TCP/BGP vulnerability - easier than you think

E.B. Dreger eddy+public+spam at noc.everquick.net
Thu Apr 22 03:10:38 UTC 2004


JK> Date: Wed, 21 Apr 2004 20:51:23 -0500
JK> From: John Kristoff


JK> I would say the risk is due to implementation.  If the
JK> vendor's gear vomits quicker due to a resource consumption
JK> issue in handling MD5, is this really a problem with MD5?

Theoretically MD5 and IPSec sound great.  Operationally they may
not be the best answer.


JK> These issues can usually be fixed by simply improving the
JK> scaling properties of the implementation that may be required
JK> during adverse conditions.

Crypto chips' prices are declining...


Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  blacklist at brics.com -or- alfra at intc.net -or- curbjmp at intc.net
Sending mail to spambait addresses is a great way to get blocked.




More information about the NANOG mailing list