remote host accepts loose source routed IP packets

[el kalin]

On Sun, Oct 5, 2014 at 6:24 PM, Brandon Vincent <Brandon.Vincent at asu.edu>
wrote:

> On Sun, Oct 5, 2014 at 2:39 PM, Adrian Chadd <adrian at freebsd.org> wrote:
> > All accept_sourceroute does is prevent the stack from forwarding
> > source routed packets. If it's destined locally then it's still
> > accepted.
>
> Out of curiosity, isn't "net.inet.ip.accept_sourceroute" supposed to
> reject incoming source routed packets?


that was my understanding too. as far a forwarding - have it off too:

# sysctl -a | grep forwa
kern.smp.forward_signal_enabled: 1
net.inet.ip.forwarding: 0
net.inet.ip.fastforwarding: 0
net.inet6.ip6.forwarding: 0


>
> On 5 October 2014 13:22, el kalin <kalin at el.net> wrote:
> > hmmm…  could it be openvas?!
>
> OpenVAS is a fork of Nessus from when it was open source.
> HackerGuardian seems to use Nessus as the chief scanning engine.


i'm aware of those. i used to use Nessus when it was open and did pre
scanning for pci with it on freebsd 7 and 8 and everything was fine. now
this is really mind boggling….

i can't imagine that both freebsd 9 an 10 and also netbsd 6 will have this
"vulnerability" which according to the information that the hackerguardian
(nessus?!) suggest to read points to links from 2002.

unless it has to do with virtualization somehow. am i the first person ever
to try to get pci compliant on bsd on aws?!

i did report this as a false positive to hackerguardian on friday. haven't
heard from them since. but i'm not holding my breath…



>
> Brandon Vincent
>