[j-nsp] decrypting BGP session keys on JUNOS
Joe Abley
jabley at isc.org
Wed Apr 28 12:24:42 EDT 2004
Hi,
I'm extending some audit scripts which compare deployed reality in ISC
routers with records in a peering database to check MD5 auth keys
applied to BGP sessions.
RFC 2385 secrets in cisco configs are obfuscated against casual
inspection, but are otherwise easy to decrypt. This is good from the
point of view of scraping the secrets from the routers as part of this
audit process.
However, it's not clear to me whether the corresponding
authentication-key stanzas in JUNOS M-series configurations can be
de-obfuscated as easily.
Does anybody happen to know how to extract plain text passwords for
individual BGP sessions from a running Juniper M-series router?
Joe
More information about the juniper-nsp
mailing list