STP MiTM Attack and L2 Mitigation Techniques on the Cisco Catalyst 6500

The purpose of this paper is to identify how easily the Spanning-Tree Protocol (STP) can be compromised to allow eavesdropping in a switched corporate environment and how to mitigate this vulnerability using L2 security features that are available on the Cisco Catalyst 6500. The Spanning Tree Protocol (STP) Man in The Middle (MiTM) attack compromises the STP "Root Bridge" election process and allows a hacker to use their PC to masquerade as a "Root Bridge," thus controlling the flow of L2 traffic. In order to understand the attack, the reader must have a basic understanding of the "Root Bridge" Election process and the initial STP operations that build the loop free topology.

Provided by: Cisco Topic: Networking Date Added: Jul 2010 Format: PDF

Find By Topic