The RUCKUS ICX router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-273633 | SRG-NET-000362-RTR-000115 | RCKS-RTR-000660 | SV-273633r1110939_rule | 2025-06-03 | 1 |
| Description |
|---|
| The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Redirect ICMP messages are commonly used by attackers for network mapping and diagnosis. |
| ℹ️ Check |
|---|
| The RUCKUS ICX router disables ICMP redirect messages by default. Review the configuration to verify the following command is not present: ip icmp redirects If the command above is present, this is a finding. |
| ✔️ Fix |
|---|
| Disable ICMP redirect messages: ICX(config)#no ip icmp redicts |