rpsec-3----Page:6
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
|
Exploit #1 – Topology Changes Vulnerability: LSA Information Modification [3.2.4.3-4] Pre-condition: Being able to CONSTANTLY inject valid OSPF messages Weak MD5 key choice/Compromised Router No Cryptographic Authentication, etc… Possible Impact: Topology Changes Allow Eavesdropping Starve/Overload a network Expected Outcome: Highly unstable topology (loops, route-flapping) due to Fight Back of LSAs between attacker and legitimate owner Observed Outcome (as supported by the RFC!) PERMANENT or SEMI-PERMANENT topology changes due to ineffective Fight Back |