
Source Routing
Source routing is an option set within the IP packet that allows someone to
select a specific or approximate path for a packet to follow in order for it to
reach its destination.
This option overrides the router's chosen paths. If a firewall or boundary
host had this option turned on, a packet or packets with source routing enabled
bypasses the rules set up by the firewall. The scanner sets the source route
option within the TCP packets and attempts to route them through the boundary host
in an effort to compromise it. If this is possible, then an intruder can use
this technique to perform the same task in an effort to access and subvert the
network beyond the logical boundary. If a machine within the set of scanner
targets can be seen, it will then appear on the report and prove the vulnerability.
Risk: Medium
Fix: Reconfigure the boundary host/packet filter to drop packets with the source
route bit set.