North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Routing Protocol Security
On Tue, Aug 13, 2002 at 01:55:50PM -0700, senthil ayyasamy wrote: > > Can any of you cite cases where an attack has been > > carried out against a > > network's routing protocol (BGP or OSPF in > > particular)? > > I heard people talking about a Dos (not DDos) attack > from your neighbor peer router that overflows your > routing table with too much data. I am not aware of > any DDos on routing packets(?).There are chances for > man-in-the-attacks between BGP sessions. The question > is how much the crypto- based security mechanisms like > MD5 helps prevent routing vulnerabilities. But, I > guess misconfiguration can also be considered as a > reason behind many vulnerabilities. Senthil, Hi there.. Agreed, I think there are two major classifications you can lump things under; exploitation of a weak router / misconfiguration to manipulate a legitimate speaker's advertisements, OR a 3rd party box somehow manipulating a routing protocol between other devices. (Using something like nemesis, etc..) While tools like nemesis and other scripts are out there, and perfectly capable of forging/manipulating routing protocol packets, how common is this? Of the problems folks have run into, are they more often the result of a legitimate speaker being compromised & playing with advertisements somehow (and getting through filters that may or may not be present), or from devices actually spoofing their way into the IGP/EGP? Are there any specific attacks anyone is aware of & can share? ..Dylan -- , Dylan Greene , + Juniper Networks + + +1 617/407-6254 + ` [email protected] '
|