nanog mailing list archives

Re: MD5 for TCP/BGP Sessions

From: "Eduardo Ascenco Reis" <eduardo () intron com br>
Date: Thu, 31 Mar 2005 18:46:50 -0300

Dear Fellows,a simple configuration that can help to improve security on BGP tcp sessionsis to establish it using ip loopback address on both sides, even insituations with only one link between routers. By doing that the ip addressused are hidden from traceroute tools discovery.Also the ip address used can be no routeable outside both routers, whichwill naturally block ip traffic against the BGP tcp session from any otherhost.Regards,

Eduardo Ascenço Reis.

Current thread:

Re: MD5 for TCP/BGP Sessions, (continued)
- Re: MD5 for TCP/BGP Sessions John Kristoff (Mar 30)
  - Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 30)
    - Re: MD5 for TCP/BGP Sessions Stephen J. Wilcox (Mar 30)
    - Re: MD5 for TCP/BGP Sessions vijay gill (Mar 30)
    - Re: MD5 for TCP/BGP Sessions Christopher L. Morrow (Mar 30)
    - Re: MD5 for TCP/BGP Sessions vijay gill (Mar 30)
    - Re: MD5 for TCP/BGP Sessions Christopher L. Morrow (Mar 30)
    - Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 30)
    - Re: MD5 for TCP/BGP Sessions Stephen J. Wilcox (Mar 31)
    - Re: MD5 for TCP/BGP Sessions Pekka Savola (Mar 31)
    - Re: MD5 for TCP/BGP Sessions Eduardo Ascenco Reis (Mar 31)