Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Vulnerability/Security Scan on Virtual Service IP

 

Information

 

Summary:

Running a SecureWorks scan on the virtual service IP address returned positive results for Malware.

Environment:

Product: LoadMaster

Version:7.2.47

Platform: VMware

Application: Exchange

Question/Problem Description:

Malware was found when scanning the virtual service IP of the LoadMaster.

Steps to Reproduce: Re-scan VIP
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: Vulnerability/Security scan returning positive.
Resolution:

In general, any scan performed on a virtual service typically means that a vulnerability was triggered on the Real Server that is behind the virtual service. The virtual service simply acts as a proxy for all traffic to the Real Server, and all of the return traffic is sourced from the Real Server.

It's recommended to re-run the scan directly on the IP of the Real Server to confirm that the server is returning the same results.

The best way to determine if the LoadMaster had possible vulnerabilities would be to scan the Interface/NIC IP address directly, as this will be a direct scan to the LM itself.

Workaround:

- Run a scan on the IP address of the Real Server

- Run a scan on the Interface/NIC IP address of the LoadMaster directly

   

Was this article helpful?
0 out of 0 found this helpful

Comments