Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Cisco ISR 4000 Series router must have IP source routing disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-74133 | CISR-RT-000020 | SV-88807r1_rule | Medium |
| Description |
|---|
| Source routing is a feature of IP, whereby individual packets can specify routes. This feature is used in several different network attacks by bypassing perimeter and internal defense mechanisms. |
| STIG | Date |
|---|---|
| Cisco IOS XE Release 3 RTR Security Technical Implementation Guide | 2017-06-28 |
Details
| Check Text ( C-74219r1_chk ) |
|---|
| Review the configuration of the Cisco ISR 4000 Series router to determine if source routing is enabled. If "ip source-routing" is in the configuration then it is enabled, this is a finding. |
| Fix Text (F-80675r1_fix) |
|---|
| Configure the Cisco ISR 4000 Series router to disable IP source routing, using the command below: ISR4000(config)#no ip source-route |