The RUCKUS ICX router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-273633 | RCKS-RTR-000660 | SV-273633r1110939_rule | CCI-002385 | medium |
| Description | ||||
| The ICMP supports IP traffic by relaying information about paths, routes, and network conditions. Routers automatically send ICMP messages under a wide variety of conditions. Redirect ICMP messages are commonly used by attackers for network mapping and diagnosis. | ||||
| STIG | Date | |||
| RUCKUS ICX Router Security Technical Implementation Guide | 2025-06-03 | |||
Details
Check Text (C-273633r1110939_chk)
The RUCKUS ICX router disables ICMP redirect messages by default.
Review the configuration to verify the following command is not present:
ip icmp redirects
If the command above is present, this is a finding.
Fix Text (F-77629r1109920_fix)
Disable ICMP redirect messages:
ICX(config)#no ip icmp redicts