26 lines
767 B
YAML
26 lines
767 B
YAML
id: disable-ip-source-route
|
|
|
|
info:
|
|
name: Disable IP source-route
|
|
author: pussycat0x
|
|
severity: info
|
|
description: |
|
|
Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
|
|
reference:
|
|
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
|
|
tags: cisco,config-audit,cisco-switch,router
|
|
|
|
file:
|
|
- extensions:
|
|
- conf
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "no ip source-route"
|
|
negative: true
|
|
|
|
- type: word
|
|
words:
|
|
- "configure terminal" |