[nsp] BGP TTL Security Check

fingers fingers at fingers.co.za
Fri Apr 23 20:37:56 EDT 2004


> In light of the recent tcp window vunerability I looked around for other
> ways, besides md5 auth, to secure my BGP sessions.  I ran across this:
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120limit/120s/120s27/s_btsh.htm
>
> I thought this would be a great way to secure BGP sessions as most BGP
> peers are within the same subnet, ie each peer only needing a TTL of 1
> to communicate.  However the docs on this appear backwards to me..

does anyone actually read nanog/cisco-nsp? or does everyone just post
things blindly without reading the 20384207127314 other posts about the
same topic/bright idea?


More information about the cisco-nsp mailing list