Uploaded image for project: 'l2switch'
  1. l2switch
  2. L2SWITCH-36

[SECURITY] Topology spoofing via hosttracker

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • None
    • unspecified
    • General
    • None

    • Operating System: All
      Platform: All

    • 2724
    • Low

      It has been reported that it is possible for an attacker to spoof network topology via hosttracker. Details are in this paper:

      http://www.internetsociety.org/sites/default/files/10_4_2.pdf

      This issue is related to well-known MAC spoofing attacks. It is proposed that this problem should be solved in the long run by implementing new features in the l2switch project that would allow an administrator to configure a policy regarding multiple MAC addresses inside a network. The policy options would be accept or deny. Note that the deny policy would possibly cause problems on wireless environments where a host is always moving from one side to another.

      MITRE has been contacted requesting a CVE name for this issue.

            Unassigned Unassigned
            djorm@iix.net David Jorm
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: