|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BGP to doom us all
Hi, NANOGers. ] However, given the recent academic popularity of attacks against routers, Indeed! Compromised routers (generally Cisco) are routinely traded in the underground. However, these routers are usually compromised by taking advantage of weak passwords, e.g. "cisco" for access and enable. :( Some who trade for compromised routers (one cisco is worth approximately three to five stolen credit cards) specifically ask for routers running BGP, and may pay a premium for this extra. Trade in compromised Juniper routers is rare, but it does occur. As to what is done with these compromised routers, well, ask me at the next NANOG. There are many things folks can do with existing BGP configurations to make things a bit better. Prefix filtering, both on ingress and egress, MD5 authentication, and ACLs for TCP 179 help. Are they perfect? No, nothing is a panacea. However, raising the bar even a little can yield impressive results. Thanks, Rob. -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty);
|