Routing Exploits

Static Routing:

 Static Routing is also known as non-adaptive routing which doesn’t change the
routing table unless the network administrator changes or modifies them
manually.
 Static routing does not use complex routing algorithms and It provides high or
more security than dynamic routing.

Dynamic routing

 It is also known as adaptive routing which changes the routing table according to
the change in topology.
 Dynamic routing uses complex routing algorithms and it does not provide high
security like static routing.
 When the network change(topology) occurs, it sends the message to the router
to ensure that changes then the routes are recalculated for sending updated
routing information.

"Routing Attack on IP Networks" refers to a set of malicious activities targeting the

routing protocols and processes in IP networks.

 The goal of these attacks is usually to disrupt, intercept, or reroute network

traffic.

 These attacks exploit the vulnerabilities or trust relationships in network

routing protocols, causing networks to operate abnormally or inefficiently.

 The ICMP Router Solicitation message is sent from a computer host to any
routers on the local area network to request that they advertise their presence
on the network.

 The ICMP Router Advertisement message is sent by a router on the local area
network to announce its IP address as available for routing.

Route Injection Attack:

Attackers advertise IP addresses they don’t actually own. Unsuspecting routers then
forward packets to the attacker, allowing them to eavesdrop, modify, or drop the
packets.

Route Deletion Attack:

Attackers withdraw routes that they previously advertised, causing data destined for
those addresses to be dropped or routed in unpredictable ways.

Route Modification Attack:

An attacker modifies routing updates to change specific parameters, causing traffic to

take a less optimal or a longer path. - loop

Router Impersonation:

The attacker sends fake routing updates, pretending to be a legitimate router. This can
cause traffic to be rerouted through the attacker or to nowhere.

Neighbor Attack:

In protocols where routers establish neighbor relationships, an attacker might try to

form a relationship with a legitimate router, allowing them to send malicious routing
updates.

Replay Attack:

An attacker captures legitimate routing updates and replays them at a later time. This
can cause outdated routes to be used.

Session Attack:

The attacker targets the session established between routers to exchange routing
updates. By breaking this session, routing updates can be interrupted.

Denial of Service (DoS) against Routers:

By flooding a router with traffic or maliciously crafted packets, an attacker can cause it
to be overwhelmed and possibly crash, disrupting the network's normal operations.

Man-in-the-Middle Attack:

By impersonating a network device or router, an attacker can intercept or alter data

being sent between two parties without either party realizing it.