Check or Attack Name: Backup Domain Controller

This machine has been identified as a backup domain controller (BDC). This information could be used by an attacker to focus on domain-wide structured attacks.

False Positives: If this machine is inside the firewall, then this vulnerability is purely informational.

If NetBIOS ports are available, then determining if a host is a domain controller cannot be prevented. If the BDC is outside of a firewall, filter ports 135 through 139.