cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2791
Views
0
Helpful
4
Replies

Rerouting attack!!

daly.j
Level 1
Level 1

Has anyone ever heard of a rerouting attack?? If anyone has could you please give me some info or direct me a useful website.

JD

4 Replies 4

ywadhavk
Cisco Employee
Cisco Employee

Rerouting attacks attempt to redirect traffic from its valid destination to a false one, often for criminal use of the information (credit card or identity theft data) that can be acquired from the victims.

This is alos called as Data manipulation attacks. Google search should give you lots of info.

Thanks,

yatin

Yatin,

Many thanks for your reply. I dont want to bother you too much so dont feel like you have to answer this question but does this kind of attack change a routers ARP table, host table or is it as obvious as the routing table as stated in your answer? The reason I am persisting for this answer is because I recently took a Cisco exam and one of the questions was 'What table in a router does a rerouting attack adjust?'

Regards

John

A rerouting attack "adjusts" the routing table. By inserting a new route with a lower metric then the old route to redirect traffic to another source. It is done by manipulating a routing update packet and sending it to the target router. The routing process picks it up and since it has a lower metric (or newer version number) depending on what routing protocol you are using. It inserts the route in to the table and forwards traffic to where the attacker wants.. I would think to avoid this problem you could use a static route. The type of attack that is targeted at the ARP table is ARP posioning.. (remember ARP is a means to get a MAC address and that is a LAYER 2 function not routing). By changing the MAC address with a ARP the traffic for a ip address would be sent to your MAC instead of the right one.. but you have to be on the same physical network as your target to make this work. where as a routing table attack could get interesting..

Hope this helps,

Jesse

Thanks Jesse.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: