TCP/BGP vulnerability - easier than you think
Todd Vierling
tv at duh.org
Wed Apr 21 15:37:04 UTC 2004
On Wed, 21 Apr 2004, David Luyer wrote:
: > You missed the "(assuming the attacker can accurately guess both
: > ports)" part.
: A significant number of BGP sessions will be with a source
: port of 11000, 11001 or 11002; BGP sessions are generally
: quite stable and Cisco routers start the source port at
: 11000.
If true, *that* would be a security risk in Cisco's port selection
algorithm. Many modern OS's do not do simple sequential allocation of
ports, making this point invalid.
--
-- Todd Vierling <tv at duh.org> <tv at pobox.com>
More information about the NANOG
mailing list