Hi,
the plugin which generated this warning is know to generate false positive,
says Renaud Deraison (Nessus Developer). Unfortunately there's no info about
that on the Nessus-Homepage.
Konrad
----- Original Message -----
From: "Konrad Klein"
Hi everybody,
today I had a few crazy nessus results. I did a securityscan on my machine and nessus found a security hole in isakmp service. It says
The remote IPSEC server seems to have a problem negotiating bogus IKE requests.
An attacker may use this flaw to disable your VPN remotely
Solution: Contact your vendor for a patch Risk factor: High
Protocol UDP Port 500
At the last nessus scan at about the 11th April, no security whole was found. In both cases I updated the nessus db with nessus-update-plugins before i started the scan.
My real problem is, that I'm absolutely sure, that no IPSEC server is running on my system.
To check this result, I installed SuSE 7.2 in a minimal configuration with absolut no network services running on another computer and also made a nessus scan. Again I get a security hole in isakmp.
Then I started an nmap scan wit h the option sU, and nmap didn't find an open udp port.
Is it a bug in the nessus attack-script or is there a "hidden" directive in SuSE 7.2 that i didn't find or has someone similiary "problems" and knows a solution?
My nessusd version is 1.0.9
Thanks a lot in advance
Konrad
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here