I need to know how to filter the ICMP timestamp requests (13) and the outgoing ICMP timestamp replies (14) on my 2600 series router.
How do I set NTP to restrict default access to ignore all info packets?
General TCP Warning: "The remote host uses non-random IP IDs, that is, it is possible to predict the next value of the ip_id field of the ip packets sent by this host. This may be used for portscanning and other things."
"Solutions: Contact your vendor for a patch" Any suggestions or is this a problem?
Re: Security issues found on my Router during a scan
To filter ICMP packets you'll need an access-list on your interface. Something like:
access-list 100 deny icmp any any timestamp-reply
access-list 100 deny icmp any any timestamp-request
access-list 100 permit ip any any
With NTP, you can do something like the following (not exactly what you mean by ignoring info packets, do you mean query packets from other NTP devices?):
ntp access-group serve-only 99
access-list 99 permit 220.127.116.11
access-list 99 permit 18.104.22.168
The "serve-only" keyword says only provide server access, you can also use "query-only" to only provide query access, or "peer" to provide full access.
For the last question, not sure if it's talking about this (http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml), but if it is then fixes for it have ben available for quite a while. Keep in mind that this is only a problem for connections to the router itself, connections passing through the router are not affected.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...