Additional info through a shodan.io IP check - analyzed later by A.I. delivers these info:
IP Address Information
The IP address 118.27.17.248 is associated with multiple services and protocols, including:
SSH (OpenSSH 8.2p1)
NTP (version 3)
HTTP/1.1 (nginx 1.18.0)
HTTPS (SSL/TLS with a GlobalSign Atlas R3 AlphaSSL CA 2023 Q4 certificate)
The IP address is also reported to have been involved in vulnerabilities:
CVE-2021-23017 (nginx resolver security issue)
CVE-2021-3618 (ALPACA application layer protocol content confusion attack)
CVE-2023-44487 (HTTP/2 protocol allows a denial-of-service attack)
SSL/TLS Certificate
The SSL/TLS certificate is issued by GlobalSign Atlas R3 AlphaSSL CA 2023 Q4.
The certificate is valid from January 5, 2024, to February 5, 2025.
The subject of the certificate is www.goal24g.com, and the alternative name includes goal24g.com.
The certificate uses RSA encryption with a key size of 2048 bits.
The certificate chain includes three signed certificate timestamps.
Potential Concerns
The presence of vulnerabilities CVE-2021-23017, CVE-2021-3618, and CVE-2023-44487
may indicate potential security risks associated with this IP address.
The use of an outdated version of OpenSSH (8.2p1) may also be a concern.
The SSL/TLS certificate’s expiration date is relatively soon, which may require reissuance or renewal.
In summary, while this IP address appears to be associated with various services and protocols,
the presence of vulnerabilities and an outdated version of OpenSSH may indicate potential security concerns.
Additionally, the SSL/TLS certificate’s expiration date is approaching, which may require attention to ensure continued security.
Also see: https://www.speedguide.net/ip/118.27.17.248#_
In summary, while Webmin is a powerful tool for managing Unix-based systems,.
Serving it over HTTP instead of HTTPS may introduce security risks.
Additionally, the relaxed content-security policy may increase the risk of XSS attacks.
to be qualified as a medium- to high-risk site.
polonus