Penetration Testing mailing list archives
Possible hi-jacking of ospf chain.
From: Nikolaj <lorddoskias () gmail com>
Date: Wed, 03 Jan 2007 13:07:51 +0200
Hello, Happy New Year to everyone, that's first. :)I'm observing the traffic flow in my network and I see some strange behavior with the OSPF packets. All of them contain plain-text password. I was wondering whether it was possible to join the OSPF chain and route the traffic to /dev/null let's say and thus render the network traffic unavailable? Or what can be done with this password? It's in the OSPF LS Acknowledge and OSPF Hello packet.
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Possible hi-jacking of ospf chain. Nikolaj (Jan 03)
- <Possible follow-ups>
- Re: Possible hi-jacking of ospf chain. Nikolaj (Jan 03)
- Re: Possible hi-jacking of ospf chain. Xiaoyong Wu (Jan 04)
- Re: Possible hi-jacking of ospf chain. Syv Ritch (Jan 04)
- Re: Possible hi-jacking of ospf chain. Xiaoyong Wu (Jan 04)