Penetration Testing mailing list archives
Re: Possible hi-jacking of ospf chain.
From: Nikolaj <lorddoskias () gmail com>
Date: Thu, 04 Jan 2007 01:20:09 +0200
dhess () na cokecce com wrote:
With this password you could create an OSPF neighbor on the target network and pollute the route table in whatever fashion you wish... you could begin routing traffic through you to do packet capture and analysis or you could route traffic to a black hole, thereby creating a DOS. Best practice is to use MD5 hashing for OSPF passwords.Dennis *Nikolaj <lorddoskias () gmail com>* Sent by: listbounce () securityfocus com 01/03/2007 06:07 AM To pen-test () securityfocus com cc Subject Possible hi-jacking of ospf chain. Hello, Happy New Year to everyone, that's first. :) I'm observing the traffic flow in my network and I see some strange behavior with the OSPF packets. All of them contain plain-text password. I was wondering whether it was possible to join the OSPF chain and route the traffic to /dev/null let's say and thus render the network traffic unavailable? Or what can be done with this password? It's in the OSPF LS Acknowledge and OSPF Hello packet. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Very interesting. I'm talking about a network based on the open-source package quagga. Can you give some links to paper that describe possible attaks, or the best way is to download and install quagga on my machine and start playing with the router tables?
Regards. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Possible hi-jacking of ospf chain. Nikolaj (Jan 03)
- <Possible follow-ups>
- Re: Possible hi-jacking of ospf chain. Nikolaj (Jan 03)
- Re: Possible hi-jacking of ospf chain. Xiaoyong Wu (Jan 04)
- Re: Possible hi-jacking of ospf chain. Syv Ritch (Jan 04)
- Re: Possible hi-jacking of ospf chain. Xiaoyong Wu (Jan 04)