Greetings,
I’ve been running Nessus 2.08a scans against our Cisco PIX firewalls (running v6.3(1) PIX OS) and am getting Nessus ID: 10201 “The remote host uses non-random IP IDs, that is, it is possible to predict the next value of the ip_id field of the ip packets sent by this host.” – even though the PIX is supposed to randomize the IP IDs. I have verified the PIX’s do not have the norandomseq command in their configurations. Anyone have any ideas why this is coming up? Is it a false positive or perhaps a PIX or Nessus bug?
THANKS!
p.s. I did see the response to Eric’s question about non-random IPs on 10-03-2003 where the responder states that the PIX is supposed to randomize the sequence of the IDs.
--------------------------------------------- Mark F. Ewert, Principal Systems Architect Integrated Healthcare Information Services
|
- Re: Nessus & Cisco PIX non-random IP IDs Mark Ewert
- Re: Nessus & Cisco PIX non-random IP IDs Michael Scheidell
- RE: Nessus & Cisco PIX non-random IP IDs Mark Ewert
- RE: Nessus & Cisco PIX non-random IP IDs David Gibson
- RE: Nessus & Cisco PIX non-random IP IDs Mark Ewert
- RE: Nessus & Cisco PIX non-random IP IDs David Gibson
- RE: Nessus & Cisco PIX non-random IP IDs Mark Ewert
- RE: Nessus & Cisco PIX non-random IP IDs David Gibson
- Re: Nessus & Cisco PIX non-random IP ID... Paul Johnston
- RE: Nessus & Cisco PIX non-random IP IDs Mark Ewert