Should routers send redirects by default?

• Previous message (by thread): Should routers send redirects by default?
• Next message (by thread): Should routers send redirects by default?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 20 Aug 2010 20:08:34 -0400, Brandon Ross <bross at pobox.com> wrote:
> Okay, I'll ask again.  Exactly how does disabling ICMP redirects on my  
> router prevent traffic from being intercepted?

It stops *one vector* of MITM attack.  If a router honors redirects (and  
it never should), an evil host can intercept traffic of hosts that aren't  
on the local network.

This is 5000% beyond the scope of the original question, btw.

--Ricky

• Previous message (by thread): Should routers send redirects by default?
• Next message (by thread): Should routers send redirects by default?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]