What is IP Source Routing?

--> Source routing is a technique whereby the sender of a packet can specify the route that a packet should take through the network.

--> As a packet travels through the network, each router will examine the destination IP address and choose the next hop to forward the packet to.

--> In source routing, the "source" (i.e., the sender) makes some or all of these decisions.

--> Cisco routers normally accept and process source routes. Unless a network depends on it, source routing should be disabled.

--> Attackers can use source routing to probe the network by forcing packets into specific parts of the network.



--> Using source routing, an attacker can collect information about a network's topology, or other information that could be useful in performing an attack.

-->  During an attack, an attacker could use source routing to direct packets to bypass existing security restrictions.

--> Use the 'no ip source-route' command to disable IP source routing on the Cisco router. 

0 Comments