11-23-2021 10:52 AM
I have 3 Zerto servers Z-VRA-INDMZEXZI01, Z-VRA-INDMZEXZI02 and ZERTOPL01
during scan there were vulnerabilities detected. After Scanning getting below mention vulnerabilities.
3 UDP Source Port Pass Firewall
SOLUTION:
Make sure that all your filtering rules are correct and strict enough. If they are not, change the
firewall rules to filter these requests
with a particular source port.
RESULTS:
The following UDP port(s) responded with either an ICMP (port closed) or a UDP (port open) to
our probes using a source port of
53, but they did not respond when a random source port (55812) was used:
111 (closed), 40421 (closed), 1701 (closed), 5632 (closed), 517 (closed), 518 (closed), 137
(closed), 1027 (closed), 135 (closed),
3527 (closed), 13 (closed), 53 (closed), 1812 (closed), 7 (closed), 1434 (closed).
How would I accomplish this?
11-23-2021 01:01 PM
Are you sure that you do not have a rule that is allowing traffic with a source of UDP/53 on the ingress interface that is in question?
11-28-2021 11:10 PM
for the above mentioned servers there is a rule In DMZ firewall. which is permitting all traffic.
There is not any specific rule which is blocking source of UDP/53.
Is it the right way if I block UDP /53 than it resolve my issue of (3 UDP Source Port Pass Firewall) ?
08-30-2023 03:46 PM
you will need to have an ACL point in the inbound direction with traffic coming from Source ANY Source port 53 and deny and then permit anything apply it in the interface that came out on you report this will fix your issue
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide