[j-nsp] stealth bgp vulnerability?

Richard A Steenbergen ras at e-gerbil.net
Thu Apr 15 12:23:38 EDT 2004


On Thu, Apr 15, 2004 at 03:42:45PM +0100, Rob Walton wrote:
> 
> I find it quite amusing that many people suddenly worry when a 
> vulnerability like this comes along when there are so many easy ways to 
> well and truely destroy many providers networks with some simple high rate 
> packet crafting tools and a little tracerouting - how many people here who 
> use MPLS-RSVP use the shared secret option and/or filter RSVP packets 
> destined for their core equipment from entering their network??

I think the question we would all like answered is what is so special 
about this that hasn't already been known about for ages. If this is 
someone spouting off about ISN guessing or sending 2^32 packets to try and 
reset a session and for some reason it just touched off a wave of paranoia 
and md5 deployment simply because other people were doing it, I am going 
to be very very disappointed.

Unfortunately it seems no vendor is willing to be straight with us "small
guys" as far as what is actually vulnerable and precisely how concerned we
should be, or even tell us that a vulnerability exists (leaving us to
simply notice that hey lots of people are requesting md5 passwords all of
a sudden), until the magic day they decide that they will release enough
information to allow any kiddie off the street to create an exploit for
it. Somewhere in the middle would be nice, like "yes there is a serious 
vulnerability which wasn't known before now and doesn't require 2^32 
packets and a local sniffer on the segment", would be nice so we know how 
much energy to waste (over)reacting. :)

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)


More information about the juniper-nsp mailing list