This test checks that routing protocols are not available on customer ports. If such protocols are available, malicious customers can interfere with the router signaling and launch MITM and DoS attacks using the routing protocols.
Note: This test requires routers in the network. The test cannot be performed against switches only.
Impact: MITM, DoS
- Malicious sends multicast join messages used by the above routing protocols and then listens during 60 seconds for traffic on each protocol.
- A packet from any routing protocol is received at Malicious.
This test conforms to SEC Access Certification ID "SEC-V4-ROUTE-1" and to SAVI RFC 6959 section 3.1.7.
- Malicious Customer: A customer interface performing malicious actions.
- ISP: A central node on a trusted port.