Emergency Internet Backbone Provider Maintenance Tonight

Colin Neeson colin at oriel.com.au
Mon Jan 24 09:49:40 UTC 2005


This is just a stream of consciousness, but I perceive that most of the
"vulnerabilities" (BGP, SNMP, etc) are mostly knee-jerk reactions to what is
reported to vendors by trophy hunters out there looking for easy kills.  For
sure, they are real and true, and need to be disclosed by the relevant
vendors that are affected, but is the frenzy that ensues after the
vulnerability announcements warranted?

Discuss.. :-)


On 24/1/05 8:40 PM, "Pekka Savola" <pekkas at netcore.fi> wrote:

> On Mon, 24 Jan 2005, Wayne E. Bouchard wrote:
>> Well, the point was made in my office on Friday that the upgrade was
>> not just snmp or sshd but that they were required to upgrade the core
>> operating code. This suggests to me that it's something to do with
>> packets or packet handling, not with services. Which makes me all the
>> more concerned. Of course, it will probably be something along the
>> lines of "When reciving a packet with such and such format with some
>> particular service enabled, the router might reload under specific
>> conditions" or some such thing that will not affect many people other
>> than the tier 1s who work their routers way harder than any of us
>> lilliputians.
> 
> Well, the last time an upgrade like this was pushed through was caused
> by the (BGP) TCP RST spoofing "vulnerability", which was not a big
> issue at all especially if you had secured your borders properly
> against spoofing.  I really hope it's bigger this time..





More information about the NANOG mailing list