Security Scan of TrueNAS 11.2U8.1
This report is relevant to a default install of TrueNAS 11.2-U8.1. As services are enabled, they must be properly configured to prevent introducing any additional threat vectors. Follow industry best practices and the TrueNAS User Guide. If assistance is needed to do so, contact the iXsystems Support Team. If in the course of a security audit you note alerts that are not listed below, contact the iXsystems Support Team for assistance.
- Critical Severity Alerts: 0
- High Severity Alerts: 0
- Medium Severity Alerts: 0
- Low Severity Alerts: 0
- Information Alerts: 25
Nessus ID 66717 - mDNS Detection (Local Network) Synopsis : It is possible to obtain information about the remote host.
Solution: mDNS can be disabled in TrueNAS on a per-service basis. The ability to control these globally is included in TrueNAS 12.0. If this is a concern in your operating environment, contact the iXsystems Support Team for assistance. Jira Tickets:
- Middleware: https://jira.ixsystems.com/browse/NAS-102430
- WebUI: https://jira.ixsystems.com/browse/NAS-104714
Nessus ID 10114 - ICMP Timestamp Request Remote Date Disclosure Synopsis : It is possible to determine the exact time set on the remote host.
The difference between the local and remote clocks is -5 seconds.
If this is a concern in your operating environment, contact the iXsystems Support Team for assistance.
The following five alerts are false flags that you could see during an automated security scan.
Nessus ID 45590 - Common Platform Enumeration (CPE) Synopsis: It was possible to enumerate CPE names that matched on the remote system.
Response:
The remote operating system matched the following CPE : cpe:/o:microsoft:windows_vista
Nessus ID 54615 - Device Type Synopsis: It is possible to guess the remote device type.
Response:
Remote device type : general-purpose Confidence level : 65
Nessus ID 11936 - OS Identification Synopsis: It is possible to guess the remote operating system.
Response:
Remote operating system : Microsoft Windows Vista Confidence level : 65
Nessus ID 10386 - Web Server No 404 Error Code Check Synopsis : The remote web server does not return 404 error codes.
Ports 80, 443
All invalid URLS are redirected to the signin page.
Nessus ID 10884 - Network Time Protocol (NTP) Server Detection Synopsis : An NTP server is listening on the remote host.
TrueNAS is configured by default to use the following ntp servers: 0.freebsd.pool.ntp.org 1.freebsd.pool.ntp.org 2.freebsd.pool.ntp.org ntpd does not distinguish between “client” and “server”. Every ntpd service thinks of itself as a server and allows access from different clients. By default, TrueNAS does not respond to ntpq(8) requests because of the noquery flag in /etc/ntp.conf.
The remaining alerts are items that can be flagged as a security vulnerability by automated security scans, but are not vulnerabilities. For example, one of the alerts below flags that we are using an nginx web server. TrueNAS uses a web server to provide a User Interface for system configuration. This is a normal part of TrueNAS operation. Our nginx server is current and contains all the latest security patches. If you have more specific security concerns regarding any of these alerts, please contact the iXsystems Support Team.
Nessus ID 35716 - Ethernet Card Manufacturer Detection Synopsis: The manufacturer can be identified from the Ethernet OUI.
Nessus ID 86420 - Ethernet MAC Addresses Synopsis : This plugin gathers MAC addresses from various sources and consolidates them into a list.
Nessus ID 10107 - HTTP Server Type and Version Synopsis : A web server is running on the remote host.
Ports 80, 6000
Nessus ID 24260 - HyperText Transfer Protocol (HTTP) Information Synopsis : Some information about the remote HTTP configuration can be extracted.
Ports 80, 6000
Nessus ID 11219 - Nessus SYN scanner Synopsis : It is possible to determine which TCP ports are open.
Ports 80, 6000, 8000
Nessus ID 22964 - Service Detection Synopsis : The remote service could be identified.
tcp/80 : A web server is running on this port. tcp/6000 : A web server is running on this port. tcp/8000 : A web server is running on this port.
Nessus ID 106375 - nginx HTTP Server Detection Synopsis : The nginx HTTP server was detected on the remote host.
Ports 80, 443
Nessus ID 10287 - Traceroute Information Synopsis : It was possible to obtain traceroute information.
Nessus ID 122364 - Python Remote HTTP Detection Synopsis : Python is running on the remote host.
Nessus ID 25220 - TCP/IP Timestamps Supported Synopsis: The remote service implements TCP timestamps.
Nessus ID 19506 - Nessus Scan Information Synopsis : This plugin displays information about the Nessus scan..
Information about this scan : Nessus version : 8.10.0 Plugin feed version : 202003251800
Back to CORE Archive