Yersinia é uma interessante ferramenta de testes de intrusão para quem deseja analisar as vulnerabilidades de equipamentos de camada 2 OSI – Enlace, como os switches.

O Yersinia suporta os seguintes protocolos:
- Spanning Tree Protocol (STP)
- Cisco Discovery Protocol (CDP)
- Dynamic Trunking Protocol (DTP)
- Dynamic Host Configuration Protocol (DHCP)
- Hot Standby Router Protocol (HSRP)
- IEEE 802.1Q
- IEEE 802.1X
- Inter-Switch Link Protocol (ISL)
- VLAN Trunking Protocol (VTP)
E realiza os seguintes tipos de ataques:
Spanning Tree Protocol
- Sending RAW Configuration BPDU
- Sending RAW TCN BPDU
- DoS sending RAW Configuration BPDU
- DoS sending RAW TCN BPDU
- Claiming Root Role
- Claiming Other Role
- Claiming Root Role dual home (MITM)
Cisco Discovery Protocol
- Sending RAW CDP packet
- DoS flooding CDP neighbors table
- Setting up a virtual device
Dynamic Host Configuration Protocol
- Sending RAW DHCP packet
- DoS sending DISCOVER packet (exhausting ip pool)
- Setting up rogue DHCP server
- DoS sending RELEASE packet (releasing assigned ip)
Hot Standby Router Protocol
- Sending RAW HSRP packet
- Becoming active router
- Becoming active router (MITM)
Dynamic Trunking Protocol
- Sending RAW DTP packet
- Enabling trunking
802.1Q
- Sending RAW 802.1Q packet
- Sending double encapsulated 802.1Q packet
- Sending 802.1Q ARP Poisoning
802.1X
- Sending RAW 802.1X packet
- Mitm 802.1X with 2 interfaces
VLAN Trunking Protocol
- Sending RAW VTP packet
- Deleting ALL VLANs
- Deleting selected VLAN
- Adding one VLAN
- Catalyst crash
Ele roda nos seguintes sistemas operacionais OpenBSD, Linux, Solaris e Mac OSX.
O link de um paper muito bom quanto a ataques layer2/camada2.
Para fazer o download do carinha.