Re: High severity vulnerability on port 641 - Windows XP
From: nayababy (nayababy.1a3wen_at_pcbanter.net)
Date: 07/28/04
- Previous message: Brad Morris: "Re: Internet access for other user accounts does not work"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 Jul 2004 03:18:02 +0100
Hey,
I recently found this open port when I ran NMap against my machine,
which is also an XP laptop. If you do the ctrl-alt-del to bring up the
task manager, you will probably be able to see a process running called
tgcmd.exe or somethimg like that. This is the executable that is
opening the port.
Basically it is used by some vendors, like Sony, and Comcast, and
others, to provide user/system support. The reason you are getting the
SSL warning is that the communications between your computer and the
service provider is through an SSL session. Unfortunately, I don't
think that you can change the encryption level.
If you connect to the port through your web browser (https:// I originally used telnet to connect to the port (telnet <ip> 641) and
After ending the tgcmd.exe process, I reran the scanner and no longer
TAG
you SHOULD get the warning pop up that the certificate is old, or can't
be verified, or whatever.
when you type HELLO you will get the SSL23 blah blah blah error.
saw a service on that port.
JB wrote:
> *Hi,
>
> I ran a nessus scan to a Win XP laptop and it found the following
> high
> severity vulnerability:
>
> ---------------------------------------
> service: unknown (641/tcp)
> severity:High
> Description:
> The SSLv2 server does not accept strong "US grade" ciphers with 112
> or
> 128 bit long secret keys Nessus only counted 2 weak "export class"
> and
> 0 medium strength
> ciphers.
> Those ciphers only offer a limited protection against a brute force
> attack.
> Solution: update your server certificate and/or upgrade your SSL
> library or server software.
> ---------------------------------------
>
> I don't know what it means. I searched for information about it, but
> I
> haven't found anything concrete. Can someone help me?
>
> Thanks,
> JB *
--
nayababy
------------------------------------------------------------------------
posted via www.PCBanter.net
Relevant Pages
... If SNMP is enabled on the port, the printer status should be Offline when it ... new IP address so the laptop port will fail while the desktop will call into ... Printer: Brother HL-2070N series ... Printer Properties windows are different on the two PCs. ...
(microsoft.public.windows.vista.print_fax_scan)
... its best to use a static IP address if you use port forwarding. ... Can you connect to the laptop using RDP from another PC on the same LAN? ... address in the SMC Router range, ...
(microsoft.public.windowsxp.work_remotely)
... I need to share the main computer's folders with the wirless laptop. ... The wireless laptop connects to the internet through the netwok,but can no longer see or connect to the main computer on the workgroup. ... Linskys insists there is nothing wrong with the network, ... You haven't provided much information to go on, but I suspect that the problemhave to do with the configuration of your firewalls and/or the printer port setup. ...
(microsoft.public.windowsxp.network_web)
... The worrying thing is not just that the firewall picked up on the port ... My friends Vista operated laptop is receiving attempted entries to ports ... beginning are on your own network. ... The siblings all use the same wireless network (Wi-Fi processes found in ...
(Security-Basics)
... You can't do much with the serial port on the laptop, apart from connecting an external dialup modem. ... I have an HP Laserjet 4100N connected to the parallel port of a desktop running Windows 98SE as a local printer and use this one to print from the other computers in the network. ...
(comp.periphs.printers)
