Hello Everyone!
We have a client i which they did a vulnerability test and the results were that
23/tcp-telnet | Unencrypted Telnet Server |
0/tcp-general | IP Forwarding Enabled |
| |
53/udp-dns | DNS Server Cache Snooping Remote Information Disclosure |
I do understand that the port 23 telnet is on by default as far i can read on Aruba hardening guide but it will close the connection
IS there any way to disable it? Iknow there is a checkmark to enable but as far i remenber is not on... guess when you enable it it wont close the connections?? Anyways i woulld like to know how to close it completelly
For the DNS Server Cache Snooping Remote Information Disclosure
As i read on the hardening guide it says
"ArubaOS includes a “DNS responder” that listens on UDP port 53. Any query sent to this responder will result in a response that contains the controller’s IP address. Vulnerability scanners may report that this service responds to recursive queries, that it allows cache snooping, or that it enables traffic amplification attacks. It is important to note that this service is not an actual DNS server, and these warnings may be safely ignored."
So i guess i dont have to worry about that...
Now IP Forwarding Enabled what do this actually mean? not sure what action to take here
Any ideas?
This is just found in the Guest SSIDS.. the other had no issue(the corporate SSID)
Cheers
Carlos