Chapter 1 Cisco SDM Express
Supplementary Help
directed broadcast address, causing all the hosts on the target subnet to send replies to the falsified source. By sending a continuous stream of such requests, the attacker can create a much larger stream of replies, which can completely inundate the host whose address is being falsified.
Disabling IP directed broadcasts causes directed broadcasts that would otherwise be “exploded” into
The configuration that will be delivered to the router to disable IP directed broadcasts is as follows:
no ip
You can undo this fix using the Cisco SDM Security Audit feature. To learn how, see the Security Audit online help in Cisco SDM. For more information, click Cisco Router and Security Device Manager.
Disable MOP Service
Cisco SDM Express will disable the Maintenance Operations Protocol (MOP) on all Ethernet interfaces whenever possible. MOP is used to provide configuration information to the router when communicating with DECNet networks. MOP is vulnerable to various attacks.
The configuration that will be delivered to the router to disable the MOP service on Ethernet interfaces is as follows:
no mop enabled
You can undo this fix using the Cisco SDM Security Audit feature. To learn how, see the Security Audit online help in Cisco SDM. For more information, click Cisco Router and Security Device Manager.
Disable IP Unreachables
Cisco SDM Express disables Internet Message Control Protocol (ICMP) host unreachable messages whenever possible. ICMP supports IP traffic by relaying information about paths, routes, and network conditions. ICMP host unreachable messages are sent out if a router receives a nonbroadcast packet that uses an unknown protocol, or if the router receives a packet that it is unable to deliver to the ultimate destination because it knows of no route to the destination address. These messages can be used by an attacker to gain network mapping information.
|
| Cisco SDM Express |
|
|
|
|
| ||
|
|
| ||
|
|
|