• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Routing Table Poisoning Prevention

Firewalling
3
7
1.1k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    Peter_APIIT
    last edited by Peter_APIIT May 4, 2022, 6:27 PM May 4, 2022, 6:25 PM

    Dear all,
    How to prevent routing table poisoning in pfsense? Or prevent the routing protocol sniff the routing table and redirect the traffic.

    Any method/packages/protocol/ to prevent it?

    J 1 Reply Last reply May 4, 2022, 7:14 PM Reply Quote 0
    • J
      johnpoz LAYER 8 Global Moderator @Peter_APIIT
      last edited by May 4, 2022, 7:14 PM

      @peter_apiit And what routing protocol are you running - and exchanging routes with who over what you would have to worried about that exactly?

      So your running some sort of complex setup where your exchanging routes that change all the time with other pfsense instances? Your using the FRR packages running bgp or ospf?

      I didn't seem to get that from any other posts.. Your the guy who's ISP is hacking him because your TV ended up on the google play store, and your screen saver didn't turn off your monitor.. And some webpage refreshed all on its own?

      Now your worried someone is hacking your routing table??

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      P 1 Reply Last reply May 4, 2022, 7:31 PM Reply Quote 0
      • P
        Peter_APIIT @johnpoz
        last edited by May 4, 2022, 7:31 PM

        @johnpoz said in Routing Table Poisoning Prevention:

        @peter_apiit And what routing protocol are you running - and exchanging routes with who over what you would have to worried about that exactly?

        So your running some sort of complex setup where your exchanging routes that change all the time with other pfsense instances? Your using the FRR packages running bgp or ospf?

        I didn't seem to get that from any other posts.. Your the guy who's ISP is hacking him because your TV ended up on the google play store, and your screen saver didn't turn off your monitor.. And some webpage refreshed all on its own?

        Now your worried someone is hacking your routing table??

        Sorry if this is a silly question. I didn't use any routing protocol in my network setup but route with ISP. Hence, I worried, my route is getting attack with them. Therefore, I want to prevent it. I would like to seek an advise from network expert guys like you. Please help. Appreciate it. Thanks.

        H J 2 Replies Last reply May 5, 2022, 8:57 AM Reply Quote 0
        • H
          heper @Peter_APIIT
          last edited by May 5, 2022, 8:57 AM

          @peter_apiit

          i don't think network experts will be able to help you with your troubles

          1 Reply Last reply Reply Quote 1
          • J
            johnpoz LAYER 8 Global Moderator @Peter_APIIT
            last edited by May 5, 2022, 9:26 AM

            @peter_apiit said in Routing Table Poisoning Prevention:

            my route is getting attack with them

            You mean the only route you have - which is too them.. How exactly are they attacking this route that points to them, ie you have the 1 gateway.. To them, they route all your traffic.. So how/why would they be attacking this?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            P 1 Reply Last reply May 5, 2022, 2:09 PM Reply Quote 0
            • P
              Peter_APIIT @johnpoz
              last edited by May 5, 2022, 2:09 PM

              @johnpoz I don't have experience in networking. That why im asking in forum. Seeking for expert advise.

              J 1 Reply Last reply May 5, 2022, 2:44 PM Reply Quote 0
              • J
                johnpoz LAYER 8 Global Moderator @Peter_APIIT
                last edited by May 5, 2022, 2:44 PM

                @peter_apiit I am curious where your getting such ideas from to be honest..

                Are you binging Mr. Robot or something.

                More than happy to answer questions - but your notions of your ISP hacking you in all sorts of crazy ways seems a bit over the top..

                I could see concerns if say you saw a session from one of your machines between some IP out on the internet that you did not know what it was or why Being curious or worried about it could be justified.

                But your examples of your concerns - and pointing to your ISP as the one doing it seem unwarranted to put it mildly.. Your smart TV ending up on a screen, your monitor not going to sleep. Browser pages refreshing.. All of which have way more likely/probable causes then ISP or anybody or anything hacking you ;)

                Hacking your routing tables -- When your not even running any routing protocols.

                Your posting of your netstat connections - showed zero connections to anything.

                Pfsense out of the box would prevent any unsolicited inbound traffic from the isp or the internet to any of your devices behind pfsense. Unless you specifically opened up traffic with a port forwarded or allowed (enabled) UPnP the only traffic what would be allowed, is traffic that you initiated from a device behind pfsense.

                If you want to isolate devices on your network from other devices on your network. This is quite simple to do, with creating other networks or vlans and firewall between them to only allow the specific traffic that you want to allow. All of my iot devices are isolated from my other local networks for example.

                Pfsense would allow you to monitor (log) and or even just view the state table for traffic from any of your devices to the internet or between networks pfsense routes between for your own just curiosity or concerns.

                If you are concerned with devices on the same network from talking to each other. You need to look to switching or wireless infrastructure that allows for that. In switching its normally called private vlan. In wireless its called AP isolation or Client Isolation, etc.

                But so far all of your concerns of "hacking" seem to be completely unwarranted.. That is my professional "expert" opinion with 30 some years of working in networking and infosec..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.7.2, 24.11

                1 Reply Last reply Reply Quote 0
                3 out of 7
                • First post
                  3/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.