Topology Discovery is an essential service in Software Defined Networks (SDN). Most SDN controllers use a de-facto standard topology discovery mechanism based on Open-Flow to identify active links in the network. This paper discusses the security, or rather lack thereof, of the current SDN topology discovery mechanism, and its vulnerability to link spoofing attacks. The feasibility and impact of the attacks are verified and demonstrated via experiments. The paper presents and evaluates a countermeasure based on HMAC authentication.