[ale] UDP Constant IP Identification Field Fingerprinting

Jeff Lightner jlightner at water.com
Tue Jul 8 11:02:31 EDT 2008


OK - we had a PCI scan flag the above as a "vulnerability" stating one
might be able to detect OS and kernel version.

The SCAN indicates they aren't aware of any fix.

In Google search I find multiple references including one that suggests
this is a "feature" rather than a vulnerability but most of those talk
about 2.4 kernel.   The systems found were 2.6 kernels.  

Is this in fact still a known "feature" for 2.6 kernels?  Is there a way
to disable this "feature" without detriment to the system?

If not can someone point me to a more recent discussion about this that
I can use to explain why it won't be addressed?  Most of what I saw was
from 2002.

I'm running RHEL5 on the servers in question.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20080708/8b4cd6c3/attachment.html 


More information about the Ale mailing list