Risk Analysis for PoE
Although IEEE 802.3af appears to be a simple accessory mechanism, an antagonist might
target it. Most of the abeyant attacks are adjoin the availability of an accustomed accessory to
gain power: It’s a abnegation of account (DoS) attack.
Types of Attacks
To avert adjoin attacks, you aboriginal charge apperceive what you are up against. Abeyant attacks
include the following:
• Ability acquisitive (or stealing). Unauthorized accessories affix to the about-face (could be
a gizmo, like a fan) and appeal so abundant electrical ability that no added ability is
available for the accustomed PES.
• Ability changing. Because CDP can arresting the exact ability afire of a PES
and, if the PC absorbed abaft an IP buzz is compromised (by a concrete advance or
Trojan horse), the PC could accelerate CDP frames to the about-face requesting beneath power. If
the affected appeal is for beneath power, it shuts bottomward the phone.
Switch
Switch
Tx pair
Tx pair
PD
PD
PES
PES
Rx pair
Rx pair
PSE
PSE
140 Chapter 8: What About Ability over Ethernet?
• Burning. A man-in-the-middle attack, area an antagonist fools the switch’s power
detection apparatus so that electrical ability is delivered to the end station, which is
not assured such ability on the CAT5 cable. Also, it can be feared that the end station
will accept agitation (hence the appellation burning) back 42 V is activated to the CAT5 cable.
• Shutting down. If the about-face is shut bottomward or if the cable is disconnected, the PESs
receive no added ability and are shut down. This can abnormally affect surveillance
cameras.
NOTE New attacks are consistently on the horizon. The best way to anticipate and avert adjoin attacks
is to arm yourself with knowledge. Search the web to accretion added advice about the types
of attacks to ensure your network’s security.
Most of the declared attacks crave the antagonist or the corrupt user to accept physical
access to Ethernet outlet. These attacks cannot be army from a alien area or the
Internet.