security risk when using the default route 0.0.0.0 0.0.0.0

Fida jlassi · ‎08-21-2015

Hi,

What is the security risk when we use the default route 0.0.0.0 0.0.0.0

Anthony Brandelli · ‎08-21-2015

From a network point of view...

There isn't anything much to worry about. If you require the default route (often to send traffic to the internet) then it is what it is. At some point with traffic destined to/from the internet you have to trust other parties with your traffic.

Was there something specific you were imagining here?

Richard Burts · ‎08-23-2015

Fida

This is an unusual question and interesting to contemplate. The security risk of using the default route is that using it means that we are sending traffic outside of our network, outside of what we control, and that now we must depend on resources that we do not control to process our traffic. This loss of control would be the security risk that we face. And for most of us this is a risk that we must accept because most of us work for organizations that must communicate with organizations that are remote from us.

When we think about risk we frequently look for ways to mitigate that risk. So how could we mitigate risk associated with using the default route? The first thing that comes to mind is to make sure that we route as much as possible through networks that we control. When we need to route outside our own network tunneling the traffic might be helpful, though tunnels do not actually provide any real security. For traffic that is sensitive or is critical we might want to use encryption (IPsec or SSL) to protect the traffic when it goes outside our own network.

HTH

Rick

HTH

Rick