Download presentation
Presentation is loading. Please wait.
Published byFrancis Williams Modified over 8 years ago
1
ICMP Spoofing Attacks Dr. Neminath Hubballi IIT Indore © Neminath Hubballi
2
ICMP Basics ICMP is a protocol often considered to be part of IP layer Normally used to communicate Information Error IP does not have an error reporting mechanism IIT Indore © Neminath Hubballi
3
ICMP in Layering IIT Indore © Neminath Hubballi
4
ICMP Header IIT Indore © Neminath Hubballi
5
ICMP Types IIT Indore © Neminath Hubballi
6
Routing Tables in Hosts IIT Indore © Neminath Hubballi In Linux it is maintained at /proc/net/route On windows machine type route print at the command prompt It will print the routing table On the command prompt type route it will print the routing table
7
Routing Table in Windows
8
ICMP Redirect A redirect message is sent if the better route to the destination is on the same LAN as host Essentially packet enters and leave the router from the same interface Erroneous situations Indicating a wrong path so that packet always traverses through attacker A lazy router can reply saying you are the best person to send a packet to person x Host sends a packet itself – infinitely in loop IIT Indore © Neminath Hubballi
9
ICMP Redirect Courtesy: cisco.com IIT Indore © Neminath Hubballi
10
Redirect Message Format IIT Indore © Neminath Hubballi
11
Protection Against ICMP Redirect Block ICMP messages Configure Firewall and Routers to drop ICMP redirect packets /etc/sysctl.conf in Linux You need to edit the file /etc/sysctl.conf in Linux Do not accept ICMP redirects net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 Accept ICMP redirects only for gateways listed in our default net.ipv4.conf.all.secure_redirects = 1 Do not send ICMP redirects net.ipv4.conf.all.send_redirects = 0 IIT Indore © Neminath Hubballi
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.