alientm Posted February 21, 2018 Share #1 Posted February 21, 2018 Currently working on DSM 6.1.5-15254 and OpenVas finds me critical vulnerability on port 22. The SSH service is disabled (no checked box at SSH). Any advice why does SSH work when it's off? Quote Link to comment Share on other sites More sharing options...
0 Dfds Posted February 21, 2018 Share #2 Posted February 21, 2018 Have you actually tried it, are you able to access your server via SSH? Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #3 Posted February 22, 2018 Nah, there ain't any vulnerabilities. OpenVas seems flawed to me or is just fooling with you. If port 22 is closed and not activated I don't see how it could be vulnerable. Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #4 Posted February 22, 2018 That's how it looks. I also have DS213 with the same DSM and there SSH is turned off and everything is right - that is, there is no vulnerability or connectivity through SSH. Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #5 Posted February 22, 2018 Are you able to telnet or SSH in the box or not? Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #6 Posted February 22, 2018 However, with SSH disabled, I can not log in through putty (Putty closes itself when trying to login). When I enable SSH - I can log in through putty. Is it possible that port 22 is open for Hyperbackup or folder synchronization (rsync)? Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #7 Posted February 22, 2018 No. Closed is closed. That's why the connection is refused and putty closes. Tell me, where are you running OpenVas from? Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #8 Posted February 22, 2018 22 minutes ago, Polanskiman said: Tell me, where are you running OpenVas from? Can you explain this question to me more? I do not understand them very much (I translate to PL) Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #9 Posted February 22, 2018 You said you are using OpenVas. From where are you running it? Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #10 Posted February 22, 2018 Both Xpenology and OpenVAS operate in LAN (the same subnet). Servers operate on Vmware as virtual machines. OpenVas is the current appilance. Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #11 Posted February 22, 2018 On DSM, I have the rsync service enabled - there is default port 22 selected, maybe this port can be changed? Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #12 Posted February 22, 2018 Since it is editable, yes you can. That is not a vulnerability though. Quote Link to comment Share on other sites More sharing options...
0 Polanskiman Posted February 22, 2018 Share #13 Posted February 22, 2018 Just downloaded OpenVas and installed on VM. I run a few scans on our Synology boxes. Those 'vulnerabilities' were indeed caused by the rsync service being opened although the ssh port was closed. But honestly I wouldn't worry too much about that. If you notice, OpenVas will see vulnerabilities nearly in every single port that DSM has opened.... Quote Link to comment Share on other sites More sharing options...
0 alientm Posted February 22, 2018 Author Share #14 Posted February 22, 2018 Thank you for your help and explanation. I changed the rsync port to another one (the service works correctly), OpenVas no longer shows port 22 vulnerability. On the new port it did not show high vulnerability, only Log: "The service closed the connection after 0 seconds without sending any date It might be protected by some TCP wrapper " Quote Link to comment Share on other sites More sharing options...
Question
alientm
Currently working on DSM 6.1.5-15254 and OpenVas finds me critical vulnerability on port 22.
The SSH service is disabled (no checked box at SSH).
Any advice why does SSH work when it's off?
Link to comment
Share on other sites
13 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.