The Cisco ISR 4000 Series router must have IP source routing disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-74133 | CISR-RT-000020 | SV-88807r1_rule | Medium |
| Description |
|---|
| Source routing is a feature of IP, whereby individual packets can specify routes. This feature is used in several different network attacks by bypassing perimeter and internal defense mechanisms. |
| STIG | Date |
|---|---|
| Cisco IOS XE Release 3 RTR Security Technical Implementation Guide | 2017-06-28 |
Details
| Check Text ( C-74219r1_chk ) |
|---|
| Review the configuration of the Cisco ISR 4000 Series router to determine if source routing is enabled. If "ip source-routing" is in the configuration then it is enabled, this is a finding. |
| Fix Text (F-80675r1_fix) |
|---|
| Configure the Cisco ISR 4000 Series router to disable IP source routing, using the command below: ISR4000(config)#no ip source-route |