Code: p30 Severity: Warning
Description: The traceroute (or tracert) tool allows a user to trace the network route taken by packets destined for a particular system. It does so by sending a series of packets with particular TTL (Time To Live) values and examining the ICMP replies seen.?? Impact: Traceroute can be used to map your network, determining the location and addresses of your routers. This can be used to plan an attack and locate vulnerable infrastructure systems. Corrective: There are two different types of probe packets which can be used to perform a traceroute. UNIX versions typically use a UDP packet to a high numbered port which is likely not to be in use. Windows systems use an ICMP Echo request (e.g. PING) packet. Reconfigure your firewalls and/or border routers to disallow incoming UDP packet to high numbered ports as well as incoming ICMP requests.
|
