Loading...

Open DNS Resolver, NTP Modes 6 & 7, SNMP, Chargen, QOTD, NetBIOS, SSDP and LDAP Services

These Open Services are accessible to anyone on the internet and are responding to queries.

THE RISK: The vulnerabilities of these Open Services can be exploited by a remote user to use your internet connection to anonymously attack other devices or sites and servers across the internet

Open LDAP (TCP) Service

The Open LDAP (TCP) Service is running on port 389/TCP and is accessible to anyone on the internet.

THE RISK: Hosts running LDAP using port 389/TCP are often Active Directory services. The data disclosed by the server resides on, making it vulnerable to attack.

Open Cisco Smart Install Service

The Open Cisco Smart Install Service is running and accessible to anyone on the internet.

 

THE RISK: This service doesn’t require authentication and could allow a remote user to obtain a copy of your device’s configuration file and upload an altered version or malicious software.

Open SMB Service

The Open SERVER Message Block (SMB) Service is running on port 445/TCP and is accessible to anyone on the internet.

 

THE RISK: The SMB protocol is not protected and can be accessed openly by anyone to obtain stored files and sensitive information, resulting in vulnerability to brute force attacks, multiple exploits and/or the disclosure of confidential information.

Open VNC Service

The Open Virtual Network Computing (VNC) Service is a graphical desktop sharing system running on port 5900/TCP and is accessible to anyone on the internet.

 

THE RISK: VNC doesn’t utilize encryption and, if configured improperly, can potentially disclose sensitive information or unknowingly provide remote access to your system.

Open XDMCP Service

The X Display Manager (XDMCP) Service is running and accessible to anyone on the internet.

 

THE RISK: Using this service poses a risk of disclosing sensitive information or unknowingly providing remote access to your system.

Open mDNS Service

In computer networking, the multicast Domain Name System (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.

 

THE RISK: Devices using mDNS could potentially respond to malicious queries outside a local network and inadvertently facilitate a large-scale Denial of Service attack.

Open Portmapper Service

The Open Portmapper Service is running and accessible to anyone on the internet.

 

THE RISK: Devices using the service are at risk of being used in an attack and/or disclosing large amounts of information about the system using Portmapper.

Open Elasticsearch Service

The Open Elasticsearch Service is running and accessible to anyone on the internet.

 

THE RISK: Elasticsearch doesn’t support authentication, so remote users could potentially access Elasticsearch and gain control of the service, putting your information at risk of being disclosed.

Open MongoDB Service

The Open MongoDB Service (MongoDB NoSQL database) is running and accessible to anyone on the internet.

 

THE RISK: Authentication is not enabled, which can pose a risk of unwanted remote access for malicious users and potential data breaches.

Open MS-SQL Server Resolution Service

The Open MS-SQL Server Resolution Service is running and accessible to anyone on the internet.

 

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

Open Redis Service

The Open Redis Service (Redis key-value store) is running and accessible to anyone on the internet.

 

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

Open NAT-PMP Service

The Open NAT Port Mapping Protocol (PMP) Service is running and accessible to anyone on the internet.

 

THE RISK: This service has the potential to expose information about your network.

Open IPMI Service

The Open Intelligent Platform Management Interface (IPMI) Service is running on port 623/UDP and is accessible to anyone on the internet.

 

THE RISK: Devices with IPMI exposed have the potential to be compromised at the Baseboard Management Controller (BMC) level.

Open Telnet Service

The Open Telnet Service is running on port 23/TCP and is accessible to anyone on the internet.

 

THE RISK: Due to a lack of encryption, Telnet traffic can be intercepted. Open Telnet ports can also be exploited by malware, potentially resulting in initiating Denial of Service attacks, the extracting or destroying of information and more.

Open RDP Service

The Open Remote Desktop Protocol (RDP) Service is running and accessible to anyone on the internet.

 

THE RISK: If you use this service, misconfiguration can put your computer or network at risk of being accessed remotely for information gathering.

Open TFTP Service

The Open TFTP Service is running and accessible to anyone on the internet.

 

THE RISK: This service has no access control mechanisms, which may result in being accessed remotely to retrieve sensitive information or be used in attacks.

Open Apple Remote Desktop Service

The Open Apple Remote Desktop Service is running on port 3283/UDP and is accessible to anyone on the internet.

 

THE RISK: This service’s vulnerabilities could be exploited by external users to be used in attacks or to leak information about the system it’s running on.

Open FTP Service

The Open File Transfer Protocol (FTP) Service is running on port 21/TCP and is accessible to anyone on the internet.

 

THE RISK: This service provides no encryption (unless you’re using FTPS), so sensitive information or system credentials could potentially be exposed. Devices using the service are also at risk of being used in UDP amplification attacks.

Open Hadoop Service

The Open Hadoop Service is running and have either the NameNode or DataNode web interfaces running. They are accessible to anyone on the internet.

 

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed.

Open DB2 Discovery Service

The Open DB2 Discovery Service is running and accessible to anyone on the internet.

 

THE RISK: Using this service puts you at risk of potentially having your sensitive information exposed and used in attacks.

Open Ubiquiti Discovery Service

The Open Ubiquiti Discovery Service is running and accessible to anyone on the internet.

 

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed and used in a UDP amplification attack.

What do I do if my service is open to the internet and is responding to queries?

If you use an open service and your device is behaving strangely or showing signs of an exploitable vulnerability, try the following:

 

  • If you have the expertise, disable the Open Service or restrict access to only trusted IP addresses on your device.
  • If you’re unable to complete the above, or if you’ve completed the above but your device is still acting strangely, bring it to a third-party computer repair technician to solve the problem.