[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tcp md5 bgp attacks?

Subject: tcp md5 bgp attacks?
From: randy at psg.com (Randy Bush)
Date: Tue, 14 Aug 2018 14:38:35 -0700

so we started to wonder if, since we started protecting our bgp
sessions with md5 (in the 1990s), are there still folk trying to
attack?

we were unable to find bgp mib counters.  there are igp interface
counters, but that was not our immediate interest.  we did find
that md5 failures are logged.

looking at my logs for a few years, i find essentially nothing;
two 'attackers,' one my own ibgp peer, and one that noted evildoer
rob thomas, bgprs01.ord08.cymru.com.

we would be interested in data from others.

note that we are neither contemplating nor suggesting removing md5
from [y]our bgp sessions.

randy

Follow-Ups:
- tcp md5 bgp attacks?
  - From: Pratik.Lotia at charter.com (Lotia, Pratik M)
- tcp md5 bgp attacks?
  - From: gtaylor at tnetconsulting.net (Grant Taylor)
- tcp md5 bgp attacks?
  - From: joelja at bogus.com (joel jaeggli)
- tcp md5 bgp attacks?
  - From: lobna_gouda at hotmail.com (lobna gouda)

Prev by Date: Reach for a Verizon "Mobility" Network Contact
Next by Date: tcp md5 bgp attacks?
Previous by thread: Reach for a Verizon "Mobility" Network Contact
Next by thread: tcp md5 bgp attacks?
Index(es):
- Date
- Thread