Have you ever thought about what you could be exposing to the internet and how vulnerable that makes you? Using the data gathered by our platform 40fy we can provide you with a quick summary of your exposure level.
We currently don't provide results for IPv6
This tool will check our database for data regarding your IP address, rather than actively scan you.
At the moment we only provide results for IPv4, IPv6 will be available soon.
IP Risk out of 100
The higher the risk, the higher the vulnerability/ exposure level
This tool will check our database for data regarding your IP address, rather than actively scan you. Combining the data gathered during the last month via our scanning platform 40fy , we have developed a risk score system that represents the level of exposure of an IP address. The risk score of an IP address is directly related with its exposure level.
Remote Management Services
Remote Management Services: If an IP address is using telnet instead of SSH or has RDP, VNC and X11 without the correct configurations (proper firewalling of authentication for instance), one can consider that the level of exposure (*rms_score*) of that IP address is extreme.
Overall
/ 10
Telnet
/ 8
RDP
/ 8
VNC
/ 10
X11
/ 10
Storage Technologies
Storage Technologies: We've selected 8 storage technologies that could expose data if not properly configured. Therefore, if an IP address has one of these technologies without authentication, its level of exposure is automatically considered extreme
Overall
/ 10
MongoDB
/ 10
Redis
/ 10
Elasticsearch
/ 10
Memcached
/ 10
MQTT
/ 10
MySQL
/ 4
PostgreSQL
/ 4
MS SQL
/ 4
Web
Web: The lack of at least one security header represents an extreme level of exposure
Lack of security headers on web services
/ 3
Encryption
The use of unencrypted services, use of algorithms that are not recommended by security guidelines are only a few examples of what contributes to increase the vulnerability level of an IP address when it comes to encryption.
Overall
/ 6
Weak Debian keys
/ 8
Key Length less than or equal to 1024
/ 2
Key Exchange (KEX) Algorithm is SHA1
/ 2
Message Authentication Code (MAC) Algorithm is SHA1, MD5, MD4 or MD2
/ 2
Encryption (ENC) Algorithm is 3des-cbc, blowfish-cbc or cast128-cbc
/ 2
Vulnerable to Heartbleed
/ 10
Vulnerable to CCS Injection
/ 6
Vulnerable to Crime (Supports compression)
/ 6
Accepts insecure renegotiation
/ 6
Doesn't support OCSP Stapling
/ 3
Expired SSL Certificates
/ 4
Self-signed Certificates
/ 5
Signature Algorithm is md5WithRSAEncryption or sha1WithRSAEncryption
/ 5
Vulnerable to Drown
/ 6
Vulnerable to Poodle
/ 6
POP3, IMAP, SMTP (without SSL)
/ 6
FTP (without SSL)
/ 6
HTTP (without SSL)
/ 6
Torrents
Torrent Downloads: If an IP address was detected downloading torrents during the last month (not at this moment), the risk level is considered extreme.
IP Addresses downloading torrents
/ 1
CVE
CVE: Common Vulnerabilities and Exposures (CVE) is measured by adding the values of [CVSS -Common Vulnerability Scoring System](https://www.first.org/cvss) of the combinations of products and versions detected.
Severity scores of CVEs found
/ 3
Attack Surface
Attack Surface: The attack surface is measured by the number of open ports of an IP address. The higher number of open ports, the higher the vulnerability level.
No, it means we haven't detected any services exposed on your IP Address, but you might still be attacked by other means. This is a first version of the open-framework and we only look at perimeter scanning.