[Olsr-dev] ARP prevention!

Andrea Di Pasquale (spam-protected)
Wed Aug 17 21:26:42 CEST 2011


Whenever olsrd establishes a route, such as:

A - B - C

Each node prior to the next node, the node prior is concerned to have the association of the next node in the ARP cache:

MAC - IPv4 

for path to route the packet to L3 in multihop from A to B, B to C.
If OLSRd is subject to ARP Spoofing and Man In The Middle attacks, any node can masquerade as any other node and it can compromise the communication integrity in invisible mode for all nodes of communication present in A - B - C.


Andrea

Il giorno 17/ago/2011, alle ore 21:05, Markus Kittenberger ha scritto:

> 
> 
> On Wed, Aug 17, 2011 at 8:30 PM, Andrea Di Pasquale <(spam-protected)> wrote:
> 
> HostA <=> HostC <=> HostB
> 
> indirectly OLSRd uses ARP protocol in kernelspace
> then why isn`t it enough for arpon to work as "usual" preventing the kernelspace from learning wrong adresses? 
> 
> for understanding who is HostC and HostB.
> once again: the kernel and olsrd on node a does not care/know about mac of host b,. (same on host b regarding host a)
> 
> only the ip adress of a or b is known, and a route via host c,..
> 
> its host c job to route the packet, and to determine the mac adress of the next hop,.
> 
> olsrd does not even touch any traffic, it just writes routes to the kernel routing table
> (and sends it own routing protocol packets, which not even need mac adresses, as they are broadcasts)
> 
> Markus

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20110817/e7eac7e0/attachment.html>


More information about the Olsr-dev mailing list