When a rogue node has physical access to a link, as illustrated by N3 in Figure 13.15, many tools can be used to make attacks. Wireless networks make this threat more easy since the rogue node just has to receive enough wireless signal, even if it is not in the building or room, where the wireless network is intended to service. Tools such as traffic tapping, specially formed packets or responding to local-link queries are security threats. These are similar for any layer 3 protocol, such as IPX, IPv4 or IPv6. IPv4 uses ARP, DHCP and ICMP for interaction on the local link. IPv6 uses Neighbor Discovery and ICMP.
|Trust model||Typical scenario|
|A node trusts all other nodes on the link.||Corporate internal network|
|A node only trusts the routers on the link.||Provider access network|
|A node does not trust any node on the link.||Ad-hoc network|
Figure 13.15 shows a local link with nodes N1, N2, router R1 and a rogue node N3.
Inherent to a link access, a node may trust zero, some or all nodes on the link. Table 13.3 lists the trust models [RFC3756] and related typical scenarios.