Today in class we looked at the website Yersinia, which provides a tool for exploiting various cisco protocols and services, such as :
Spanning Tree Protocol (STP)
Cisco Discovery Protocol (CDP)
Dynamic Trunking Protocol (DTP)
Dynamic Host Configuration Protocol (DHCP)
Hot Standby Router Protocol (HSRP)
IEEE 802.1Q
IEEE 802.1X
Inter-Switch Link Protocol (ISL)
VLAN Trunking Protocol (VTP)
The number of attacks is quite extensive and not limited to :
Spanning Tree Protocol
Sending RAW Configuration BPDU
Sending RAW TCN BPDU
DoS sending RAW Configuration BPDU
DoS sending RAW TCN BPDU
Claiming Root Role
Claiming Other Role
Claiming Root Role dual home (MITM)
Cisco Discovery Protocol
Sending RAW CDP packet
DoS flooding CDP neighbors table
Setting up a virtual device
Dynamic Host Configuration Protocol
Sending RAW DHCP packet
DoS sending DISCOVER packet (exhausting ip pool)
Setting up rogue DHCP server
DoS sending RELEASE packet (releasing assigned ip)
Hot Standby Router Protocol
Sending RAW HSRP packet
Becoming active router
Becoming active router (MITM)
Dynamic Trunking Protocol
Sending RAW DTP packet
Enabling trunking
802.1Q
Sending RAW 802.1Q packet
Sending double encapsulated 802.1Q packet
Sending 802.1Q ARP Poisoning
802.1X
Sending RAW 802.1X packet
Mitm 802.1X with 2 interfaces
VLAN Trunking Protocol
Sending RAW VTP packet
Deleting ALL VLANs
Adding one VLAN
Catalyst crash
I have not yet examined this tool and might do so in a later blog post. Clearly very useful for identifying cisco service vulnerabilities and ultimately making your network more secure.
No comments:
Post a Comment