nanog mailing list archives

Re: TCP/BGP vulnerability - easier than you think

From: Iljitsch van Beijnum <iljitsch () muada com>
Date: Wed, 21 Apr 2004 13:23:54 +0200 (CEST)


On Wed, 21 Apr 2004, Daniel Roesen wrote:

access-list 123 deny   tcp any any eq bgp rst log-input
access-list 123 deny   tcp any eq bgp any rst log-input

Unfortunately, not all vendors are able to look at the RST bit when
filtering...

The general ignorance to the fact that SYN works as well is
astonishing. :-)


What are you talking about?

Current thread:

TCP/BGP vulnerability - easier than you think, (continued)
- - - TCP/BGP vulnerability - easier than you think David Luyer (Apr 20)
    - Re: TCP/BGP vulnerability - easier than you think Patrick W . Gilmore (Apr 20)
    - Re: TCP/BGP vulnerability - easier than you think Rob Thomas (Apr 20)
    - Re: TCP/BGP vulnerability - easier than you think Joe Abley (Apr 20)
    - RE: TCP/BGP vulnerability - easier than you think David Luyer (Apr 20)
    - Re: TCP/BGP vulnerability - easier than you think Adam Rothschild (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 22)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
    - RE: TCP/BGP vulnerability - easier than you think David Luyer (Apr 21)

(Thread continues...)