Bug 17552 - default RH6.2 kernel (2.2.14) accepts source routed frames
default RH6.2 kernel (2.2.14) accepts source routed frames
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
: Security
Depends On:
  Show dependency treegraph
Reported: 2000-09-15 16:30 EDT by jose nazario
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-09-15 16:30:46 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description jose nazario 2000-09-15 16:30:44 EDT
the default redhat 6.2 kernel (tested on i386) accepts source routed frames. this is bad from a security standpoint because source routed 
frames are sometimes used by attackers to evade detection or hide their identity and location. the best practice is to drop source routed frames 
at the border (on the routers and firewalls) and the hosts as well. 

the offending variables live in:

these values should be sysctl'd to 0 to drop source routed frames.
Comment 1 Michael K. Johnson 2002-01-18 12:55:32 EST
Agreed that firewall scripts should turn this off, but this isn't a
bug in the configuration.

Note You need to log in before you can comment on or make changes to this bug.