IP Forwarding Enabled

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote host has IP forwarding enabled.

Description :

The remote host has IP forwarding enabled. An attacker may use this
flaw to route packets through this host and potentially bypass some
firewalls / routers / NAC filtering.

Unless the remote host is a router, it is recommended that you disable
IP forwarding.

Solution :

On Linux, you can disable IP forwarding by doing :

echo 0 > /proc/sys/net/ipv4/ip_forward

On Windows, set the key 'IPEnableRouter' to 0 under

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameter

On Mac OS X, you can disable IP forwarding by executing the command :

sysctl -w net.inet.ip.forwarding=0

For other systems, check with your vendor.

Risk factor :

Low / CVSS Base Score : 3.2
(CVSS2#AV:A/AC:H/Au:N/C:P/I:P/A:N)

Family: Firewalls

Nessus Plugin ID: 50686 ()

Bugtraq ID:

CVE ID: CVE-1999-0511