What Worked - What Didn't

• Previous message (by thread): What Worked - What Didn't
• Next message (by thread): What Worked - What Didn't
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 11:18 AM 9/17/2001 -0700, Randy Bush wrote:

 >no one went after the comms infrastructure.  when they do, i suspect that
 >we will find the internet is extremely vulnerable.  how many folk even
 >have md5 auth turned on their bgp peering sessions?  what nievete!

If someone can splice into my point-to-point OC system, fake being the 
router on the other end, and keep my peer from calling me and asking what 
happened, well, then I have MUCH bigger things to worry about than whether 
my BGP session is valid.  (And he probably has the capability to do 
whatever he wants, no matter how hard I try to stop him.)

As for public peering points, the ARP resolution would cause problems, and 
either I or my peer would notice pretty darned quickly.  But only a small 
percentage of the traffic on the 'Net goes over public peering points these 
days anyway.

Not sure where else anyone could use MD5 on their BGP.  Maybe I missed 
something?


 >randy

--
TTFN,
patrick

• Previous message (by thread): What Worked - What Didn't
• Next message (by thread): What Worked - What Didn't
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]