Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3569
Views
0
Helpful
0
Replies

UDP Constant IP Identification Field Fingerprinting Vulnerability

royerbalaguera
Level 1
Level 1

‎07-06-2020 11:19 AM

Hi,

 

I have a WS-C3650-48PS IOS 03.07.04E cat3k_caa-universalk9. The following appears in a network security report:

 

The host transmits UDP packets with a constant IP Identification field. This behavior may be exploited to discover the operating system and approximate kernel version of the vulnerable system. Normally, the IP Identification field is intended to be a reasonably unique value, and is used to reconstruct fragmented packets. It has been reported that in some versions of the Linux kernel IP stack implementation as well as other operating systems, UDP packets are transmitted with a constant IP Identification field of 0. By exploiting this vulnerability, a malicious user can discover the operating system and approximate kernel version of the host. This information can then be used in further attacks against the host. 

 

There are some workaround for this ? 

 

Regards,

3 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card