IP source routing and security issues |
 |
EXPERT RESPONSE FROM: Greg _Ferro
|
|
|
|
| > |
QUESTION POSED ON: 20 April 2001
I want to make my Internet gateway as secure as possible. I
remember someone telling me about source routing and how it is a common
exploit. What is it and how do I handle it?
|
|
| > |
|
Router software examines IP header options on every packet. There are IP
header options Strict Source Route, Loose Source Route, Record Route, and
Time Stamp, which are defined in RFC 791. If the software finds a packet
with one of these options enabled, it performs the appropriate action. If
it finds a packet with an invalid option, it sends an ICMP Parameter
Problem message to the source of the packet and discards the packet.
IP provides a provision that allows the source IP host to specify a route
through the IP network. This provision is known as source routing. Source
routing is specified as an option in the IP header. If source routing is
specified, the software forwards the packet according to the specified
source route. This feature is employed when you want to force a packet to
take a certain route through the network. The default is to perform source
routing.
Some people like to use source routing to troubleshoot their network -- especially when routing is broken on their network.
As a general rule of thumb, if you are not using IP source routing, turn it
off, as it is a well-known security vulnerability used in
attacks against a system.
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
