The Open Ports risk vector observes ports that are exposed to the Internet. While certain ports must be open to support normal business functions and few companies will actually have no ports open, the fewer ports that are exposed to the Internet, the fewer openings there are for attack.
If you have several Network Address Translation (NAT) and Port Address Translation (PAT) zones among your findings, the source port for the IP address can help find the actual hosts.
Finding Details
The details include the data in Findings, Diligence details, and also the following information:
Field | Description |
---|---|
❖ Destination Port | The number of the destination port identified in the finding. In Open Ports, it is the port associated with the service observed. |
Details | Details about the finding. |
❖ Final Location | URL where headers were observed. |
Issue | A summary of the finding. |
❖ Product | The product or service observed on the port. |
❖Remediation Instructions | How to resolve a negative finding. See how to verify that an Open Port finding has been remediated. |
Server | The type of server using the port. |
Status | The status code that indicates if the server was able to process the request sent by the client. |
Title | The title of the webpage. |
❖ Transport Method | The transmission protocol (TCP or UDP) used in the connection. |
❖ This field can be included in the table from the Customize Columns option.
- January 18, 2024: Findings page navigation by application.
- October 2, 2023: Added Final Location customizable column.
- October 18, 2021: Added customizable columns.
Feedback
0 comments
Please sign in to leave a comment.