You are here: Encyclopedia > What is a Spanning Tree Protocol Attack?
What is a Spanning Tree Protocol Attack?
Different kinds of link layer network protocol exist today and one of which is designed for the main purpose of guaranteeing any of the bridged-LAN with a loop-free logical topology. This network protocol is known to be as the spanning tree protocol or STP.
And, according to the experts in this field, the fundamental role of the spanning tree protocol is to stop the occurrence of bridge loops and it also operates in developing a broadcast radiation. A loop-free logical topology is produced because STP permits switching even though there are existing physical loops within the network.
The mechanism involved in the spanning tree protocol allows it to function by altering the switch ports so that it can block or forward various conditions in accordance to the kinds of segments they are linked with. Spanning tree protocol involves three phases on how it generates its topology. Launching of a topology begins with selection of a root bridge. And then, one root port must be chosen for each of the non-root bridge. Lastly, a designated port must also be picked with every network segment.
Based on the reports made by security specialists, there are different types of attacks that directly target the spanning tree protocol. The most commonly known STP attacks include sending of RAW configuration BDPU and transmission of RAQ TCN BDPU. In addition, STP attacks also involve the denial-of-service or DOS transferring RAW configuration BDPU as well as denial-of-service attack that launch RAW TCN BDPU. Three more assaults were noted by experts, which badly influences the spanning tree protocol, and these are claiming of the Root Role, other role, and the Root Role Dual-Home (MITM).
For every attack, there should always be an existing method so as to have even just a slight defense against it. According to some written reports, there are currently three countermeasures on hand that can fight off the attacks on the STP. Two of these countermeasures are offered to most of today’s switches while the remaining depends more on a piece of hardware. The three countermeasures are the following: BDPU filtering, BDPU guard, and Layer 2 PDU rate limiter.