Vlan Hopping, Double Tagging, and STP Attacks – CCNA Security:
Protecting Against an STP Attack
Redundant links can be introduced into a Layer 2 switch topology to increase the network’s availability. However, redundant links can potentially cause Layer 2 loops, which can result in broadcast storms. Fortunately, Spanning Tree Protocol (STP) can allow you to physically have redundant links while logically having a loop-free topology, thus preventing the potential for broadcast storms.
STP achieves this loop-free topology by electing one switch as the root bridge. The network administrator can influence which switch becomes the root bridge by manipulating a switch’s bridge priority, in which the switch with the lowest bridge priority becomes the root bridge. Every other switch in the network designates a root port, which is the port on the switch that is “closest” to the root bridge, in terms of “cost.” The bridge priorities of switches are learned through the exchange of Bridge Protocol Data Units (BPDU). After the election of a root bridge, all the switch ports in the topology are either in the blocking state (where user data is not forwarded) or in the forwarding state (where user data is forwarded).
If the root bridge fails, the STP topology reconverges by electing a new root bridge. Note that a port does not immediately transition from the blocking state to the forwarding state. Rather, a port transitions from blocking, to listening, to learning, to forwarding.
Yersinia is a framework for performing layer 2 attacks. It is designed to take advantage of some weaknesses in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security Ltd.