Routing Protocol Security
dylan at juniper.net
dylan at juniper.net
Mon Aug 12 22:13:13 UTC 2002
On Tue, Aug 13, 2002 at 01:55:50PM -0700, senthil ayyasamy wrote:
> > Can any of you cite cases where an attack has been
> > carried out against a
> > network's routing protocol (BGP or OSPF in
> > particular)?
>
> I heard people talking about a Dos (not DDos) attack
> from your neighbor peer router that overflows your
> routing table with too much data. I am not aware of
> any DDos on routing packets(?).There are chances for
> man-in-the-attacks between BGP sessions. The question
> is how much the crypto- based security mechanisms like
> MD5 helps prevent routing vulnerabilities. But, I
> guess misconfiguration can also be considered as a
> reason behind many vulnerabilities.
Senthil,
Hi there..
Agreed, I think there are two major classifications you can lump things
under; exploitation of a weak router / misconfiguration to manipulate a
legitimate speaker's advertisements, OR a 3rd party box somehow
manipulating a routing protocol between other devices. (Using something
like nemesis, etc..)
While tools like nemesis and other scripts are out there, and perfectly
capable of forging/manipulating routing protocol packets, how common is
this?
Of the problems folks have run into, are they more often the result of a
legitimate speaker being compromised & playing with advertisements
somehow (and getting through filters that may or may not be present), or
from devices actually spoofing their way into the IGP/EGP? Are there
any specific attacks anyone is aware of & can share?
..Dylan
--
, Dylan Greene ,
+ Juniper Networks +
+ +1 617/407-6254 +
` dylan at juniper.net '
More information about the NANOG
mailing list