Red Hat Bugzilla – Bug 17552
default RH6.2 kernel (2.2.14) accepts source routed frames
Last modified: 2008-05-01 11:37:58 EDT
the default redhat 6.2 kernel (tested on i386) accepts source routed frames. this is bad from a security standpoint because source routed
frames are sometimes used by attackers to evade detection or hide their identity and location. the best practice is to drop source routed frames
at the border (on the routers and firewalls) and the hosts as well.
the offending variables live in:
these values should be sysctl'd to 0 to drop source routed frames.
Agreed that firewall scripts should turn this off, but this isn't a
bug in the configuration.