BGP TTL Security

• Previous message (by thread): BGP TTL Security
• Next message (by thread): BGP TTL Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Feb 14, 2008, at 11:28 AM, Ben Butler wrote:
> <=191 and the session stays down.
>
> Which is proper bizarre!
>
> Is it necessary to configure this on both side for the session to
> re-establish.  Is this a Cisco bug?

You're missing the fundamentals of what protection this
mechanism is meat to provide.  A remote attacker can
craft a packet such that it yields a TTL of 2, 1 or 0 at
the target system.

However, what a remote attacker can't do is craft a
packet that yields a TTL or 255 or 254, for example.
You probably want both values to be 254 if you've
got one intermediate hop between the peers.

-danny

• Previous message (by thread): BGP TTL Security
• Next message (by thread): BGP TTL Security
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]