Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

IPCop Web Interface Detection

Medium

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote host is running the IPCop web interface. This interface allows administrators to remotely access and configure the underlying firewall. Because compromise of a firewall can lead to much more serious attacks, care should be taken to harden the IPCop web interface. Critical information (such as firewall configuration, administrative login, etc.) should not be passed across the network unencrypted.

Solution

Ensure that only valid users can query the IPCop interface. Require the use of SSL from remote users.