nanog mailing list archives
Re: tcp bgp vulnerability looking glass and route server issues.
From: Troy Davis <troy () nack net>
Date: Wed, 21 Apr 2004 20:37:45 -0700
On Wed, Apr 21, 2004 at 04:21:51PM -0700, Lane Patterson <lpatterson () equinix com> wrote:
While I agree that publicly open route-views routers should not allow display of "sho ip bgp nei" information, this is only giving away 4-tuple info regarding non-production BGP sessions, right? So folks could
A few cases where a non-production session source port suggests same for production sessions, assuming the production router opened the connections: - Reachability for a non-production session can depend on the same interface(s) as production session(s), so they may use sequential ports after an interface flap. - When the source port is near the start of the range (ie, 11020), other sessions with that router may have last reset when it reloaded. Troy
Current thread:
- tcp bgp vulnerability looking glass and route server issues. Smith, Donald (Apr 20)
- <Possible follow-ups>
- RE: tcp bgp vulnerability looking glass and route server issues. Lane Patterson (Apr 21)
- RE: tcp bgp vulnerability looking glass and route server issues. David Luyer (Apr 21)
- Re: tcp bgp vulnerability looking glass and route server issues. Troy Davis (Apr 21)
- RE: tcp bgp vulnerability looking glass and route server issues. Burton, Chris (Apr 21)
- RE: tcp bgp vulnerability looking glass and route server issues. Smith, Donald (Apr 21)