OSPF Vulnerability - Owning the Routing Table
mysidia at gmail.com
Sat Aug 3 23:38:39 UTC 2013
On 8/2/13, Aled Morris <aledm at qix.co.uk> wrote:
> Cisco published an advisory on OSPF vulnerability yesterday I think. I
> assume it's related.
OSPF is a dynamic routing protocol. It automatically discovers
neighbors on a multi-access segment claiming to be routers.
In what way could it possibly be unexpected that an attacker can pose
as a router and inject false routes; if an attacker able to emit
multicast to OSPF multicast address onto a LAN speaking OSPF?
That's not news to me, but fully expected.
Do the vendors /really/ have a code fix to what would seem to be an
inherent problem; if you failed to properly secure your OSPF
implementation (via MD5 authentication)?
> OSPFv3 is not vulnerable, and connections protected by MD5 are safe too,
More information about the NANOG