LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Enterprise (https://www.linuxquestions.org/questions/linux-enterprise-47/)
-   -   Solution for ICMP timestamp response in VAPT report (https://www.linuxquestions.org/questions/linux-enterprise-47/solution-for-icmp-timestamp-response-in-vapt-report-4175525372/)

RHCE_ran 11-14-2014 03:49 AM
Solution for ICMP timestamp response in VAPT report
 
There was a vulnerability test run on our developmental server having Red Hat Enterprise Linux Server release 5.11 (Tikanga) as the OS. There is one point among others of concern here; it is to do with ICMP timestamp response. The solution suggested is:

ipchains -A input -p icmp --icmp-type timestamp-request -j DROP
ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP

When I gave the command,

ipchains -A input -p icmp --icmp-type timestamp-request -j DROP

it gave the message as below

-bash: ipchains: command not found

Please suggest how to go about it.

Please revert with the reply to my query.

Regards

TB0ne 11-14-2014 01:50 PM
Quote:
Originally Posted by RHCE_ran (Post 5269601)
There was a vulnerability test run on our developmental server having Red Hat Enterprise Linux Server release 5.11 (Tikanga) as the OS. There is one point among others of concern here; it is to do with ICMP timestamp response. The solution suggested is:

ipchains -A input -p icmp --icmp-type timestamp-request -j DROP
ipchains -A output -p icmp --icmp-type timestamp-reply -j DROP

When I gave the command,

ipchains -A input -p icmp --icmp-type timestamp-request -j DROP

it gave the message as below

-bash: ipchains: command not found

Please suggest how to go about it. Please revert with the reply to my query.
Again, you do not provide relevant details, and the answer to your question should be VERY obvious to someone who has a 'certification'. You don't tell us what 'vulnerability test' was performed, or where you got the suggested 'solution' to that problem, but the answer is very obvious:
  • The ipchains command isn't in your path...so find the ipchains command, and specify the full path to the executable.
  • Your 'solution' is VERY old, and references the ipchains command, where iptables is used currently.
Not sure what that command is actually supposed to accomplish, since it sure won't make your box more 'secure'. Especially since you've said before you're running them unsupported.

RHCE_ran 11-19-2014 04:50 AM
Thanks for your answer but RHEL support from Red Hat is not mandatory to run RHEL.

Regards

TB0ne 11-19-2014 07:11 AM
Quote:
Originally Posted by RHCE_ran (Post 5271809)
Thanks for your answer but RHEL support from Red Hat is not mandatory to run RHEL.

Regards
Yes, it is. You get 30 days free...after that you need to pay to continue to get support/patches/updates. And didn't you say before that you WERE paying for RHEL? So which is it? Also, you are STILL running a very old version of RHEL, and should update it, as has been told to you before.

And the answer given had NOTHING to do with RHEL support, did it? It involved checking the path and command. Re-read the first reply.

RHCE_ran 11-20-2014 04:28 AM
Sorry, this reply of mine was for your reply to the other question of mine.

ipchains command is replaced with iptables, the command worked with iptables.

Regards

TB0ne 11-20-2014 09:04 AM
Quote:
Originally Posted by RHCE_ran (Post 5272362)
Sorry, this reply of mine was for your reply to the other question of mine.
ipchains command is replaced with iptables, the command worked with iptables.
Right...which could have easily been found with a small bit of research.

And you STILL ignore the fact that you are running RHEL, yet don't try to check the knowledgebase, which you are PAYING FOR ACCESS TO, with your L3 subscription. You don't even acknowledge that, and again, if you have an Red Hat 'certification', should't IPtables and basic security be part of what you learned?


All times are GMT -5. The time now is 11:28 PM.