CDP FLOODING
Cisco Discovery Protocol (CDP) is a proprietary data-link layer protocol created by Cisco which is used to share the information on other directly connected cisco device in a given network. It includes the layer 3 information and its corresponding Operation system.
The objective of this topic is to flood the R1 with CDP messages using Yersinia Tool from Kali Linux.
![](https://static.wixstatic.com/media/a15f53_835afa2416384c9d80c9fc0bd5cb2ab1~mv2.png/v1/fill/w_74,h_42,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_835afa2416384c9d80c9fc0bd5cb2ab1~mv2.png)
Verify the interface status of R1 and R2.
![](https://static.wixstatic.com/media/a15f53_fa19d754b74b4f69b59f5fd5d94c3e6b~mv2.png/v1/fill/w_62,h_25,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_fa19d754b74b4f69b59f5fd5d94c3e6b~mv2.png)
Check the CDP neighbor on each router.
![](https://static.wixstatic.com/media/a15f53_a194244aed354bc1ae37ccd09b360013~mv2.png/v1/fill/w_62,h_48,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_a194244aed354bc1ae37ccd09b360013~mv2.png)
![](https://static.wixstatic.com/media/a15f53_a22a3baededc435f98d35c589445683e~mv2.png/v1/fill/w_62,h_48,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_a22a3baededc435f98d35c589445683e~mv2.png)
Before doing the CDP attack, Verify first the CPU process and the running CDP protocol.
![](https://static.wixstatic.com/media/a15f53_fa018573da794c0db2d05f1697055075~mv2.png/v1/fill/w_62,h_10,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_fa018573da794c0db2d05f1697055075~mv2.png)
We will use Yersinia tool to launch a CDP attack on R1 from the kali linux. To do this, on the command line type in Yersinia -G.
Click on the Launch Attack tab. On the Choose attack window, click on flooding CDP table then hit OK.
![](https://static.wixstatic.com/media/a15f53_f61da22881d44f8bb67768c9efc1a1c0~mv2.png/v1/fill/w_84,h_58,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_f61da22881d44f8bb67768c9efc1a1c0~mv2.png)
This will start the CDP attack on R1 by creating a dummy Device ID and sending it on the interface.
![](https://static.wixstatic.com/media/a15f53_f3b3584a855a41ea8e3eb786d008ee70~mv2.png/v1/fill/w_71,h_48,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_f3b3584a855a41ea8e3eb786d008ee70~mv2.png)
The effect will create a high CPU utilization because of the created CDP messages from the dummy device ID.
![](https://static.wixstatic.com/media/a15f53_b361a2c33f8d4da08e517b9a3a1de53e~mv2.png/v1/fill/w_61,h_72,al_c,q_85,usm_0.66_1.00_0.01,blur_2,enc_auto/a15f53_b361a2c33f8d4da08e517b9a3a1de53e~mv2.png)
Again, doing this on a production environment will definitely have an effect on the performance of your device. Please inform Network Administrator if you will be doing this activity.