An unprotected router or routing domain is an easy target for any
network-savvy adversary. For example, an attacker who sends false routing
update packets to an unprotected router can easily corrupt its routing table.
This enables the attacker to re-route network traffic as desired. The key to
preventing this type of an attack is to protect the routing tables from
unauthorized and malicious changes.
There are two basic approaches
available for protecting routing table integrity:
- Use only static routes: This may work in small networks, but is unsuitable
for large networks
.
- Authenticate route table updates: By using routing protocols with
authentication, network administrators can deter attacks based on unauthorized
routing changes. Authenticated router updates ensure that the update messages
come from legitimate sources. Bogus messages are automatically discarded.
Another attack involves preventing router update messages from being
sent or received, which will result in bringing down parts of a network. To
resist such attacks and recover from them quickly, routers need rapid
convergence and backup routes.
Routing protocol authentication is
vulnerable to eavesdropping and spoofing of routing updates. Message Digest 5
(MD5) authentication of routing protocol updates prevents the introduction of
unauthorized or false routing messages from unknown sources.
Cisco IOS
software supports the use of MD5 authentication of routing protocol updates for
the following protocols:
- OSPF

- RIPv2

- Enhanced IGRP

- BGP
The key-string command defines the MD5 key that is
used to create the message digest, or hash, that is exchanged with the opposite
router. It is possible to specify the time period during which the key can be
received and sent with the accept-lifetime and
send-lifetime commands.
Static routes are manually configured on the router as the sole path to a
given destination. In one sense, static routes are very secure. They are not
vulnerable to spoofing attacks because they do not deal with router update
packets. However, exclusively using static routes will make network
administration extremely difficult. Also, configuring a large network to use
only static routes can make the availability of large segments of the network
subject to single points of failure. Static routes cannot handle events such as
router failures. However, a dynamic routing protocol, such as OSPF, can
correctly reroute traffic in the case of a router failure.
Passive
Interfaces
The passive-interface command is used to
prevent other routers on the network from learning about routes dynamically. It
can also be used to keep any unnecessary parties from learning about the
existence of certain routes or routing protocols used. It is typically used
when the wildcard specification on the network router configuration command
configures more interfaces than desirable.