Hi,
Have setup Nessus scanning in an instance, to meet a contractual obligation to do authorised scans of a few clients' external IPs. Although itlooks like it's working, in fact it's missing three items that an identically configured box on DigitalOcean finds.
Wondering if (a) there's some relevant checking/filtering on outward traffic, and (b) if so, if there's and interface or process to have this turned off.
Yes, I'm aware that"you need to notify Windows Azure customer support if you intend to run vulnerability scanning or penetration testing on your application deployed to Windows Azure..." - but I'm going outward from Azure.
- TIA!
In case it's relevant, here are the three issues missed:
- The Microsoft Exchange Client Access Server (CAS) is affected by an information disclosure vulnerability. A remote, unauthenticated attacker can exploit this vulnerability to learn the server's internal IP address.
- The remote host contains a flaw in the handling of SSL version 3 (SSLv3) and TLS (Transport Layer Security) protocols. An attacker can inject specially crafted content into an SSL/TLS session, which could allow an attacker to bypass security features of SSLv3 and TLS protocols in order to intercept communications.
- The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or
decrypt communications between the affected service and clients.