Scanning for Vulnerabilities
iWeb performs regular scans for some specific vulnerabilities to provide a safe and secure place for our customers to do business. Internal reports are generated detailing which IP addresses are vulnerable to which vulnerability. This information is kept internal to the iWeb Abuse and Security Management department only. Customers are alerted if their resources are vulnerable through our abuse ticketing system via email from firstname.lastname@example.org.
Which vulnerabilities are iWeb scanning for?
iWeb performs a scan for the following vulnerabilities on a regular basis (subject to change without notice):
- SSL Heartbleed
- Ports: TCP:25, TCP:443, TCP:2087, TCP:8443
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
- NTP Monlist
- Ports: UDP:123
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
- Open Recursive DNS
- Ports: UDP:53
- Reference: http://www.ietf.org/rfc/rfc5358.txt
- Supermicro BMC
- Ports: TCP:49152
- Reference: http://www.supermicro.com/support/faqs/faq.cfm?faq=16536
In addition to these routine scans iWeb may also, at its discretion, use vulnerability scanners and other technologies to discover and assess any host connected to iWeb's network for vulnerabilities that may exist. Customers that may be affected will be alerted on an as-needed basis.
You may block subsequent scans by using packet filtering firewall on your server or by contacting support at https://account.iweb.com/ to request that your IP addresses be excluded from these regular scans. The source IP address(es) of these routine scans are not published but can be provided upon request.