Okay.. what do you think..
I keep getting these emails from ibank@barklys.co.uk asking me to put my banking info. into their website :angry: Take a look at the page: http://leclubtricolore.co.uk/www.barclays.co.uk/ibank.barclays.co.uk/olb/x/LoginMember.do/
I have taken a vunerability scan of the website..
*64.91.226.62 resolves as host1.hostingseries35.net.
Port 53:
A DNS server is running on this port.
The remote name server could be fingerprinted as being one of the following : ISC BIND 9.2.1 ISC BIND 9.2.2
postgresql (5432/tcp): The remote PostgreSQL server might be vulnerable to various flaws which may allow an attacker who has the rights to query the remote database to obtain a shell on this host. [NOTE:Nessus was not able to remotely determine the version of the remote PostgreSQL server, so this might be a false positive]
https (443/tcp): Port is open A SSLv2 server answered on this port A web server is running on this port through SSL The remote service encrypts traffic using a protocol with known weaknesses. [SSL 2.0]
domain (53/tcp) The remote BIND 9 DNS server, according to its version number, is vulnerable to a buffer overflow which may allow an attacker to gain a shell on this host or to disable this server. .. The remote host is running BIND, an open-source DNS server. It is possible to extract the version number of the remote installation by sending a special DNS request for the text 'version.bind' in the domain 'chaos'. *
Thats just a tiny bit of the scan.. ** what do ppl recon i should do..?**
A. Try to take it down B. do nothing C. Send scan results to the server admin