UCF STIG Viewer Logo

The Cisco IOS XE router must have IP source routing disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-74133 CISR-RT-000020 SV-88807r2_rule Medium
Description
Source routing is a feature of IP, whereby individual packets can specify routes. This feature is used in several different network attacks by bypassing perimeter and internal defense mechanisms.
STIG Date
Cisco IOS XE Release 3 RTR Security Technical Implementation Guide 2018-12-20

Details

Check Text ( C-74219r2_chk )
Review the configuration of the Cisco IOS XE router to determine if source routing is enabled.

If "ip source-routing" is in the configuration then it is enabled, this is a finding.
Fix Text (F-80675r2_fix)
Configure the Cisco IOS XE router to disable IP source routing, using the command below:

ISR4000(config)#no ip source-route