01-07-2009 04:48 PM
01-07-2009 05:52 PM
Juniper Firewalls don't typically run a TFTP service. I'm guessing you either have a MIP redirecting TFTP to another box running this service or maybe the wrong protocol is being reported. Are you sure it wasn't "Telnet" that is being reported? This provides management access, but doesn't encrypt the username and password. This is why SSH is recommended instead. You can remove this by Editing the Interface being audited and unchecking "telnet". I hope this helps.
01-09-2009 05:42 PM
The infosec dept has some type of ISS scanner that sweeps/scans the firewall itself, and this is what is came back with. It scanned other SSG's of the same model and code, so I'm curious as to why it flagged TFTP as being a vulberable service on this box.