[OPNFLWPLUG-361] [SECURITY] Topology spoofing via LLDP - OpenDaylight JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Component/s: General
Labels:
None
Environment:

Operating System: All
Platform: All

External issue ID:
2723

Description

It has been reported that it is possible for an attacker to spoof network topology via LLDP. Details are in this paper:

http://www.internetsociety.org/sites/default/files/10_4_2.pdf

Two fixes are proposed:

1) Implement nonces for the LLDP messages, although this leaves a problem with MITM attacks where a host can copy LLDP from one point in the topology to other point. That would create a fake link between two OpenFlow switches.

2) Implement a mechanism that somehow warns administrator about unexpected topology changes.

MITRE has been contacted requesting a CVE name for this issue.

Attachments

Issue Links

is blocked by

CONTROLLER-1196 Impossible to add more than one TLVs with type 127

Resolved

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Jozef Gloncak

Reporter:: David Jorm

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Due:: 16/Mar/15

Created:: 16/Feb/15 12:51 AM

Updated:: 27/Sep/21 9:01 AM

Resolved:: 03/Jun/15 8:48 AM