🛡️ Free practice test question from: Attack Vector (Security+)

ICMP Type 5 (Redirect): Routers use these messages to inform hosts that a better route exists for a particular destination. A threat actor on the local network can send forged ICMP Redirect messages with a modified gateway address (pointing to the attacker's machine). This tricks the victim host into sending traffic intended for another destination through the attacker's system, enabling a man-in-the-middle attack.

******

ICMP Type 8 (Echo Request): These are "ping" requests. While they can be used for reconnaissance or denial-of-service attacks (e.g., ping floods), they don't directly facilitate a man-in-the-middle attack. Fragmenting the payload doesn't change this.  

ICMP Type 3 (Destination Unreachable): These messages indicate that a destination is unreachable. Spoofing the source might be used in some denial-of-service attacks, but it doesn't create a man-in-the-middle scenario.  

ICMP Type 11 (Time Exceeded): These messages are used by traceroute to discover the path to a destination. While useful for network diagnostics, they don't directly enable a man-in-the-middle attack.