[CentOS] UDP Constant IP Identification Field Fingerprinting Vulnerability

Fri Jun 24 16:24:06 UTC 2016
John R Pierce <pierce at hogranch.com>

On 6/24/2016 9:20 AM, James B. Byrne wrote:
> We received a notice from our pci-dss auditors respecting this:
>
> CVE-2002-0510 The UDP implementation in Linux 2.4.x kernels keeps the
> IP Identification field at 0 for all non-fragmented packets, which
> could allow remote attackers to determine that a target system is
> running Linux.


2.4 kernels are kinda old.   kinda really really old.    are you still 
running CentOS 4 on PCI audited systems ?!??


-- 
john r pierce, recycling bits in santa cruz