IP Forwarding Enabled

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote host has IP forwarding enabled.

Description :

The remote host has IP forwarding enabled. An attacker can exploit
this to route packets through the host and potentially bypass some
firewalls / routers / NAC filtering.

Unless the remote host is a router, it is recommended that you disable
IP forwarding.

Solution :

On Linux, you can disable IP forwarding by doing :

echo 0 > /proc/sys/net/ipv4/ip_forward

On Windows, set the key 'IPEnableRouter' to 0 under

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters

On Mac OS X, you can disable IP forwarding by executing the command :

sysctl -w net.inet.ip.forwarding=0

For other systems, check with your vendor.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:P)

Family: Firewalls

Nessus Plugin ID: 50686 ()

Bugtraq ID:

CVE ID: CVE-1999-0511