nanog mailing list archives

Re: TCP/BGP vulnerability - easier than you think

From: "E.B. Dreger" <eddy+public+spam () noc everquick net>
Date: Wed, 21 Apr 2004 16:37:39 +0000 (GMT)


IvB> Date: Wed, 21 Apr 2004 15:09:15 +0200
IvB> From: Iljitsch van Beijnum


IvB> [T]he filters I listed in my earlier message simply filter
IvB> RSTs to/from the BGP port without looking at the address
IvB> fields [...] the BGP hold timer takes care of business here
IvB> anyway [...]

Interesting thought.  Smells like IRC.

Still leaves SYNs to be addressed, at least in theory.  Has
anyone tried hitting * with an in-window SYN to know if this is
indeed an issue?


Eddy
--
EverQuick Internet - http://www.everquick.net/
A division of Brotsman & Dreger, Inc. - http://www.brotsman.com/
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  blacklist () brics com -or- alfra () intc net -or- curbjmp () intc net
Sending mail to spambait addresses is a great way to get blocked.

Current thread:

Re: TCP/BGP vulnerability - easier than you think, (continued)
- - - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 21)
    - RE: TCP/BGP vulnerability - easier than you think David Luyer (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Crist Clark (Apr 22)
    - Re: TCP/BGP vulnerability - easier than you think John Kristoff (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 22)
    - Re: TCP/BGP vulnerability - easier than you think Paul Jakma (Apr 23)
    - Re: TCP/BGP vulnerability - easier than you think E.B. Dreger (Apr 21)
    - Message not available
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 23)
    - Message not available
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 23)
    - Re: TCP/BGP vulnerability - easier than you think Leo Bicknell (Apr 23)
    - Re: TCP/BGP vulnerability - easier than you think Petri Helenius (Apr 23)
    - Re: TCP/BGP vulnerability - easier than you think Todd Vierling (Apr 23)
    - Re: TCP/BGP vulnerability - easier than you think Priscilla Oppenheimer (Apr 26)
    - Re: TCP/BGP vulnerability - easier than you think Iljitsch van Beijnum (Apr 27)
    - Re: TCP/BGP vulnerability - easier than you think Priscilla Oppenheimer (Apr 27)
    - Re: TCP/BGP vulnerability - easier than you think Simon Leinen (Apr 28)
    - Re: TCP/BGP vulnerability - easier than you think Todd Vierling (Apr 21)

(Thread continues...)