Discussion:
"An unknown service"
(too old to reply)
Ben Picken
2018-05-11 04:03:32 UTC
Permalink
Hello,

The following service is R1Soft backup system:

1167/tcp
*Log* (CVSS: 0.0)
NVT: Unknown OS and Service Banner Reporting (OID:
1.3.6.1.4.1.25623.1.0.108441)
*Summary*

This NVT consolidates and reports the information collected by the
following NVTs:

- Collect banner of unknown services (OID: 1.3.6.1.4.1.25623.1.0.11154)

- Service Detection with nmap (OID: 1.3.6.1.4.1.25623.1.0.66286)

- OS Detection Consolidation and Reporting (OID:
1.3.6.1.4.1.25623.1.0.105937)

If you know any of the information reported here, please send the full
output to openvas-***@wald.intevation.org.

*Vulnerability Detection Result*

An unknown service is running on this port. If you know this service, please report the following information to openvas-***@wald.intevation.org:

Method: get_httpHex

0x0000: 00 00 01 2E 52 AB 02 0A 14 08 A3 80 04 10 01 18 ....R...........
0x0010: 00 20 00 2A 08 4E 4F 54 46 4F 55 4E 44 10 00 1A . .*.NOTFOUND...
0x0020: 90 02 2D 2D 2D 2D 2D 42 45 47 49 4E 20 50 55 42 ..-----BEGIN PUB
0x0030: 4C 49 43 20 4B 45 59 2D 2D 2D 2D 2D 0A 4D 49 47 LIC KEY-----.MIG
0x0040: 66 4D 41 30 47 43 53 71 47 53 49 62 33 44 51 45 fMA0GCSqGSIb3DQE
0x0050: 42 41 51 55 41 41 34 47 4E 41 44 43 42 69 51 4B BAQUAA4GNADCBiQK
0x0060: 42 67 51 44 32 78 57 72 31 58 64 5A 36 45 69 76 BgQD2xWr1XdZ6Eiv
0x0070: 56 64 35 47 46 4C 67 36 7A 35 49 4F 6F 0A 4A 78 Vd5GFLg6z5IOo.Jx
0x0080: 59 56 6B 35 6F 75 7A 6C 71 77 6E 66 42 63 46 77 YVk5ouzlqwnfBcFw
0x0090: 6D 38 75 49 67 42 76 72 6F 31 33 56 56 79 6E 63 m8uIgBvro13VVync
0x00A0: 5A 46 31 56 4D 70 58 72 6F 71 30 53 6F 64 2B 68 ZF1VMpXroq0Sod+h
0x00B0: 53 71 59 6D 67 62 58 5A 44 31 4D 54 38 33 0A 77 SqYmgbXZD1MT83.w
0x00C0: 5A 64 39 37 6B 72 38 76 31 74 45 78 4E 50 38 66 Zd97kr8v1tExNP8f
0x00D0: 6D 38 64 43 34 70 41 6A 69 39 75 42 7A 34 74 56 m8dC4pAji9uBz4tV
0x00E0: 41 54 72 61 67 54 75 4A 63 51 52 36 5A 76 6A 58 ATragTuJcQR6ZvjX
0x00F0: 48 52 57 4C 59 48 6E 65 4F 44 31 51 34 39 33 0A HRWLYHneOD1Q493.
0x0100: 6F 51 43 54 6A 31 38 41 6D 4F 43 6D 44 77 38 2B oQCTj18AmOCmDw8+
0x0110: 38 77 49 44 41 51 41 42 0A 2D 2D 2D 2D 2D 45 4E 8wIDAQAB.-----EN
0x0120: 44 20 50 55 42 4C 49 43 20 4B 45 59 2D 2D 2D 2D D PUBLIC KEY----
0x0130: 2D 0A -.


Nmap service detection result for this port: cisco-ipsla

This is a guess. A confident identification of the service was not possible.

Hint: If you're running a recent nmap version try to run nmap with the following command: 'nmap -sV -Pn -p 1167 82.145.60.155' and submit a possible collected fingerprint to the nmap database.

*Log Method*

Details: Unknown OS and Service Banner Reporting (OID:
1.3.6.1.4.1.25623.1.0.108441)

Version used: $Revision: 9701 $


Best Regards,

Ben Picken
Christian Fischer
2018-05-16 14:05:14 UTC
Permalink
Hi,

and thanks for providing this information. A detection for this service
was added to the following NVT:

Name: Service Detection with 'GET' Request
OID: 1.3.6.1.4.1.25623.1.0.17975

Once this NVT reaches the feed in Revision r9871 the service should be
detected.

Regards,
Post by Ben Picken
Hello,
1167/tcp
*Log* (CVSS: 0.0)
1.3.6.1.4.1.25623.1.0.108441)
*Summary*
This NVT consolidates and reports the information collected by the
- Collect banner of unknown services (OID: 1.3.6.1.4.1.25623.1.0.11154)
- Service Detection with nmap (OID: 1.3.6.1.4.1.25623.1.0.66286)
1.3.6.1.4.1.25623.1.0.105937)
If you know any of the information reported here, please send the full
*Vulnerability Detection Result*
An unknown service is running on this port. If you know this service,
please report the following information to
Method: get_httpHex
0x0000:  00 00 01 2E 52 AB 02 0A 14 08 A3 80 04 10 01 18   
....R...........
0x0010:  00 20 00 2A 08 4E 4F 54 46 4F 55 4E 44 10 00 1A    .
.*.NOTFOUND...
0x0020:  90 02 2D 2D 2D 2D 2D 42 45 47 49 4E 20 50 55 42    ..-----BEGIN
PUB
0x0030:  4C 49 43 20 4B 45 59 2D 2D 2D 2D 2D 0A 4D 49 47    LIC
KEY-----.MIG
0x0040:  66 4D 41 30 47 43 53 71 47 53 49 62 33 44 51 45   
fMA0GCSqGSIb3DQE
0x0050:  42 41 51 55 41 41 34 47 4E 41 44 43 42 69 51 4B   
BAQUAA4GNADCBiQK
0x0060:  42 67 51 44 32 78 57 72 31 58 64 5A 36 45 69 76   
BgQD2xWr1XdZ6Eiv
0x0070:  56 64 35 47 46 4C 67 36 7A 35 49 4F 6F 0A 4A 78   
Vd5GFLg6z5IOo.Jx
0x0080:  59 56 6B 35 6F 75 7A 6C 71 77 6E 66 42 63 46 77   
YVk5ouzlqwnfBcFw
0x0090:  6D 38 75 49 67 42 76 72 6F 31 33 56 56 79 6E 63   
m8uIgBvro13VVync
0x00A0:  5A 46 31 56 4D 70 58 72 6F 71 30 53 6F 64 2B 68   
ZF1VMpXroq0Sod+h
0x00B0:  53 71 59 6D 67 62 58 5A 44 31 4D 54 38 33 0A 77   
SqYmgbXZD1MT83.w
0x00C0:  5A 64 39 37 6B 72 38 76 31 74 45 78 4E 50 38 66   
Zd97kr8v1tExNP8f
0x00D0:  6D 38 64 43 34 70 41 6A 69 39 75 42 7A 34 74 56   
m8dC4pAji9uBz4tV
0x00E0:  41 54 72 61 67 54 75 4A 63 51 52 36 5A 76 6A 58   
ATragTuJcQR6ZvjX
0x00F0:  48 52 57 4C 59 48 6E 65 4F 44 31 51 34 39 33 0A   
HRWLYHneOD1Q493.
0x0100:  6F 51 43 54 6A 31 38 41 6D 4F 43 6D 44 77 38 2B   
oQCTj18AmOCmDw8+
0x0110:  38 77 49 44 41 51 41 42 0A 2D 2D 2D 2D 2D 45 4E   
8wIDAQAB.-----EN
0x0120:  44 20 50 55 42 4C 49 43 20 4B 45 59 2D 2D 2D 2D    D PUBLIC
KEY----
0x0130:  2D 0A                                              -.
Nmap service detection result for this port: cisco-ipsla
This is a guess. A confident identification of the service was not possible.
Hint: If you're running a recent nmap version try to run nmap with the
following command: 'nmap -sV -Pn -p 1167 82.145.60.155' and submit a
possible collected fingerprint to the nmap database.
*Log Method*
1.3.6.1.4.1.25623.1.0.108441)
Version used: $Revision: 9701 $
Best Regards,
Ben Picken
--
Christian Fischer | PGP Key: 0x54F3CE5B76C597AD
Greenbone Networks GmbH | http://greenbone.net
Neumarkt 12, 49074 Osnabrück, Germany | AG Osnabrück, HR B 202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
Loading...