key change for TCP-MD5

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 

> -----Original Message-----
> From: Barry Greene (bgreene) [mailto:bgreene at cisco.com] 
> Sent: Friday, June 23, 2006 11:50 AM
> To: Bora Akyol; Ross Callon; nanog at merit.edu
> Subject: RE: key change for TCP-MD5
> 
>  
> 
> > If DOS is such a large concern, IPSEC to an extent can be used to 
> > mitigate against it. And IKEv1/v2 with IPSEC is not the horribly 
> > inefficient mechanism it is made out to be. In practice, it 
> is quite 
> > easy to use.
> 
> IPSEC does nothing to protect a network device from a DOS 
> attack. You know that.
> 

Barry

The validity of your statement depends tremendously on how IPSEC is
implemented.

Bora

• Previous message (by thread): key change for TCP-MD5
• Next message (by thread): key change for TCP-MD5
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]