 Status: Port: Nessus ID: In charge: 0 103864 Unknown entity Priority: Vulnerability - Unknown detail IP: Open 1 Vulnerability - Unknown detail Open Vulnerability - Unknown detail IP: Open 1 Vulnerability - Unknown detail Vulnerability - Unknown detail IP: Open 2 Open 1 Vulnerability - Unknown detail Open 1 IP: 192.168.100.72 Status: Port: Nessus ID: In charge: 0 103885 Unknown entity Priority: Tickets - Metric (Status: Open) from: 2015-01-01 Open 1 to: 2015-06-09 No Metrics with this criteria User: admin / 2015-06-09 15:28:22 Page 20 / 20