nanog mailing list archives

Re: What Worked - What Didn't

From: Martin Cooper <mjc () cooper org uk>
Date: Mon, 17 Sep 2001 23:31:26 +0100


Alex Bligh <alex () alex org uk> writes:

--On Monday, 17 September, 2001 2:32 PM -0400 "Patrick W. Gilmore"
<patrick () ianai net> wrote:

Maybe I missed something?


Only all the well documented attacks (including DoS).
Think about sending RST to BGP port (and other random
ports) on your routers.


I thought TCP stacks were supposed to do sequence number checking on
RST's to make sure they fell within the bounds of the unacknowledged
portion of the current window? Or is Cisco's implementation broken?

M.

Current thread:

Re: What Worked - What Didn't, (continued)
- - - Message not available
    - Re: What Worked - What Didn't Mike Lewinski (Sep 17)
    - RE: What Worked - What Didn't Randy Bush (Sep 17)
    - RE: What Worked - What Didn't Iljitsch van Beijnum (Sep 17)
    - RE: What Worked - What Didn't Randy Bush (Sep 17)
    - RE: What Worked - What Didn't Iljitsch van Beijnum (Sep 17)
- RE: What Worked - What Didn't Roeland Meyer (Sep 17)
- RE: What Worked - What Didn't Roeland Meyer (Sep 17)
  - Re: What Worked - What Didn't Jared Mauch (Sep 17)
  - Re: What Worked - What Didn't Jeff Aitken (Sep 17)
  - Re: What Worked - What Didn't John Kristoff (Sep 18)
- Re: What Worked - What Didn't Martin Cooper (Sep 17)
  - bgp md5 auth Randy Bush (Sep 17)
    - Re: bgp md5 auth John Kristoff (Sep 18)
    - Re: bgp md5 auth Randy Bush (Sep 18)