nanog mailing list archives
Re: TCP/BGP vulnerability - easier than you think
From: John Kristoff <jtk () northwestern edu>
Date: Wed, 21 Apr 2004 20:51:23 -0500
On Wed, 21 Apr 2004 21:00:55 +0100 (IST) Paul Jakma <paul () clubi ie> wrote:
risk of crypto DoS than compared to the simple BGP TCP MD5 hack. The risk is due to MD5, not IPSec :).
I would say the risk is due to implementation. If the vendor's gear vomits quicker due to a resource consumption issue in handling MD5, is this really a problem with MD5? These issues can usually be fixed by simply improving the scaling properties of the implementation that may be required during adverse conditions. John
Current thread:
- Re: TCP/BGP vulnerability - easier than you think, (continued)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Daniel Roesen (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
- RE: TCP/BGP vulnerability - easier than you think David Luyer (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Crist Clark (Apr 22)
- Re: TCP/BGP vulnerability - easier than you think John Kristoff (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 22)
- Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 23)
- Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
- Message not available
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 23)
- Message not available
- Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 23)
- Re: TCP/BGP vulnerability - easier than you think Leo Bicknell (Apr 23)
- Re: TCP/BGP vulnerability - easier than you think Petri Helenius (Apr 23)
- Re: TCP/BGP vulnerability - easier than you think Todd Vierling (Apr 23)
- Re: TCP/BGP vulnerability - easier than you think Priscilla Oppenheimer (Apr 26)