Hello,

I am having multiple websites running on Linux server Under physical load-balancer. But when I scan my websites there are some Vulnerabilities Issue.. Like following are the few example :

"Using a combination of remote probes, (TCP/IP, SMB, HTTP, NTP, SNMP, etc...)
it is possible to guess the name of the remote operating system in use, and
sometimes its version."

The remote host is running one of these operating systems :
Linux Kernel 2.2
Linux Kernel 2.4
Linux Kernel 2.6

Please help to fix this issue...

Thanks is advance...

why did you post it three times?
why did you post it three times?
why did you post it three times?
Have you tried nmap?
Have you tried nmap?
Have you tried nmap?

why did you post it three times? Actually m new user and was not sure.

Yes I have tried nmap. following are the result of namp :

Not shown: 1673 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
623/tcp open unknown
No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi).
TCP/IP fingerprint:
SInfo(V=4.11%P=x86_64-redhat-linux-gnu%D=10/31%Tm=5091908F%O=22%C=1)
TSeq(Class=RI%gcd=1%SI=3841CD%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=3841E5%IPID=Z%TS=1000HZ)
TSeq(Class=RI%gcd=1%SI=3840FB%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=8000%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E K=E%ULEN=134%DAT=E)

When you find yourself in the company of an international audience please write English like it was meant to like "I am a new user" and not use IM-speek. Next to that being new or (feigning) ignorance are no valid reasons for cross-posting as you agreed to play by our rules: the LQ Rules when you signed up for the account.


You didn't:
- include the reason for scanning (not required but its good to know if you go for regulatory compliance, etc)
- include the product used for scanning,
- the scan type or plugin Id,
- its complete description,
- any risk or severity the scanner assigned the scan result,
- any solution(s) suggested by the tool,
- any scan details,
* and I doubt you investigated what the scan actually does or have read the related material (if any).
While OS identification may help an attacker to select OS-specific attacks, the majority of web-based attacks these days are caused by running obsolete software versions in the web stack, lack of preventive measures and proper system and service hardening.

a HOPE that NONE of them are running the very VERY dead 2.2 kernel
nor the just VERY old 2.4 kernel

the 2.6 ??? may or may not be a currently supported Operating system