92 chapter 5 Spanning Tree Attacks points that have been misconfigured to forward BPDU frames.) The attacker claims the root bridge role, and now every bridge computes the least-cost path to the root. The least-cost paths from C and D are most likely the direct links, and thus cannot be blocked. Thus, any other link between A and B and any other link between C and D must be blocked to prevent cycles. Now the intruder is free to watch the traffic. forging BPDu frames The key to hijacking the STP is forging BPDU frames. If you can construct and send BPDU frames with specific characteristics, you can cause havoc with the protocol because layer two is essentially security-free. If you are a programmer, you can use the libnet library V to construct and send BPDU frames. This is a networking library that lets you programmatically access several protocols. Libnet is a relatively low-level library, allowing you to specially craft and then send packets. For example, you might create and send configuration STP packets (BPDU frames) in an attempt to claim the root bridge role for yourself. Using libnet requires that you write a program. While libnet is a C library, helpful people have created other interfaces to it, including a Perl library W and Python library. X In short, the