[Openvas-discuss] Vulnerability found on blocked port

Rémi Liquete remi.l034 at gmail.com
Wed Aug 16 11:04:17 CEST 2017


Thank you for your answer.

Sorry for not being as clear as I wanted to.

I performed a scan on a server. This server is behind a firewall that
blocks all port except 3 I am scanning, and blocks ICMP protocol.
At the end of the scan, I've checked the report and in this report, there
is a vulnerability on ping flood in location "general/icmp".

As my firewall is supposed to block this protocol, how can OpenVAS find any
vulnerability with this protocol ?

I hope I'm clear enough this time !

2017-08-16 10:53 GMT+02:00 Thijs Stuurman <
Thijs.Stuurman at internedservices.nl>:

> Rémi,
>
>
>
> Your question is not very clear to me but I will try to answer.
>
> First of all, which found vulnerability on the ICMP protocol? Detail your
> questions please.
>
>
>
> Second, you cannot bypass the firewall … it’s a firewall, there doing what
> it is supposed to.
>
> So either you find nothing, because of the firewall, and confirm your
> firewalling is OK.
>
> Or you whitelist your scanner in the firewall and test the system
> regardless.
>
>
>
>
>
> Thijs Stuurman
>
> Security Operations Center | KPN Internedservices
>
> thijs.stuurman at internedservices.nl | thijs.stuurman at kpn.com
>
> T: +31(0)299476185 <+31%20299%20476%20185> | M: +31(0)624366778
> <+31%206%2024366778>
>
> PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/)
>
> Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048
>
>
>
> W: https://www.internedservices.nl | L: http://nl.linkedin.com/in/
> thijsstuurman
>
>
>
> *Van:* Openvas-discuss [mailto:openvas-discuss-bounces at wald.intevation.org]
> *Namens *Rémi Liquete
> *Verzonden:* woensdag 16 augustus 2017 10:46
> *Aan:* openvas-discuss at wald.intevation.org
> *Onderwerp:* [Openvas-discuss] Vulnerability found on blocked port
>
>
>
> Hello,
>
> I've perform a scan on 3 TCP ports (lists en ports lists).
>
> The firewall blocks aswell the ICMP protocol.
>
> The question is : Is that normal that OpenVAS found a vulnerability on the
> ICMP protocol ?
>
> If this is normal, how can the scan bypass the firewall ?
>
> Regards,
>
> Rémi.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170816/af62e62c/attachment.html>


More information about the Openvas-discuss mailing list