The RUCKUS ICX router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-273633 | SRG-NET-000362-RTR-000115 | RCKS-RTR-000660 | SV-273633r1110939_rule | 2025-06-03 | 1 |
Description
The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Redirect ICMP messages are commonly used by attackers for network mapping and diagnosis.
ℹ️ Check
The RUCKUS ICX router disables ICMP redirect messages by default.
Review the configuration to verify the following command is not present:
ip icmp redirects
If the command above is present, this is a finding.
✔️ Fix
Disable ICMP redirect messages:
ICX(config)#no ip icmp redicts