In order to collect data required to produce this report, a single Sentinel agent program needs to be installed within the managed environment.
Read more about Apteriks distributed architecture.
This report was automatically generated by the Apteriks portal. The following discovery techniques were used:
All discoveries and data collection were done by the Sentinel agent, and the following factors influence the completeness of this report:
VRF | Company ABC |
Network address | 10.55.104.0/25 |
Network Name | WEB hosting segment, DC South |
Network Description | |
Report generation time | 4/26/2024 12:39:22 AM (UTC) |
This chapter highlights IP addresses with the worst Round Trip Time. They were the slowest to reply to the discovery requests. Note that the time is measured between the Sentinel agent that performed the discovery and destination IP addresses.
The average Round Trip Time is 5.2 msec.
The following table provides the list of slowest hosts on the network.
Name | DNS Name | IP Address | Round trip time (ms) |
---|---|---|---|
xps123 | xps123.company.com | 10.55.104.23 | 21 |
xs04 | XS04.company.com | 10.55.104.11 | 7 |
xs3 | xs03.company.com | 10.55.104.10 | 5 |
gateway | gw.company.com | 10.55.104.1 | 2 |
xps124 | xps124.company.com | 10.55.104.24 | 2 |
xps125 | xps125.company.com | 10.55.104.25 | 2 |
xps126 | xps126.company.com | 10.55.104.26 | 2 |
NAA16.company.com | 10.55.104.12 | 1 |
This chapter lists IP addresses with the biggest amount of enabled TCP services. These would typically be the servers in the datacenter, but can also be hosts with a lot of default open TCP ports. Open TCP services can be exploited by malicious users to gain access to a computer. To improve the security, leave only the services that you know are necessary for the operation.
The following table provides the list of most exposed IP addresses on the network.
Name | DNS Name | IP Address | # Services | Enabled TCP Services |
---|---|---|---|---|
xps124 | xps124.company.com | 10.55.104.24 | 7 | 22, 53, 110, 143, 443, 993, 3306 |
xps125 | xps125.company.com | 10.55.104.25 | 6 | 53, 88, 139, 389, 445, 3306 |
xs04 | XS04.company.com | 10.55.104.11 | 5 | 21, 22, 23, 80, 8080 |
xps123 | xps123.company.com | 10.55.104.23 | 5 | 80, 1433, 3389, 5985, 47001 |
xs3 | xs03.company.com | 10.55.104.10 | 4 | 21, 22, 23, 80 |
gateway | gw.company.com | 10.55.104.1 | 2 | 22, 23 |
NAA16.company.com | 10.55.104.12 | 2 | 80, 443 | |
xps126 | xps126.company.com | 10.55.104.26 | 1 | 27017 |
This chapter lists TCP services that are most frequently enabled on scanned network(s).
TCP Service | Enabled on # of IP addresses |
---|---|
22 (ssh), 80 (http) | 4 |
23 (telnet) | 3 |
21 (ftp), 53 (domain), 443 (https), 3306 (mysql) | 2 |
88 (kerberos), 110 (pop3), 139 (netbios-ssn), 143 (imap), 389 (ldap), 445 (microsoft-ds), 993 (imaps), 1433 (ms-sql-s), 3389 (ms-wbt-server), 5985 (wsman), 8080 (http-alt), 27017, 47001 (winrm) | 1 |
This chapter lists IP addresses that lack DNS or administrative names. As a rule, every IP host must have the proper DNS name, especially when it comes to servers.
Out of 9 analyzed IP addresses 1 had naming issues.
The following table provides the list of IP addresses that lack DNS names.
IP Address | Administrative name | # TCP Services |
---|---|---|
10.55.104.13 | caret | 0 |
This chapter shows the distribution of hardware/software vendors detected by the SNMP protocol.
The content of this chapter is determined by the level of SNMP protocol adoption on the network. If SNMP protocol is enabled on the device and credentials are provided during the infrastructure discovery, the device details will be retrieved.
During the discovery 8 device(s) responded to SNMP queries.
There are 1 other device(s) on this network without SNMP support; please enable it and scan the network again in order to derive better conclusions. Note that only SNMPv3 in "authPriv" mode provides the adequate level of security by enforcing proper encryption and authentication.
The following table provides the list of detected device vendors.
Vendor name | Device count |
---|---|
ciscoSystems | 1 |
Juniper Networks, Inc. | 2 |
Network Appliance Corporation | 1 |
Microsoft | 4 |
This chapter shows the inventory details as reported by devices during the scanning.
The content of this chapter is determined by the level of SNMP protocol adoption on the network. If SNMP protocol is enabled on the device and credentials are provided during the infrastructure discovery, the device details will be retrieved.
There are 1 device(s) on this network without SNMP support; please enable it and scan the network again in order to derive better conclusions.
During the discovery, 8 device(s) responded to SNMP queries.
Node | Name | Vendor | System name | System uptime | System description |
---|---|---|---|---|---|
10.55.104.1 | gateway (gw.company.com) | ciscoSystems | NLAMS-R03 | Cisco IOS Software, C2900 Software, Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2018 by Cisco Systems, Inc. | |
10.55.104.10 | xs3 (xs03.company.com) | Juniper Networks, Inc. | NLAMS-XS03 | Juniper Networks, Inc. srx240h2 internet router, kernel JUNOS 11.4R10.3 | |
10.55.104.11 | xs04 (XS04.company.com) | Juniper Networks, Inc. | NLAMS-XS08 | Juniper Networks, Inc. srx240h2 internet router, kernel JUNOS 11.4R10.3 | |
10.55.104.12 | (NAA16.company.com) | Network Appliance Corporation | NLAMS-NAA16 | NetApp Release 8.1.1P1 7-Mode: Tue Aug 21 16:54:20 PDT 2018 | |
10.55.104.23 | xps123 (xps123.company.com) | Microsoft | Server | Hardware: Intel64 Family 6 Model 23 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 6.3 (Build 9600 Multiprocessor Free) | |
10.55.104.24 | xps124 (xps124.company.com) | Microsoft | Server | Hardware: Intel64 Family 6 Model 23 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 6.3 (Build 9600 Multiprocessor Free) | |
10.55.104.25 | xps125 (xps125.company.com) | Microsoft | Server | Hardware: Intel64 Family 6 Model 23 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 6.3 (Build 9600 Multiprocessor Free) | |
10.55.104.26 | xps126 (xps126.company.com) | Microsoft | Server | Hardware: Intel64 Family 6 Model 23 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 6.3 (Build 9600 Multiprocessor Free) |
This chapter shows the list of discovered databases. They are listed based on the assumption that all databases use their default TCP ports.
Database type | Count |
---|---|
Microsoft SQL | 1 |
Oracle | - |
MySQL | 2 |
PostgreSQL | - |
DB2 (pre-version 8) | - |
DB2 (version 8 and later) | - |
MongoDB | 1 |
Sybase | - |
Teradata | - |
TOTAL | 4 |
Microsoft SQL Server is a relational database management system developed by Microsoft.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.23 | xps123 | xps123.company.com |
MySQL is a relational database management system (RDBMS) with open source code; it is the most widely used open-source database.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
2 | 10.55.104.25 | xps125 | xps125.company.com |
MongoDB (from humongous) is a cross-platform document-oriented database. Classified as a NoSQL database, MongoDB eschews the traditional table-based relational database structure in favor of JSON-like documents with dynamic schemas (MongoDB calls the format BSON), making the integration of data in certain types of applications easier and faster. MongoDB is free and open-source software.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.26 | xps126 | xps126.company.com |
This chapter shows the list of discovered Domain Controllers. On Microsoft Servers, a domain controller (DC) is a server that responds to security authentication requests (logging in, checking permissions, etc.) within the Windows Server domain.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
This chapter shows the list of discovered VMware ESXi servers. VMware ESXi (formerly ESX) is an enterprise-class, type-1 hypervisor developed by VMware for deploying and serving virtual computers. ESX runs on bare metal (without running an operating system) unlike other VMware products.
No ESXi servers were detected during the discovery.
This chapter shows the list of discovered file shares. The Common Internet File System (CIFS) is the standard way that computer users share files across corporate intranets and the Internet. An enhanced version of the Microsoft open, cross-platform Server Message Block (SMB) protocol, CIFS is a native file-sharing protocol in Windows and is supported by many other operating systems.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
This chapter shows the list of discovered DNS servers. The most important function of Domain Name System (DNS) servers is the translation (resolution) of human-memorable domain names and hostnames into the corresponding numeric Internet Protocol (IP) addresses.
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
2 | 10.55.104.25 | xps125 | xps125.company.com |
This chapter provides the list of IP addresses that have the configured DNS name, but do not respond to discovery requests.
Typically, there would be two reasons for this situation:
There are 0 IP addresses detected in this category.
This chapter provides the list of all discovered TCP services, giving you the precise operational status of active services.
In total 20 TCP services were discovered on 9 devices.
# | TCP Service | Enabled on # of IP addresses |
---|---|---|
1 | TCP port 21 (ftp) | 2 |
2 | TCP port 22 (ssh) | 4 |
3 | TCP port 23 (telnet) | 3 |
4 | TCP port 53 (domain) | 2 |
5 | TCP port 80 (http) | 4 |
6 | TCP port 88 (kerberos) | 1 |
7 | TCP port 110 (pop3) | 1 |
8 | TCP port 139 (netbios-ssn) | 1 |
9 | TCP port 143 (imap) | 1 |
10 | TCP port 389 (ldap) | 1 |
11 | TCP port 443 (https) | 2 |
12 | TCP port 445 (microsoft-ds) | 1 |
13 | TCP port 993 (imaps) | 1 |
14 | TCP port 1433 (ms-sql-s) | 1 |
15 | TCP port 3306 (mysql) | 2 |
16 | TCP port 3389 (ms-wbt-server) | 1 |
17 | TCP port 5985 (wsman) | 1 |
18 | TCP port 8080 (http-alt) | 1 |
19 | TCP port 27017 | 1 |
20 | TCP port 47001 (winrm) | 1 |
This chapter groups IP addresses by the TCP Service that runs on them. It allows you to see which hosts perform a particular function on your network, putting guesswork aside.
Service description: File Transfer [Control]
More details on the utilization and abuse of port 21
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.10 | xs3 | xs03.company.com |
2 | 10.55.104.11 | xs04 | XS04.company.com |
Service description: The Secure Shell (SSH) Protocol
More details on the utilization and abuse of port 22
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.1 | gateway | gw.company.com |
2 | 10.55.104.10 | xs3 | xs03.company.com |
3 | 10.55.104.11 | xs04 | XS04.company.com |
4 | 10.55.104.24 | xps124 | xps124.company.com |
Service description: Telnet
More details on the utilization and abuse of port 23
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.1 | gateway | gw.company.com |
2 | 10.55.104.10 | xs3 | xs03.company.com |
3 | 10.55.104.11 | xs04 | XS04.company.com |
Service description: Domain Name Server
More details on the utilization and abuse of port 53
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
2 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: World Wide Web HTTP
More details on the utilization and abuse of port 80
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.10 | xs3 | xs03.company.com |
2 | 10.55.104.11 | xs04 | XS04.company.com |
3 | 10.55.104.12 | NAA16.company.com | |
4 | 10.55.104.23 | xps123 | xps123.company.com |
Service description: Kerberos
More details on the utilization and abuse of port 88
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: Post Office Protocol - Version 3
More details on the utilization and abuse of port 110
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
Service description: NETBIOS Session Service
More details on the utilization and abuse of port 139
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: Internet Message Access Protocol
More details on the utilization and abuse of port 143
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
Service description: Lightweight Directory Access Protocol
More details on the utilization and abuse of port 389
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: http protocol over TLS/SSL
More details on the utilization and abuse of port 443
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.12 | NAA16.company.com | |
2 | 10.55.104.24 | xps124 | xps124.company.com |
Service description: Microsoft-DS
More details on the utilization and abuse of port 445
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: imap4 protocol over TLS/SSL
More details on the utilization and abuse of port 993
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
Service description: Microsoft-SQL-Server
More details on the utilization and abuse of port 1433
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.23 | xps123 | xps123.company.com |
Service description: MySQL
More details on the utilization and abuse of port 3306
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.24 | xps124 | xps124.company.com |
2 | 10.55.104.25 | xps125 | xps125.company.com |
Service description: MS WBT Server
More details on the utilization and abuse of port 3389
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.23 | xps123 | xps123.company.com |
Service description: WBEM WS-Management HTTP
More details on the utilization and abuse of port 5985
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.23 | xps123 | xps123.company.com |
Service description: HTTP Alternate (see port 80)
More details on the utilization and abuse of port 8080
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.11 | xs04 | XS04.company.com |
Service description:
More details on the utilization and abuse of port 27017
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.26 | xps126 | xps126.company.com |
Service description: Windows Remote Management Service
More details on the utilization and abuse of port 47001
Devices on which this service is enabled:
# | IP Address | Name | DNS Name |
---|---|---|---|
1 | 10.55.104.23 | xps123 | xps123.company.com |
This chapter provides the list of all discovered IP addresses, along with TCP services that run on them.
Name | DNS Name | IP Address | # TCP Services | Enabled TCP Services |
---|---|---|---|---|
gateway | gw.company.com | 10.55.104.1 | 2 | 22, 23 |
xs3 | xs03.company.com | 10.55.104.10 | 4 | 21, 22, 23, 80 |
xs04 | XS04.company.com | 10.55.104.11 | 5 | 21, 22, 23, 80, 8080 |
NAA16.company.com | 10.55.104.12 | 2 | 80, 443 | |
caret | 10.55.104.13 | 0 | ||
xps123 | xps123.company.com | 10.55.104.23 | 5 | 80, 1433, 3389, 5985, 47001 |
xps124 | xps124.company.com | 10.55.104.24 | 7 | 22, 53, 110, 143, 443, 993, 3306 |
xps125 | xps125.company.com | 10.55.104.25 | 6 | 53, 88, 139, 389, 445, 3306 |
xps126 | xps126.company.com | 10.55.104.26 | 1 | 27017 |