List of the tested hosts :

• 140.105.55.155(Security holes found)

List of open ports :

• sunrpc (111/tcp)
• printer (515/tcp)
• unknown (1024/tcp)
• x11 (6000/tcp) (Security hole found)
• general/tcp (Security hole found)
• general/udp (Security notes found)
• general/icmp (Security warnings found)

Vulnerability found on port x11 (6000/tcp)

This X server accepts clients from anywhere. This
allows a cracker to connect to it and record any of your keystrokes
Here is the server type :

Silicon Graphics

Solution : use xauth or MIT cookies to restrict the access to this server
Risk factor : High
CVE : CVE-1999-0526

Vulnerability found on port general/tcp

The TCP sequence numbers of the remote host are
always incremented by 64000, so they can be
guessed rather easily. A cracker may use
this flaw to spoof TCP connections easily.

Solution : contact your vendor for a patch
Risk factor : High

Warning found on port general/tcp

The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.

An attacker may use this feature to determine if the remote
host sent a packet in reply to another request. This may be
used for portscanning and other things.

Solution : Contact your vendor for a patch
Risk factor : Low

Information found on port general/tcp

Nmap found that this host is running IRIX 6.2 - 6.5

Information found on port general/udp

For your information, here is the traceroute to 140.105.55.155 :
140.105.55.155

Warning found on port general/icmp

The remote host answers to an ICMP timestamp
request. This allows an attacker to know the
date which is set on your machine.

This may help him to defeat all your
time based authentifications protocols.

Solution : filter out the icmp timestamp
requests (13), and the outgoing icmp
timestamp replies (14).

Risk factor : Low
CVE : CAN-1999-0524