[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] security hole isakmp
Jochen, Some of these scanners will scan for open ports but not actually bother to try and access them if they find them. On finding a port they will use their internal database to tell you what vulnurability they found and the dangers from it. It seems that this is the case here. A scan found the port was available, and told you you were vulnurable. The tru case is that even though the port may be scannable from the outside, it is not in fact accesable (not open), so you are not vulnurable. Mike > -----Original Message----- > From: Jochen Vogel [SMTP:[email protected]] > Sent: > ä îàé 02 2002 12:45 > To: [email protected] > Subject: [FW-1] security hole isakmp > > hi, > > i scanned the firewall with nessus and get the following result > > . List of open ports : > o isakmp (500/udp) (Security hole found) > > . Vulnerability found on port isakmp (500/udp) : > > > The remote IPSEC server seems to have a problem negotiating > bogus IKE requests. > > An attacker may use this flaw to disable your VPN remotely > > Solution: Contact your vendor for a patch > Risk factor: > High > > if i view the firwall log i saw that the connection to udp/500 was rejected > > if i make a tcpdump i saw that the port was unreachable > 12:37:48.056664 scanner.1500 > firewall: udp 0 > 12:37:48.056684 firewall > scanner: icmp: 213.61.74.2 udp port 500 > unreachable > > -does anybody know why nessus find the hole? > -is there a workaround for this problem? > > thx for help > Jo > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|