Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

UDP IP ID Zero

Posted on 2014-04-15
2
Medium Priority
?
2,150 Views
Last Modified: 2014-04-15
I'm running a vulnerability scan on my Cisco router and it has told me that the router is responding with a UDP packet whose IP ID was zero. I'm not certain what this means but I'd like to eliminate the message by patching the hole. However I can't find anything online telling me how to do it. Does anyone know?
0
Comment
Question by:Russ Suter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
asavener earned 2000 total points
ID: 40002194
This is not a vulnerability, or attack vector, but it is related to the ability to fingerprint the operating system running on a network device.

First option is to upgrade to the latest IOS version available for the router.  This may or may not eliminate the result.

Next option to to block or filter out any traffic that is not explicitly desired.  (In particular, I would recommend blocking traffic to the IP address of the router itself, unless such traffic is desired, such as management and ICMP traffic)

Final option is to just live with it, as most network scanners will detect it as Linux 2.4.x.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0510
0
 
LVL 20

Author Closing Comment

by:Russ Suter
ID: 40002519
thanks for the information. Based upon that I can rule out the item on the report and justify it.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question