Well, being able to get hping through a firewall to web servers on TCP port 80 does not in itself indicate any kind of potential security flaw. Really, port 80 must be open on the firewall to get non-malicious traffic to the web server(s). Without having the details of their report I would recommend taking this with a grain of salt.
However there are a couple of ways to increase the security posture on the web servers themselves to help prevent possible security threats on TCP port 80. Depending on the platform of the servers you could consider some host IDS type of products...some of these are quite good and will do more than prevent DoS attacks. You could also look at some network hardware alternatives such as a load balancing switch. Cisco has a very good load balancing switch that will mitigate DoS attacks. -Mark -----Original Message----- From: Chad [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 02, 2003 11:24 AM To: [EMAIL PROTECTED] Subject: HPing? We received a notification today, from a company that checks our network for vulnerabilities, that the web servers we host are vulnerable to HPing (http://www.hping.org/). The company stated that using this tool it is possible to ping the box via port 80 and thus open to service denial attacks(?!). Even do trace routes etc. Has anybody had any experience with this, and more importantly, how would one go about blocking this type of "ping"? Thanks! Chad --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ---------------------------------------------------------------------------- --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003 --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
