• 0
alientm

DSM 6.1.5-15254 (OpenSSH Multiple Vulnerabilities)

Question

Currently working on DSM 6.1.5-15254 and OpenVas finds me critical vulnerability on port 22.
The SSH service is disabled (no checked box at SSH).

Any advice why does SSH work when it's off?

Share this post


Link to post
Share on other sites

13 answers to this question

Recommended Posts

  • 0

Have you actually tried it, are you able to access your server via SSH?

Share this post


Link to post
Share on other sites
  • 0

Nah, there ain't any vulnerabilities. OpenVas seems flawed to me or is just fooling with you. If port 22 is closed and not activated I don't see how it could be vulnerable.

Share this post


Link to post
Share on other sites
  • 0

That's how it looks. I also have DS213 with the same DSM and there SSH is turned off and everything is right - that is, there is no vulnerability or connectivity through SSH.

syno.PNG

Share this post


Link to post
Share on other sites
  • 0

However, with SSH disabled, I can not log in through putty (Putty closes itself when trying to login). When I enable SSH - I can log in through putty. 

 

Is it possible that port 22 is open for Hyperbackup or folder synchronization (rsync)?

Share this post


Link to post
Share on other sites
  • 0

No. Closed is closed. That's why the connection is refused and putty closes.

Tell me, where are you running OpenVas from?

Share this post


Link to post
Share on other sites
  • 0
22 minutes ago, Polanskiman said:

Tell me, where are you running OpenVas from?

 

Can you explain this question to me more?
I do not understand them very much (I translate to PL)

Share this post


Link to post
Share on other sites
  • 0

Both Xpenology and OpenVAS operate in LAN (the same subnet). Servers operate on Vmware as virtual machines. OpenVas is the current appilance.

openvas.png

Share this post


Link to post
Share on other sites
  • 0

On DSM, I have the rsync service enabled - there is default port 22 selected, maybe this port can be changed?

rsync.PNG

Share this post


Link to post
Share on other sites
  • 0

Just downloaded OpenVas and installed on VM. I run a few scans on our Synology boxes. Those 'vulnerabilities' were indeed caused by the rsync service being opened although the ssh port was closed. But honestly I wouldn't worry too much about that. If you notice, OpenVas will see vulnerabilities nearly in every single port that DSM has opened....

Share this post


Link to post
Share on other sites
  • 0

Thank you for your help and explanation.
I changed the rsync port to another one (the service works correctly), OpenVas no longer shows port 22 vulnerability. On the new port it did not show high vulnerability, only Log:

 

"The service closed the connection after 0 seconds without sending any date
It might be protected by some TCP wrapper "

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now