nanog mailing list archives
RE: key change for TCP-MD5
From: "Bora Akyol" <bora () broadcom com>
Date: Wed, 21 Jun 2006 17:25:16 -0700
Another potential attack is an attempt to insert information into a BGP session, such as to introduce bogus routes, or to even become a "man in the middle" of a BGP session. One issue that worries me about this is that if this allows routing to be compromised, then I can figure out how to make money off of this (and if I can think of it, someone even nastier will probably also think of this). Of course this would be much more difficult to pull off, and might require viewing packets between routers to pull off, but if pulled off and not quickly detected could be unfortunate. Ross
This one is hard to pull off. I think the general conclusion a couple years ago in the study that Sean Convery and Matt Franz did was that it was less work to try to own the router or buy your own AS ;) Bora
Current thread:
- RE: key change for TCP-MD5, (continued)
- RE: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Jared Mauch (Jun 21)
- Re: key change for TCP-MD5 Randy Bush (Jun 21)
- RE: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 26)
- RE: key change for TCP-MD5 Bora Akyol (Jun 20)
- RE: key change for TCP-MD5 Ross Callon (Jun 21)
- RE: key change for TCP-MD5 Randy Bush (Jun 21)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 21)
- Re: key change for TCP-MD5 Niels Bakker (Jun 25)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 26)
- RE: key change for TCP-MD5 Randy Bush (Jun 21)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 21)
- backbone threats [Re: key change for TCP-MD5] Pekka Savola (Jun 26)
- Re: key change for TCP-MD5 Todd Underwood (Jun 23)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 23)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 23)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 23)
- Re: key change for TCP-MD5 Patrick W. Gilmore (Jun 23)