On Fri, June 24, 2016 12:24, John R Pierce wrote:
On 6/24/2016 9:20 AM, James B. Byrne wrote:
We received a notice from our pci-dss auditors respecting this:
CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux.
2.4 kernels are kinda old. kinda really really old. are you still running CentOS 4 on PCI audited systems ?!??
The CVE is from 2002 and the kernel mentioned refers to the original report. Linux core team said it was a non-problem and the issue remains in the kernel found in CentOS-6.8. Possibly the one in 7. Perhaps it is still present in the development branch.
However, all I am seeking is knowledge on how to handle this using iptables. I am sure that this defect/anomaly has already been solved wherever it is an issue. Does anyone have an example on how to do this?