[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PI/metro/geo [Re: The state of IPv6 multihoming development]

To: RJ Atkinson <rja@extremenetworks.com>
Subject: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
From: Pekka Savola <pekkas@netcore.fi>
Date: Tue, 5 Nov 2002 22:51:01 +0200 (EET)
Cc: Michel Py <michel@arneill-py.sacramento.ca.us>, <multi6@ops.ietf.org>
In-reply-to: <27922772-F0FB-11D6-8244-00039357A82A@extremenetworks.com>

On Tue, 5 Nov 2002, RJ Atkinson wrote:
> On Tuesday, Nov 5, 2002, at 14:10 America/Montreal, Michel Py wrote:
> > Are we talking about someone hijacking the BGP TCP connection between
> > you and your peer and actually injecting you forged routes, or a denial
> > of service by other means?
> 
> I've seen forged RSTs to take out the BGP session also, but the earliest
> attack I saw involved somone stealing a BGP TCP session and then
> injecting false routing information.  Operators who don't have BGP TCP
> MD5 deployed are at serious operational risk these days.

This only applies to eBGP sessions (if the neighbor does not do ingress
filtering) and operators which do not use proper source address ingress
filtering at their borders.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

References:
- Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
  - From: RJ Atkinson <rja@extremenetworks.com>

Prev by Date: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
Next by Date: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
Previous by thread: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
Next by thread: Re: PI/metro/geo [Re: The state of IPv6 multihoming development]
Index(es):
- Date
- Thread