Bugtraq mailing list archives
Re: Cisco HSRP Weakness/DoS
From: bashis <bash () NS WCD SE>
Date: Sat, 5 May 2001 18:12:16 +0200
Hi
b) what worries me about this method is that it is close to ideal for a man in the middle attack (take over default gw, rewrite source address to my own address, rewrite anything else in the packet, send to the real router).
It's realy old news, this was allready known in '98 when they written RFC 2281 ( http://www.faqs.org/rfcs/rfc2281.html ) but nobody have talked about it in public, except Cisco who is saying how good it is, to get a fault tolerant network.. Well, i'm not suprised that there are lots of ppl who dont know this, so thats why i posted it to bugtraq, to make ppl aware of it.. Regards, bashis -- \0x62\0x61\0x73\0x68\0x69\0x73
Current thread:
- Cisco HSRP Weakness/DoS bashis (May 03)
- <Possible follow-ups>
- Re: Cisco HSRP Weakness/DoS Steven M. Bellovin (May 03)
- Re: Cisco HSRP Weakness/DoS bashis (May 05)
- Re: Cisco HSRP Weakness/DoS Damir Rajnovic (May 16)