Re: UDP Constant IP Identification Field Fingerprinting Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, June 24, 2016 12:24, John R Pierce wrote:
> On 6/24/2016 9:20 AM, James B. Byrne wrote:
>> We received a notice from our pci-dss auditors respecting this:
>>
>> CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps
>> the
>> IP Identification field at 0 for all non-fragmented packets, which
>> could allow remote attackers to determine that a target system is
>> running Linux.
>
>
> 2.4 kernels are kinda old.   kinda really really old.    are you still
> running CentOS 4 on PCI audited systems ?!??
>
>

The CVE is from 2002 and the kernel mentioned refers to the original
report.  Linux core team said it was a non-problem and the issue
remains in the kernel found in CentOS-6.8.  Possibly the one in 7.
Perhaps it is still present in the development branch.

However, all I am seeking is knowledge on how to handle this using
iptables.  I am sure that this defect/anomaly has already been solved
wherever it is an issue.  Does anyone have an example on how to do
this?


-- 
***          e-Mail is NOT a SECURE channel          ***
        Do NOT transmit sensitive data via e-Mail
 Do NOT open attachments nor follow links sent by e-Mail

James B. Byrne                mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux