Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
641
Views
0
Helpful
1
Replies

Non-random IP IDS (Nessus)

rmmiller
Level 1
Level 1

‎10-10-2002 03:00 PM - edited ‎03-09-2019 12:37 AM

I was running some scans against some of my pix 515's and 2651 routers with Nessus (www.nessus.org), and it told me the following text:

general/tcp (Security warning found)

"The remote host uses non-random IP IDs, that is, it is

possible to predict the next value of the ip_id field of

the ip packets sent by this host.

An attacker may use this feature to determine if the remote

host sent a packet in reply to another request. This may be

used for portscanning and other things.

Solution : Contact your vendor for a patch

Risk factor : Low"

What does this mean? and is this something that I should be concerned about?

Thx

Rose Miller

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎10-10-2002 06:04 PM

I've never heard of an attack or anything else using this. As Nessus says, the "Risk factor: Low".

If it can only be used for port scans, and to be honest I can't see how it would help in that either, then there is little risk, since the PIX should only be configured to allow through specific ports anyway. Make sure you have your internal servers up to date with all software patches, etc, and only allow through those specific ports that need to be let through.

If you want to see if someone is port scanning your network, which can be a prelude to a more serious attack, then you can get an IDS system.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents