Re: [PEN-TEST] RIP & OSPF testing

["J. Oquendo" <intrusion () ENGINEER COM>]

> > > >
and in the worst case, your "tests" may have catastrophic effects well beyond the customer's immediate network, e.g. 
BGP updates rippling out across the Internet, routing arbiter or no. unless you *really*understand what you're doing, 
playing with fault injection in routing protocols on the public Internet is a Really Bad Idea.
> > > >

I started tinkering with these same ideas and concocted Theories in DoS last year which I don't have time to finish 
featuring attacks on these protocols, while the document leaves much to be desired in an effort to explain most attack 
based scenarios it does describe methods that I thought would shake things up a bit as well as attempts to address 
fixes for some of them. I suggest you pick up Routing TCP/IP from Cisco Press, Internetworking Technologies frmo Cisco 
Press, and get an overall assessment of networking technologies in general. It is an extremely bad game to play and 
hopefully you'll be smart enough to have a network of your own prefabricated for any testing.

http://www.antioffline.com/TID/  Theories in DoS
http://www.antioffline.com/stoppingdos.html  Stopping DoS
http://www.antioffline.com/ipsec/ Basic IPSec stuff

sil () antioffline com sil () deficiency org sil () disgraced org

______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup