Xspedius / E.Spire as wellRe: Winstar says there is no TCP/BGP vulnerability

John Brown (CV) jmbrown at chagresventures.com
Tue Apr 20 21:30:30 UTC 2004


Seems Xspedius aka E.SPire aka ACSI   doesn't feel that MD5 is
important on their BGP sessions either.

Based on the ticket we filed last week, Managment does not
feel its warranted to make these changes.


On the other hand, SPRINT  was willing and able to take MD5
session info right away.  WAY TO GO SPRINT.


On Tue, Apr 20, 2004 at 01:44:44PM -0700, Rodney Joffe wrote:
> 
> Perhaps we are all making too much of this...
> 
> It appears that Winstar feels that there is no need for MD5
> authentication of peering sessions. One of our customers has just had
> the following response from Winstar following a request to implement MD5
> on their OC3 connection to Winstar. My first suggestion is to locate
> another upstream provider (they have 3 already).
> 
> However, perhaps someone from Winstar would care to help us all
> understand what the alternative solution is to securing the session via
> MD5? I would *love* an alternative to the 5 days of work we've just gone
> through.
> 
> > -----Original Message-----
> > From: Justin Crawford - NMCW Engineer [mailto:jcrawford at winstar.net]
> > Sent: Tuesday, April 20, 2004 11:13 AM
> > To: xxxxxx
> > Subject: Re: *****SPAM***** MD5 implimentation on BGP
> > 
> > xxxxx,
> > 
> > Winstar does not currently run MD5 authentication with our peers.
> > 
> > Thanks
> > 
> > Justin
> > 
> > Thank you for your time and business
> > 
> > Justin Crawford
> > Winstar NMCW
> > Ph: 206-xxx.xxxx
> 
> Has anyone else run in to this with Winstar?
> 
> -- 
> Rodney Joffe
> CenterGate Research Group, LLC.
> http://www.centergate.com
> "Technology so advanced, even we don't understand it!"(SM)



More information about the NANOG mailing list