cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11943
Views
10
Helpful
4
Replies
m.matteson
Explorer

what is source-routing?

could someone explain to me what source routing is? a cisco security whitepaper suggested i shut that off on my interfaces. i'm curious to why. also they mentioned no ip directed-broadcast. thanks

1 ACCEPTED SOLUTION

Accepted Solutions
wkumari
Beginner

Source routing (specified in RFC 791 I believe) is where you specify the route that packets take though the network. There are options in the IP header (Option 3?) that can be set to specify the routers that a packet should pass through on the way to its destination. There are 2 modes of source-routing, loose and strict. Loose specifies that the packet should pass though the listed hops, strict specifies the exact path on a hop-by-hop basis. This means that someone can force their traffic to take a specific path through your network, possisbly bypassing various security stuff. There are very few "legitimate" uses for source routing, the main one being ensuring that people at exchange points are sticking to their agreements.....

IP Directed broadcast lets you ping the broadcast address on an interface. This us used in many amplifier attacks (See Smurf for an example). If you have a large, flat network and you have ip directed broadcast on, someone could spoof a ping to the broadcast address on your network. All of the machines on that network would replay to the (spoofed) source, possibly causing a DoS.

-Warren.

* Source routing in the token ring world is something similar but different...

View solution in original post

4 REPLIES 4
jzoschke
Beginner

Hi,

Default routing setting is dynamic. There is no fixed path from source to destination. If you want to provide a specific path from src to dest you can use source routing. (loose or strict)

Jjuergen

wkumari
Beginner

Source routing (specified in RFC 791 I believe) is where you specify the route that packets take though the network. There are options in the IP header (Option 3?) that can be set to specify the routers that a packet should pass through on the way to its destination. There are 2 modes of source-routing, loose and strict. Loose specifies that the packet should pass though the listed hops, strict specifies the exact path on a hop-by-hop basis. This means that someone can force their traffic to take a specific path through your network, possisbly bypassing various security stuff. There are very few "legitimate" uses for source routing, the main one being ensuring that people at exchange points are sticking to their agreements.....

IP Directed broadcast lets you ping the broadcast address on an interface. This us used in many amplifier attacks (See Smurf for an example). If you have a large, flat network and you have ip directed broadcast on, someone could spoof a ping to the broadcast address on your network. All of the machines on that network would replay to the (spoofed) source, possibly causing a DoS.

-Warren.

* Source routing in the token ring world is something similar but different...

View solution in original post

  • Source routing is a feature of the IP protocol which allows the sender of a packet to specify which route the packet take on the way to its destination ( and on the way back).
  • Source routing was originally designed to be used when a host did not have proper default routes in its routing table.
  • However, source routing is rarely used foe legitimate purpose nowadays
  • Attackers can abuse source routing to bypass firewalls or to map your network.

". . . ( and on the way back)."

Are you sure?  In the (distance) past, I've occasionally (and rarely) used IP source routing for some network testing purposes, but don't recall (?) it being used for the return packets.

"However, source routing is rarely used foe legitimate purpose nowadays"

Likely true.  First, many, I suspect, don't know how to use it for good purpose, and those purposes are also rare.

"Attackers can abuse source routing to bypass firewalls or to map your network."

IMO, if you can use it to bypass security and you're really worried about it being used to map your network, your security stance might need review.

Possible a good "bad" use example of source routing would be to chose a "better" path than that that traffic should be using.