Hallo! Auch hier im Forum gefunden (https://forum.ubuntuusers.de/topic/intel-management-engine-sicherheitsluecke-von-/) kann man mittels nmap prüfen, ob das eigene Gerät verwundbar ist.
~$ nmap -p16992-16995 192.168.1.102/24 Starting Nmap 7.01 ( https://nmap.org ) at 2017-05-07 16:36 ICT Nmap scan report for localhost (192.168.1.1) Host is up (0.0036s latency). PORT STATE SERVICE 16992/tcp filtered amt-soap-http 16993/tcp filtered amt-soap-https 16994/tcp filtered unknown 16995/tcp filtered unknown Nmap scan report for 192.168.1.101 Host is up (0.042s latency). PORT STATE SERVICE 16992/tcp closed amt-soap-http 16993/tcp closed amt-soap-https 16994/tcp closed unknown 16995/tcp closed unknown Nmap scan report for 192.168.1.102 Host is up (0.000072s latency). PORT STATE SERVICE 16992/tcp closed amt-soap-http 16993/tcp closed amt-soap-https 16994/tcp closed unknown 16995/tcp closed unknown Nmap done: 256 IP addresses (3 hosts up) scanned in 4.27 seconds
zeigt mir filtered für die AMT Ports an meinem Router an (192.168.1.1). Mein Rechner selbst und mein Telefon sind ok (101 und 102 zeigen closed).
Frage 1: Wie interpretiere ich filtered? Ist der Router verwundbar? Habe ich Handlungsbedarf?
Frage 2: Wenn verwundbar: Wie reagiere ich? Wie kann die Lücke schließen?