List by domains - high and medium first

• .16
• .162
• .216
• .59
• .60 and .61

Green - checked as gone on 2015/07/02.

.16

Node	Owner/Admin	HIGH	MEDIUM	LOW (easy)
130-199-16-213.dhcp.bnl.gov	Chakaberia, Irakli/Poat, Michael	(CIFS) At least one improperly configured Windows service may have a privilege escalation vulnerability.		An X11 server is listening on the remote host
SteveV.star.bnl.gov	Valentino, Stephen/Poat, Michael	(CIFS) At least one improperly configured Windows service may have a privilege escalation vulnerability.
tcamarda.star.bnl.gov	Camarda, Timothy	(CIFS) The remote Windows host has a code execution vulnerability.  Product : Visual Basic 6.0 Runtime		The SSL certificate for this service is for a different host. The commonName (CN) of the SSL certificate presented on this service is for a different machine.
130-199-16-254.dhcp.bnl.gov	Smirnov, Dmitri		(MDNS) It is possible to obtain information about the remote host. The remote service understands the Bonjour (also known as ZeroConf or mDNS) protocol, which allows anyone to uncover information from the remote host such as its operating system type and exact version, its hostname, and the list of services it is running.	An X11 server is listening on the remote host

.162

Only one low on 130-199-162-247.dhcp.bnl.gov (Wayne).

.216

We have no nodes appearing on this subnet (though, the scanner assigns it to group=STAR).

.59

All of our DB nodes on this domain are A-OK at the moment.

.60 and .61

Node	Owner/Admin	HIGH	MEDIUM	LOW
nplat-s60.starp.bnl.gov	Poat, Michael/Betts, Wayne		(WWW) The remote host allows SSL/TLS connections with one or more Diffie-Hellman moduli less than or equal to 1024 bits (Comment: usual allowed cypher issue) + The remote service encrypts traffic using a protocol with known weaknesses + The remote service supports the use of the RC4 cipher.	(WWW) The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
east-s60.starp.bnl.gov	Poat, Michael/Betts, Wayne		(same)
west-s60.starp.bnl.gov	Poat, Michael/Betts, Wayne		(same)	(same)
splat-s60.starp.bnl.gov	Poat, Michael/Betts, Wayne		(same)
splat-s60-2.starp.bnl.gov	Poat, Michael/Betts, Wayne		(same) + It is possible to obtain sensitive information from the remote host with SSL/TLS-enabled services  (poodle)
tofnps1.starp.bnl.gov	Llope, William/Betts, Wayne		(TELNET) The remote Telnet server transmits traffic in cleartext. Disable the Telnet service and use SSH instead.
cleanroom-sw.starp.bnl.gov	Betts, Wayne		(same)
eemccanpower.starp.bnl.gov	De Silva, Lindamulage		(same)
starvoltmeter1.starp.bnl.gov	Thomas, Jim/Betts, Wayne		(same)
tof-hv.starp.bnl.gov	Llope, William/Betts, Wayne		(same)
tofnps2.starp.bnl.gov	Llope, William/Betts, Wayne		(same)
tofunps.starp.bnl.gov	Llope, William/Betts, Wayne		(same)
npslaser.starp.bnl.gov	Lebedev, Alexei/Betts, Wayne		(same)
rps1.starp.bnl.gov	Thomas, Jim/Betts, Wayne		(same)
rps2.starp.bnl.gov	Thomas, Jim/Betts, Wayne		(same)
mtdnps.starp.bnl.gov	Llope, William/Betts, Wayne		(same)
caenspare.starp.bnl.gov	Ruan, Lijuan/Butterworth, Joseph		(same)
daq-sw1.starp.bnl.gov	Betts, Wayne		(same)
daq-sw2.starp.bnl.gov	Betts, Wayne		(same)
eemc-pwrs1.starp.bnl.gov	Jacobs, William		(same)
scdaqpower.starp.bnl.gov	De Silva, Lindamulage		(same)
radmon-serv.starp.bnl.gov	Eyser, Oleg/Betts, Wayne		(same) + (https) The remote service allows insecure renegotiation of TLS / SSL connections.
mongodev.starp.bnl.gov	Betts, Wayne		(mongodb) The remote host is running a database system that does not have authentication enabled.
mq01.starp.bnl.gov	Poat, Michael/Betts, Wayne		The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections.
temperature1.starp.bnl.gov	Camarda, Timothy/Betts, Wayne		Read the Modbus/TCP Device Identification using the Encapsulated Interface Transport code 43 and MEI Type 14. Coils from a Modicon field device, such as a PLC, RTU, or IED, can be read using function code 1.