[128954] in North American Network Operators' Group
Re: Should routers send redirects by default?
daemon@ATHENA.MIT.EDU (Ricky Beam)
Fri Aug 20 21:16:01 2010
To: "Brandon Ross" <bross@pobox.com>
Date: Fri, 20 Aug 2010 21:09:43 -0400
From: "Ricky Beam" <jfbeam@gmail.com>
In-Reply-To: <Pine.OSX.4.64.1008202007500.325@host-130-128-1-44.enet.interop.net>
Cc: Christopher Morrow <christopher.morrow@gmail.com>,
nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, 20 Aug 2010 20:08:34 -0400, Brandon Ross <bross@pobox.com> wrote:
> Okay, I'll ask again. Exactly how does disabling ICMP redirects on my
> router prevent traffic from being intercepted?
It stops *one vector* of MITM attack. If a router honors redirects (and
it never should), an evil host can intercept traffic of hosts that aren't
on the local network.
This is 5000% beyond the scope of the original question, btw.
--Ricky
