[j-nsp] stealth bgp vulnerability?
Richard A Steenbergen
ras at e-gerbil.net
Thu Apr 15 01:39:24 EDT 2004
On Wed, Apr 14, 2004 at 04:06:04PM +0100, Damon Pegg wrote:
> Something sneaky maybe occuring? Following a couple of prominent UK IX
> members suddenly demanding the use of MD5 on EBGP sessions Juniper TAC
> confirmed a related BGP security vulnerability but wouldnt give us any
> info beyond asking that we comply with any requests from upstreams
> and/or peers to use MD5. A little cloak and dagger methinks. Can
> anyone shed more light?
I don't suppose now would be a good time for someone to either
a) come up with some kind of public key mechanism for swapping the MD5
passwords between routers without needing hundreds of phone calls to
exchange and coordinate password deployment
and/or
b) start to implement the ttl trick.
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list