Dailydave mailing list archives
Re: Herps
From: "Nexus" <nexus () patrol i-way co uk>
Date: Sat, 28 Feb 2004 10:33:43 -0000
----- Original Message ----- From: "Dave Aitel" <dave () immunitysec com> To: <dailydave () lists immunitysec com> Sent: Saturday, February 28, 2004 1:01 AM Subject: [Dailydave] Herps
justify this is by putting ICMP timestamp on their deliverables (or the equivalent - can we just take that out of Nessus now and stop having to see it ever again? So many other protocols (SMB and RSYNC for example) give you the current time that it's really not an issue. It's really not. Please, please take it out of your vulnerability database, nessus team, if you read this).
Not a direct security issue per se, granted, but you won't necessarily know the Client internal policies - they may have a mandated firewall policy that says no hosts will respond to ICMP traffic from internet based hosts. Responding to ICMP timestamp is against that policy, so chances are they would want to know about it so that they can have a word with the firewall admins. Arbitrarily deciding what does and does not go in a report is dangerous ground IMHO - flag it as an obversation rather than a potential vulnerability. Cheers. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave