Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: General --> Category: infos

Relative IP Identification number change Vulnerability Scan

Vulnerability Scan Summary
Relative IP Identification number change

Detailed Explanation for this Vulnerability Test

The remote host uses non-random IP IDs, that is, it is
possible to predict the next value of the ip_id field of
the ip packets sent by this host.

A possible hacker may use this feature to acertain traffic patterns
within your network. A few examples (not at all exhaustive) are:

1. A remote attacker can acertain if the remote host sent a packet
in reply to another request. Specifically, a possible hacker can use your
server as an unwilling participant in a blind portscan of another

2. A remote attacker can roughly acertain server requests at certain
times of the day. For instance, if the server is sending much more
traffic after business hours, the server may be a reverse proxy or
other remote access device. A possible hacker can use this information to
concentrate his/her efforts on the more critical machines.

3. A remote attacker can roughly estimate the number of requests that
a web server processes over a period of time.

Solution : Contact your vendor for a patch
Threat Level: Low

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.