Hi,

We've installed a Cisco 1720 Router for a leased line setup for our customer.

We are now in the stage of Security Optimisation of the router.

We've updated the latest IOS 12.2(8) T5.

We've scanned the router using the Nessus Scanner.

It reporting the following messages as security holes found in router.

========================================================

99.99.99.99 : Security hole found on port general/icmp :

The remote host answers to an ICMP timestamp

request. This allows an attacker to know the

date which is set on your machine.

This may help him to defeat all your

time based authentication protocols.

Solution : filter out the ICMP timestamp

requests (13), and the outgoing ICMP

timestamp replies (14).

Risk factor : Low

CVE : CAN-1999-0524

==========================================================

o 99.99.99.99 : Security hole found on port general/tcp :

The remote host uses non-random IP IDs, that is, it is

possible to predict the next value of the ip_id field of

the ip packets sent by this host.

An attacker may use this feature to determine if the remote

host sent a packet in reply to another request. This may be

used for portscanning and other things.

Solution : Contact your vendor for a patch

Risk factor : Low

=========================================================

o 99.99.99.99: Security hole found on port general/udp :

For your information, here is the traceroute to 99.99.99.99:

99.99.99.99

=========================================================

o 99.99.99.99 : Security hole found on port general/tcp :

QueSO has found out that the remote host OS is

* WindowsNT, Cisco 11.2(10a), HP/3000 DTC, BayStack Switch

CVE : CAN-1999-0454

=========================================================

Guide us to fix the problem.

Thanks and Regards,

Karthikeyan V

Network Engineer