First Last Prev Next    This bug is not in your last search results.
Bug 17552 - default RH6.2 kernel (2.2.14) accepts source routed frames
default RH6.2 kernel (2.2.14) accepts source routed frames
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
6.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Michael K. Johnson
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-09-15 16:30 EDT by jose nazario
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-09-15 16:30:46 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description jose nazario 2000-09-15 16:30:44 EDT 
the default redhat 6.2 kernel (tested on i386) accepts source routed frames. this is bad from a security standpoint because source routed 
frames are sometimes used by attackers to evade detection or hide their identity and location. the best practice is to drop source routed frames 
at the border (on the routers and firewalls) and the hosts as well. 

the offending variables live in:
/proc/sys/net/ipv4/conf/eth0/accept_source_route
/proc/sys/net/ipv4/conf/default/accept_source_route

these values should be sysctl'd to 0 to drop source routed frames.
Comment 1 Michael K. Johnson 2002-01-18 12:55:32 EST 
Agreed that firewall scripts should turn this off, but this isn't a
bug in the configuration.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.