09-20-2002 11:02 AM - edited 03-09-2019 12:24 AM
I have received an Audition on my network with possible weakness or vulnerability for an attack. The description is the follow:
-----------------------------------------------------------------------------------------------------------
1033 ICMP netmask obtained
Risk Factor: Low
Complexity: Medium
Popularity: Obscure
Impact: Intelligence
Root Cause: Insecure Design
Ease of Fix: Moderate
Description: The netmask was obtained from the target host utilizing a capability present within the ICMP protocol. The ICMP protocol provides an operation to query a remote host for the network netmask.
Security Concerns: This information can assist an attacker in determining the internal structure of your network, as well as the routing scheme.
-----------------------------------------------------------------------------------------------------------
I have suggestions to block ICMP and the issue is solved. I want know if exist other possibility to protect my network without block ICMP. My network have a Core router 7500 Series with 02 international links and others small routers directly connected to it.
Tx for the help
09-21-2002 06:04 PM
you can configure "no ip mask-reply" under interfaces to stop this.
09-27-2002 05:25 PM
Ok do you know some other command that can apply for this warning without block ICMP service? :
----------------------------------------------------------------------------------
1032ICMP timestamp obtained
Risk Factor: Low
Complexity: Medium
Popularity: Obscure
Impact: Intelligence
Root Cause: Insecure Design
Ease of Fix: Moderate
Description: The system time was obtained from the target host utilizing a capability present within the ICMP protocol. The ICMP protocol provides an operation to query a remote host for the current system time.
Security Concerns: This information may be used by an attacker when attacking time based authentication protocols.
---------------------------------------------------------------------------------------------------------
I appreciate your help and Tx a lot.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: