Mike Miller
If you did this particular Nmap scan and got these results back, what conversation would you be having with your IT team? There are major problems here whether or not it's an internal or external scan. #cybersecurity #infosec #nmap
Dec 2, 2022 at 3:15pmWeb
Show threadJ. R. DePriest    :EA DATA. SF:Dec 2, 2022

@mikemillercyber

  • Telnet? Just, no. Nope. Not even once.
  • You're running all those services on the same host which makes it a highly valuable target. Like, compromise one and get five others for free.
  • Many of those services have more secure alternatives, although you could be using redirects or STARTTLS or alternate ports. Run a scan with version detection and scripts enabled against the same ports.
  • Wait. Is that a Windows box? What does an OS identification scan say?
    • Show threadJay Thoden van Velzen โ˜๏ธโ€‹๐Ÿ›ก๏ธโ€‹Dec 2, 2022

    @mikemillercyber out loud: "let us get you into our public cloud landscape, where we have controls in place that prevent this level of exposure, point you to some of our landscape Terraform templates, and re-architect this together for the business use case you're supporting"

    inner-voice: "WTF, people! We have policies, and dev learning, and scan tools, and... ๐Ÿ˜ฑโ€‹๐Ÿ˜ญโ€‹๐Ÿ˜กโ€‹"

    Show threadceolnDec 2, 2022
    @mikemillercyber
    I do have some... other concerns about the image, as well. ๐Ÿ˜„