Remote Control Server Running
Summary
Many enterprises augment their system administration operations with
remote control software, such as pcanywhere and timbuktu. These
products, if improperly configured, can provide remote access to
unauthroized users.
Impact
Pcanywhere reportedly comes "out-of-the-box" with little or no
password protection. Timbuktu updates its LDAP server with information
about your enterprise -- which could be viewed by users outside of the
enterprise.
Fix
Confirm that systems are properly configured. Consider blocking the
timbuktu LDAP server at the enterprise's firewall.