nanog mailing list archives
Re: MD5 for TCP/BGP Sessions
From: "Eduardo Ascenco Reis" <eduardo () intron com br>
Date: Thu, 31 Mar 2005 18:46:50 -0300
Dear Fellows, a simple configuration that can help to improve security on BGP tcp sessions is to establish it using ip loopback address on both sides, even in situations with only one link between routers. By doing that the ip address used are hidden from traceroute tools discovery. Also the ip address used can be no routeable outside both routers, which will naturally block ip traffic against the BGP tcp session from any other host. Regards,
Eduardo Ascenço Reis.
Current thread:
- Re: MD5 for TCP/BGP Sessions, (continued)
- Re: MD5 for TCP/BGP Sessions John Kristoff (Mar 30)
- Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 30)
- Re: MD5 for TCP/BGP Sessions Stephen J. Wilcox (Mar 30)
- Re: MD5 for TCP/BGP Sessions vijay gill (Mar 30)
- Re: MD5 for TCP/BGP Sessions Christopher L. Morrow (Mar 30)
- Re: MD5 for TCP/BGP Sessions vijay gill (Mar 30)
- Re: MD5 for TCP/BGP Sessions Christopher L. Morrow (Mar 30)
- Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 30)
- Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 30)
- Re: MD5 for TCP/BGP Sessions Stephen J. Wilcox (Mar 31)
- Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 31)
- Re: MD5 for TCP/BGP Sessions Eduardo Ascenco Reis (Mar 31)
- Re: MD5 for TCP/BGP Sessions John Kristoff (Mar 30)