Chapter 10. Can We Bring VRRP Down?
Virtual Router Redundancy Protocol (VRRP) is the standard equivalent of Hot Standby Router Protocol (HSRP). The same vulnerabilities exist in VRRP as in HSRP with minor differences, such as denial of service (DoS), man in the middle (MITM) attack (rerouting traffic through the hacker’s PC), and some information leakage. Mitigation techniques, including strong authentication and the use of access control list (ACL), are also described to make VRRP a real high-availability solution instead of a DoS target.
Even if you are familiar with how VRRP works, feel free to read on to refresh your knowledge or to gather new information, because this section focuses on specific points linked to the security ...