[B.A.T.M.A.N.] The Joker attacks

[Simon Wunderlich <sw@simonwunderlich.de>]

[-- Attachment #1: Type: text/plain, Size: 1600 bytes --]

After laying low for quite some time, the Joker finally makes its appearance! 
"The Joker" - a penetration testing and research tool to test security aspects 
of batman-adv networks - was developed by security researchers Pedro Larbig 
and Alexander Oberle at TU Darmstadt (Germany), and we finally got permission 
to release the source code to the public.

The tool currently supports the following tests:

 * Peer/Route flooding: flood fake OGMs
 * Blackhole: announce to neighbors that the best route is via the attacker 
node
 * Loop Forming: create local loops on multi-hop paths
 * Fuzzing: modify packets randomly to create malformed packets

Pedro & Alexander developed the tool in order to facilitate their mesh network 
security research. Their work focuses on B.A.T.M.A.N. Advanced version 
2011.1.0 and concluded that this version was performing pretty well in the 
Peer/Route and fuzzing tests. Albeit not being able to prevent maliciously 
provoked loops/blackholes entirely, B.A.T.M.A.N. Advanced did recover quickly 
when needed, according to their study.

To instigate further interest in mesh network security the 'Joker' code base 
is being published alongside this announcement. Hopefully, the Joker inspires 
security researchers as well as developers to investigate and fix issues in the 
B.A.T.M.A.N. protocol and/or implementation. We will also accept contributions 
for the Joker through the usual channels. Note that the tool does currently 
not work with the more recent versions 2013.4.0 or 2014.4.0 and later - 
patches are welcome.

Happy routing,

The B.A.T.M.A.N. team

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 181 bytes --]