RE: BGP Exploit

["Smith, Donald" <Donald.Smith () qwest com>]

I have seen 3 pubic ally available tools that ALL work.
I have seen 2 privately tools that work.
A traffic generator can be configured to successfully tear down bgp
sessions.

Given src/dst ip and ports :
I tested with a cross platform EBGP peering with md5 using several of
the tools I could not tear down the sessions.
I tested both Cisco and juniper BGP peering after  code upgrades without
md5 I could not tear down the sessions.


Donald.Smith () qwest com GCIA
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF00EDCC
pgpFingerPrint:9CE4 227B B9B3 601F B500  D076 43F1 0767 AF00 EDCC
kill -13 111.2 

> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On 
> Behalf Of Steven M. Bellovin
> Sent: Tuesday, May 04, 2004 11:54 AM
> To: Kurt Erik Lindqvist
> Cc: kwallace () pcconnection com; nanog () merit edu
> Subject: Re: BGP Exploit 
>
>
>
>
> In message 
> <C4E8C22A-9DA6-11D8-B28B-000A95928574 () kurtis pp se>, Kurt 
> Erik Lindq vist writes:
>
> > > Now that the firestorm over implementing Md5 has quieted 
> down a bit, 
> > > is anybody aware of whether the exploit has been used? 
> Feel free to 
> > > reply off list.
> >
> > Even more interesting, did anyone manage to reproduce it?
>
> I don't know if it's being used; I know that reimplementations of the 
> idea are out there.
>
>
>               --Steve Bellovin, http://www.research.att.com/~smb