protecting operational networks
Ran Atkinson
rja at corp.home.net
Mon Sep 15 15:47:21 UTC 1997
On Sep 13 16:44, Sean M. Doran wrote:
% Then, some protection for routing protocols to make them
% both more robust and more secure, and life is a bit nicer.
IMHO, any serious network operator using OSPF or BGP should
have already deployed the techniques below (as applicable):
OSPF with Keyed MD5 Authentication
BGP-4 with the Keyed MD5 Authentication extension
as a TCP option.
WRT ISIS, lack of a CLNP infrastructure limits the ability of
outsiders to attack a network. Nonetheless, ISIS should probably
also get some kind of cryptographic authentication extension.
Ran
rja at home.net
More information about the NANOG
mailing list