md5 for bgp tcp sessions

• Previous message (by thread): md5 for bgp tcp sessions
• Next message (by thread): md5 for bgp tcp sessions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Eric Gauthier <eric at roxanne.org> writes:

> Honestly, I completely agree with you that MD5'ing our OSPF
> adjacencies isn't a great idea (I've so far stalled its roll-out).
> I strongly argued against it internally.  There were, however, those
> in both the networking and security groups that were concerned about
> the OSPF vulnerabilities that were pointed out recently and were in
> favor of the MD5s as the mitigation method.

passive-interface is your friend.

                                        ---rob 

• Previous message (by thread): md5 for bgp tcp sessions
• Next message (by thread): md5 for bgp tcp sessions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]