30 de julho de 2006

Framework for Layer 2 Attacks

Yersinia é um framework que se propõe a ataques a protocolos bem específicos e que são amplamente utilizados. Segue uma lista de ataques por protocolo e um paper apresentado na Black Hat Europa 2005.

Spanning Tree Protocol



  1. Sending RAW Configuration BPDU

  2. Sending RAW TCN BPDU

  3. DoS sending RAW Configuration BPDU

  4. DoS sending RAW TCN BPDU

  5. Claiming Root Role

  6. Claiming Other Role

  7. Claiming Root Role dual home (MITM)


Cisco Discovery Protocol

  1. Sending RAW CDP packet

  2. DoS flooding CDP neighbors table

  3. Setting up a virtual device


Dynamic Host Configuration Protocol

  1. Sending RAW DHCP packet

  2. DoS sending DISCOVER packet (exhausting ip pool)

  3. Setting up rogue DHCP server

  4. DoS sending RELEASE packet (releasing assigned ip)


Hot Standby Router Protocol

  1. Sending RAW HSRP packet

  2. Becoming active router

  3. Becoming active router (MITM)


Dynamic Trunking Protocol

  1. Sending RAW DTP packet

  2. Enabling trunking


802.1Q

  1. Sending RAW 802.1Q packet

  2. Sending double encapsulated 802.1Q packet

  3. Sending 802.1Q ARP Poisoning


802.1X

  1. Sending RAW 802.1X packet


VLAN Trunking Protocol

  1. Sending RAW VTP packet

  2. Deleting ALL VLANs

  3. Deleteing selected VLAN

  4. Adding one VLAN


Framework for Layer 2 Attacks

Nenhum comentário: