Intrusion PreventionIP.Strict.Src.Record.Route.Option
Description
This indicates detection of a packet with Strict Source Routing, which may allow attackers to obtain a list of router interfaces, enabling them to conduct serious attacks on a target system.
Source and record routing allows routers to determine the route the datagram will take by specifying interface addresses on routers in the network that the datagram must pass through. There are two forms of the source route option: Strict Source Routing and Loose Source Routing. Strict Source Routing specifies
the exact path that a datagram must take. Loose Source Routing allows the datagram to use other non-specified routers between the specified routers.
Affected Products
Any unprotected network is vulnerable to the attack.
Impact
The attacker can obtain a list of router interfaces between the attacker and the target system.
Recommended Actions
If required the signature can be set to drop this traffic.
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2020-12-02 | 16.972 |
Removed
|
References
1| ID | 12667 |
| Created | Sep 11, 2006 |
| Updated | Dec 01, 2020 |
| Risk |
|
| Default Action | pass |
| Active | |
| Affected OS | All |
| Affected App | All |
| Profile Type | Information Disclosure |