Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Cisco HSRP Weakness/DoS
From: bashis <bash () NS WCD SE>
Date: Sat, 5 May 2001 18:12:16 +0200

Hi

b) what worries me about this method is that it is close to ideal for
  a man in the middle attack (take over default gw, rewrite source
  address to my own address, rewrite anything else in the packet, send
  to the real router).

It's realy old news, this was allready known in '98 when they written
RFC 2281 ( http://www.faqs.org/rfcs/rfc2281.html )
but nobody have talked about it in public,
except Cisco who is saying how good it is, to get a fault tolerant network..

Well, i'm not suprised that there are lots of ppl who dont know this,
so thats why i posted it to bugtraq, to make ppl aware of it..

Regards,
bashis


--
\0x62\0x61\0x73\0x68\0x69\0x73


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]