[j-nsp] stealth bgp vulnerability?
Rob Walton
robert.walton at dante.org.uk
Fri Apr 16 07:48:01 EDT 2004
At 09:35 15/04/2004 -0700, Randy Bush wrote:
> > I think the question we would all like answered is what is so special
> > about this that hasn't already been known about for ages. If this is
> > someone spouting off about ISN guessing or sending 2^32 packets to try and
> > reset a session and for some reason it just touched off a wave of paranoia
> > and md5 deployment simply because other people were doing it, I am going
> > to be very very disappointed.
>
>actually, i'm quite happy. a decade of security conscious net folk
>saying "please deploy md5" did not work. so if a week of clueless
>paranoid guessing on a couple of mailing lists achieves the goal, i
>guess that is a good thing.
my thoughts exactly.... please deploy MD5 and some effective packet filters
to protect your control plane - it certainly ain't rocket science.
cheers,
Rob
>randy
>
>_______________________________________________
>juniper-nsp mailing list juniper-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/juniper-nsp
_________________________________________________________________
* * Rob Walton - Network engineer
* *
* Francis House Tel +44 1223 302 992
* 112 Hills Road Fax +44 1223 303 005
* Cambridge CB2 1PQ
D A N T E United Kingdom
_________________________________________________________________
More information about the juniper-nsp
mailing list