Difference between revisions of "Vuln firewall fw state tracking"

From Atomicorp Wiki
Jump to: navigation, search
 
Line 21: Line 21:
 
Please note that VPS systems do not have their own kernel. So if you are using a VPS technology you will not be able to install any kernel on the system. VPS technologies share the hosts kernel, and the VPS will inherit the vulnerabilities in that kernel. If you do not control the host, we encourage you to report this vulnerability to your hosting provider and ask they fix their kernel.  
 
Please note that VPS systems do not have their own kernel. So if you are using a VPS technology you will not be able to install any kernel on the system. VPS technologies share the hosts kernel, and the VPS will inherit the vulnerabilities in that kernel. If you do not control the host, we encourage you to report this vulnerability to your hosting provider and ask they fix their kernel.  
  
False Positives
+
'''False Positives'''
  
 
There are no known False Positives for this.
 
There are no known False Positives for this.

Latest revision as of 11:47, 16 March 2016

Description

This means that your system does allow creating state tracking rules. This means that services like FTP are non-functional, and regular firewall rules are at best severely degraded.

Resolving This Vulnerability

You need to load the following kernel modules:

Kernels (2.6.18):

 ip_conntrack_ftp
 ip_conntrack

Kernels (2.6.32+):

 nf_conntrack
 nf_conntrack_ftp

Notes for VPS Machines

Please note that VPS systems do not have their own kernel. So if you are using a VPS technology you will not be able to install any kernel on the system. VPS technologies share the hosts kernel, and the VPS will inherit the vulnerabilities in that kernel. If you do not control the host, we encourage you to report this vulnerability to your hosting provider and ask they fix their kernel.

False Positives

There are no known False Positives for this.

Personal tools