nanog mailing list archives

Re: tcp bgp vulnerability looking glass and route server issues.

From: Troy Davis <troy () nack net>
Date: Wed, 21 Apr 2004 20:37:45 -0700


On Wed, Apr 21, 2004 at 04:21:51PM -0700, Lane Patterson <lpatterson () equinix com> wrote:

While I agree that publicly open route-views routers should not allow
display of "sho ip bgp nei" information, this is only giving away 4-tuple
info regarding non-production BGP sessions, right?  So folks could


A few cases where a non-production session source port suggests same for
production sessions, assuming the production router opened the connections:

 - Reachability for a non-production session can depend on the same
interface(s) as production session(s), so they may use sequential ports
after an interface flap.

 - When the source port is near the start of the range (ie, 11020), other
sessions with that router may have last reset when it reloaded.

Troy

Current thread:

tcp bgp vulnerability looking glass and route server issues. Smith, Donald (Apr 20)
- <Possible follow-ups>
- RE: tcp bgp vulnerability looking glass and route server issues. Lane Patterson (Apr 21)
  - RE: tcp bgp vulnerability looking glass and route server issues. David Luyer (Apr 21)
  - Re: tcp bgp vulnerability looking glass and route server issues. Troy Davis (Apr 21)
- RE: tcp bgp vulnerability looking glass and route server issues. Burton, Chris (Apr 21)
- RE: tcp bgp vulnerability looking glass and route server issues. Smith, Donald (Apr 21)