Desktop Security Audit (Sample)
| Report ID | 3 |
| View Created On: | Jan 1, 1970 00:00 GMT |
| Host Address(es): | X.X.X.X |
Report Contents
 |
1. Risk Classification Summary
2. Vulnerability Category Summary
3. Vulnerability Title Summary
4. Vulnerability Details
5. Open Ports
Appendix A: Risk Definitions
2. Vulnerability Category Summary
3. Vulnerability Title Summary
4. Vulnerability Details
5. Open Ports
Appendix A: Risk Definitions
1. Risk Classification Summary
|
Vulnerabilities are classified according to the risk they present to the network/host on which they are found. The following chart summarizes how the 0 different issues we found are spread across the different risk classes.
For a detailed explanation of how vulnerabilities are classified, see Appendix A: Risk Definitions
2. Vulnerability Category Summary
|
The vulnerability category summary shows how the various issues that were reported are distributed across the different test categories.
| Category | High | Med | Low | Other |
| Denial of Service | ||||
| Windows | ||||
| Backdoors | ||||
| Misc. | ||||
| Windows : User management | ||||
| Firewalls | ||||
| Totals: | 0 | 0 | 0 | 0 |
3. Vulnerability Title Summary
|
4. Vulnerability Details
|
5. Open Ports - X.X.X.X
|
| Port | Protocol | Probable Service |
|
| ||
| 135 | TCP | loc-srv |
|
Defined as a "Location Service" in RFC1060, pre-SP3 versions
of Windows NT were susceptible to a denial of service attack
on this port that would cause NT's rpcss.exe process to consume
all available CPU cycles. The (easiest) recovery from this
attack is to reboot your machine.
You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 135 is not visible from the internet c) configure your router to block port 135; d) Install one of several monitoring packages on your PC that block this denial of service. | ||
| 139 | TCP | netbios-ssn |
|
Port 139 is used on Windows machines for NetBios name resolution,
WINS, etc. A problem with older unpatched versions of Windows is that
they are susceptible to receipt of Out-Of-Band (OOB) data. This means
that someone can remotely send you OOB data on port 139 and can cause
numerous problems on your machine, including but not limited to
machine lockups, blue screens, loss of internet connection.
You should do one of several things: a) upgrade/patch your operating system to make sure it is not susceptible to this attack; b) firewall your system so that port 139 is not visible from the internet c) configure your router to block port 139; d) Install one of several monitoring packages on your PC that block this denial of service. | ||
| ||
| Number of open ports found by port scan:2 | ||
Appendix A: Risk Definitions
|
Users should note that test classifications are subjective, although we do our best to make appropriate classifications. If you spot an inconsistency, please let us know so that we can make the appropriate corrections.
AppendixB: CVE Versioning
|
CVE identifiers, an industry standard way of identifying tests, are maintained by Mitre. The current mapping of CVE/CAN identifiers to Test IDs is based on CVE Version Number 20240625, and CAN Version Number 20240625. These were verified on April 2, 2025 as being the latest available.