loose source routing, unreliable results
('binary' encoding is not supported, stored as-is)
Hi guys
I am lost here! Almost every time when I perform a nessus scan I get this odd vulnerability: loose source routing identified.
I really don’t know how that script works but I have to analyse if this is a false positive or not. When I perform a manual traceroute (UDP) to the destination host, I do not get all gateways listed. It looks similar to that (just as an example):
1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
2 lilacâdmc.Berkeley.EDU (128.32.216.1) 39 ms 19 ms 39 ms
3 lilacâdmc.Berkeley.EDU (128.32.216.1) 19 ms 39 ms 19 ms
4 ccngwânerâcc.Berkeley.EDU (128.32.136.23) 39 ms 40 ms 19 ms
5 ccnânerif35.Berkeley.EDU (128.32.168.35) 39 ms 39 ms 39 ms
6 csgw.Berkeley.EDU (128.32.133.254) 39 ms 59 ms 39 ms
7 * * *
8 * * *
How can the nessus plug-in reporting this vulnerability get through to the destination host with loose source routing when I can get through with ICMP and UDP???
Can anybody explain me how this plug-in works? I just think it doesn’t work properly and always provides a false positive! In addiation, can anyone show how to reproduce what the script does?
Your help is very much appreciated
regards
cissper
---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security
Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.
Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_pen-test_040201
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:53:49 EDT