BGP Exploit
Smith, Donald
Donald.Smith at qwest.com
Tue May 4 18:24:17 UTC 2004
I have seen 3 pubic ally available tools that ALL work.
I have seen 2 privately tools that work.
A traffic generator can be configured to successfully tear down bgp
sessions.
Given src/dst ip and ports :
I tested with a cross platform EBGP peering with md5 using several of
the tools I could not tear down the sessions.
I tested both Cisco and juniper BGP peering after code upgrades without
md5 I could not tear down the sessions.
Donald.Smith at qwest.com GCIA
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC
kill -13 111.2
> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On
> Behalf Of Steven M. Bellovin
> Sent: Tuesday, May 04, 2004 11:54 AM
> To: Kurt Erik Lindqvist
> Cc: kwallace at pcconnection.com; nanog at merit.edu
> Subject: Re: BGP Exploit
>
>
>
>
> In message
> <C4E8C22A-9DA6-11D8-B28B-000A95928574 at kurtis.pp.se>, Kurt
> Erik Lindq vist writes:
>
> >>
> >> Now that the firestorm over implementing Md5 has quieted
> down a bit,
> >> is anybody aware of whether the exploit has been used?
> Feel free to
> >> reply off list.
> >
> >Even more interesting, did anyone manage to reproduce it?
> >
>
> I don't know if it's being used; I know that reimplementations of the
> idea are out there.
>
>
> --Steve Bellovin, http://www.research.att.com/~smb
>
>
>
More information about the NANOG
mailing list