312-50V9 · Question #303
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can
The correct answer is B. Make sure that legitimate network routers are configured to run routing protocols with. A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.
Question
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?
Options
- AOnly using OSPFv3 will mitigate this risk.
- BMake sure that legitimate network routers are configured to run routing protocols with
- CRedirection of the traffic cannot happen unless the admin allows it explicitly.
- DDisable all routing protocols and only use static routes.
How the community answered
(29 responses)- A3% (1)
- B83% (24)
- C3% (1)
- D10% (3)
Why each option
A rogue router can inject false routes into a network; configuring routing protocol authentication ensures only trusted routers can exchange routing updates.
OSPFv3 by itself does not prevent rogue routers - authentication must be explicitly enabled regardless of which OSPF version is used.
Configuring routing protocols with authentication (such as MD5 for OSPF, EIGRP, or BGP) ensures that routing updates are accepted only from verified, legitimate routers. Without authentication, a rogue router can freely advertise false routes and divert traffic through the attacker's device. This is the primary and standard mitigation against rogue router man-in-the-middle attacks.
Traffic redirection via routing protocols can occur without admin permission if routers lack authentication, making this statement technically incorrect.
Disabling all routing protocols and using only static routes is operationally impractical in most networks and is not a scalable or standard security mitigation.
Concept tested: Routing protocol authentication against rogue routers
Source: https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol/13721-43.html
Topics
Community Discussion
No community discussion yet for this question.