A VMWare authentication daemon is running on this port:
220 VMware Authentication Daemon Version 1.10: SSL Required,
ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC ,
https (443/tcp)
Information
A web server is running on this port
apex-mesh (912/tcp)
Information
A VMWare authentication daemon is running on this port:
220 VMware Authentication Daemon Version 1.0,
ServerDaemonProtocol:SOAP, MKSDisplayProtocol:VNC ,
general/tcp
Information
No port for an ssh connect was found open.
Hence local security checks might not work.
microsoft-ds (445/tcp)
Information
A CIFS server is running on this port
netbios-ssn (139/tcp)
Information
An SMB server is running on this port
microsoft-ds (445/tcp)
Information
Overview:
It is possible to extract OS, domain and SMB server information
from the Session Setup AndX Response packet which is generated
during NTLM authentication.
Detected SMB workgroup: BTSZK
Detected SMB server: Windows 7 Professional 6.1
Detected OS: Windows 7 Professional 7601 Service Pack 1
netbios-ns (137/udp)
Information
The following 4 NetBIOS names have been gathered :
ZOLI-PC
BTSZK = Workgroup / Domain name
ZOLI-PC = This is the computer name
BTSZK = Workgroup / Domain name (part of the Browser elections)
The remote host has the following MAC address on its adapter :
00:1e:37:1e:23:91
If you do not want to allow everyone to find the NetBios name
of your computer, you should filter incoming traffic to this port.
epmap (135/tcp)
Low
Distributed Computing Environment (DCE) services running on the remote
host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Solution : filter incoming traffic to this port.
epmap (135/tcp)
Low
Distributed Computing Environment (DCE) services
running on the remote host
can be enumerated by connecting on port 135 and doing the appropriate
queries.
An attacker may use this fact to gain more knowledge
about the remote host.
Here is the list of DCE services running on this host:
Port: 49152/tcp
UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49152]
Port: 49153/tcp
UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49153]
Annotation: Event log TCPIP
UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49153]
Annotation: NRP server endpoint
UUID: 06bba54a-be05-49f9-b0a0-30f790261023, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49153]
Annotation: Security Center
Port: 49154/tcp
UUID: 86d35949-83c9-4044-b424-db363231fd0c, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: IKE/Authip API
UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: IP Transition Configuration endpoint
UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: XactSrv service
UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: Impl friendly name
UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
UUID: 201ef99a-7fa0-444c-9399-19ba84f12a1a, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: AppInfo
UUID: 5f54ce7d-5b79-4175-8584-cb65313a0e98, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: AppInfo
UUID: fd7a0523-dc70-43dd-9b2e-9c5ed48225b1, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: AppInfo
UUID: 58e604e8-9adb-4d2e-a464-3b0683fb1480, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49154]
Annotation: AppInfo
Port: 49155/tcp
UUID: 12345778-1234-abcd-ef00-0123456789ac, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49155]
Named pipe : lsass
Win32 service or process : lsass.exe
Description : SAM access
Port: 49176/tcp
UUID: 367abb81-9844-35f1-ad32-98f038001003, version 2
Endpoint: ncacn_ip_tcp:192.168.101.104[49176]
Port: 49177/tcp
UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49177]
Annotation: Remote Fw APIs
UUID: 12345678-1234-abcd-ef00-0123456789ab, version 1
Endpoint: ncacn_ip_tcp:192.168.101.104[49177]
Annotation: IPSec Policy agent endpoint
Named pipe : spoolss
Win32 service or process : spoolsv.exe
Description : Spooler service
Solution : filter incoming traffic to this port(s).
general/tcp
Information
ICMP based OS fingerprint results: (80% confidence)
HP JetDirect
icslap (2869/tcp)
Low
A (non-RFC compliant) web server seems to be running on
this port
w3af could not be found in your system path.
OpenVAS was unable to execute w3af and to perform the scan you
requested.
Please make sure that w3af is installed and that w3af_console is
available in the PATH variable defined for your environment.
https (443/tcp)
Information
w3af could not be found in your system path.
OpenVAS was unable to execute w3af and to perform the scan you
requested.
Please make sure that w3af is installed and that w3af_console is
available in the PATH variable defined for your environment.
icslap (2869/tcp)
Information
w3af could not be found in your system path.
OpenVAS was unable to execute w3af and to perform the scan you
requested.
Please make sure that w3af is installed and that w3af_console is
available in the PATH variable defined for your environment.
general/tcp
Information
Open UDP ports: [None found]
general/SMBClient
Information
The tool
general/tcp
Information
SMB signing is disabled on this host
general/tcp
Information
Here is the route from 192.168.101.105 to
192.168.101.104:
192.168.101.105
192.168.101.104
rtsp (554/tcp)
Information
nmap thinks rtsp is running on this port
http (80/tcp)
Information
wapiti could not be found in your system path.
OpenVAS was unable to execute wapiti and to perform the scan you
requested.
Please make sure that wapiti is installed and that wapiti is
available in the PATH variable defined for your environment.
https (443/tcp)
Information
wapiti could not be found in your system path.
OpenVAS was unable to execute wapiti and to perform the scan you
requested.
Please make sure that wapiti is installed and that wapiti is
available in the PATH variable defined for your environment.
icslap (2869/tcp)
Information
wapiti could not be found in your system path.
OpenVAS was unable to execute wapiti and to perform the scan you
requested.
Please make sure that wapiti is installed and that wapiti is
available in the PATH variable defined for your environment.
ideafarm-chat (902/tcp)
Low
Synopsis :
The remote host appears to be running VMware ESX or GSX Server.
Description :
According to its banner, the remote host appears to be running a VMWare
server authentication daemon, which likely indicates the remote host is
running VMware ESX or GSX Server.
See also :
http://www.vmware.com/
general/tcp
Information
Nikto could not be found in your system path.
OpenVAS was unable to execute Nikto and to perform the scan you
requested.
Please make sure that Nikto is installed and that nikto.pl or nikto is
available in the PATH variable defined for your environment.
general/tcp
Information
Arachni could not be found in your system path.
OpenVAS was unable to execute Arachni and to perform the scan you
requested.
Please make sure that Arachni is installed and that arachni is
available in the PATH variable defined for your environment.
general/tcp
Information
DIRB could not be found in your system path.
OpenVAS was unable to execute DIRB and to perform the scan you
requested.
Please make sure that DIRB is installed and is
available in the PATH variable defined for your environment.
Information about this scan :
Scanner IP : 192.168.101.105
Port scanner(s) : openvas_tcp_scanner
Port range : default
Thorough tests : no
Experimental tests : no
Report Verbosity : 1
Safe checks : yes
Scan Start Date : 2012/10/4 14:17
Scan duration : 597 sec
general/Host_Details
Information
OSWindows 7
Professional 7601 Service Pack 1nvt1.3.6.1.4.1.25623.1.0.102011Extracts
info about the OS through NTLM authentication packets
general/Host_Details
Information
OScpe:/o:microsoft:windowsnvt1.3.6.1.4.1.25623.1.0.102011Extracts
info about the OS through NTLM authentication packets
general/Host_Details
Information
OSHP JetDirectnvt1.3.6.1.4.1.25623.1.0.102002Detects
remote operating system version
general/Host_Details
Information
OScpe:/h:hp:jetdirectnvt1.3.6.1.4.1.25623.1.0.102002Detects
remote operating system version
general/Host_Details
Information
ports443,445,554,135,912,2869,139,902,80nvt1.3.6.1.4.1.25623.1.0.900239Check
Open TCP Ports
rtsp (554/tcp)
Low
This port was detected as being open by a port scanner
but is now closed.
This service might have been crashed by a port scanner or by a plugin
general/Host_Details
Information
tcp_ports443,445,554,135,912,2869,139,902,80nvt1.3.6.1.4.1.25623.1.0.900239Check
Open TCP Ports
IT-Kommando Scan Report