attacks on MPLS?

• Previous message (by thread): attacks on MPLS?
• Next message (by thread): attacks on MPLS?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Well if we pull apart the article a bit....



Quote 1)
Network infrastructure security has been in the limelight lately, with 
researchers uncovering big vulnerabilities in the Domain Name System 
(DNS), the Border Gateway Protocol (BGP), TCP, and in Cisco routers.


Wasn't aware of any big vulns in BGP (are they referring to the defcon 
talk that rehashed ages old bgp trust exploitation?). Cisco vulns (I 
realize cisco released several patches recently but not aware of any 
signifcant vulns).

Quote 2)
own set of switches and management infrastructures, and their own set of 
surrounding technologies," he says, "and the average attacker could not 
get his hands on that equipment."

Hmmmm. Really? 
http://www.gns3-labs.com/2009/01/23/mpls-vpn-and-traffic-engineering/ + 
torrent the appropriate IOS images. That seems like it would be enough 
to build a lab environment for exploit development.

Seems like the article is a lot of  fear mongering.


Steven M. Bellovin wrote:
> http://www.darkreading.com/securityservices/services/data/showArticle.jhtml?articleID=216403220
> 
> 
> 		--Steve Bellovin, http://www.cs.columbia.edu/~smb
> 

• Previous message (by thread): attacks on MPLS?
• Next message (by thread): attacks on MPLS?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]