Routing protocols

This test checks that routing protocols are not available on customer ports. If such protocols are available, malicious customers can interfere with the router signaling and launch MITM and DoS attacks using the routing protocols.

Note: This test requires routers in the network. The test cannot be performed against switches only.

Tested protocols:

  • OSPF
  • RIPv2
  • IS-IS
  • IGRP
  • EIGRP
  • BGP

Impact: MITM, DoS

Test process

  • Malicious sends multicast join messages used by the above routing protocols and then listens during 60 seconds for traffic on each protocol.

Fail criteria

  • A packet from any routing protocol is received at Malicious.

References

This test conforms to SEC Access Certification ID "SEC-V4-ROUTE-1" and to SAVI RFC 6959 section 3.1.7.

Parameters

General

  • Malicious Customer: A customer interface performing malicious actions.
  • ISP: A central node on a trusted port.
Have more questions? Submit a request

Comments

Powered by Zendesk