Security scan on Parallels H-Sphere control panel gives the following vulnerability:
ICMP TimeStamp Request
That may course customers can not pass PCI (payment card industry) compliant.
Customer (or datacenter service provider) should filter out:
- the ICMP timestamp requests (ICMP type 13);
- the outgoing ICMP timestamp replies (ICMP type 14);
- the address mask request (ICMP type 17);
- the address mask reply (ICMP type 18).
Filtering can be done:
- on routers side (for example with 'access-list' command);
- on Parallels H-Sphere control Panel box with 'iptables'/'ipchains' tools.