nanog mailing list archives

Re: protecting operational networks

From: rja () corp home net (Ran Atkinson)
Date: Mon, 15 Sep 1997 08:47:21 -0700


On Sep 13 16:44, Sean M. Doran wrote:

% Then, some protection for routing protocols to make them
% both more robust and more secure, and life is a bit nicer.

IMHO, any serious network operator using OSPF or BGP should
have already deployed the techniques below (as applicable):
        OSPF with Keyed MD5 Authentication
        BGP-4 with the Keyed MD5 Authentication extension
                as a TCP option.

WRT ISIS, lack of a CLNP infrastructure limits the ability of
outsiders to attack a network.  Nonetheless, ISIS should probably
also get some kind of cryptographic authentication extension.

Ran
rja () home net

Current thread:

Re: not rewriting next-hop, pointing default, ..., (continued)
- - - Re: not rewriting next-hop, pointing default, ... Randy Bush (Sep 11)
    - Re: not rewriting next-hop, pointing default, ... Karl Denninger (Sep 11)
    - Re: not rewriting next-hop, pointing default, ... Ran Atkinson (Sep 11)
    - Re: not rewriting next-hop, pointing default, ... Sean M. Doran (Sep 11)
    - Message not available
    - Re: LSR and packet filters Ran Atkinson (Sep 12)
    - Re: LSR and packet filters Sean M. Doran (Sep 13)
    - Re: LSR and packet filters Alex "Mr. Worf" Yuriev (Sep 13)
    - Re: LSR and packet filters Sean M. Doran (Sep 14)
    - Re: not rewriting next-hop, pointing default, ... Alex.Bligh (Sep 12)
    - Re: not rewriting next-hop, pointing default, ... Sean M. Doran (Sep 13)
    - Message not available
    - Re: protecting operational networks Ran Atkinson (Sep 15)
    - Re: protecting operational networks Vadim Antonov (Sep 15)
    - Re: not rewriting next-hop, pointing default, ... Karl Denninger (Sep 11)
    - Re: not rewriting next-hop, pointing default, ... Avi Freedman (Sep 11)
    - set ip next-hop Bradley Dunn (Sep 11)
    - Re: set ip next-hop Alex Rubenstein (Sep 11)
    - Re: set ip next-hop Avi Freedman (Sep 11)
    - Re: not rewriting next-hop, pointing default, ... Per Gregers Bilse (Sep 12)
    - Re: not rewriting next-hop, pointing default, ...s Avi Freedman (Sep 12)
    - Re: not rewriting next-hop, pointing default, ...s Nathan Stratton (Sep 12)
    - Re: not rewriting next-hop, pointing default, ...s Avi Freedman (Sep 12)

(Thread continues...)