312-50V10 · Question #225
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can
The correct answer is A. Make sure that legitimate network routers are configured to run routing protocols with. Configuring dynamic routing protocols with authentication prevents a rogue router from injecting false routing updates and redirecting traffic in a man-in-the-middle attack.
Question
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
Options
- AMake sure that legitimate network routers are configured to run routing protocols with
- BDisable all routing protocols and only use static routes
- COnly using OSPFv3 will mitigate this risk.
- DRedirection of the traffic cannot happen unless the admin allows it explicitly.
How the community answered
(35 responses)- A83% (29)
- B6% (2)
- C3% (1)
- D9% (3)
Why each option
Configuring dynamic routing protocols with authentication prevents a rogue router from injecting false routing updates and redirecting traffic in a man-in-the-middle attack.
Dynamic routing protocols such as OSPF and EIGRP support neighbor authentication using MD5 or SHA, ensuring only routers with valid credentials can participate in routing updates. This directly prevents a rogue router from advertising lower-cost or false routes to intercept traffic, neutralizing the described MITM attack without sacrificing network flexibility.
Using only static routes is impractical in large dynamic networks and does not prevent a physically inserted rogue device from manipulating traffic at Layer 2 or advertising itself via other means.
OSPFv3 without authentication configured does not mitigate rogue router attacks; the protection comes from enabling authentication within the protocol, not from the protocol version itself.
A rogue router can freely redirect traffic by advertising more-specific or lower-cost routes without any explicit permission from the legitimate administrator.
Concept tested: Routing protocol authentication to prevent rogue router attacks
Source: https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13697-25.html
Topics
Community Discussion
No community discussion yet for this question.