It gets scanned by Verizon - they use a pretty good tool for it, so I'm pretty
sure it's not made up.
I just personally don't know much about the server, as it's not my primary
responsibility.
>From what I thought I sent, it sounds like MS' own X-Windows that's the
>problem.
I followed the link in the vulnerability alert (below), and mention of the X
server brought me to X-Org. If I am in the wrong place, please let me know.
Nessus Plugins
Nessus Plugins
Synopsis : The remote X server accepts TCP connections. Description : The
remote X server accepts remote TCP connections. It is possible for an attacker
to grab a screenshot of the remote host.
View on www.tenable.com Preview by Yahoo
________________________________
From: Alan Coopersmith <[email protected]>
To: Duane Fish <[email protected]>
Cc: "[email protected]" <[email protected]>
Sent: Tuesday, September 23, 2014 6:05 PM
Subject: Re: CVE-1999-0526 Vulnerbility on W2k8 R2
On 09/23/14 03:59 PM, Duane Fish wrote:
> Did this help at all?
Nope - as best we can tell, this is still the most likely answer:
> And if you can't find any signs of any of those programs, then it's most
> likely
> a false alarm from your auditor or vulnerability scanner, when they can't
> figure
> out what software is listening on port 6000, and just make up answers to look
> useful when they're not.
On the other hand, if you don't know what software is running on your systems,
you have a bigger security problem than any scanner can help with.
--
-Alan Coopersmith- [email protected]
Oracle Solaris Engineering - http://blogs.oracle.com/alanc_______________________________________________
[email protected]: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: %(user_address)s
