I just started running qualys scans in our Organization.
We noticed few IP spoofing vulnerabilities. Could anyone clearly explain QID 34009?
Solution:Change your firewall policy to deny packets coming on the external interface with a source IP from the internal network. You should also deny packets on the external interface with a source IP that is non-routable, such as 10.0.0.1 or 127.0.0.1
If I compare solution with the threat , it looks confusing for me .
whether it is Host based firewall? or Is qualys trying to say that , Workstation IP may be possible to spoof from outside(PCI firewall point of view)?
OR external firewall point of view?
If our scan is internal , what are the scope of firewalls for internal scans?
Please clarify my question with fix..