[nsp] BGP vuln on Cisco?
Olav Langeland
Olav.Langeland at activeisp.com
Thu Apr 22 10:55:24 EDT 2004
http://archives.neohapsis.com/archives/openbsd/2004-04/1362.html
[--cut--]
That is right. If you have a Cisco, you can tear down BGP sessions by
spoofing:
64K of
SYN's or RST's
sent to #.#.#.#:179 -> #.#.#.#:{1024,+512,+512,...}
The SYN and RST methods are different, but the end effect is that
a tiny little burst of packets will cause a flap.
[--cut--]
Any comments on this?
Planning to do some testing as soon as this flu goes away.
--
Olav Langeland - Active ISP
More information about the cisco-nsp
mailing list