[nsp] bgp vulnerability?

Tue Apr 20 17:30:20 EDT 2004

hello,

  looking glasses, with option to display the 'sh ip bgp ne' output are harmful

Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: x.x.x.x, Local port: 179
Foreign host: y.y.y.y, Foreign port: zzzzz

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x215F4C638):
Timer          Starts    Wakeups            Next
Retrans        456927       1567             0x0
TimeWait            0          0             0x0
AckHold        421434     291415             0x0
SendWnd             1          0             0x0
KeepAlive          51          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0

iss: aaa  snduna: bbb  sndnxt: ccc    sndwnd: ddd
irs: eee  rcvnxt: fff  rcvwnd: ggg    delrcvwnd: hhh   

rgds,
  -zoltan

-----Original Message-----
From: Dan Hollis [mailto:goemon at anime.net]
Sent: Tuesday, April 20, 2004 11:05 PM
To: Dmitry Volkov
Cc: 'Gert Doering'; 'Steve Francis'; 'Don Bowman';
cisco-nsp at puck.nether.net
Subject: RE: [nsp] bgp vulnerability?

On Tue, 20 Apr 2004, Dmitry Volkov wrote:
> Well I was not asking about operational workarounds - like MD5 And RFC 2827,
> etc but rather about vendor's fixes like Checkpoint, IIJ, I'm sure cisco
> will come up soon...

Is there any good technique to guessing the source port, other than brute 
force? It would seem that multiplies the search area an attacker must 
guess. Is such an attack practical in that light?

-Dan

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

Ez az üzenet és a hozzá kapcsolódó fájlok, tervezetek kizárólag a
Címzettnek szólnak, a bennük foglalt információk bizalmasak, melyek
titokban maradásához a Synergon Informatika Rt.-nek jogilag méltányolható
érdeke fuzodik. Amennyiben valamely hiba folytán Ön nem a címzettje ennek a
levélnek, kérjük, semmisítse meg, és értesítse az üzenet küldojét. Az
üzenet az elküldés elott vírusellenorzésen esett át, de a vírusmentességére
nincs semmilyen garancia, ezért kérjük, ellenorizze azt!

DISCLAIMER

This e-mail and any attached files are confidential and may be legally
privileged. The content of this e-mail is subject of efforts by Synergon to
maintain its confidentiality. Also this e-mail is intended for the sole use
of the individual or entity to whom it is addressed. If you are not the
addressee, and received this transmission in error please delete this
e-mail and notify its sender immediately. This e-mail message has been
checked for computer viruses but it could still be infected. Please test it
for viruses before use.