Jump to content

CDP spoofing

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 192.163.5.10 (talk) at 06:24, 13 April 2018. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In computer networking, CDP spoofing is a technique employed to compromise the operation of network devices that use Cisco Discovery Protocol for discovering neighboring devices.

CDP may be used between Cisco routers, switches and other network equipment to advertise their software version, capabilities and IP address. CDP spoofing is the creation of forged CDP packets that impersonate other devices, either real or arbitrary.

When a router running CDP receives a CDP packet, it begins to build a table that shows the neighboring devices discovered. An attacker can exploit this functionality by sending thousands of spoofed CDP packets to 01:00:0C:CC:CC:CC to fill neighbor tables in any devices on the network running CDP. When this happens, other traffic on the network may be dropped as the device does not have the resources necessary to route it. The device's command line interface may also become unresponsive making it difficult to disable CDP during an ongoing attack.

Some administrators may disable CDP as a result to make their network more secure at the cost of not being able to benefit from CDP.

References


Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Stub icon

This computer networking article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=CDP_spoofing&oldid=836189367"