FOSS case: Yersinia Layer 2 Attack Tool [PSARC/2009/643 FastTrack timeout 12/01/2009]

Tue, 24 Nov 2009 22:41:01 -0800 (PST) 

Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
    1.1. Project/Component Working Name:
         FOSS case: Yersinia Layer 2 Attack Tool
    1.2. Name of Document Author/Supplier:
         Author:  Si-wei Liu
    1.3  Date of This Document:
        24 November, 2009

2. Project Summary
   2.1 Project Description

       This project introduces the package of yersinia 0.7.1 into the
       SFW consolidation.

4. Technical Description

   Yersinia implements several attacks for the following protocols:
   Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host
   Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking
   (DTP), 802.1q, Inter-Switch Link Protocol (ISL), and VLAN
   Trunking (VTP). It helps the pen-tester in different tasks, such
   as becoming the root role in the Spanning Tree, creating virtual
   CDP neighbors, setting up rogue DHCP servers, becoming the active
   router in a HSRP scenario, enabling trunk, performing ARP
   spoofing over VLAN hopping, adding or deleting VLANs (via VTP),
   and more. 

   yersinia is quite portable and runs on a variety of platforms.

   Command name   Notes
   ===================================================================
   yersinia       Penetration testing tool for layer 2 attacks


5. Interfaces 

   Exported interface               Classification   Interface type
   =============================    ===============  ==============
   SUNWyersinia                     Uncommitted      Package name
   /usr/bin/yersinia                Uncommitted      Command
   /usr/share/man/man8/yersinia.8   Uncommitted      Manpage
  
   Imported interface               Classification   Interface type
   =============================    ===============  ===============
   /usr/lib/libnet.so.1.1.2.1       Volatile         Library provided
                                                     by SUNWlibnet

   Yersinia does not use any environment variable.

   draft man page and FOSS questionnaire to follow


6. Resources and Schedule:
   6.4. Product Approval Committee requested information:
        6.4.1. Consolidation or Component Name:
               SFW
   6.5. ARC review type: FastTrack
   6.6. ARC Exposure: open

6. Resources and Schedule
    6.4. Steering Committee requested information
        6.4.1. Consolidation C-team Name:
                sfw
    6.5. ARC review type: FastTrack
    6.6. ARC Exposure: open

Reply via email to