nanog mailing list archives
Re: Should routers send redirects by default?
From: "Ricky Beam" <jfbeam () gmail com>
Date: Fri, 20 Aug 2010 21:09:43 -0400
On Fri, 20 Aug 2010 20:08:34 -0400, Brandon Ross <bross () pobox com> wrote:
Okay, I'll ask again. Exactly how does disabling ICMP redirects on my router prevent traffic from being intercepted?
It stops *one vector* of MITM attack. If a router honors redirects (and it never should), an evil host can intercept traffic of hosts that aren't on the local network.
This is 5000% beyond the scope of the original question, btw. --Ricky
Current thread:
- Re: Should routers send redirects by default?, (continued)
- Re: Should routers send redirects by default? Leen Besselink (Aug 20)
- Re: Should routers send redirects by default? Eric J. Katanich (Aug 20)
- Re: Should routers send redirects by default? Jack Bates (Aug 21)
- Re: Should routers send redirects by default? Jared Mauch (Aug 21)
- Re: Should routers send redirects by default? Mark Smith (Aug 21)
- Re: Should routers send redirects by default? Mark Smith (Aug 21)
- Re: Should routers send redirects by default? Ricky Beam (Aug 23)
- Re: Should routers send redirects by default? David W. Hankins (Aug 24)
- Re: Should routers send redirects by default? Mark Smith (Aug 24)
- Re: Should routers send redirects by default? Christopher Morrow (Aug 21)
- Re: Should routers send redirects by default? Ricky Beam (Aug 20)
- Re: Should routers send redirects by default? Brandon Ross (Aug 20)
- Re: Should routers send redirects by default? Butch Evans (Aug 24)
- Re: Should routers send redirects by default? Ricky Beam (Aug 20)
- Re: Should routers send redirects by default? Mark Smith (Aug 20)
- Re: Should routers send redirects by default? David W. Hankins (Aug 24)