Re: [PEN-TEST] RIP & OSPF testing

[DA Smith <deb () sandstorm net>]

Go out to the folks on the NANOG list:   The North American Network
Operators' Group

They the are "THE" Engineers who deal with this stuff day to day and
could tell you a few things.

To get onto their list go to www.nanog.org

I'm sure I'll see it, as I'm on that list too, but I don't have a
"Posting" account, which means I signed up just to lurk and not take
part in the discussions.

It's a good list to join to find out information on this sort of
thing.

--Deb




----- Original Message -----
From: NetW3.COM Consulting <netw3 () COSMOS LOD COM>
To: <PEN-TEST () SECURITYFOCUS COM>
Sent: Sunday, November 26, 2000 3:26 AM
Subject: Re: [PEN-TEST] RIP & OSPF testing


> Dug, I appreciate your words. I'm not actually going to *do*
anything
> but I want information about this topic. I am not skilled enough to
> monkey around (no pun intended) with global Internet routing. Any
work
> I do will be on my home LAN only with potential applications for the
future
> if called for. The main reason I want to gain information is that I
am
> working on a practical for a SANS certification and want to cover
routing
> protocol weaknesses and intrusion detection for network
infrastructure.
> I don't happen to have a router on my home LAN, so someting like
gated
> and routed will have to be good enough. But, if I were an attacker,
> and were going to focus on this area I would want to know more about
> specific attacks (for instance using nemesis-rip or nemesis-ospf
etc.)
> Thanks
> Curt