Penetration Testing mailing list archives
Re: [PEN-TEST] RIP & OSPF testing
From: "J. Oquendo" <intrusion () ENGINEER COM>
Date: Sun, 26 Nov 2000 09:45:52 -0500
and in the worst case, your "tests" may have catastrophic effects well beyond the customer's immediate network, e.g. BGP updates rippling out across the Internet, routing arbiter or no. unless you *really*understand what you're doing, playing with fault injection in routing protocols on the public Internet is a Really Bad Idea.
I started tinkering with these same ideas and concocted Theories in DoS last year which I don't have time to finish featuring attacks on these protocols, while the document leaves much to be desired in an effort to explain most attack based scenarios it does describe methods that I thought would shake things up a bit as well as attempts to address fixes for some of them. I suggest you pick up Routing TCP/IP from Cisco Press, Internetworking Technologies frmo Cisco Press, and get an overall assessment of networking technologies in general. It is an extremely bad game to play and hopefully you'll be smart enough to have a network of your own prefabricated for any testing. http://www.antioffline.com/TID/ Theories in DoS http://www.antioffline.com/stoppingdos.html Stopping DoS http://www.antioffline.com/ipsec/ Basic IPSec stuff sil () antioffline com sil () deficiency org sil () disgraced org ______________________________________________ FREE Personalized Email at Mail.com Sign up at http://www.mail.com/?sr=signup
Current thread:
- [PEN-TEST] RIP & OSPF testing Curt Wilson (Nov 26)
- Re: [PEN-TEST] RIP & OSPF testing Dug Song (Nov 26)
- <Possible follow-ups>
- Re: [PEN-TEST] RIP & OSPF testing J. Oquendo (Nov 27)
- Re: [PEN-TEST] RIP & OSPF testing NetW3.COM Consulting (Nov 27)
- Re: [PEN-TEST] RIP & OSPF testing DA Smith (Nov 28)
- Re: [PEN-TEST] RIP & OSPF testing batz (Nov 28)
- Re: [PEN-TEST] RIP & OSPF testing J. Oquendo (Nov 27)