tcp md5 bgp attacks?
Job Snijders
job at ntt.net
Tue Aug 14 23:36:02 UTC 2018
On Tue, Aug 14, 2018 at 05:28:13PM -0600, Grant Taylor via NANOG wrote:
> On 08/14/2018 03:38 PM, Randy Bush wrote:
> > so we started to wonder if, since we started protecting our bgp
> > sessions with md5 (in the 1990s), are there still folk trying to
> > attack?
>
> n00b response here
>
> I thought using ACLs or otherwise protecting the BGP endpoint was best
> practice. Thus it's really hard to even try break an MD5 protected
> BGP session if you can't even establish the TCP connection.
>
> Everything that I've seen or set up had an ACL to only allow the
> peer(s) to be able to connect to (from memory) TCP port 179.
>
> Is there something that I've missed the boat on?
>
> #learningOpportunity
To further harden your setup, consider using GTSM
https://tools.ietf.org/html/rfc5082
Kind regards,
Job
More information about the NANOG
mailing list