[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tcp md5 bgp attacks?

Subject: tcp md5 bgp attacks?
From: gtaylor at tnetconsulting.net (Grant Taylor)
Date: Tue, 14 Aug 2018 17:28:13 -0600
In-reply-to: <[email protected]>
References: <[email protected]>

On 08/14/2018 03:38 PM, Randy Bush wrote:
> so we started to wonder if, since we started protecting our bgp
> sessions with md5 (in the 1990s), are there still folk trying to
> attack?

n00b response here

I thought using ACLs or otherwise protecting the BGP endpoint was best 
practice.  Thus it's really hard to even try break an MD5 protected BGP 
session if you can't even establish the TCP connection.

Everything that I've seen or set up had an ACL to only allow the peer(s) 
to be able to connect to (from memory) TCP port 179.

Is there something that I've missed the boat on?

#learningOpportunity

-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20180814/4f8d0e67/attachment.bin>

Follow-Ups:
- tcp md5 bgp attacks?
  - From: fredbaker.ietf at gmail.com (Fred Baker)
- tcp md5 bgp attacks?
  - From: job at ntt.net (Job Snijders)
- tcp md5 bgp attacks?
  - From: rdobbins at arbor.net (Roland Dobbins)

References:
- tcp md5 bgp attacks?
  - From: randy at psg.com (Randy Bush)

Prev by Date: tcp md5 bgp attacks?
Next by Date: tcp md5 bgp attacks?
Previous by thread: tcp md5 bgp attacks?
Next by thread: tcp md5 bgp attacks?
Index(es):
- Date
- Thread