This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.

CCIE #29033

This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.

You can also follow me on twitter @FE80CC1E


Sunday, October 24, 2010

Question 148

How would you prevent a router from returning its IP address during a Reconnaissance Attack.
Posted by Packets Analyzed at 9:39 AM
Labels: ,

3 comments:

Packets Analyzed said...

ip unreachables - allows the generation of ICMP unreachable messages - This is the default behavior.

To prevent your router from generating unreachable messages use "no ip unreachables" interface configuration command.

October 25, 2010 at 6:40 AM
networkdongle said...

quick test of this command, and a little insight on how cisco(unix) udp based traceroute works with the icmp unreachables

R1 <-> R2


R1#traceroute 1.1.1.2

Type escape sequence to abort.
Tracing the route to 1.1.1.2

1 1.1.1.2 188 msec 108 msec *

R2(config-if)#do sh ip interface f0/0 | i ICMP
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
R2(config-if)#
*Mar 1 00:07:35.787: ICMP: dst (1.1.1.2) port unreachable sent to 1.1.1.1
*Mar 1 00:07:44.935: ICMP: dst (1.1.1.2) port unreachable sent to 1.1.1.1


R2(config-if)#no ip unreachables
R2(config-if)#do sh ip interface f0/0 | i ICMP
ICMP redirects are always sent
ICMP unreachables are never sent
ICMP mask replies are never sent

R1#traceroute 1.1.1.2

Type escape sequence to abort.
Tracing the route to 1.1.1.2

1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
and on and on...

October 25, 2010 at 1:01 PM
Packets Analyzed said...

Good stuff

Examples provide so much more insight.

October 25, 2010 at 1:26 PM

Post a Comment

Subscribe to: Post Comments (Atom)