On 01/04/2012 03:04 PM, Jan-Oliver Wagner wrote: >> 2) traceroute has the potential, afaik, of revealing network >> addresses that are not intended to be shown. Admittedly not >> a really big deal, and I agree the signal to noise ratio >> is pretty low on this one. > > hm, so how to handle it best? Treat as threat of low CVSS or drop > this one?
You might get the path to a server from its perimeter. This might reveal "not so public" IP's (like from routers, load balancers, etc.) and can help you to map the network or at least to get some new targets to try. From my experience it doesn't really cause a threat to a network. It's more a question if you want to allow ICMP error messages sent out of your network or not. I would therefore just log it. Christian _______________________________________________ Openvas-plugins mailing list [email protected] http://lists.wald.intevation.org/mailman/listinfo/openvas-plugins
