virus logo Intrusion Prevention

IP.Loose.Src.Record.Route.Option

description-logoDescription

This indicates that a packet with Loose Source Routing enabled was detected. Loose Source Routing may allow attackers to obtain a list of router interfaces which can be used to conduct serious attacks on a target system.
Source and record routing allows routers to determine the route a datagram will take by specifying interface addresses on routers in the network that the datagram must pass through. There are two forms of the source route option: Strict Source Routing and Loose Source Routing. Strict Source Routing specifies the exact path that a datagram must take. Loose Source Routing allows the datagram to use other non-specified routers between the specified routers.

affected-products-logoAffected Products

Any unprotected network is vulnerable to the attack.

Impact logoImpact

The attacker can obtain a list of router interfaces between the attacker and the target system.

recomended-action-logoRecommended Actions

The signature can be set to "drop" to block this traffic.

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1
ID 12805
Created Sep 11, 2006
Updated Sep 07, 2022
Risk black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action pass
Active
Affected OS All
Affected App All
Profile Type Anomaly