nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OSPF Vulnerability - Owning the Routing Table

From: Saku Ytti <saku () ytti fi>
Date: Sun, 4 Aug 2013 13:12:00 +0300
On (2013-08-04 05:01 -0500), Jimmy Hess wrote:


I would say the risk score of the advisory is overstated.   And if you
think "ospf is secure" against LAN activity after any patch,  that
would be wishful thinking. Someone just rediscovered one of the
countless innumerable holes in the back of the cardboard box and tried
covering it with duck tape...


I tend to agree. OTOH I'm not 100% sure if it's unexploitable outside LAN
via unicast OSPF packets.
But like you say MD5 offers some level of protection. I wish there would be
some KDF for IGP KARP so that each LSA would actually have unique
not-to-be-repeated password, so even if someone gets copy of one LSA and
calculates out the MD5 it won't be relevant anymore.

L2 is very dangerous in any platform I've tried, access to L2 and you can
usually DoS the neighbouring router, even when optimally configured
CoPP/Lo0 filter.

-- 
  ++ytti
Previous By Date Next
Previous By Thread Next

Current thread: