|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: protecting operational networks
On Sep 13 16:44, Sean M. Doran wrote: % Then, some protection for routing protocols to make them % both more robust and more secure, and life is a bit nicer. IMHO, any serious network operator using OSPF or BGP should have already deployed the techniques below (as applicable): OSPF with Keyed MD5 Authentication BGP-4 with the Keyed MD5 Authentication extension as a TCP option. WRT ISIS, lack of a CLNP infrastructure limits the ability of outsiders to attack a network. Nonetheless, ISIS should probably also get some kind of cryptographic authentication extension. Ran [email protected]
|