26. Routing Protocols

Routing and routing protocols can create several problems. The IP source routing, where an IP packet contains details of the path to its intended destination, is dangerous because according to RFC 1122 the destination host must respond along the same path. If an attacker was able to send a source routed packet into your network, then he would be able to intercept the replies and fool your host into thinking it is communicating with a trusted host. I strongly recommend that you disable IP source routing to protect your server from this hole.

To disable IP source routing on your server, type the following command in your terminal:

Version 6.1 only

              [root@deep] /# for f in /proc/sys/net/ipv4/conf/*/accept_source_route; do
              > echo 0 > $f
              > done

              [root@deep] /#

Add the above commands to the /etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.

Version 6.2 only

Edit the /etc/sysctl.conf file and add the following line:

              # Disables IP source routing
              net.ipv4.conf.all.accept_source_route = 0

You must restart your network for the change to take effect. The command to restart the network is the following:

              [root@deep] /# /etc/rc.d/init.d/network restart

              Setting network parameters [  OK  ]
              Bringing up interface lo [  OK  ]
              Bringing up interface eth0 [  OK  ]
              Bringing up interface eth1 [  OK  ]

Take Note that the above command for Red Hat Linux 6.1 or 6.2 will disable Source Routed Packets on all your interfaces lo, ethN, pppN etc.