AnsweredAssumed Answered

QID 34009

Question asked by SPC pon on Mar 16, 2016
Latest reply on Dec 27, 2016 by Gregory Wei

Hi all,

I just started running qualys scans in our Organization.

We noticed few IP spoofing vulnerabilities. Could anyone clearly explain QID 34009?

Solution:Change your firewall policy to deny packets coming on the external interface with a source IP from the internal network. You should also deny packets on the external interface with a source IP that is non-routable, such as 10.0.0.1 or 127.0.0.1

 

If I compare solution with the threat , it looks confusing for me .

whether it is Host based firewall? or Is qualys trying to say that , Workstation IP may be possible to spoof from outside(PCI firewall point of view)?

OR external firewall point of view?

If our scan is internal , what are the scope of firewalls for internal scans?

 

Please clarify my question with fix..

Outcomes