When an interface is configured with the no ip directed-broadcast command, all directed broadcast packets
are dropped at the interface.
IP Mask Reply
IP mask reply service is used to send an Internet Control Message Protocol (ICMP) mask reply message with subnet mask
information for a particular network in response to the ICMP mask requests. An attacker can use this technique to aid in mapping
a network.
By default, IP mask reply is disabled on all IOS versions. IP mask reply can be enabled on a per-interface basis using the ip
mask-reply command under the interface configuration mode.
If this service has been enabled, the command no ip mask-reply under the interface configuration mode can be used to disable
it.
IP Redirects
When a packet received on an interface is required to exit out through the same interface on which it was received, an ICMP
redirect message is sent to the host indicating the default gateway address to be used for subsequent forwarding. In earlier
versions of IOS, if Hot Standby Router Protocol (HSRP) was configured on an interface, ICMP redirect messages were disabled default for the interface. With Cisco IOS Release 12.1(3)T and later, ICMP redirect messages are enabled by default if HSRP configured.
Pages:
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147