Rogue Router Advertisement Attack


, IPv6, Security

This article describes first hop security issue of IPv6 Neighbor Discovery Protocol. Vulnerability of this protocol is exploited to perform a Rogue Router Advertisement attack. Currently, there are few mitigation techniques available against this type of attack. Most of them, however are useful only in specific scenarios, or not widely used, mainly because insufficient support of vendors. This article presents probably the most applicable mitigation technique against the Rogue RA attack — RA Snooping. Specifically, its implementations by Cisco and HP (H3C).

Jozef PivarnikRogue Router Advertisement Attack