nanog mailing list archives
Re: tcp md5 bgp attacks?
From: "Roland Dobbins" <rdobbins () arbor net>
Date: Wed, 15 Aug 2018 09:38:05 +0700
On 15 Aug 2018, at 9:27, Randy Bush wrote:
my theory is that, as the attacks were mitigated the attackers moved on to other things.
With regards to BGP, the MD5 thing was promulgated to counter what was a largely theoretical threat. iACLs, and later GTSM and CoPP and LPTS and so forth really obviated the need for it.
For IGPs, MD5 was belt-and-suspenders against someone deliberately or accidentally bringing up a new router and manipulating traffic internally. Passiving the IGP on non-core links was the BCP, but often was honored in the breach; pushing an additional feature for 'security' purposes got some folks' attention when the passiving BCP was ignored.
We still see DDoS attacks against routers, of course. But the goal there is disruption of availability, not trying to move traffic onto some alternate path which would somehow benefit the attacker.
----------------------------------- Roland Dobbins <rdobbins () arbor net>
Current thread:
- tcp md5 bgp attacks? Randy Bush (Aug 14)
- Re: tcp md5 bgp attacks? Grant Taylor via NANOG (Aug 14)
- Re: tcp md5 bgp attacks? Job Snijders (Aug 14)
- Re: tcp md5 bgp attacks? Roland Dobbins (Aug 14)
- Re: tcp md5 bgp attacks? Fred Baker (Aug 15)
- Re: tcp md5 bgp attacks? joel jaeggli (Aug 14)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 14)
- Re: tcp md5 bgp attacks? Roland Dobbins (Aug 14)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 15)
- Re: tcp md5 bgp attacks? joel jaeggli (Aug 14)
- Re: tcp md5 bgp attacks? Niels Bakker (Aug 19)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 14)
- Re: tcp md5 bgp attacks? Grant Taylor via NANOG (Aug 14)
- RE: tcp md5 bgp attacks? Lotia, Pratik M (Aug 15)
- Re: tcp md5 bgp attacks? Garrett Skjelstad (Aug 20)
- Re: tcp md5 bgp attacks? lobna gouda (Aug 15)
- <Possible follow-ups>
- Re: tcp md5 bgp attacks? John Kristoff (Aug 14)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 14)
- Re: tcp md5 bgp attacks? Jared Mauch (Aug 14)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 14)
- Re: tcp md5 bgp attacks? Randy Bush (Aug 14)