I ran a nessus can against my ignition 7.3.1 gateway. This gateway is accessable from the Internet via a single port forward through the firewall.
Overall, I am happy with the results of the scan with one exception. For some reason the web server is exposing my internal IP address assigned to the gateway.
This is an excerpt from the report outlining this:
[quote]Web Server HTTP Header Internal IP Disclosure
f1This web server leaks a private IP address through its HTTP headers.
List of Hosts
When processing the following request :
GET / HTTP/1.0
this web server leaks the following private IP address :
as found in the following collection of HTTP headers :
HTTP/1.1 302 Moved Temporarily
Date: Tue, 22 Nov 2011 18:21:07 GMT
f1This may expose internal IP addresses that are usually hidden or
masked behind a Network Address Translation (NAT) Firewall or proxy
There is a known issue with Microsoft IIS 4.0 doing this in its default
configuration. This may also affect other web servers, web applications,
web proxies, load balancers and through a variety of misconfigurations
related to redirection.
f1Low/ CVSS Base Score: 2.6
CVSS Temporal Score: 2.6(CVSS2#E:H/RL:U/RC:C)
Vulnerability publication date: 2000/07/13
Plugin publication date: 2001/09/14
Plugin last modification date: 2011/06/01
Ease of exploitability : No exploit is required
The only place that I see in my gateway configuration where this address is defined is under the OPC-UA Settings section under Endpoint Address.