nanog mailing list archives

Re: BGP to doom us all

From: Rob Thomas <robt () cymru com>
Date: Fri, 28 Feb 2003 21:41:17 -0600 (CST)


Hi, Dean.

] Assuming the router is compromised, so is the MD5 key.  And presumably,
] the acls and anything else can be changed as well.

Agreed.  My point was to take a few steps to avoid the compromise.  :)
It isn't difficult to make things just a *bit* more difficult, and thus
avoid the pain caused by the average scan and sploit crowd.  Pick good
passwords, limit access, keep routing tables clean, etc.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);

Current thread:

Re: BGP to doom us all, (continued)
- - - Re: BGP to doom us all Steven M. Bellovin (Feb 28)
- Re: BGP to doom us all Sean Donelan (Feb 28)
  - Re: BGP to doom us all Bruce Robertson (Feb 28)
- Re: BGP to doom us all Randy Bush (Feb 28)
  - Re: BGP to doom us all batz (Feb 28)
    - Re: BGP to doom us all Randy Bush (Feb 28)
    - Re: BGP to doom us all batz (Feb 28)
    - Re: BGP to doom us all Randy Bush (Feb 28)
- RE: BGP to doom us all Jim Deleskie (Feb 28)
  - Re: BGP to doom us all Bruce Pinsky (Feb 28)
- Re: BGP to doom us all Rob Thomas (Feb 28)