Options

Nipper Report - Administrative Services

SystemsASystemsA
in Firebox - Other

I have run a Nipper Audit Report on our Firewall M370 and it reports back some "Critical" issues for; Rules Allow Access To Administrative Services

A example is our rule for FTP SSH. It says
Source: "FTP SSH Internal.1.from
Destination: "FTP SSH Internal.1.to

The rule I setup is from a specific IP Address to a specific IP Address of a FTP Server with only the protocol SSH.

So, I don't understand why this get's flagged. Or is it just flagging anything with Port 22, 443, 3389 - which are all the other flagged rules.

Comments

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @SystemsA

    I'd suggest opening a support case for this so our team can take a look at your firewall. There may be other rules that are allowing that traffic in.

    If possible, please include support access for your firewall (instructions are in the portal when you create your case) and a copy of the report that shows the vulnerability.

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • Options
    SystemsASystemsA
    edited August 2022

    Thanks,

    I'll look into a support case.

    We have passed Pen Test and Scanning so I'm sure the ports are safe. The previous IT and auditor have explained them in previous reports as just showing your using ports that can be used as Management Ports and you have to make sure you have the Source and Destinations rules to specific networks.

    In the end I would like to see if their was some kind of fix to get them off the Nipper reports.

    Thanks,

Sign In to comment.